1 // SPDX-License-Identifier: GPL-2.0-only
3 * Machine check handler.
5 * K8 parts Copyright 2002,2003 Andi Kleen, SuSE Labs.
6 * Rest from unknown author(s).
7 * 2004 Andi Kleen. Rewrote most of it.
8 * Copyright 2008 Intel Corporation
12 #include <linux/thread_info.h>
13 #include <linux/capability.h>
14 #include <linux/miscdevice.h>
15 #include <linux/ratelimit.h>
16 #include <linux/rcupdate.h>
17 #include <linux/kobject.h>
18 #include <linux/uaccess.h>
19 #include <linux/kdebug.h>
20 #include <linux/kernel.h>
21 #include <linux/percpu.h>
22 #include <linux/string.h>
23 #include <linux/device.h>
24 #include <linux/syscore_ops.h>
25 #include <linux/delay.h>
26 #include <linux/ctype.h>
27 #include <linux/sched.h>
28 #include <linux/sysfs.h>
29 #include <linux/types.h>
30 #include <linux/slab.h>
31 #include <linux/init.h>
32 #include <linux/kmod.h>
33 #include <linux/poll.h>
34 #include <linux/nmi.h>
35 #include <linux/cpu.h>
36 #include <linux/ras.h>
37 #include <linux/smp.h>
40 #include <linux/debugfs.h>
41 #include <linux/irq_work.h>
42 #include <linux/export.h>
43 #include <linux/set_memory.h>
44 #include <linux/sync_core.h>
45 #include <linux/task_work.h>
46 #include <linux/hardirq.h>
47 #include <linux/kexec.h>
50 #include <asm/intel-family.h>
51 #include <asm/processor.h>
52 #include <asm/traps.h>
53 #include <asm/tlbflush.h>
56 #include <asm/reboot.h>
61 /* sysfs synchronization */
62 static DEFINE_MUTEX(mce_sysfs_mutex);
64 #define CREATE_TRACE_POINTS
65 #include <trace/events/mce.h>
67 #define SPINUNIT 100 /* 100ns */
69 DEFINE_PER_CPU(unsigned, mce_exception_count);
71 DEFINE_PER_CPU_READ_MOSTLY(unsigned int, mce_num_banks);
73 DEFINE_PER_CPU_READ_MOSTLY(struct mce_bank[MAX_NR_BANKS], mce_banks_array);
76 /* One object for each MCE bank, shared by all CPUs */
78 struct device_attribute attr; /* device attribute */
79 char attrname[ATTR_LEN]; /* attribute name */
80 u8 bank; /* bank number */
82 static struct mce_bank_dev mce_bank_devs[MAX_NR_BANKS];
84 struct mce_vendor_flags mce_flags __read_mostly;
86 struct mca_config mca_cfg __read_mostly = {
91 static DEFINE_PER_CPU(struct mce, mces_seen);
92 static unsigned long mce_need_notify;
95 * MCA banks polled by the period polling timer for corrected events.
96 * With Intel CMCI, this only has MCA banks which do not support CMCI (if any).
98 DEFINE_PER_CPU(mce_banks_t, mce_poll_banks) = {
99 [0 ... BITS_TO_LONGS(MAX_NR_BANKS)-1] = ~0UL
103 * MCA banks controlled through firmware first for corrected errors.
104 * This is a global list of banks for which we won't enable CMCI and we
105 * won't poll. Firmware controls these banks and is responsible for
106 * reporting corrected errors through GHES. Uncorrected/recoverable
107 * errors are still notified through a machine check.
109 mce_banks_t mce_banks_ce_disabled;
111 static struct work_struct mce_work;
112 static struct irq_work mce_irq_work;
115 * CPU/chipset specific EDAC code can register a notifier call here to print
116 * MCE errors in a human-readable form.
