在 2022/11/2 PM7:53, Shuai Xue 写道:
在 2022/10/29 AM1:25, Luck, Tony 写道:
cper_sec_mem_err::error_type identifies the type of error that occurred if CPER_MEM_VALID_ERROR_TYPE is set. So, set memory failure flags as 0 for Scrub Uncorrected Error (type 14). Otherwise, set memory failure flags as MF_ACTION_REQUIRED.
On x86 the "action required" cases are signaled by a synchronous machine check that is delivered before the instruction that is attempting to consume the uncorrected data retires. I.e., it is guaranteed that the uncorrected error has not been propagated because it is not visible in any architectural state.
On arm, if a 2-bit (uncorrectable) error is detected, and the memory access has been architecturally executed, that error is considered “consumed”. The CPU will take a synchronous error exception, signaled as synchronous external abort (SEA), which is analogously to MCE.
APEI signaled errors don't fall into that category on x86 ... the uncorrected data could have been consumed and propagated long before the signaling used for APEI can alert the OS.
Does ARM deliver APEI signals synchronously?
If not, then this patch might deliver a false sense of security to applications about the state of uncorrected data in the system.
Well, it does not always. There are many APEI notification, such as SCI, GSIV, GPIO, SDEI, SEA, etc. Not all APEI notifications are synchronously and it depends on hardware signal. As far as I know, if a UE is detected and consumed, synchronous external abort is signaled to firmware and firmware then performs a first-level triage and synchronously notify OS by SDEI or SEA notification. On the other hand, if CE is detected, a asynchronous interrupt will be signaled and firmware could notify OS by GPIO or GSIV.
Best Regards, Shuai
Prefetch data with UE error triggers async interrupt on both X86 and Arm64 platform (CMCI in X86 and SPI in arm64). It does not belongs to scrub UEs. I have to admit that cper_sec_mem_err::error_type is not an appropriate basis to distinguish "action required" cases.
acpi_hest_generic_data::flags (UEFI spec section N.2.2) could be used to indicate Action Optional (Scrub/Prefetch).
Bit 5 – Latent error: If set this flag indicates that action has been taken to ensure error containment (such a poisoning data), but the error has not been fully corrected and the data has not been consumed. System software may choose to take further corrective action before the data is consumed.
Our hardware team has submitted a proposal to UEFI community to add a new bit:
Bit 8 – sync flag; if set this flag indicates that this event record is synchronous(e.g. cpu core consumes poison data, then cause instruction/data abort); if not set, this event record is asynchronous.
With bit 8, we will know it is "Action Required".
I will send a new patch set to rework GHES error handling after the proposal is accept.
Best Regards Shuai