On 17/02/2020 18:43, Roger Pau Monne wrote:
> @@ -67,7 +68,20 @@ static void send_IPI_shortcut(unsigned int shortcut, int
> vector,
> void send_IPI_mask(const cpumask_t *mask, int vector)
> {
> bool cpus_locked = false;
> - cpumask_t *scratch = this_cpu(scratch_cpumask);
> + cpumask_t *scratch = this_cpu(send_ipi_cpumask);
> + unsigned long flags;
> +
> + if ( in_mc() || in_nmi() )
> + {
> + /*
> + * When in #MC or #MNI context Xen cannot use the per-CPU scratch
> mask
> + * because we have no way to avoid reentry, so do not use the APIC
> + * shorthand.
> + */
> + alternative_vcall(genapic.send_IPI_mask, mask, vector);
> + return;
The set of things you can safely do in an NMI/MCE handler is small, and
does not include sending IPIs. (In reality, if you're using x2apic, it
is safe to send an IPI because there is no risk of clobbering ICR2
behind your outer context's back).
However, if we escalate from NMI/MCE context into crash context, then
anything goes. In reality, we only ever send NMIs from the crash path,
and that is not permitted to use a shorthand, making this code dead.
~Andrew
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xenproject.org
https://lists.xenproject.org/mailman/listinfo/xen-devel