118 BLOCKING_NOTIFIER_HEAD(x86_mce_decoder_chain);
120 /* Do initial initialization of a struct mce */
121 void mce_setup(struct mce *m)
123 memset(m, 0, sizeof(struct mce));
124 m->cpu = m->extcpu = smp_processor_id();
125 /* need the internal __ version to avoid deadlocks */
126 m->time = __ktime_get_real_seconds();
127 m->cpuvendor = boot_cpu_data.x86_vendor;
128 m->cpuid = cpuid_eax(1);
129 m->socketid = cpu_data(m->extcpu).topo.pkg_id;
130 m->apicid = cpu_data(m->extcpu).topo.initial_apicid;
131 m->mcgcap = __rdmsr(MSR_IA32_MCG_CAP);
132 m->ppin = cpu_data(m->extcpu).ppin;
133 m->microcode = boot_cpu_data.microcode;
136 DEFINE_PER_CPU(struct mce, injectm);
137 EXPORT_PER_CPU_SYMBOL_GPL(injectm);
139 void mce_log(struct mce *m)
141 if (!mce_gen_pool_add(m))
142 irq_work_queue(&mce_irq_work);
144 EXPORT_SYMBOL_GPL(mce_log);
146 void mce_register_decode_chain(struct notifier_block *nb)
148 if (WARN_ON(nb->priority < MCE_PRIO_LOWEST ||
149 nb->priority > MCE_PRIO_HIGHEST))
152 blocking_notifier_chain_register(&x86_mce_decoder_chain, nb);
154 EXPORT_SYMBOL_GPL(mce_register_decode_chain);
156 void mce_unregister_decode_chain(struct notifier_block *nb)
158 blocking_notifier_chain_unregister(&x86_mce_decoder_chain, nb);
160 EXPORT_SYMBOL_GPL(mce_unregister_decode_chain);
162 static void __print_mce(struct mce *m)
164 pr_emerg(HW_ERR "CPU %d: Machine Check%s: %Lx Bank %d: %016Lx\n",
166 (m->mcgstatus & MCG_STATUS_MCIP ? " Exception" : ""),
167 m->mcgstatus, m->bank, m->status);
170 pr_emerg(HW_ERR "RIP%s %02x:<%016Lx> ",
171 !(m->mcgstatus & MCG_STATUS_EIPV) ? " !INEXACT!" : "",
174 if (m->cs == __KERNEL_CS)
175 pr_cont("{%pS}", (void *)(unsigned long)m->ip);
179 pr_emerg(HW_ERR "TSC %llx ", m->tsc);
181 pr_cont("ADDR %llx ", m->addr);
183 pr_cont("MISC %llx ", m->misc);
185 pr_cont("PPIN %llx ", m->ppin);
187 if (mce_flags.smca) {
189 pr_cont("SYND %llx ", m->synd);
191 pr_cont("IPID %llx ", m->ipid);
197 * Note this output is parsed by external tools and old fields
198 * should not be changed.
200 pr_emerg(HW_ERR "PROCESSOR %u:%x TIME %llu SOCKET %u APIC %x microcode %x\n",
201 m->cpuvendor, m->cpuid, m->time, m->socketid, m->apicid,
205 static void print_mce(struct mce *m)
209 if (m->cpuvendor != X86_VENDOR_AMD && m->cpuvendor != X86_VENDOR_HYGON)
210 pr_emerg_ratelimited(HW_ERR "Run the above through 'mcelog --ascii'\n");
213 #define PANIC_TIMEOUT 5 /* 5 seconds */
215 static atomic_t mce_panicked;
217 static int fake_panic;
218 static atomic_t mce_fake_panicked;
220 /* Panic in progress. Enable interrupts and wait for final IPI */
221 static void wait_for_panic(void)
223 long timeout = PANIC_TIMEOUT*USEC_PER_SEC;
227 while (timeout-- > 0)
229 if (panic_timeout == 0)
230 panic_timeout = mca_cfg.panic_timeout;
231 panic("Panicing machine check CPU died");
234 static const char *mce_dump_aux_info(struct mce *m)
236 if (boot_cpu_has_bug(X86_BUG_TDX_PW_MCE))
237 return tdx_dump_mce_info(m);
242 static noinstr void mce_panic(const char *msg, struct mce *final, char *exp)
244 struct llist_node *pending;
245 struct mce_evt_llist *l;
250 * Allow instrumentation around external facilities usage. Not that it
251 * matters a whole lot since the machine is going to panic anyway.
253 instrumentation_begin();
257 * Make sure only one CPU runs in machine check panic
259 if (atomic_inc_return(&mce_panicked) > 1)
266 /* Don't log too much for fake panic */
267 if (atomic_inc_return(&mce_fake_panicked) > 1)
270 pending = mce_gen_pool_prepare_records();
271 /* First print corrected ones that are still unlogged */
272 llist_for_each_entry(l, pending, llnode) {
273 struct mce *m = &l->mce;
274 if (!(m->status & MCI_STATUS_UC)) {
277 apei_err = apei_write_mce(m);
280 /* Now print uncorrected but with the final one last */
281 llist_for_each_entry(l, pending, llnode) {
282 struct mce *m = &l->mce;
283 if (!(m->status & MCI_STATUS_UC))
285 if (!final || mce_cmp(m, final)) {
288 apei_err = apei_write_mce(m);
294 apei_err = apei_write_mce(final);
297 pr_emerg(HW_ERR "Machine check: %s\n", exp);
299 memmsg = mce_dump_aux_info(final);
301 pr_emerg(HW_ERR "Machine check: %s\n", memmsg);
304 if (panic_timeout == 0)
305 panic_timeout = mca_cfg.panic_timeout;
308 * Kdump skips the poisoned page in order to avoid
309 * touching the error bits again. Poison the page even
310 * if the error is fatal and the machine is about to
313 if (kexec_crash_loaded()) {
314 if (final && (final->status & MCI_STATUS_ADDRV)) {
316 p = pfn_to_online_page(final->addr >> PAGE_SHIFT);
323 pr_emerg(HW_ERR "Fake kernel panic: %s\n", msg);
326 instrumentation_end();
329 /* Support code for software error injection */
331 static int msr_to_offset(u32 msr)
333 unsigned bank = __this_cpu_read(injectm.bank);
335 if (msr == mca_cfg.rip_msr)
336 return offsetof(struct mce, ip);
337 if (msr == mca_msr_reg(bank, MCA_STATUS))
338 return offsetof(struct mce, status);
339 if (msr == mca_msr_reg(bank, MCA_ADDR))
340 return offsetof(struct mce, addr);
341 if (msr == mca_msr_reg(bank, MCA_MISC))
342 return offsetof(struct mce, misc);
343 if (msr == MSR_IA32_MCG_STATUS)
344 return offsetof(struct mce, mcgstatus);
348 void ex_handler_msr_mce(struct pt_regs *regs, bool wrmsr)
351 pr_emerg("MSR access error: WRMSR to 0x%x (tried to write 0x%08x%08x) at rIP: 0x%lx (%pS)\n",
352 (unsigned int)regs->cx, (unsigned int)regs->dx, (unsigned int)regs->ax,
353 regs->ip, (void *)regs->ip);
355 pr_emerg("MSR access error: RDMSR from 0x%x at rIP: 0x%lx (%pS)\n",
356 (unsigned int)regs->cx, regs->ip, (void *)regs->ip);
359 show_stack_regs(regs);
361 panic("MCA architectural violation!\n");
367 /* MSR access wrappers used for error injection */
368 noinstr u64 mce_rdmsrl(u32 msr)
370 DECLARE_ARGS(val, low, high);
372 if (__this_cpu_read(injectm.finished)) {
376 instrumentation_begin();
378 offset = msr_to_offset(msr);
382 ret = *(u64 *)((char *)this_cpu_ptr(&injectm) + offset);
384 instrumentation_end();
390 * RDMSR on MCA MSRs should not fault. If they do, this is very much an
391 * architectural violation and needs to be reported to hw vendor. Panic
392 * the box to not allow any further progress.
394 asm volatile("1: rdmsr\n"
396 _ASM_EXTABLE_TYPE(1b, 2b, EX_TYPE_RDMSR_IN_MCE)
397 : EAX_EDX_RET(val, low, high) : "c" (msr));
400 return EAX_EDX_VAL(val, low, high);
403 static noinstr void mce_wrmsrl(u32 msr, u64 v)
407 if (__this_cpu_read(injectm.finished)) {
410 instrumentation_begin();
412 offset = msr_to_offset(msr);
414 *(u64 *)((char *)this_cpu_ptr(&injectm) + offset) = v;
416 instrumentation_end();
422 high = (u32)(v >> 32);
424 /* See comment in mce_rdmsrl() */
425 asm volatile("1: wrmsr\n"
427 _ASM_EXTABLE_TYPE(1b, 2b, EX_TYPE_WRMSR_IN_MCE)
428 : : "c" (msr), "a"(low), "d" (high) : "memory");
432 * Collect all global (w.r.t. this processor) status about this machine
433 * check into our "mce" struct so that we can use it later to assess
434 * the severity of the problem as we read per-bank specific details.
436 static noinstr void mce_gather_info(struct mce *m, struct pt_regs *regs)
439 * Enable instrumentation around mce_setup() which calls external
442 instrumentation_begin();
444 instrumentation_end();
446 m->mcgstatus = mce_rdmsrl(MSR_IA32_MCG_STATUS);
449 * Get the address of the instruction at the time of
450 * the machine check error.
452 if (m->mcgstatus & (MCG_STATUS_RIPV|MCG_STATUS_EIPV)) {
457 * When in VM86 mode make the cs look like ring 3
458 * always. This is a lie, but it's better than passing
459 * the additional vm86 bit around everywhere.
461 if (v8086_mode(regs))
464 /* Use accurate RIP reporting if available. */
466 m->ip = mce_rdmsrl(mca_cfg.rip_msr);
470 int mce_available(struct cpuinfo_x86 *c)
472 if (mca_cfg.disabled)
474 return cpu_has(c, X86_FEATURE_MCE) && cpu_has(c, X86_FEATURE_MCA);
477 static void mce_schedule_work(void)
479 if (!mce_gen_pool_empty())
480 schedule_work(&mce_work);
483 static void mce_irq_work_cb(struct irq_work *entry)
488 bool mce_usable_address(struct mce *m)
490 if (!(m->status & MCI_STATUS_ADDRV))
493 switch (m->cpuvendor) {
495 return amd_mce_usable_address(m);
497 case X86_VENDOR_INTEL:
498 case X86_VENDOR_ZHAOXIN:
499 return intel_mce_usable_address(m);
505 EXPORT_SYMBOL_GPL(mce_usable_address);
507 bool mce_is_memory_error(struct mce *m)
509 switch (m->cpuvendor) {
511 case X86_VENDOR_HYGON:
512 return amd_mce_is_memory_error(m);
514 case X86_VENDOR_INTEL:
515 case X86_VENDOR_ZHAOXIN:
517 * Intel SDM Volume 3B - 15.9.2 Compound Error Codes
519 * Bit 7 of the MCACOD field of IA32_MCi_STATUS is used for
520 * indicating a memory error. Bit 8 is used for indicating a
521 * cache hierarchy error. The combination of bit 2 and bit 3
522 * is used for indicating a `generic' cache hierarchy error
523 * But we can't just blindly check the above bits, because if
524 * bit 11 is set, then it is a bus/interconnect error - and
525 * either way the above bits just gives more detail on what
526 * bus/interconnect error happened. Note that bit 12 can be
527 * ignored, as it's the "filter" bit.
529 return (m->status & 0xef80) == BIT(7) ||
530 (m->status & 0xef00) == BIT(8) ||
531 (m->status & 0xeffc) == 0xc;
537 EXPORT_SYMBOL_GPL(mce_is_memory_error);
539 static bool whole_page(struct mce *m)
541 if (!mca_cfg.ser || !(m->status & MCI_STATUS_MISCV))
544 return MCI_MISC_ADDR_LSB(m->misc) >= PAGE_SHIFT;
547 bool mce_is_correctable(struct mce *m)
549 if (m->cpuvendor == X86_VENDOR_AMD && m->status & MCI_STATUS_DEFERRED)
552 if (m->cpuvendor == X86_VENDOR_HYGON && m->status & MCI_STATUS_DEFERRED)
555 if (m->status & MCI_STATUS_UC)
560 EXPORT_SYMBOL_GPL(mce_is_correctable);
562 static int mce_early_notifier(struct notifier_block *nb, unsigned long val,
565 struct mce *m = (struct mce *)data;
570 /* Emit the trace record: */
573 set_bit(0, &mce_need_notify);
580 static struct notifier_block early_nb = {
581 .notifier_call = mce_early_notifier,
582 .priority = MCE_PRIO_EARLY,
585 static int uc_decode_notifier(struct notifier_block *nb, unsigned long val,
588 struct mce *mce = (struct mce *)data;
591 if (!mce || !mce_usable_address(mce))
594 if (mce->severity != MCE_AO_SEVERITY &&
595 mce->severity != MCE_DEFERRED_SEVERITY)
598 pfn = (mce->addr & MCI_ADDR_PHYSADDR) >> PAGE_SHIFT;
599 if (!memory_failure(pfn, 0)) {
601 mce->kflags |= MCE_HANDLED_UC;
607 static struct notifier_block mce_uc_nb = {
608 .notifier_call = uc_decode_notifier,
609 .priority = MCE_PRIO_UC,
612 static int mce_default_notifier(struct notifier_block *nb, unsigned long val,
615 struct mce *m = (struct mce *)data;
620 if (mca_cfg.print_all || !m->kflags)
626 static struct notifier_block mce_default_nb = {
627 .notifier_call = mce_default_notifier,
628 /* lowest prio, we want it to run last. */
629 .priority = MCE_PRIO_LOWEST,
633 * Read ADDR and MISC registers.
635 static noinstr void mce_read_aux(struct mce *m, int i)
637 if (m->status & MCI_STATUS_MISCV)
638 m->misc = mce_rdmsrl(mca_msr_reg(i, MCA_MISC));
640 if (m->status & MCI_STATUS_ADDRV) {
641 m->addr = mce_rdmsrl(mca_msr_reg(i, MCA_ADDR));
644 * Mask the reported address by the reported granularity.
