From: Baoquan He <bhe@redhat.com>
To: Eric DeVolder <eric.devolder@oracle.com>
Cc: linux-kernel@vger.kernel.org, kexec@lists.infradead.org,
akpm@linux-foundation.org, vschneid@redhat.com,
dyoung@redhat.com, sourabhjain@linux.ibm.com
Subject: Re: [PATCH v2] Crash: add lock to serialize crash hotplug handling
Date: Tue, 26 Sep 2023 20:03:55 +0800 [thread overview]
Message-ID: <ZRLIqztHflB38zYV@MiWiFi-R3L-srv> (raw)
In-Reply-To: <d6bd8083-94e5-9bb3-7b1e-5bf6cc954baa@oracle.com>
On 09/25/23 at 09:59am, Eric DeVolder wrote:
>
>
> On 9/24/23 22:07, Baoquan He wrote:
> > Eric reported that handling corresponding crash hotplug event can be
> > failed easily when many memory hotplug event are notified in a short
> > period. They failed because failing to take __kexec_lock.
> >
> > =======
> > [ 78.714569] Fallback order for Node 0: 0
> > [ 78.714575] Built 1 zonelists, mobility grouping on. Total pages: 1817886
> > [ 78.717133] Policy zone: Normal
> > [ 78.724423] crash hp: kexec_trylock() failed, elfcorehdr may be inaccurate
> > [ 78.727207] crash hp: kexec_trylock() failed, elfcorehdr may be inaccurate
> > [ 80.056643] PEFILE: Unsigned PE binary
> > =======
> >
> > The memory hotplug events are notified very quickly and very many,
> > while the handling of crash hotplug is much slower relatively. So the
> > atomic variable __kexec_lock and kexec_trylock() can't guarantee the
> > serialization of crash hotplug handling.
> >
> > Here, add a new mutex lock __crash_hotplug_lock to serialize crash
> > hotplug handling specifically. This doesn't impact the usage of
> > __kexec_lock.
> >
> > Signed-off-by: Baoquan He <bhe@redhat.com>
> > ---
> > v1->v2:
> > - Move mutex lock definition into CONFIG_CRASH_HOTPLUG ifdeffery
> > scope in kernel/crash_core.c because the lock is only needed and
> > used in that scope. Suggested by Eric.
> >
> > kernel/crash_core.c | 14 ++++++++++++++
> > 1 file changed, 14 insertions(+)
> >
> > diff --git a/kernel/crash_core.c b/kernel/crash_core.c
> > index 03a7932cde0a..5951d6366b72 100644
> > --- a/kernel/crash_core.c
> > +++ b/kernel/crash_core.c
> > @@ -739,6 +739,17 @@ subsys_initcall(crash_notes_memory_init);
> > #undef pr_fmt
> > #define pr_fmt(fmt) "crash hp: " fmt
> > +/*
> > + * Different than kexec/kdump loading/unloading/jumping/shrinking which
> > + * usually rarely happen, there will be many crash hotplug events notified
> > + * during one short period, e.g one memory board is hot added and memory
> > + * regions are online. So mutex lock __crash_hotplug_lock is used to
> > + * serialize the crash hotplug handling specifically.
> > + */
> > +DEFINE_MUTEX(__crash_hotplug_lock);
> > +#define crash_hotplug_lock() mutex_lock(&__crash_hotplug_lock)
> > +#define crash_hotplug_unlock() mutex_unlock(&__crash_hotplug_lock)
> > +
> > /*
> > * This routine utilized when the crash_hotplug sysfs node is read.
> > * It reflects the kernel's ability/permission to update the crash
> > @@ -783,9 +794,11 @@ static void crash_handle_hotplug_event(unsigned int hp_action, unsigned int cpu)
> > {
> > struct kimage *image;
> > + crash_hotplug_lock();
> > /* Obtain lock while changing crash information */
> > if (!kexec_trylock()) {
> > pr_info("kexec_trylock() failed, elfcorehdr may be inaccurate\n");
> > + crash_hotplug_unlock();
> > return;
> > }
> > @@ -852,6 +865,7 @@ static void crash_handle_hotplug_event(unsigned int hp_action, unsigned int cpu)
> > out:
> > /* Release lock now that update complete */
> > kexec_unlock();
> > + crash_hotplug_unlock();
> > }
> > static int crash_memhp_notifier(struct notifier_block *nb, unsigned long val, void *v)
>
> The crash_check_update_elfcorehdr() also has kexec_trylock() and needs similar treatment.
> Userspace (ie udev rule processing) and kernel (crash hotplug infrastrucutre) need to be
> protected/serialized from one another.
You are right. I didn't consider the kexec_load interface. There's a
tiny racing window which we still need to avoid. V3 will be posted.
Thanks.
