Commit e1b6f938 authored by Chen Yu's avatar Chen Yu Committed by Hui Tang
Browse files

efi/unaccepted: touch soft lockup during memory accept 

mainline inclusion
from mainline-v6.9-rc7
commit 1c5a1627f48105cbab81d25ec2f72232bfaa8185
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I9UNKS
CVE: CVE-2024-36936

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=1c5a1627f48105cbab81d25ec2f72232bfaa8185



--------------------------------

Commit 50e782a8 ("efi/unaccepted: Fix soft lockups caused by
parallel memory acceptance") has released the spinlock so other CPUs can
do memory acceptance in parallel and not triggers softlockup on other
CPUs.

However the softlock up was intermittent shown up if the memory of the
TD guest is large, and the timeout of softlockup is set to 1 second:

 RIP: 0010:_raw_spin_unlock_irqrestore
 Call Trace:
 ? __hrtimer_run_queues
 <IRQ>
 ? hrtimer_interrupt
 ? watchdog_timer_fn
 ? __sysvec_apic_timer_interrupt
 ? __pfx_watchdog_timer_fn
 ? sysvec_apic_timer_interrupt
 </IRQ>
 ? __hrtimer_run_queues
 <TASK>
 ? hrtimer_interrupt
 ? asm_sysvec_apic_timer_interrupt
 ? _raw_spin_unlock_irqrestore
 ? __sysvec_apic_timer_interrupt
 ? sysvec_apic_timer_interrupt
 accept_memory
 try_to_accept_memory
 do_huge_pmd_anonymous_page
 get_page_from_freelist
 __handle_mm_fault
 __alloc_pages
 __folio_alloc
 ? __tdx_hypercall
 handle_mm_fault
 vma_alloc_folio
 do_user_addr_fault
 do_huge_pmd_anonymous_page
 exc_page_fault
 ? __do_huge_pmd_anonymous_page
 asm_exc_page_fault
 __handle_mm_fault

When the local irq is enabled at the end of accept_memory(), the
softlockup detects that the watchdog on single CPU has not been fed for
a while. That is to say, even other CPUs will not be blocked by
spinlock, the current CPU might be stunk with local irq disabled for a
while, which hurts not only nmi watchdog but also softlockup.

Chao Gao pointed out that the memory accept could be time costly and
there was similar report before. Thus to avoid any softlocup detection
during this stage, give the softlockup a flag to skip the timeout check
at the end of accept_memory(), by invoking touch_softlockup_watchdog().

Reported-by: default avatarHossain, Md Iqbal <md.iqbal.hossain@intel.com>
Signed-off-by: default avatarChen Yu <yu.c.chen@intel.com>
Reviewed-by: default avatarKirill A. Shutemov <kirill.shutemov@linux.intel.com>
Fixes: 50e782a8 ("efi/unaccepted: Fix soft lockups caused by parallel memory acceptance")
Signed-off-by: default avatarArd Biesheuvel <ardb@kernel.org>
Signed-off-by: default avatarHui Tang <tanghui20@huawei.com>
parent 17af64c8

drivers/firmware/efi/unaccepted_memory.c

+4 −0
Original line number Diff line number Diff line
@@ -3,6 +3,7 @@ 
#include <linux/efi.h>

#include <linux/memblock.h>

#include <linux/spinlock.h>

#include <linux/nmi.h>

#include <asm/unaccepted_memory.h>



/* Protects unaccepted memory bitmap and accepting_list */
@@ -148,6 +149,9 @@ void accept_memory(phys_addr_t start, phys_addr_t end) 
	}



	list_del(&range.list);



	touch_softlockup_watchdog();



	spin_unlock_irqrestore(&unaccepted_memory_lock, flags);

}