646 if (mca_cfg.ser && (m->status & MCI_STATUS_MISCV)) {
647 u8 shift = MCI_MISC_ADDR_LSB(m->misc);
652 smca_extract_err_addr(m);
655 if (mce_flags.smca) {
656 m->ipid = mce_rdmsrl(MSR_AMD64_SMCA_MCx_IPID(i));
658 if (m->status & MCI_STATUS_SYNDV)
659 m->synd = mce_rdmsrl(MSR_AMD64_SMCA_MCx_SYND(i));
663 DEFINE_PER_CPU(unsigned, mce_poll_count);
666 * Poll for corrected events or events that happened before reset.
667 * Those are just logged through /dev/mcelog.
669 * This is executed in standard interrupt context.
671 * Note: spec recommends to panic for fatal unsignalled
672 * errors here. However this would be quite problematic --
673 * we would need to reimplement the Monarch handling and
674 * it would mess up the exclusion between exception handler
675 * and poll handler -- * so we skip this for now.
676 * These cases should not happen anyways, or only when the CPU
677 * is already totally * confused. In this case it's likely it will
678 * not fully execute the machine check handler either.
680 bool machine_check_poll(enum mcp_flags flags, mce_banks_t *b)
682 struct mce_bank *mce_banks = this_cpu_ptr(mce_banks_array);
683 bool error_seen = false;
687 this_cpu_inc(mce_poll_count);
689 mce_gather_info(&m, NULL);
691 if (flags & MCP_TIMESTAMP)
694 for (i = 0; i < this_cpu_read(mce_num_banks); i++) {
695 if (!mce_banks[i].ctl || !test_bit(i, *b))
703 m.status = mce_rdmsrl(mca_msr_reg(i, MCA_STATUS));
706 * Update storm tracking here, before checking for the
707 * MCI_STATUS_VAL bit. Valid corrected errors count
708 * towards declaring, or maintaining, storm status. No
709 * error in a bank counts towards avoiding, or ending,
712 if (!mca_cfg.cmci_disabled)
715 /* If this entry is not valid, ignore it */
716 if (!(m.status & MCI_STATUS_VAL))
720 * If we are logging everything (at CPU online) or this
721 * is a corrected error, then we must log it.
723 if ((flags & MCP_UC) || !(m.status & MCI_STATUS_UC))
727 * Newer Intel systems that support software error
728 * recovery need to make additional checks. Other
729 * CPUs should skip over uncorrected errors, but log
733 if (m.status & MCI_STATUS_UC)
738 /* Log "not enabled" (speculative) errors */
739 if (!(m.status & MCI_STATUS_EN))
743 * Log UCNA (SDM: 15.6.3 "UCR Error Classification")
744 * UC == 1 && PCC == 0 && S == 0
746 if (!(m.status & MCI_STATUS_PCC) && !(m.status & MCI_STATUS_S))
750 * Skip anything else. Presumption is that our read of this
751 * bank is racing with a machine check. Leave the log alone
752 * for do_machine_check() to deal with it.
759 if (flags & MCP_DONTLOG)
763 m.severity = mce_severity(&m, NULL, NULL, false);
765 * Don't get the IP here because it's unlikely to
766 * have anything to do with the actual error location.
769 if (mca_cfg.dont_log_ce && !mce_usable_address(&m))
772 if (flags & MCP_QUEUE_LOG)
773 mce_gen_pool_add(&m);
779 * Clear state for this bank.
781 mce_wrmsrl(mca_msr_reg(i, MCA_STATUS), 0);
785 * Don't clear MCG_STATUS here because it's only defined for
793 EXPORT_SYMBOL_GPL(machine_check_poll);
796 * During IFU recovery Sandy Bridge -EP4S processors set the RIPV and
797 * EIPV bits in MCG_STATUS to zero on the affected logical processor (SDM
798 * Vol 3B Table 15-20). But this confuses both the code that determines
799 * whether the machine check occurred in kernel or user mode, and also
800 * the severity assessment code. Pretend that EIPV was set, and take the
801 * ip/cs values from the pt_regs that mce_gather_info() ignored earlier.
