commit
506a66f374891ff08e064a058c446b336c5ac760 upstream
Dave Hansen reported, that it's outright dangerous to keep SMT siblings
disabled completely so they are stuck in the BIOS and wait for SIPI.
The reason is that Machine Check Exceptions are broadcasted to siblings and
the soft disabled sibling has CR4.MCE = 0. If a MCE is delivered to a
logical core with CR4.MCE = 0, it asserts IERR#, which shuts down or
reboots the machine. The MCE chapter in the SDM contains the following
blurb:
Because the logical processors within a physical package are tightly
coupled with respect to shared hardware resources, both logical
processors are notified of machine check errors that occur within a
given physical processor. If machine-check exceptions are enabled when
a fatal error is reported, all the logical processors within a physical
package are dispatched to the machine-check exception handler. If
machine-check exceptions are disabled, the logical processors enter the
shutdown state and assert the IERR# signal. When enabling machine-check
exceptions, the MCE flag in control register CR4 should be set for each
logical processor.
Reverting the commit which ignores siblings at enumeration time solves only
half of the problem. The core cpuhotplug logic needs to be adjusted as
well.
This thoughtful engineered mechanism also turns the boot process on all
Intel HT enabled systems into a MCE lottery. MCE is enabled on the boot CPU
before the secondary CPUs are brought up. Depending on the number of
physical cores the window in which this situation can happen is smaller or
larger. On a HSW-EX it's about 750ms:
MCE is enabled on the boot CPU:
[ 0.244017] mce: CPU supports 22 MCE banks
The corresponding sibling #72 boots:
[ 1.008005] .... node #0, CPUs: #72
That means if an MCE hits on physical core 0 (logical CPUs 0 and 72)
between these two points the machine is going to shutdown. At least it's a
known safe state.
It's obvious that the early boot can be hit by an MCE as well and then runs
into the same situation because MCEs are not yet enabled on the boot CPU.
But after enabling them on the boot CPU, it does not make any sense to
prevent the kernel from recovering.
Adjust the nosmt kernel parameter documentation as well.
Reverts:
2207def700f9 ("x86/apic: Ignore secondary threads if nosmt=force")
Reported-by: Dave Hansen <dave.hansen@intel.com>
Signed-off-by: Thomas Gleixner <tglx@linutronix.de>
Tested-by: Tony Luck <tony.luck@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Equivalent to smt=1.
[KNL,x86] Disable symmetric multithreading (SMT).
- nosmt=force: Force disable SMT, similar to disabling
- it in the BIOS except that some of the
- resource partitioning effects which are
- caused by having SMT enabled in the BIOS
- cannot be undone. Depending on the CPU
- type this might have a performance impact.
+ nosmt=force: Force disable SMT, cannot be undone
+ via the sysfs control file.
nospectre_v2 [X86] Disable all mitigations for the Spectre variant 2
(indirect branch prediction) vulnerability. System may
#ifdef CONFIG_SMP
bool apic_id_is_primary_thread(unsigned int id);
-bool apic_id_disabled(unsigned int id);
#else
static inline bool apic_id_is_primary_thread(unsigned int id) { return false; }
-static inline bool apic_id_disabled(unsigned int id) { return false; }
#endif
extern void irq_enter(void);
}
if (!enabled) {
- if (!apic_id_disabled(id))
- ++disabled_cpus;
+ ++disabled_cpus;
return -EINVAL;
}
return !(apicid & mask);
}
-/**
- * apic_id_disabled - Check whether APIC ID is disabled via SMT control
- * @id: APIC ID to check
- */
-bool apic_id_disabled(unsigned int id)
-{
- return (cpu_smt_control == CPU_SMT_FORCE_DISABLED &&
- !apic_id_is_primary_thread(id));
-}
-
/*
* Should use this API to allocate logical CPU IDs to keep nr_logical_cpuids
* and cpuid_to_apicid[] synchronized.
return -EINVAL;
}
- /*
- * If SMT is force disabled and the APIC ID belongs to
- * a secondary thread, ignore it.
- */
- if (apic_id_disabled(apicid)) {
- pr_info_once("Ignoring secondary SMT threads\n");
- return -EINVAL;
- }
-
if (apicid == boot_cpu_physical_apicid) {
/*
* x86_bios_cpu_apicid is required to have processors listed