_______________________________________________
kexec mailing list
kexec@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/kexec
WARNING: multiple messages have this Message-ID (diff)
From: Baoquan He <bhe@redhat.com>
To: Eric DeVolder <eric.devolder@oracle.com>
Cc: linux-kernel@vger.kernel.org, kexec@lists.infradead.org,
akpm@linux-foundation.org, vschneid@redhat.com,
dyoung@redhat.com, sourabhjain@linux.ibm.com
Subject: Re: [PATCH v2] Crash: add lock to serialize crash hotplug handling
Date: Tue, 26 Sep 2023 20:03:55 +0800 [thread overview]
Message-ID: <ZRLIqztHflB38zYV@MiWiFi-R3L-srv> (raw)
In-Reply-To: <d6bd8083-94e5-9bb3-7b1e-5bf6cc954baa@oracle.com>
On 09/25/23 at 09:59am, Eric DeVolder wrote:
>
>
> On 9/24/23 22:07, Baoquan He wrote:
> > Eric reported that handling corresponding crash hotplug event can be
> > failed easily when many memory hotplug event are notified in a short
> > period. They failed because failing to take __kexec_lock.
> >
> > =======
> > [ 78.714569] Fallback order for Node 0: 0
> > [ 78.714575] Built 1 zonelists, mobility grouping on. Total pages: 1817886
> > [ 78.717133] Policy zone: Normal
> > [ 78.724423] crash hp: kexec_trylock() failed, elfcorehdr may be inaccurate
> > [ 78.727207] crash hp: kexec_trylock() failed, elfcorehdr may be inaccurate
> > [ 80.056643] PEFILE: Unsigned PE binary
> > =======
> >
> > The memory hotplug events are notified very quickly and very many,
> > while the handling of crash hotplug is much slower relatively. So the
> > atomic variable __kexec_lock and kexec_trylock() can't guarantee the
> > serialization of crash hotplug handling.
> >
> > Here, add a new mutex lock __crash_hotplug_lock to serialize crash
> > hotplug handling specifically. This doesn't impact the usage of
> > __kexec_lock.
> >
> > Signed-off-by: Baoquan He <bhe@redhat.com>
> > ---
> > v1->v2:
> > - Move mutex lock definition into CONFIG_CRASH_HOTPLUG ifdeffery
> > scope in kernel/crash_core.c because the lock is only needed and
> > used in that scope. Suggested by Eric.
> >
> > kernel/crash_core.c | 14 ++++++++++++++
> > 1 file changed, 14 insertions(+)
> >
> > diff --git a/kernel/crash_core.c b/kernel/crash_core.c
> > index 03a7932cde0a..5951d6366b72 100644
> > --- a/kernel/crash_core.c
> > +++ b/kernel/crash_core.c
> > @@ -739,6 +739,17 @@ subsys_initcall(crash_notes_memory_init);
> > #undef pr_fmt
> > #define pr_fmt(fmt) "crash hp: " fmt
> > +/*
> > + * Different than kexec/kdump loading/unloading/jumping/shrinking which
> > + * usually rarely happen, there will be many crash hotplug events notified
> > + * during one short period, e.g one memory board is hot added and memory
> > + * regions are online. So mutex lock __crash_hotplug_lock is used to
> > + * serialize the crash hotplug handling specifically.
> > + */
> > +DEFINE_MUTEX(__crash_hotplug_lock);
> > +#define crash_hotplug_lock() mutex_lock(&__crash_hotplug_lock)
> > +#define crash_hotplug_unlock() mutex_unlock(&__crash_hotplug_lock)
> > +
> > /*
> > * This routine utilized when the crash_hotplug sysfs node is read.
> > * It reflects the kernel's ability/permission to update the crash
> > @@ -783,9 +794,11 @@ static void crash_handle_hotplug_event(unsigned int hp_action, unsigned int cpu)
> > {
> > struct kimage *image;
> > + crash_hotplug_lock();
> > /* Obtain lock while changing crash information */
> > if (!kexec_trylock()) {
> > pr_info("kexec_trylock() failed, elfcorehdr may be inaccurate\n");
> > + crash_hotplug_unlock();
> > return;
> > }
> > @@ -852,6 +865,7 @@ static void crash_handle_hotplug_event(unsigned int hp_action, unsigned int cpu)
> > out:
> > /* Release lock now that update complete */
> > kexec_unlock();
> > + crash_hotplug_unlock();
> > }
> > static int crash_memhp_notifier(struct notifier_block *nb, unsigned long val, void *v)
>
> The crash_check_update_elfcorehdr() also has kexec_trylock() and needs similar treatment.
> Userspace (ie udev rule processing) and kernel (crash hotplug infrastrucutre) need to be
> protected/serialized from one another.
You are right. I didn't consider the kexec_load interface. There's a
tiny racing window which we still need to avoid. V3 will be posted.
Thanks.
next prev parent reply other threads:[~2023-09-26 12:04 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-09-25 3:07 [PATCH v2] Crash: add lock to serialize crash hotplug handling Baoquan He
2023-09-25 3:07 ` Baoquan He
2023-09-25 14:59 ` Eric DeVolder
2023-09-25 14:59 ` Eric DeVolder
2023-09-26 12:03 ` Baoquan He [this message]
2023-09-26 12:03 ` Baoquan He
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZRLIqztHflB38zYV@MiWiFi-R3L-srv \
--to=bhe@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=dyoung@redhat.com \
--cc=eric.devolder@oracle.com \
--cc=kexec@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=sourabhjain@linux.ibm.com \
--cc=vschneid@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.