| Message ID | 20240603193622.47156-1-john.allen@amd.com |
|---|---|
| Headers | show |
| Series | Fix MCE handling on AMD hosts | expand |
Queued, thanks. I added a note to the commit message in the third patch:
By the time the MCE reaches the guest, the overflow has been handled
by the host and has not caused a shutdown, so include the bit unconditionally.
Advertising of SUCCOR and OVERFLOW_RECOV in KVM would still be nice. :)
Paolo
On Thu, Jun 06, 2024 at 11:09:05AM +0200, Paolo Bonzini wrote: > Queued, thanks. I added a note to the commit message in the third patch: Thanks, Paolo! > > By the time the MCE reaches the guest, the overflow has been handled > by the host and has not caused a shutdown, so include the bit unconditionally. I'm not sure I understand this additional comment. Is this talking about the case where the host gets an overflow? If so, yes, if the host has overflow recovery supported, it should handle the overflow and won't require any overflow recovery on the part of the guest. For clarity, it may be nice to prefix the above statement with something like: "In the case of a host overflow, ..." If we're going to bring up the host overflow case, it may be worth clarifying further that host overflows should not propagate to the guest and this patch is specifically intended to allow the guest to handle overflows in the MCEs that are injected from qemu. > > Advertising of SUCCOR and OVERFLOW_RECOV in KVM would still be nice. :) Sure, I will send a series for this. Thanks, John
In the event that a guest process attempts to access memory that has been poisoned in response to a deferred uncorrected MCE, an AMD system will currently generate a SIGBUS error which will result in the entire guest being shutdown. Ideally, we only want to kill the guest process that accessed poisoned memory in this case. This support has been included in qemu for Intel hosts for a long time, but there are a couple of changes needed for AMD hosts. First, we will need to expose the SUCCOR and overflow recovery cpuid bits to guests. Second, we need to modify the MCE injection code to avoid Intel specific behavior when we are running on an AMD host. Version 5 of the series differs from previous versions in that it handles AO (deferred) errors rather than ignoring them. This is made possible by in progress kernel patches that utilize recently accepted address translation capabilities on AMD platforms to translate UMC relative normalized addresses received with a deferred error to system physical addresses that can be used for memory error recovery. While the bulk of the address translation code is upstream, the code to use the new translation code in the event of a deferred error is not, but can be seen here: https://github.com/AMDESE/linux/commits/wip-mca/ This adds a new wrapper struct for MCEs and uses this wrapper to store the translated physical address in the following commit: https://github.com/AMDESE/linux/commit/76732c67cbf96c14f55ed1061804db9ff1505ea3 v2: - Add "succor" feature word. - Add case to kvm_arch_get_supported_cpuid for the SUCCOR feature. v3: - Reorder series. Only enable SUCCOR after bugs have been fixed. - Introduce new patch ignoring AO errors. v4: - Remove redundant check for AO errors. v5: - Remove patch to ignore AO errors and introduce proper deferred error support. - Introduce new patch to support overflow recovery cpuid bits. John Allen (3): i386: Fix MCE support for AMD hosts i386: Add support for SUCCOR feature i386: Add support for overflow recovery target/i386/cpu.c | 18 +++++++++++++++++- target/i386/cpu.h | 7 +++++++ target/i386/helper.c | 4 ++++ target/i386/kvm/kvm.c | 41 +++++++++++++++++++++++++++++++++-------- 4 files changed, 61 insertions(+), 9 deletions(-)