From: Dave Hansen <dave.hansen@intel.com>
To: Paolo Bonzini <pbonzini@redhat.com>,
Jan Kiszka <jan.kiszka@siemens.com>,
linux-kernel@vger.kernel.org, kvm@vger.kernel.org
Cc: Ralf Ramsauer <ralf.ramsauer@oth-regensburg.de>,
"Gupta, Pawan Kumar" <pawan.kumar.gupta@intel.com>
Subject: Re: [FYI PATCH 0/7] Mitigation for CVE-2018-12207
Date: Wed, 13 Nov 2019 13:24:42 -0800 [thread overview]
Message-ID: <dffb19ab-daa2-a513-531e-c43279d8a4bf@intel.com> (raw)
In-Reply-To: <ea5a084b-e047-6677-b8fe-d7bb6f8c0ef8@redhat.com>
On 11/13/19 12:23 AM, Paolo Bonzini wrote:
> On 13/11/19 07:38, Jan Kiszka wrote:
>> When reading MCE, error code 0150h, ie. SRAR, I was wondering if that
>> couldn't simply be handled by the host. But I suppose the symptom of
>> that erratum is not "just" regular recoverable MCE, rather
>> sometimes/always an unrecoverable CPU state, despite the error code, right?
> The erratum documentation talks explicitly about hanging the system, but
> it's not clear if it's just a result of the OS mishandling the MCE, or
> something worse. So I don't know. :( Pawan, do you?
It's "something worse".
I built a kernel module reproducer for this a long time ago. The
symptom I observed was the whole system hanging hard, requiring me to go
hit the power button. The MCE software machinery was not involved at
all from what I could tell.
About creating a unit test, I'd be personally happy to share my
reproducer, but I built it before this issue was root-caused. There are
actually quite a few underlying variants and a good unit test would make
sure to exercise all of them. My reproducer probably only exercised a
single case.
next prev parent reply other threads:[~2019-11-13 21:24 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-11-12 21:21 [FYI PATCH 0/7] Mitigation for CVE-2018-12207 Paolo Bonzini
2019-11-12 21:21 ` [PATCH 1/7] x86/bugs: Add ITLB_MULTIHIT bug infrastructure Paolo Bonzini
2019-11-12 21:21 ` [PATCH 2/7] x86/cpu: Add Tremont to the cpu vulnerability whitelist Paolo Bonzini
2019-11-12 21:21 ` [PATCH 3/7] cpu/speculation: Uninline and export CPU mitigations helpers Paolo Bonzini
2019-11-12 21:21 ` [PATCH 4/7] kvm: mmu: ITLB_MULTIHIT mitigation Paolo Bonzini
2019-11-12 21:21 ` [PATCH 5/7] kvm: Add helper function for creating VM worker threads Paolo Bonzini
2019-11-12 21:21 ` [PATCH 6/7] kvm: x86: mmu: Recovery of shattered NX large pages Paolo Bonzini
2019-11-12 21:21 ` [PATCH 7/7] Documentation: Add ITLB_MULTIHIT documentation Paolo Bonzini
2019-11-13 6:38 ` [FYI PATCH 0/7] Mitigation for CVE-2018-12207 Jan Kiszka
2019-11-13 8:23 ` Paolo Bonzini
2019-11-13 21:24 ` Dave Hansen [this message]
2019-11-14 1:17 ` Nadav Amit
2019-11-14 5:26 ` Dave Hansen
2019-11-14 6:02 ` Nadav Amit
2019-11-15 2:11 ` Pawan Gupta
2019-11-14 8:09 ` Jan Kiszka
2019-11-18 13:58 ` Ralf Ramsauer
2020-01-21 18:08 ` Jan Kiszka
2020-01-21 18:25 ` Dave Hansen
2019-11-13 23:25 ` Pawan Gupta
2019-11-14 8:13 ` Jan Kiszka
2019-11-15 2:23 ` Pawan Gupta
2019-11-13 13:00 ` Jinpu Wang
2019-11-13 14:44 ` Paolo Bonzini
2019-11-13 18:10 ` Nadav Amit
2019-11-13 18:33 ` Paolo Bonzini
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=dffb19ab-daa2-a513-531e-c43279d8a4bf@intel.com \
--to=dave.hansen@intel.com \
--cc=jan.kiszka@siemens.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=pawan.kumar.gupta@intel.com \
--cc=pbonzini@redhat.com \
--cc=ralf.ramsauer@oth-regensburg.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox