From mboxrd@z Thu Jan  1 00:00:00 1970
From: Kai Huang <kai.huang@linux.intel.com>
Subject: Re: [PATCH] x86/MCE: bypass uninitialized vcpu in vMCE
 injection
Date: Thu, 08 May 2014 09:12:26 +0800
Message-ID: <536AD9FA.6050400@linux.intel.com>
References: <1399447758-11798-1-git-send-email-kai.huang@linux.intel.com>
	<536A3430.9060408@amazon.de>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
In-Reply-To: <536A3430.9060408@amazon.de>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: "Egger, Christoph" <chegger@amazon.de>, xen-devel@lists.xen.org
Cc: yang.z.zhang@intel.com, jinsong.liu@alibaba-inc.com, kevin.tian@intel.com, dongxiao.xu@intel.com, JBeulich@suse.com
List-Id: xen-devel@lists.xenproject.org


On 05/07/2014 09:25 PM, Egger, Christoph wrote:
> On 07.05.14 09:29, Kai Huang wrote:
>> Dom0 may bring up less number of vCPUs than xen hypervisor actually created for
>> it, and in this case, on Intel platform, vMCE injection to dom0 will fail due to
>> injecting vMCE to uninitialized vcpu, and cause dom0 crash.
>>
>> Signed-off-by: Kai Huang <kai.huang@linux.intel.com>
>> ---
>>   xen/arch/x86/cpu/mcheck/vmce.c | 4 ++++
>>   1 file changed, 4 insertions(+)
>>
>> diff --git a/xen/arch/x86/cpu/mcheck/vmce.c b/xen/arch/x86/cpu/mcheck/vmce.c
>> index c83375e..72fe924 100644
>> --- a/xen/arch/x86/cpu/mcheck/vmce.c
>> +++ b/xen/arch/x86/cpu/mcheck/vmce.c
>> @@ -356,6 +356,10 @@ int inject_vmce(struct domain *d, int vcpu)
>>           if ( vcpu != VMCE_INJECT_BROADCAST && vcpu != v->vcpu_id )
>>               continue;
>>   
>> +        /* In case of broadcasting, don't inject to uninitialized VCPU */
>> +        if ( vcpu == VMCE_INJECT_BROADCAST && !v->is_initialised )
>> +            continue;
>> +
> What happens when you inject to exactly one uninitialized VCPU?
> I think what you want is this:
>
>             /* Don't inject to uninitialized VCPU */
>             if ( !v->is_initialised )
>                 continue;
Good suggestion indeed. In inject_vmce, the ret is initialized to -ESRCH 
at beginning. In case of injecting to one particular vcpu, we will 
simply bypass all loops of "for_each_vcpu" and don't do the injection at 
all, while the ret remains -ESRCH. Looks it's the right behaviour for 
AMD case.

Thanks Egger for comments (and sorry that I forgot to CC you at 
beginning:)). I'll follow your suggestion.

Thanks,
-Kai
>>           if ( (has_hvm_container_domain(d) ||
>>                 guest_has_trap_callback(d, v->vcpu_id, TRAP_machine_check)) &&
>>                !test_and_set_bool(v->mce_pending) )
>>