[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] xen/arm: Warn user on cpu errata 832075

To: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
From: Julien Grall <julien@xxxxxxx>
Date: Wed, 14 Oct 2020 18:13:05 +0100
Cc: Stefano Stabellini <sstabellini@xxxxxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
Delivery-date: Wed, 14 Oct 2020 17:13:17 +0000
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

Hi Andrew,

On 14/10/2020 12:35, Andrew Cooper wrote:

On 14/10/2020 11:41, Bertrand Marquis wrote:

When a Cortex A57 processor is affected by CPU errata 832075, a guest
not implementing the workaround for it could deadlock the system.
Add a warning during boot informing the user that only trusted guests
should be executed on the system.
An equivalent warning is already given to the user by KVM on cores
affected by this errata.

Signed-off-by: Bertrand Marquis <bertrand.marquis@xxxxxxx>
---
  xen/arch/arm/cpuerrata.c | 21 +++++++++++++++++++++
  1 file changed, 21 insertions(+)

diff --git a/xen/arch/arm/cpuerrata.c b/xen/arch/arm/cpuerrata.c
index 6c09017515..8f9ab6dde1 100644
--- a/xen/arch/arm/cpuerrata.c
+++ b/xen/arch/arm/cpuerrata.c
@@ -240,6 +240,26 @@ static int enable_ic_inv_hardening(void *data)

#endif+#ifdef CONFIG_ARM64_ERRATUM_832075

+
+static int warn_device_load_acquire_errata(void *data)
+{
+    static bool warned = false;
+
+    if ( !warned )
+    {
+        warning_add("This CPU is affected by the errata 832075.\n"
+                    "Guests without required CPU erratum workarounds\n"
+                    "can deadlock the system!\n"
+                    "Only trusted guests should be used on this system.\n");
+        warned = true;


This is an antipattern, which probably wants fixing elsewhere as well.

warning_add() is __init.  It's not legitimate to call from a non-init
function, and a less useless build system would have modpost to object.

You are right. We didn't spot any issue because CPU hotplug is not yetsupported on Arm.


The ARM_SMCCC_ARCH_WORKAROUND_1 instance asserts based on system state,
but this provides no safety at all.


Right.



What warning_add() actually does is queue messages for some point near
the end of boot.  It's not clear that this is even a clever thing to do.

Well, the goal is to have a single place where you can find out what areall the inconsistencies on the platform. It can be difficult to figurethat out with...


I'm very tempted to suggest a blanket change to printk_once().

A simple printk. But I guess we could add a wrapper that would add all aline of **** before and after to make easier to spot.


Cheers,

--
Julien Grall

References:
- [PATCH] xen/arm: Warn user on cpu errata 832075
  - From: Bertrand Marquis
- Re: [PATCH] xen/arm: Warn user on cpu errata 832075
  - From: Andrew Cooper

Prev by Date: Re: [PATCH] xen/arm: Document the erratum #853709 related to Cortex A72
Next by Date: Re: [PATCH] xen/arm: Warn user on cpu errata 832075
Previous by thread: Re: [PATCH] xen/arm: Warn user on cpu errata 832075
Next by thread: [PATCH] tools/xenmpd: Fix gcc10 snprintf warning
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.