From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andrew Cooper Subject: Re: [PATCH] x86/nmi: Make external NMI injection reliably crash the host Date: Tue, 26 Aug 2014 17:51:28 +0100 Message-ID: <53FCBB10.6050108@citrix.com> References: <1409047805-17893-1-git-send-email-ross.lagerwall@citrix.com> <53FCB083.2050603@terremark.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: In-Reply-To: <53FCB083.2050603@terremark.com> List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org To: Don Slutz , Ross Lagerwall , Xen-devel Cc: Keir Fraser , Jan Beulich List-Id: xen-devel@lists.xenproject.org On 26/08/14 17:06, Don Slutz wrote: > > On 08/26/14 06:10, Ross Lagerwall wrote: >> Change the watchdog handler to only "tick" if the corresponding perf >> counter has overflowed; otherwise, return false from the NMI handler to >> indicate that the NMI is not a watchdog tick and let the other handlers >> handle it. This allows externally injected NMIs to reliably crash the >> host rather than be swallowed by the watchdog handler. > > If a crash kernel has been setup via kexec, does this change to > "crash host" ends up jumping into the crash kernel? > > -Don Slutz No - this has no change of behaviour as to how Xen proceeds after it has decided to panic(). It does however change whether Xen decided to panic, depending on whether the NMI was a result of the watchdog, or some otherwise unidentified NMI. Basically, without this change, the "inject fatal NMI" option in most IPMI controllers doesn't work in combination with running the Xen watchdog. Only certain HP systems appear to set the IOCK bit in the system control port B when injecting an NMI. All other systems just send an NMI with no change to the control ports, which get eaten by the watchdog logic. This patch changes the watchdog logic to only consider an NMI as a watchdog tick if the perf counter confirms that it injected the NMI. ~Andrew