Re: EFI mixed mode + perf = rampant triple faults

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Matt Fleming <matt@console-pimps.org>
To: Andy Lutomirski <luto@amacapital.net>
Cc: LKML <linux-kernel@vger.kernel.org>,
	"linux-efi@vger.kernel.org" <linux-efi@vger.kernel.org>,
	Borislav Petkov <bp@alien8.de>, "H. Peter Anvin" <hpa@zytor.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@kernel.org>,
	Peter Zijlstra <peterz@infradead.org>
Subject: Re: EFI mixed mode + perf = rampant triple faults
Date: Wed, 14 Jan 2015 16:51:51 +0000	[thread overview]
Message-ID: <20150114165151.GA3479@codeblueprint.co.uk> (raw)
In-Reply-To: <20141231183739.GA28946@console-pimps.org>

On Wed, 31 Dec, at 06:37:39PM, Matt Fleming wrote:
> On Wed, 17 Dec, at 08:54:56AM, Andy Lutomirski wrote:
> > > As far as I know, the only way to have continuously functional interrupt
> > > handling across a long mode transition is to install an interrupt vector
> > > table and hope that CPUs actually do something intelligent when
> > > receiving an interrupt with LME=1, LMA=1, and PG=0.  Yuck.
> > >
> > > Could we get away with issuing 32-bit EFI calls in compat mode, i.e.
> > > with a 32-bit CPL0 CS but while still in long mode?  I think that
> > > delivery of an IST interrupt (which includes both NMI and MCE) will
> > > correctly switch to a fully valid 64-bit state and would correctly
> > > switch back when we execute IRET at the end.  (Am I missing some reason
> > > that switching bitness without a privilege level change doesn't work
> > > well?  I haven't thought of anything, other than the lack of SS/SP controls
> > > on intra-ring interrupts, but that shouldn't be an issue here.)
> > >
> > > As an added benefit, this would considerably simplify the code.
> 
> I can't immediately think of a reason that this wouldn't work, but I've
> Cc'd more x86 folks for additional insight.
> 
> I will schedule some time to look into this issue in the new year.
> Thanks Andy.

I finally got some time to look into this, and running with
__KERNEL32_CS seems to work fine at runtime both with Qemu + 32-bit OVMF
and on my ASUS T100. Manually triggering an MCE exception immediately
before invoking the firmware service recovers gracefully.

Where this won't work so well is at boot time before we jump to the
kernel proper. There, we still need to restore the firmware's GDT so
that interrupts are serviced correctly before ExitBootServices() (in
particular, ia32 Tianocore assumes __KERNEL_CS is a 32-bit CS).

Which means the code to handle mixed mode calls at boot time and runtime
has now diverged. Fixing that is probably just a SMOP to maximise code
reuse though.

I'll post a patch after some more testing.

-- 
Matt Fleming, Intel Open Source Technology Center

next prev parent reply	other threads:[~2015-01-14 16:51 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-12-17 16:51 EFI mixed mode + perf = rampant triple faults Andy Lutomirski
2014-12-17 16:54 ` Andy Lutomirski
2014-12-31 18:37   ` Matt Fleming
2015-01-14 16:51     ` Matt Fleming [this message]
2015-01-14 18:27       ` Andy Lutomirski
2015-01-14 18:35         ` Borislav Petkov
2015-01-14 18:38           ` Andy Lutomirski
2015-01-14 18:47             ` Borislav Petkov
2015-01-14 18:49               ` Andy Lutomirski
2015-01-15 19:41         ` Matt Fleming
2015-01-15 19:59           ` H. Peter Anvin
2015-01-15 22:21             ` Matt Fleming

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20150114165151.GA3479@codeblueprint.co.uk \
    --to=matt@console-pimps.org \
    --cc=bp@alien8.de \
    --cc=hpa@zytor.com \
    --cc=linux-efi@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luto@amacapital.net \
    --cc=mingo@kernel.org \
    --cc=peterz@infradead.org \
    --cc=tglx@linutronix.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox