Re: [PATCH v3] ftrace/x86/32: fix triple fault with graph tracing and suspend-to-ram

From: Josh Poimboeuf
Date: Thu Apr 13 2017 - 22:12:56 EST

Next message: Martin K. Petersen: "Re: [PATCH v2] scsi: return correct blkprep status code in case scsi_init_io() fails."
Previous message: Yasunari.Takiguchi: "[PATCH v2 02/15] [media] cxd2880-spi: Add support for CXD2008 SPI interface"
In reply to: Steven Rostedt: "Re: [PATCH v3] ftrace/x86/32: fix triple fault with graph tracing and suspend-to-ram"
Next in thread: tip-bot for Josh Poimboeuf: "[tip:x86/urgent] ftrace/x86: Fix triple fault with graph tracing and suspend-to-ram"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Apr 13, 2017 at 07:02:36PM -0400, Steven Rostedt wrote:
> On Thu, 13 Apr 2017 17:53:55 -0500
> Josh Poimboeuf <jpoimboe@xxxxxxxxxx> wrote:
>
> > On x86-32, with CONFIG_FIRMWARE and multiple CPUs, if you enable
> > function graph tracing and then suspend to RAM, it will triple fault and
> > reboot when it resumes.
> >
> > The first fault happens when booting a secondary CPU:
> >
> > startup_32_smp()
> > load_ucode_ap()
> > prepare_ftrace_return()
> > ftrace_graph_is_dead()
> > (accesses 'kill_ftrace_graph')
> >
> > The early head_32.S code calls into load_ucode_ap(), which has an an
> > ftrace hook, so it calls prepare_ftrace_return(), which calls
> > ftrace_graph_is_dead(), which tries to access the global
> > 'kill_ftrace_graph' variable with a virtual address, causing a fault
> > because the CPU is still in real mode.
> >
> > The fix is to add a check in prepare_ftrace_return() to make sure it's
> > running in protected mode before continuing. The check makes sure the
> > stack pointer is a virtual kernel address. It's a bit of a hack, but
> > it's not very intrusive and it works well enough.
> >
> > For reference, here are a few other (more difficult) ways this could
> > have potentially been fixed:
> >
> > - Move startup_32_smp()'s call to load_ucode_ap() down to *after* paging
> > is enabled. (No idea what that would break.)
> >
> > - Track down load_ucode_ap()'s entire callee tree and mark all the
> > functions 'notrace'. (Probably not realistic.)
> >
> > - Pause graph tracing in ftrace_suspend_notifier_call() or bringup_cpu()
> > or __cpu_up(), and ensure that the pause facility can be queried from
> > real mode.
> >
> > Reported-by: Paul Menzel <pmenzel@xxxxxxxxxxxxx>
> > Tested-by: Paul Menzel <pmenzel@xxxxxxxxxxxxx>
> > Cc: stable@xxxxxxxxxx
> > Signed-off-by: Josh Poimboeuf <jpoimboe@xxxxxxxxxx>
>
> This is pretty much the same thing we were talking about before, right?

Yeah, the same patch from before, now with more tags!

> If so, then:
>
> Reviewed-by: Steven Rostedt (VMware) <rostedt@xxxxxxxxxxx>

Thanks!

--
Josh

Next message: Martin K. Petersen: "Re: [PATCH v2] scsi: return correct blkprep status code in case scsi_init_io() fails."
Previous message: Yasunari.Takiguchi: "[PATCH v2 02/15] [media] cxd2880-spi: Add support for CXD2008 SPI interface"
In reply to: Steven Rostedt: "Re: [PATCH v3] ftrace/x86/32: fix triple fault with graph tracing and suspend-to-ram"
Next in thread: tip-bot for Josh Poimboeuf: "[tip:x86/urgent] ftrace/x86: Fix triple fault with graph tracing and suspend-to-ram"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]