Re: [PATCH V2] x86/entry/64: De-Xen-ify our NMI code further

From: Steven Rostedt
Date: Mon Jan 25 2021 - 12:54:56 EST

Next message: Andy Lutomirski: "Re: [PATCH V2] x86/entry/64: De-Xen-ify our NMI code further"
Previous message: Marcel Holtmann: "Re: [PATCH 3/3] Bluetooth: btusb: Expose reset gpio to debugfs"
In reply to: Steven Rostedt: "Re: [PATCH V2] x86/entry/64: De-Xen-ify our NMI code further"
Next in thread: Andy Lutomirski: "Re: [PATCH V2] x86/entry/64: De-Xen-ify our NMI code further"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 25 Jan 2021 12:38:59 -0500
Steven Rostedt <rostedt@xxxxxxxxxxx> wrote:

> On triggering an NMI from user space, I see the switch to the thread stack
> is done, and "exc_nmi" is called.
>
> The problem I see with this is that exc_nmi is called with the thread
> stack, if it were to take an exception, NMIs would be enabled allowing for
> a nested NMI to run. From what I can tell, I don't see anything stopping
> that NMI from executing over the currently running NMI. That is, this means
> that NMI handlers are now re-entrant.
>
> Yes, the stack issue is not a problem here, but NMI handlers are not
> allowed to be re-entrant. For example, we have spin locks in NMI handlers
> that are considered fine if they are only used in NMI handlers. But because
> there's a possible way to make NMI handlers re-entrant then these spin
> locks can deadlock.
>
> I'm guessing that we need to add some tricks to the user space path to
> set and clear the "NMI executing" variable, but the return may become a bit
> complex in clearing that without races.

I think this may work if we wrap the exc_nmi call with the following:

Overwrite the NMI HW stack frame on the NMI stack as if an NMI came in at
the return back to the user space path of the NMI handler. Set the stack
pointer to the NMI stack just after the first frame that was updated. Then
jump to asm_exc_nmi.

Then the code would act like it came in from kernel mode, and execute the
NMI nesting code normally. When it finishes, and does the iretq, it will
return to the NMI handler for the user space return with the kernel thread
stack, and then the special code for returning to user space can be called.

The exc_nmi C code will need to handle this case to update pt_regs to make
sure the registered NMI handlers still see the pt_regs from user space. But
I think something like this may be the easiest way to handle this without
dealing with more NMI stack nesting races.

I could try to write something up to implemented this.

-- Steve

Next message: Andy Lutomirski: "Re: [PATCH V2] x86/entry/64: De-Xen-ify our NMI code further"
Previous message: Marcel Holtmann: "Re: [PATCH 3/3] Bluetooth: btusb: Expose reset gpio to debugfs"
In reply to: Steven Rostedt: "Re: [PATCH V2] x86/entry/64: De-Xen-ify our NMI code further"
Next in thread: Andy Lutomirski: "Re: [PATCH V2] x86/entry/64: De-Xen-ify our NMI code further"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]