803 static __always_inline void
804 quirk_sandybridge_ifu(int bank, struct mce *m, struct pt_regs *regs)
808 if ((m->mcgstatus & (MCG_STATUS_EIPV|MCG_STATUS_RIPV)) != 0)
810 if ((m->status & (MCI_STATUS_OVER|MCI_STATUS_UC|
811 MCI_STATUS_EN|MCI_STATUS_MISCV|MCI_STATUS_ADDRV|
812 MCI_STATUS_PCC|MCI_STATUS_S|MCI_STATUS_AR|
814 (MCI_STATUS_UC|MCI_STATUS_EN|
815 MCI_STATUS_MISCV|MCI_STATUS_ADDRV|MCI_STATUS_S|
816 MCI_STATUS_AR|MCACOD_INSTR))
819 m->mcgstatus |= MCG_STATUS_EIPV;
825 * Disable fast string copy and return from the MCE handler upon the first SRAR
826 * MCE on bank 1 due to a CPU erratum on Intel Skylake/Cascade Lake/Cooper Lake
828 * The fast string copy instructions ("REP; MOVS*") could consume an
829 * uncorrectable memory error in the cache line _right after_ the desired region
830 * to copy and raise an MCE with RIP pointing to the instruction _after_ the
832 * This mitigation addresses the issue completely with the caveat of performance
833 * degradation on the CPU affected. This is still better than the OS crashing on
834 * MCEs raised on an irrelevant process due to "REP; MOVS*" accesses from a
835 * kernel context (e.g., copy_page).
837 * Returns true when fast string copy on CPU has been disabled.
839 static noinstr bool quirk_skylake_repmov(void)
841 u64 mcgstatus = mce_rdmsrl(MSR_IA32_MCG_STATUS);
842 u64 misc_enable = mce_rdmsrl(MSR_IA32_MISC_ENABLE);
846 * Apply the quirk only to local machine checks, i.e., no broadcast
849 if (!(mcgstatus & MCG_STATUS_LMCES) ||
850 !(misc_enable & MSR_IA32_MISC_ENABLE_FAST_STRING))
853 mc1_status = mce_rdmsrl(MSR_IA32_MCx_STATUS(1));
855 /* Check for a software-recoverable data fetch error. */
857 (MCI_STATUS_VAL | MCI_STATUS_OVER | MCI_STATUS_UC | MCI_STATUS_EN |
858 MCI_STATUS_ADDRV | MCI_STATUS_MISCV | MCI_STATUS_PCC |
859 MCI_STATUS_AR | MCI_STATUS_S)) ==
860 (MCI_STATUS_VAL | MCI_STATUS_UC | MCI_STATUS_EN |
861 MCI_STATUS_ADDRV | MCI_STATUS_MISCV |
862 MCI_STATUS_AR | MCI_STATUS_S)) {
863 misc_enable &= ~MSR_IA32_MISC_ENABLE_FAST_STRING;
864 mce_wrmsrl(MSR_IA32_MISC_ENABLE, misc_enable);
865 mce_wrmsrl(MSR_IA32_MCx_STATUS(1), 0);
867 instrumentation_begin();
868 pr_err_once("Erratum detected, disable fast string copy instructions.\n");
869 instrumentation_end();
878 * Some Zen-based Instruction Fetch Units set EIPV=RIPV=0 on poison consumption
879 * errors. This means mce_gather_info() will not save the "ip" and "cs" registers.
881 * However, the context is still valid, so save the "cs" register for later use.
883 * The "ip" register is truly unknown, so don't save it or fixup EIPV/RIPV.
885 * The Instruction Fetch Unit is at MCA bank 1 for all affected systems.
887 static __always_inline void quirk_zen_ifu(int bank, struct mce *m, struct pt_regs *regs)
891 if (!(m->status & MCI_STATUS_POISON))
898 * Do a quick check if any of the events requires a panic.
899 * This decides if we keep the events around or clear them.
901 static __always_inline int mce_no_way_out(struct mce *m, char **msg, unsigned long *validp,
902 struct pt_regs *regs)
907 for (i = 0; i < this_cpu_read(mce_num_banks); i++) {
908 m->status = mce_rdmsrl(mca_msr_reg(i, MCA_STATUS));
909 if (!(m->status & MCI_STATUS_VAL))
912 arch___set_bit(i, validp);
913 if (mce_flags.snb_ifu_quirk)
914 quirk_sandybridge_ifu(i, m, regs);
916 if (mce_flags.zen_ifu_quirk)
917 quirk_zen_ifu(i, m, regs);
920 if (mce_severity(m, regs, &tmp, true) >= MCE_PANIC_SEVERITY) {
930 * Variable to establish order between CPUs while scanning.
931 * Each CPU spins initially until executing is equal its number.
933 static atomic_t mce_executing;
936 * Defines order of CPUs on entry. First CPU becomes Monarch.
938 static atomic_t mce_callin;
941 * Track which CPUs entered the MCA broadcast synchronization and which not in
942 * order to print holdouts.
944 static cpumask_t mce_missing_cpus = CPU_MASK_ALL;
947 * Check if a timeout waiting for other CPUs happened.
