Re: [patch 1/2] x86_64 page fault NMI-safe

[Avi Kivity]

On 07/18/2010 08:36 PM, Linus Torvalds wrote:
> On Sun, Jul 18, 2010 at 4:03 AM, Avi Kivity<avi@xxxxxxxxxx>  wrote:
>    
> > By trading off some memory, we don't need this trickery.  We can allocate
> > two nmi stacks, so the code becomes:
> >      
> I really don't think you need even that. See earlier in the discussion
> about how we could just test %rsp itself. Which makes all the %rip
> testing totally unnecessary, because we don't even need any flags,and
> we have no races because %rsp is atomically changed with taking the
> exception.
>
> Lookie here, the %rsp comparison really isn't that hard:
>
>    nmi:
>        pushq %rax
>        pushq %rdx
>        movq %rsp,%rdx          # current stack top
>        movq 40(%rsp),%rax   # old stack top
>        xor %rax,%rdx              # same 8kB aligned area?
>        shrq $13,%rdx             # ignore low 13 bits
>        je it_is_a_nested_nmi   # looks nested..
>
>    

...

> doesn't that look pretty simple?
>
>    

Too simple - an MCE will switch to its own stack, failing the test.  Now 
that we have correctable MCEs, that's not a good idea.

So the plain everyday sequence

  NMI
  #PF
  MCE (uncompleted)
  NMI

will fail.

Plus, even in the non-nested case, you have to copy the stack frame, or 
the nested NMI will corrupt it.  With stack switching, the nested NMI is 
allocated its own frame.

--
I have a truly marvellous patch that fixes the bug which this
signature is too narrow to contain.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/