Linux-ARM-Kernel Archive on lore.kernel.org
 help / color / mirror / Atom feed
From: Kiryl Shutsemau <kirill@shutemov.name>
To: Catalin Marinas <catalin.marinas@arm.com>
Cc: Will Deacon <will@kernel.org>, James Morse <james.morse@arm.com>,
	 Mark Rutland <mark.rutland@arm.com>,
	Marc Zyngier <maz@kernel.org>,
	 Doug Anderson <dianders@chromium.org>,
	Petr Mladek <pmladek@suse.com>,
	 Thomas Gleixner <tglx@linutronix.de>,
	Andrew Morton <akpm@linux-foundation.org>,
	 Baoquan He <bhe@redhat.com>,
	Puranjay Mohan <puranjay@kernel.org>,
	 Usama Arif <usama.arif@linux.dev>,
	Breno Leitao <leitao@debian.org>,
	 Julien Thierry <julien.thierry.kdev@gmail.com>,
	Lecopzer Chen <lecopzer@gmail.com>,
	 Sumit Garg <sumit.garg@kernel.org>,
	kernel-team@meta.com, kexec@lists.infradead.org,
	 linux-arm-kernel@lists.infradead.org,
	linux-kernel@vger.kernel.org
Subject: Re: [PATCH v4 0/4] arm64: cross-CPU NMI via SDEI
Date: Thu, 2 Jul 2026 14:57:23 +0100	[thread overview]
Message-ID: <akZq-CAdtgg3PbkC@thinkstation> (raw)
In-Reply-To: <akOT3yaYVM6BTm_4@thinkstation>

On Tue, Jun 30, 2026 at 11:04:14AM +0100, Kiryl Shutsemau wrote:
> On Mon, Jun 29, 2026 at 05:53:57PM +0100, Kiryl Shutsemau wrote:
> > On Mon, Jun 29, 2026 at 04:54:18PM +0100, Catalin Marinas wrote:
> > > Have you tried SDEI_EVENT_COMPLETE_AND_RESUME instead? Just COMPLETE
> > > won't return to the kernel. We have sdei_handler_abort() to complete the
> > > event and, hopefully, you can continue with the CPU_OFF. It's a work
> > > around the TF-A non-compliance but I think this is useful even if you
> > > don't issue the CPU_OFF (e.g. no CPU hotplug, just the park loop).
> > 
> > Tried it. The result is the opposite of what I expected, and it argues
> > against doing the complete at all under QEMU's TF-A.
> 
> I have to walk back on this. My test setup was broken. I will be back to
> you with proper data.

Back with proper data. Short version: CPU_OFF from the SDEI stop does not
work on Grace, whether or not the event is completed first, so the series
stays with the park. Details below.

What was broken before
======================
My QEMU kdump harness had three faults that together made CPU_OFF look
like it broke the capture kernel:

  - a race between the sysrq-c crash and the buddy detector -- the script
    that wedges the CPU wasn't pinned off it, so which crash path ran (and
    thus the outcome) was random;
  - the capture kernel's console went quiet at the boot-console handover,
    so "nothing after Bye!" was mostly lost output, not a hang (keep_bootcon
    shows it booting on);
  - the one genuine early stall was the capture kernel's CFI probe of the
    secure NOR flash -- it reproduces with the whole series compiled out
    (CONFIG_ARM_SDEI_NMI=n) and disappears with
    initcall_blacklist=physmap_init, i.e. nothing to do with SDEI.

With those fixed, QEMU/TF-A boots the capture kernel to userspace for both
park and raw CPU_OFF, and CPU_OFF really powers the PE off. But QEMU can't
decide the question that matters: its post-kexec hold-pen can't revive any
CPU_OFF'd core (even a cleanly hotplug-offlined one), so re-onlining is
undecidable there. Hence Grace.

Grace (Neoverse V2, EL3 TF-A)
=============================
  - Series as posted (park): the SDEI rung stops the wedged CPU, its
    context lands in the vmcore, the capture kernel boots. Works.
    Bringing up secondary CPUs complains that it cannot get the CPU up,
    but proceeds.
  - raw CPU_OFF from the uncompleted SDEI event: the capture kernel boots
    but hangs at "smp: Bringing up secondary CPUs ..." -- it cannot
    re-online the CPU that was CPU_OFF'd. This is exactly the TF-A point
    you raised: the SDEI dispatch is left dangling on CPU_OFF and the PE
    won't come back cleanly.
  - complete-then-CPU_OFF: same hang at secondary bring-up. Completing the
    event first does not help.

For that last one I did not use sdei_handler_abort(): it can't express
"complete, then CPU_OFF" from the handler, because its COMPLETE_AND_RESUME
lands on the "1: ret" trampoline, which resumes the *interrupted* (wedged)
context -- so nothing after it runs. I used a COMPLETE_AND_RESUME whose
resume PC is a PSCI CPU_OFF stub, so the event is genuinely completed and
then the PE powers off. It still can't be re-onlined. (I suspect the
"complete-then-CPU_OFF wedged EL3" I mentioned earlier was in fact the
sdei_handler_abort() path resuming the wedged loop, i.e. never doing the
CPU_OFF at all.)

Conclusion
==========
CPU_OFF from the SDEI stop is unusable on current TF-A, with or without
completing the event first -- a concrete real-HW consequence of the
non-compliance you flagged (TF-A subscribes SDEI to PSCI CPU_ON and
suspend-wakeup, but not CPU_OFF). So the series keeps the park: the dump
is complete either way, and only re-onlining the SDEI-stopped CPU in an
SMP capture kernel is lost -- the same fallback the shared stop path
already takes when CPU_OFF is unavailable. Powering the PE off for reuse
is a firmware follow-up (TF-A completing or tearing down the SDEI dispatch
on PSCI CPU_OFF), not something the kernel can paper over.

Please consider applying v5.

-- 
  Kiryl Shutsemau / Kirill A. Shutemov


      reply	other threads:[~2026-07-02 13:57 UTC|newest]

Thread overview: 25+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-06-17 19:20 [PATCH v4 0/4] arm64: cross-CPU NMI via SDEI Kiryl Shutsemau
2026-06-17 19:20 ` [PATCH v4 1/4] firmware: arm_sdei: add sdei_is_present() Kiryl Shutsemau
2026-06-17 20:02   ` Doug Anderson
2026-06-17 19:20 ` [PATCH v4 2/4] firmware: arm_sdei: add SDEI_EVENT_SIGNAL support Kiryl Shutsemau
2026-06-17 19:20 ` [PATCH v4 3/4] drivers/firmware: add SDEI cross-CPU NMI service for arm64 Kiryl Shutsemau
2026-06-18 10:46   ` Julian Braha
2026-06-18 15:48     ` Kiryl Shutsemau
2026-06-26 17:11   ` Catalin Marinas
2026-06-17 19:20 ` [PATCH v4 4/4] arm64: escalate smp_send_stop() to an SDEI NMI as a last resort Kiryl Shutsemau
2026-06-17 20:02   ` Doug Anderson
2026-06-26 17:08   ` Catalin Marinas
2026-06-26 19:46     ` Kiryl Shutsemau
2026-06-19 14:00 ` [PATCH v4 0/4] arm64: cross-CPU NMI via SDEI Catalin Marinas
2026-06-19 14:26   ` Marc Zyngier
2026-06-22 13:56     ` Kiryl Shutsemau
2026-06-22 16:52       ` Doug Anderson
2026-06-26  8:48         ` Breno Leitao
2026-06-26  8:25       ` YinFengwei
2026-06-26 17:07 ` Catalin Marinas
2026-06-26 19:40   ` Kiryl Shutsemau
2026-06-29 13:05     ` Kiryl Shutsemau
2026-06-29 15:54       ` Catalin Marinas
2026-06-29 16:53         ` Kiryl Shutsemau
2026-06-30 10:04           ` Kiryl Shutsemau
2026-07-02 13:57             ` Kiryl Shutsemau [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=akZq-CAdtgg3PbkC@thinkstation \
    --to=kirill@shutemov.name \
    --cc=akpm@linux-foundation.org \
    --cc=bhe@redhat.com \
    --cc=catalin.marinas@arm.com \
    --cc=dianders@chromium.org \
    --cc=james.morse@arm.com \
    --cc=julien.thierry.kdev@gmail.com \
    --cc=kernel-team@meta.com \
    --cc=kexec@lists.infradead.org \
    --cc=lecopzer@gmail.com \
    --cc=leitao@debian.org \
    --cc=linux-arm-kernel@lists.infradead.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mark.rutland@arm.com \
    --cc=maz@kernel.org \
    --cc=pmladek@suse.com \
    --cc=puranjay@kernel.org \
    --cc=sumit.garg@kernel.org \
    --cc=tglx@linutronix.de \
    --cc=usama.arif@linux.dev \
    --cc=will@kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox