Re: [PATCH] clocksource: don't run watchdog forever

[Thomas Gleixner]

Feng,

On Thu, Mar 04 2021 at 15:43, Feng Tang wrote:
> On Wed, Mar 03, 2021 at 04:50:31PM +0100, Thomas Gleixner wrote:
>> Anything pre TSC_ADJUST wants the watchdog on. With TSC ADJUST available
>> we can probably avoid it.
>> 
>> There is a caveat though. If the machine never goes idle then TSC adjust
>> is not able to detect a potential wreckage. OTOH, most of the broken
>> BIOSes tweak TSC only by a few cycles and that is usually detectable
>> during boot. So we might be clever about it and schedule a check every
>> hour when during the first 10 minutes a modification of TSC adjust is
>> seen on any CPU.
>
> I don't have much experience with tsc_adjust, and try to understand it:
> The 'modification of TSC' here has 2 cases: ? 
> * First read of 'TSC_ADJUST' MSR of a just boot CPU returns non-zero
> value

That's catching stupid BIOSes which set the TSC to random values during
boot/reboot. That's a one off boot issue and not a real problem. The
kernel fixes it up and is done with it. Nothing to care about.

> * Following read of 'TSC_ADJUST' doesn't equal to the 'tsc_adjust' value
>   saved in per-cpu data.

That's where we catch broken BIOS/SMI implementations which try to
"hide" the time wasted in BIOS/SMI by setting the TSC back to the value
they saved on SMI entry. That was a popular BIOS "feature" some years
ago, but it seems the BIOS tinkerers finally gave up on it.

>> Where is this TSC_DISABLE_WRITE bit again?

I'm serious about this. Once the kernel has taken over a CPU there is
absolutely no reason for any context to write to the TSC/TSC_ADJUST
register ever again. So having a mechanism to prevent writes would
surely help to make the TSC more trustworthy.

> Also, does the patch ("x86/tsc: mark tsc reliable for qualified platforms")
> need to wait till this caveat case is solved?

Yes, but that should be trivial to do. 

Thanks,

        tglx