949 static noinstr int mce_timed_out(u64 *t, const char *msg)
953 /* Enable instrumentation around calls to external facilities */
954 instrumentation_begin();
957 * The others already did panic for some reason.
958 * Bail out like in a timeout.
959 * rmb() to tell the compiler that system_state
960 * might have been modified by someone else.
963 if (atomic_read(&mce_panicked))
965 if (!mca_cfg.monarch_timeout)
967 if ((s64)*t < SPINUNIT) {
968 if (cpumask_and(&mce_missing_cpus, cpu_online_mask, &mce_missing_cpus))
969 pr_emerg("CPUs not responding to MCE broadcast (may include false positives): %*pbl\n",
970 cpumask_pr_args(&mce_missing_cpus));
971 mce_panic(msg, NULL, NULL);
979 touch_nmi_watchdog();
981 instrumentation_end();
987 * The Monarch's reign. The Monarch is the CPU who entered
988 * the machine check handler first. It waits for the others to
989 * raise the exception too and then grades them. When any
990 * error is fatal panic. Only then let the others continue.
992 * The other CPUs entering the MCE handler will be controlled by the
993 * Monarch. They are called Subjects.
995 * This way we prevent any potential data corruption in a unrecoverable case
996 * and also makes sure always all CPU's errors are examined.
998 * Also this detects the case of a machine check event coming from outer
999 * space (not detected by any CPUs) In this case some external agent wants
1000 * us to shut down, so panic too.
1002 * The other CPUs might still decide to panic if the handler happens
1003 * in a unrecoverable place, but in this case the system is in a semi-stable
1004 * state and won't corrupt anything by itself. It's ok to let the others
1005 * continue for a bit first.
1007 * All the spin loops have timeouts; when a timeout happens a CPU
1008 * typically elects itself to be Monarch.
1010 static void mce_reign(void)
1013 struct mce *m = NULL;
1014 int global_worst = 0;
1018 * This CPU is the Monarch and the other CPUs have run
1019 * through their handlers.
1020 * Grade the severity of the errors of all the CPUs.
1022 for_each_possible_cpu(cpu) {
1023 struct mce *mtmp = &per_cpu(mces_seen, cpu);
1025 if (mtmp->severity > global_worst) {
1026 global_worst = mtmp->severity;
1027 m = &per_cpu(mces_seen, cpu);
1032 * Cannot recover? Panic here then.
1033 * This dumps all the mces in the log buffer and stops the
1036 if (m && global_worst >= MCE_PANIC_SEVERITY) {
1037 /* call mce_severity() to get "msg" for panic */
1038 mce_severity(m, NULL, &msg, true);
1039 mce_panic("Fatal machine check", m, msg);
1043 * For UC somewhere we let the CPU who detects it handle it.
1044 * Also must let continue the others, otherwise the handling
1045 * CPU could deadlock on a lock.
1049 * No machine check event found. Must be some external
1050 * source or one CPU is hung. Panic.
1052 if (global_worst <= MCE_KEEP_SEVERITY)
1053 mce_panic("Fatal machine check from unknown source", NULL, NULL);
1056 * Now clear all the mces_seen so that they don't reappear on
1059 for_each_possible_cpu(cpu)
1060 memset(&per_cpu(mces_seen, cpu), 0, sizeof(struct mce));
1063 static atomic_t global_nwo;
1066 * Start of Monarch synchronization. This waits until all CPUs have
1067 * entered the exception handler and then determines if any of them
1068 * saw a fatal event that requires panic. Then it executes them
1069 * in the entry order.
1070 * TBD double check parallel CPU hotunplug
1072 static noinstr int mce_start(int *no_way_out)
1074 u64 timeout = (u64)mca_cfg.monarch_timeout * NSEC_PER_USEC;
1075 int order, ret = -1;
1080 raw_atomic_add(*no_way_out, &global_nwo);
1082 * Rely on the implied barrier below, such that global_nwo
1083 * is updated before mce_callin.
1085 order = raw_atomic_inc_return(&mce_callin);
1086 arch_cpumask_clear_cpu(smp_processor_id(), &mce_missing_cpus);
1088 /* Enable instrumentation around calls to external facilities */
1089 instrumentation_begin();
1092 * Wait for everyone.
1094 while (raw_atomic_read(&mce_callin) != num_online_cpus()) {
1095 if (mce_timed_out(&timeout,
1096 "Timeout: Not all CPUs entered broadcast exception handler")) {
1097 raw_atomic_set(&global_nwo, 0);
1104 * mce_callin should be read before global_nwo
1110 * Monarch: Starts executing now, the others wait.
