From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.0 required=3.0 tests=BAYES_00,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 5616EC4338F for ; Mon, 26 Jul 2021 18:03:11 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 3CE2460F6C for ; Mon, 26 Jul 2021 18:03:11 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232655AbhGZRWl (ORCPT ); Mon, 26 Jul 2021 13:22:41 -0400 Received: from mail.kernel.org ([198.145.29.99]:39966 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231844AbhGZRWk (ORCPT ); Mon, 26 Jul 2021 13:22:40 -0400 Received: from disco-boy.misterjones.org (disco-boy.misterjones.org [51.254.78.96]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id B274160F6E; Mon, 26 Jul 2021 18:03:08 +0000 (UTC) Received: from sofa.misterjones.org ([185.219.108.64] helo=why.misterjones.org) by disco-boy.misterjones.org with esmtpsa (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1m84wU-0018sk-Hl; Mon, 26 Jul 2021 19:03:06 +0100 Date: Mon, 26 Jul 2021 19:03:06 +0100 Message-ID: <87fsw1dkbp.wl-maz@kernel.org> From: Marc Zyngier To: Bharat Bhushan Cc: Mark Rutland , "catalin.marinas@arm.com" , "will@kernel.org" , "daniel.lezcano@linaro.org" , "konrad.dybcio@somainline.org" , "saiprakash.ranjan@codeaurora.org" , "robh@kernel.org" , "marcan@marcan.st" , "suzuki.poulose@arm.com" , "broonie@kernel.org" , "linux-arm-kernel@lists.infradead.org" , "linux-kernel@vger.kernel.org" , Linu Cherian , Sunil Kovvuri Goutham Subject: Re: [EXT] Re: [PATCH] clocksource: Add Marvell Errata-38627 workaround In-Reply-To: References: <20210705060843.3150-1-bbhushan2@marvell.com> <20210705090753.GD38629@C02TD0UTHF1T.local> <20210708114157.GC24650@C02TD0UTHF1T.local> <20210713161233.GB13027@C02TD0UTHF1T.local> User-Agent: Wanderlust/2.15.9 (Almost Unreal) SEMI-EPG/1.14.7 (Harue) FLIM-LB/1.14.9 (=?UTF-8?B?R29qxY0=?=) APEL-LB/10.8 EasyPG/1.0.0 Emacs/27.1 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue") Content-Type: text/plain; charset=US-ASCII X-SA-Exim-Connect-IP: 185.219.108.64 X-SA-Exim-Rcpt-To: bbhushan2@marvell.com, mark.rutland@arm.com, catalin.marinas@arm.com, will@kernel.org, daniel.lezcano@linaro.org, konrad.dybcio@somainline.org, saiprakash.ranjan@codeaurora.org, robh@kernel.org, marcan@marcan.st, suzuki.poulose@arm.com, broonie@kernel.org, linux-arm-kernel@lists.infradead.org, linux-kernel@vger.kernel.org, lcherian@marvell.com, sgoutham@marvell.com X-SA-Exim-Mail-From: maz@kernel.org X-SA-Exim-Scanned: No (on disco-boy.misterjones.org); SAEximRunCond expanded to false Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Bharat, On Mon, 26 Jul 2021 05:29:53 +0100, Bharat Bhushan wrote: > > Sorry for delayed response > > Please see inline > > > -----Original Message----- > > From: Mark Rutland > > Sent: Tuesday, July 13, 2021 9:43 PM > > > > 1) A guest can deliberately cause information to be leaked to itself via > > the corrupted GPRs. I haven't seen any rationale for why that is not > > a problem, nor have I seen a suggested workaround. > > > > 2) A guest *may* be able to trigger this while the host is running. I > > haven't seen anything that rules this out so far. > > > > 3) Even in the absence of virtualization, it would be necessary to > > workaround this for *every* level-triggered interrupt, which includes > > at the timer, PMU, and GIC maintenance interrupts, in addition to any > > other configurable PPIs or SPIs. > > > > Without a fix that covers all of those, I don't think the > > workaround is viable. > > This patch covers workaround for ARM arch timer in non-virtualized > cases. > > While we are considering different scenarios which can trigger the > issue. After discussing with HW folks internally we have come to a > conclusion that there is no single workaround which will fix all the > scenarios. The host timer interrupt workaround is different from > virtualization and from other interrupt sources. > > While we are working on other workarounds, we want to push timer > workaround first as currently that's the one customers are > encountering right now and want a upstream accepted patch > soon. Other workarounds will take time to test and qualify. > > Wrt drivers disabling the interrupt, except changing the driver, we > don't see any common place where we can add a workaround. Please let > me your take on this. I don't think a workaround limited to the timer is viable. It is quite obvious that once you have worked around the most likely cause for a crash (timer interrupts), you will need to come up with yet another workaround for another interrupt source. We need a solution that works for all interrupts, or at the very least all per-CPU interrupts. For global interrupts, only you can find out how they can be mitigated. If that means changing drivers, so be it. I understand that this isn't what you want to read, but I'm not confident taking this patch with the knowledge that there is still a million ways to make it fall over. Evidently, KVM cannot be enabled on such a system. More importantly, I cannot see how we can support users of such a machine either. How to analyse a crash report if there is a remote possibility that the CPU has decided to ignore a number of instructions? To sum it up, I'm not prepared to approve such a patch until there is a compelling story for all the interrupts that may trigger such behaviour. Thanks, M. -- Without deviation from the norm, progress is not possible.