From: "Paolo Bonzini" <pbonzini@redhat.com>
To: "Kinney, Michael D" <michael.d.kinney@intel.com>
Cc: Michael Brown <mcb30@ipxe.org>,
edk2-devel-groups-io <devel@edk2.groups.io>,
"Ni, Ray" <ray.ni@intel.com>,
Liming Gao <gaoliming@byosoft.com.cn>,
Laszlo Ersek <lersek@redhat.com>
Subject: Re: [edk2-devel] [PATCH 2/2] MdeModulePkg/DxeCore: Fix stack overflow issue due to nested interrupts
Date: Thu, 29 Feb 2024 18:39:33 +0100 [thread overview]
Message-ID: <CABgObfbXruaKuamwP4E-=h8=LjjvnM8k+eJJoUimE=ituuFvDg@mail.gmail.com> (raw)
In-Reply-To: <CO1PR11MB4929CF207E2314767430B4E8D25F2@CO1PR11MB4929.namprd11.prod.outlook.com>
[-- Attachment #1: Type: text/plain, Size: 2750 bytes --]
Il gio 29 feb 2024, 17:45 Kinney, Michael D <michael.d.kinney@intel.com> ha
scritto:
> Hi Michael,
>
> Can you provide a pointer to the UEFI Spec statement this breaks?
>
The spec does say that interrupts are disabled for TPL_HIGH_LEVEL, but
indeed it doesn't say they are always enabled at lower levels. However, if
the interrupts aren't always enabled whenever you're below TPL_HIGH_LEVEL,
you get priority inversions (and deadlocks).
For example, if you end up running with interrupts disabled at
TPL_CALLBACK, you are disabling the dispatching of timers at TPL_NOTIFY.
I guess this can be deduced from these two passages:
- "The functions in these queues are invoked in FIFO order, starting with
the highest priority level queue and proceeding to the lowest priority
queue that is unmasked by the current TPL"
- "If Type is TimerRelative and TriggerTime is 0, then the timer event will
be signaled on the next timer tick" (in the description of gBS->SetTimer)
Paolo
> Thanks,
>
> Mike
>
> > -----Original Message-----
> > From: Michael Brown <mcb30@ipxe.org>
> > Sent: Thursday, February 29, 2024 5:23 AM
> > To: devel@edk2.groups.io; Ni, Ray <ray.ni@intel.com>
> > Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Liming Gao
> > <gaoliming@byosoft.com.cn>; Laszlo Ersek <lersek@redhat.com>; Paolo
> > Bonzini <pbonzini@redhat.com>
> > Subject: Re: [edk2-devel] [PATCH 2/2] MdeModulePkg/DxeCore: Fix stack
> > overflow issue due to nested interrupts
> >
> > On 29/02/2024 13:02, Ni, Ray wrote:
> > > A ideal solution is to not keep the interrupt disabled when
> > > RestoreTPL(TPL_HIGH -> not TPL_HIGH) is executed in the timer
> > interrupt
> > > context because the interrupt handler will re-enable the interrupt
> > with
> > > arch specific instructions (e.g.: IRET for x86).
> > >
> > > The patch introduces mInterruptedTplMask which tells RestoreTPL() if
> > > it's called in the interrupt context and whether it should defer
> > enabling
> > > the interrupt.
> >
> > NACK. This breaks the specification-defined behaviour for
> > RestoreTPL().
> >
> > What guarantees do we have that there is no code anywhere in the world
> > that relies upon RestoreTPL() unconditionally re-enabling interrupts.
> >
> > I also find this code substantially harder to follow than
> > NestedInterruptTplLib (which does not break any specified behaviour).
> >
> > Thanks,
> >
> > Michael
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#116179): https://edk2.groups.io/g/devel/message/116179
Mute This Topic: https://groups.io/mt/104642317/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
[-- Attachment #2: Type: text/html, Size: 4909 bytes --]
next prev parent reply other threads:[~2024-02-29 17:39 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-29 13:02 [edk2-devel] [PATCH 0/2] Fix stack overflow issue due to nested interrupts Ni, Ray
2024-02-29 13:02 ` [edk2-devel] [PATCH 1/2] UefiCpuPkg/CpuDxe: Return correct interrupt state Ni, Ray
2024-02-29 13:02 ` [edk2-devel] [PATCH 2/2] MdeModulePkg/DxeCore: Fix stack overflow issue due to nested interrupts Ni, Ray
2024-02-29 13:23 ` Michael Brown
2024-02-29 16:43 ` Michael D Kinney
2024-02-29 17:39 ` Michael Brown
2024-02-29 19:09 ` Michael D Kinney
2024-02-29 19:41 ` Michael Brown
2024-02-29 17:39 ` Paolo Bonzini [this message]
2024-02-29 19:09 ` Michael D Kinney
2024-02-29 19:04 ` Paolo Bonzini
2024-02-29 19:16 ` Michael D Kinney
2024-02-29 20:08 ` Paolo Bonzini
2024-02-29 19:22 ` Michael Brown
2024-02-29 19:26 ` Michael D Kinney
2024-02-29 19:44 ` Michael Brown
2024-02-29 20:11 ` Paolo Bonzini
2024-03-01 0:14 ` Paolo Bonzini
2024-03-01 3:07 ` Ni, Ray
2024-03-01 8:37 ` Paolo Bonzini
2024-03-01 9:27 ` Michael Brown
2024-03-01 9:33 ` Paolo Bonzini
2024-03-01 11:10 ` Michael Brown
2024-03-01 12:09 ` Paolo Bonzini
2024-03-05 4:19 ` Ni, Ray
[not found] ` <17B9C3692B44139F.30946@groups.io>
2024-06-18 5:54 ` Ni, Ray
2024-03-01 8:44 ` Paolo Bonzini
2024-03-01 9:20 ` Ni, Ray
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CABgObfbXruaKuamwP4E-=h8=LjjvnM8k+eJJoUimE=ituuFvDg@mail.gmail.com' \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox