[PATCH 0/6] use memcpy_mcsafe() for copy_to_iter()
by Dan Williams
Currently memcpy_mcsafe() is only deployed in the pmem driver when
reading through a /dev/pmemX block device. However, a filesystem in dax
mode mounted on a /dev/pmemX block device will bypass the block layer
and the driver for reads. The filesystem-dax (fsdax) read case uses
dax_direct_access() and copy_to_iter() to bypass the block layer.
The result of the bypass is that the kernel treats machine checks during
read as system fatal (reboot) when they could simply be flagged as an
I/O error, similar to performing reads through the pmem driver. Prevent
this fatal condition by deploying memcpy_mcsafe() in the fsdax read
path.
The main differences between this copy_to_user_mcsafe() and
copy_user_generic_unrolled() are:
* Typical tail/residue handling after a fault retries the copy
byte-by-byte until the fault happens again. Re-triggering machine
checks is potentially fatal so the implementation uses source alignment
and poison alignment assumptions to limit the residue copying to known
good bytes.
* SMAP coordination is handled external to the assembly with
__uaccess_begin() and __uaccess_end().
* ITER_KVEC and ITER_BVEC can now end prematurely with an error.
The new MCSAFE_DEBUG facility is proposed as a way to unit test the
exception handling without requiring an ACPI EINJ capable platform.
Thanks to Tony Luck for his review, test, and implementation ideas on
initial versions of this patchset.
---
Dan Williams (6):
x86, memcpy_mcsafe: update labels in support of write fault handling
x86, memcpy_mcsafe: return bytes remaining
x86, memcpy_mcsafe: add write-protection-fault handling
x86, memcpy_mcsafe: define copy_to_iter_mcsafe()
dax: use copy_to_iter_mcsafe() in dax_iomap_actor()
x86, nfit_test: unit test for memcpy_mcsafe()
arch/x86/Kconfig.debug | 3 +
arch/x86/include/asm/mcsafe_debug.h | 50 ++++++++++
arch/x86/include/asm/string_64.h | 8 +-
arch/x86/include/asm/uaccess_64.h | 14 +++
arch/x86/lib/memcpy_64.S | 178 ++++++++++++++++++++++++++++-------
arch/x86/lib/usercopy_64.c | 12 ++
drivers/nvdimm/claim.c | 3 -
drivers/nvdimm/pmem.c | 6 +
fs/dax.c | 20 ++--
include/linux/string.h | 4 -
include/linux/uio.h | 10 ++
lib/iov_iter.c | 59 ++++++++++++
tools/testing/nvdimm/test/nfit.c | 48 +++++++++
13 files changed, 360 insertions(+), 55 deletions(-)
create mode 100644 arch/x86/include/asm/mcsafe_debug.h
4 years, 1 month
[RESEND 0/3] Add support for memcpy_mcsafe
by Balbir Singh
memcpy_mcsafe() is an API currently used by the pmem subsystem to convert
errors while doing a memcpy (machine check exception errors) to a return
value. This patchset consists of three patches
1. The first patch is a bug fix to handle machine check errors correctly
while walking the page tables in kernel mode, due to huge pmd/pud sizes
2. The second patch adds memcpy_mcsafe() support, this is largely derived
from existing code
3. The third patch registers for callbacks on machine check exceptions and
in them uses specialized knowledge of the type of page to decide whether
to handle the MCE as is or to return to a fixup address present in
memcpy_mcsafe(). If a fixup address is used, then we return an error
value of -EFAULT to the caller.
Testing
A large part of the testing was done under a simulator by selectively
inserting machine check exceptions in a test driver doing memcpy_mcsafe
via ioctls.
Balbir Singh (3):
powerpc/mce: Bug fixes for MCE handling in kernel space
powerpc/memcpy: Add memcpy_mcsafe for pmem
powerpc/mce: Handle memcpy_mcsafe
arch/powerpc/include/asm/mce.h | 3 +-
arch/powerpc/include/asm/string.h | 2 +
arch/powerpc/kernel/mce.c | 76 +++++++++++-
arch/powerpc/kernel/mce_power.c | 17 +--
arch/powerpc/lib/Makefile | 2 +-
arch/powerpc/lib/memcpy_mcsafe_64.S | 225 ++++++++++++++++++++++++++++++++++++
6 files changed, 314 insertions(+), 11 deletions(-)
create mode 100644 arch/powerpc/lib/memcpy_mcsafe_64.S
--
2.13.6
4 years, 1 month
[ndctl PATCH 0/4] Error injection reworks
by Vishal Verma
Updates to the error injection facilities in libndctl and ndctl that:
1. Inject fewer bytes per injected block:
It is sufficient to inject even a single byte (cache line) for Linux
to mark the entire block as a badblock. Reduce the number of injected
bytes per block to the unit reported by clear_err_unit
2. Provide a --saturate option:
If the old behavior of injecting the whole block for every block is
desired, provide a --saturate option to get that.
Vishal Verma (4):
libndctl, ars: add an API to retrieve clear_err_unit
libndctl, inject: inject fewer bytes per block by default
libndctl, inject: add 'v2' APIs for inject and uninject
ndctl, inject-error: add a --saturate option
Documentation/ndctl/ndctl-inject-error.txt | 14 ++
ndctl/inject-error.c | 40 +++---
ndctl/lib/ars.c | 15 +++
ndctl/lib/inject.c | 201 ++++++++++++++++++++++-------
ndctl/lib/libndctl.sym | 7 +
ndctl/libndctl.h | 11 ++
6 files changed, 222 insertions(+), 66 deletions(-)
--
2.14.3
4 years, 1 month