public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: gengdongjiu <gengdongjiu@huawei.com>
To: Laszlo Ersek <lersek@redhat.com>, Achin Gupta <achin.gupta@arm.com>
Cc: <ard.biesheuvel@linaro.org>, <edk2-devel@lists.01.org>,
	<qemu-devel@nongnu.org>, <zhaoshenglong@huawei.com>,
	James Morse <james.morse@arm.com>,
	Christoffer Dall <cdall@linaro.org>, <xiexiuqi@huawei.com>,
	Marc Zyngier <marc.zyngier@arm.com>, <catalin.marinas@arm.com>,
	<will.deacon@arm.com>, <christoffer.dall@linaro.org>,
	<rkrcmar@redhat.com>, <suzuki.poulose@arm.com>,
	<andre.przywara@arm.com>, <mark.rutland@arm.com>,
	<vladimir.murzin@arm.com>, <linux-arm-kernel@lists.infradead.org>,
	<kvmarm@lists.cs.columbia.edu>, <kvm@vger.kernel.org>,
	<linux-kernel@vger.kernel.org>, <wangxiongfeng2@huawei.com>,
	<wuquanming@huawei.com>, <huangshaoyu@huawei.com>,
	<Leif.Lindholm@linaro.com>, <nd@arm.com>,
	Michael Tsirkin <mtsirkin@redhat.com>,
	Igor Mammedov <imammedo@redhat.com>
Subject: Re: [PATCH] kvm: pass the virtual SEI syndrome to guest OS
Date: Fri, 21 Apr 2017 21:27:31 +0800	[thread overview]
Message-ID: <3fdc8c8c-1cd9-b609-c7af-52d40e6141c5@huawei.com> (raw)
In-Reply-To: <6ac1597a-2ed5-36b2-848d-5fd048b16d66@redhat.com>

Hi all/Laszlo,

  sorry, I have a question to consult with you.


On 2017/4/7 2:55, Laszlo Ersek wrote:
> On 04/06/17 14:35, gengdongjiu wrote:
>> Dear, Laszlo
>>    Thanks for your detailed explanation.
>>
>> On 2017/3/29 19:58, Laszlo Ersek wrote:
>>> (This ought to be one of the longest address lists I've ever seen :)
>>> Thanks for the CC. I'm glad Shannon is already on the CC list. For good
>>> measure, I'm adding MST and Igor.)
>>>
>>> On 03/29/17 12:36, Achin Gupta wrote:
>>>> Hi gengdongjiu,
>>>>
>>>> On Wed, Mar 29, 2017 at 05:36:37PM +0800, gengdongjiu wrote:
>>>>>
>>>>> Hi Laszlo/Biesheuvel/Qemu developer,
>>>>>
>>>>>    Now I encounter a issue and want to consult with you in ARM64 platform, as described below:
>>>>>
>>>>> when guest OS happen synchronous or asynchronous abort, kvm needs
>>>>> to send the error address to Qemu or UEFI through sigbus to
>>>>> dynamically generate APEI table. from my investigation, there are
>>>>> two ways:
>>>>>
>>>>> (1) Qemu get the error address, and generate the APEI table, then
>>>>> notify UEFI to know this generation, then inject abort error to
>>>>> guest OS, guest OS read the APEI table.
>>>>> (2) Qemu get the error address, and let UEFI to generate the APEI
>>>>> table, then inject abort error to guest OS, guest OS read the APEI
>>>>> table.
>>>>
>>>> Just being pedantic! I don't think we are talking about creating the APEI table
>>>> dynamically here. The issue is: Once KVM has received an error that is destined
>>>> for a guest it will raise a SIGBUS to Qemu. Now before Qemu can inject the error
>>>> into the guest OS, a CPER (Common Platform Error Record) has to be generated
>>>> corresponding to the error source (GHES corresponding to memory subsystem,
>>>> processor etc) to allow the guest OS to do anything meaningful with the
>>>> error. So who should create the CPER is the question.
>>>>
>>>> At the EL3/EL2 interface (Secure Firmware and OS/Hypervisor), an error arrives
>>>> at EL3 and secure firmware (at EL3 or a lower secure exception level) is
>>>> responsible for creating the CPER. ARM is experimenting with using a Standalone
>>>> MM EDK2 image in the secure world to do the CPER creation. This will avoid
>>>> adding the same code in ARM TF in EL3 (better for security). The error will then
>>>> be injected into the OS/Hypervisor (through SEA/SEI/SDEI) through ARM Trusted
>>>> Firmware.
>>>>
>>>> Qemu is essentially fulfilling the role of secure firmware at the EL2/EL1
>>>> interface (as discussed with Christoffer below). So it should generate the CPER
>>>> before injecting the error.
>>>>
>>>> This is corresponds to (1) above apart from notifying UEFI (I am assuming you
>>>> mean guest UEFI). At this time, the guest OS already knows where to pick up the
>>>> CPER from through the HEST. Qemu has to create the CPER and populate its address
>>>> at the address exported in the HEST. Guest UEFI should not be involved in this
>>>> flow. Its job was to create the HEST at boot and that has been done by this
>>>> stage.
>>>>
>>>> Qemu folk will be able to add but it looks like support for CPER generation will
>>>> need to be added to Qemu. We need to resolve this.
>>>>
>>>> Do shout if I am missing anything above.
>>>
>>> After reading this email, the use case looks *very* similar to what
>>> we've just done with VMGENID for QEMU 2.9.
>>>
>>> We have a facility between QEMU and the guest firmware, called "ACPI
>>> linker/loader", with which QEMU instructs the firmware to
>>>
>>> - allocate and download blobs into guest RAM (AcpiNVS type memory) --
>>> ALLOCATE command,
>>>
>>> - relocate pointers in those blobs, to fields in other (or the same)
>>> blobs -- ADD_POINTER command,
>>>
>>> - set ACPI table checksums -- ADD_CHECKSUM command,
>>>
>>> - and send GPAs of fields within such blobs back to QEMU --
>>> WRITE_POINTER command.
>>>
>>> This is how I imagine we can map the facility to the current use case
>>> (note that this is the first time I read about HEST / GHES / CPER):

Laszlo lists a Qemu GHES table generation solution, Mainly use the four commands: "ALLOCATE/ADD_POINTER/ADD_CHECKSUM/WRITE_POINTER" to communicate with BIOS
so whether the four commands needs to be supported by the guest firware/UEFI.  I found the  "WRITE_POINTER" always failed. so I suspect guest UEFI/firmware not support the "WRITE_POINTER" command. please help me confirm it, thanks so much.




  parent reply	other threads:[~2017-04-21 13:28 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <76795e20-2f20-1e54-cfa5-7444f28b18ee@huawei.com>
     [not found] ` <20170321113428.GC15920@cbox>
     [not found]   ` <58D17AF0.2010802@arm.com>
     [not found]     ` <20170321193933.GB31111@cbox>
     [not found]       ` <58DA3F68.6090901@arm.com>
     [not found]         ` <20170328112328.GA31156@cbox>
     [not found]           ` <20170328115413.GJ23682@e104320-lin>
     [not found]             ` <b1c6e747-2fa7-b7a1-60d5-4a9c480b9dc9@huawei.com>
     [not found]               ` <58DA67BA.8070404@arm.com>
     [not found]                 ` <5b7352f4-4965-3ed5-3879-db871797be47@huawei.com>
2017-03-29 10:36                   ` [PATCH] kvm: pass the virtual SEI syndrome to guest OS Achin Gupta
2017-03-29 11:58                     ` Laszlo Ersek
     [not found]                       ` <20170329154539-mutt-send-email-mst@kernel.org>
2017-03-29 13:36                         ` Laszlo Ersek
2017-04-06 12:35                       ` gengdongjiu
2017-04-06 18:55                         ` Laszlo Ersek
2017-04-07  2:52                           ` gengdongjiu
2017-04-07  9:21                             ` Laszlo Ersek
2017-04-21 13:27                           ` gengdongjiu [this message]
2017-04-24 11:27                             ` Laszlo Ersek
     [not found]                     ` <CAMj-D2BT3ByY-iFrRVVK7y=G7zhRBtM031VgLn6JzwUE-WCdWQ@mail.gmail.com>
     [not found]                       ` <20170329144822.GA1020@cbox>
2017-03-29 15:37                         ` Laszlo Ersek

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3fdc8c8c-1cd9-b609-c7af-52d40e6141c5@huawei.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox