Re: [PATCH v9 2/3] x86/mce: Add per-bank CMCI storm mitigation

From: Borislav Petkov
Date: Tue Nov 21 2023 - 06:55:20 EST

Next message: Huacai Chen: "Re: [PATCH v1 2/2] LoongArch: KVM: Add lasx support"
Previous message: Justin Lai: "RE: [PATCH net-next v11 05/13] net:ethernet:realtek:rtase: Implement hardware configuration function"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Nov 14, 2023 at 02:04:46PM -0800, Tony Luck wrote:
> Before any storm happens, machine_check_poll() may only be called once
> a month, or less, when errors occur.

Err:

[ 317.825546] mce: mc_poll_banks_default: CPU2 irq ctxt level: 1
[ 317.825585] mce: mc_poll_banks_default: CPU0 irq ctxt level: 1
[ 317.825585] mce: mc_poll_banks_default: CPU1 irq ctxt level: 1
[ 317.825586] mce: mc_poll_banks_default: CPU3 irq ctxt level: 1
[ 317.825586] mce: mc_poll_banks_default: CPU4 irq ctxt level: 1
[ 317.825586] mce: mc_poll_banks_default: CPU5 irq ctxt level: 1
[ 629.121536] mce: mc_poll_banks_default: CPU1 irq ctxt level: 1
[ 629.121536] mce: mc_poll_banks_default: CPU4 irq ctxt level: 1
[ 629.121560] mce: mc_poll_banks_default: CPU2 irq ctxt level: 1
[ 629.121561] mce: mc_poll_banks_default: CPU0 irq ctxt level: 1
[ 629.121561] mce: mc_poll_banks_default: CPU5 irq ctxt level: 1
[ 629.121569] mce: mc_poll_banks_default: CPU3 irq ctxt level: 1
[ 940.417507] mce: mc_poll_banks_default: CPU2 irq ctxt level: 1
[ 940.417508] mce: mc_poll_banks_default: CPU3 irq ctxt level: 1
[ 940.417508] mce: mc_poll_banks_default: CPU1 irq ctxt level: 1
[ 940.417508] mce: mc_poll_banks_default: CPU4 irq ctxt level: 1
[ 940.417509] mce: mc_poll_banks_default: CPU5 irq ctxt level: 1
[ 940.417508] mce: mc_poll_banks_default: CPU0 irq ctxt level: 1
...

That's from my coffeelake test box.

The irq context level thing says we're in softirq context when the
polling happens.

> When a storm is detected for a bank, that bank (and any others in storm
> mode) will be checked once per second.

Ok.

> For a bank that doesn't support CMCI, then polling is the only way
> to find errors. You are right, these will feed into the history
> tracker, but while at 5-minute interval will not be able to trigger
> a storm.

Yes. But you need to call into the storm handling code somehow. So you
do that from the polling code.

And if the machine supports CMCI, you do the same - call the polling
code which then does the storm check.

> Since that 5-minute interval is halved every time error is
> found consecutively, it is possible at the 1-second poll interval to
> fill out enough bits to indicate a storm. I think I need to add some
> code to handle that case as it makes no sense to mess with the CMCI
> threshold in IA32_MCi_CTL2 for a bank that doesn't support CMCI.
> Probably will just skip tracking for any such banks.

Ok.

> Aren't interrupts disabled while running the code after the timer fires?

No, see above.

> Whichever of the timer and the CMCI happens first will run. Second to
> arrive will pend the interrupt and be handled when interrupts are
> enabled as the first completes.

So I still don't like the timer calling machine_check_poll() and
cmci_mc_poll_banks() doing the same without any proper synchronization
between the two.

Yes, when you get a CMCI interrupt, you poll and do the call the storm
code. Now what happens if the polling runs from softirq context and you
get a CMCI interrupt at exactly the same time. I.e., is
machine_check_poll() reentrant and audited properly?

I hope I'm making more sense.

Thx.

--
Regards/Gruss,
Boris.

https://people.kernel.org/tglx/notes-about-netiquette

Next message: Huacai Chen: "Re: [PATCH v1 2/2] LoongArch: KVM: Add lasx support"
Previous message: Justin Lai: "RE: [PATCH net-next v11 05/13] net:ethernet:realtek:rtase: Implement hardware configuration function"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]