1112 raw_atomic_set(&mce_executing, 1);
1115 * Subject: Now start the scanning loop one by one in
1116 * the original callin order.
1117 * This way when there are any shared banks it will be
1118 * only seen by one CPU before cleared, avoiding duplicates.
1120 while (raw_atomic_read(&mce_executing) < order) {
1121 if (mce_timed_out(&timeout,
1122 "Timeout: Subject CPUs unable to finish machine check processing")) {
1123 raw_atomic_set(&global_nwo, 0);
1131 * Cache the global no_way_out state.
1133 *no_way_out = raw_atomic_read(&global_nwo);
1138 instrumentation_end();
1144 * Synchronize between CPUs after main scanning loop.
1145 * This invokes the bulk of the Monarch processing.
1147 static noinstr int mce_end(int order)
1149 u64 timeout = (u64)mca_cfg.monarch_timeout * NSEC_PER_USEC;
1152 /* Allow instrumentation around external facilities. */
1153 instrumentation_begin();
1161 * Allow others to run.
1163 atomic_inc(&mce_executing);
1167 * Monarch: Wait for everyone to go through their scanning
1170 while (atomic_read(&mce_executing) <= num_online_cpus()) {
1171 if (mce_timed_out(&timeout,
1172 "Timeout: Monarch CPU unable to finish machine check processing"))
1182 * Subject: Wait for Monarch to finish.
1184 while (atomic_read(&mce_executing) != 0) {
1185 if (mce_timed_out(&timeout,
1186 "Timeout: Monarch CPU did not finish machine check processing"))
1192 * Don't reset anything. That's done by the Monarch.
1199 * Reset all global state.
1202 atomic_set(&global_nwo, 0);
1203 atomic_set(&mce_callin, 0);
1204 cpumask_setall(&mce_missing_cpus);
1208 * Let others run again.
1210 atomic_set(&mce_executing, 0);
1213 instrumentation_end();
1218 static __always_inline void mce_clear_state(unsigned long *toclear)
1222 for (i = 0; i < this_cpu_read(mce_num_banks); i++) {
1223 if (arch_test_bit(i, toclear))
1224 mce_wrmsrl(mca_msr_reg(i, MCA_STATUS), 0);
1229 * Cases where we avoid rendezvous handler timeout:
1230 * 1) If this CPU is offline.
1232 * 2) If crashing_cpu was set, e.g. we're entering kdump and we need to
1233 * skip those CPUs which remain looping in the 1st kernel - see
1234 * crash_nmi_callback().
1236 * Note: there still is a small window between kexec-ing and the new,
1237 * kdump kernel establishing a new #MC handler where a broadcasted MCE
1238 * might not get handled properly.
1240 static noinstr bool mce_check_crashing_cpu(void)
1242 unsigned int cpu = smp_processor_id();
1244 if (arch_cpu_is_offline(cpu) ||
1245 (crashing_cpu != -1 && crashing_cpu != cpu)) {
1248 mcgstatus = __rdmsr(MSR_IA32_MCG_STATUS);
1250 if (boot_cpu_data.x86_vendor == X86_VENDOR_ZHAOXIN) {
1251 if (mcgstatus & MCG_STATUS_LMCES)
1255 if (mcgstatus & MCG_STATUS_RIPV) {
1256 __wrmsr(MSR_IA32_MCG_STATUS, 0, 0);
1263 static __always_inline int
1264 __mc_scan_banks(struct mce *m, struct pt_regs *regs, struct mce *final,
1265 unsigned long *toclear, unsigned long *valid_banks, int no_way_out,
1268 struct mce_bank *mce_banks = this_cpu_ptr(mce_banks_array);
1269 struct mca_config *cfg = &mca_cfg;
1270 int severity, i, taint = 0;
1272 for (i = 0; i < this_cpu_read(mce_num_banks); i++) {
1273 arch___clear_bit(i, toclear);
1274 if (!arch_test_bit(i, valid_banks))
1277 if (!mce_banks[i].ctl)
1284 m->status = mce_rdmsrl(mca_msr_reg(i, MCA_STATUS));
1285 if (!(m->status & MCI_STATUS_VAL))
1289 * Corrected or non-signaled errors are handled by
1290 * machine_check_poll(). Leave them alone, unless this panics.
1292 if (!(m->status & (cfg->ser ? MCI_STATUS_S : MCI_STATUS_UC)) &&
1296 /* Set taint even when machine check was not enabled. */
1299 severity = mce_severity(m, regs, NULL, true);
1302 * When machine check was for corrected/deferred handler don't
1303 * touch, unless we're panicking.
1305 if ((severity == MCE_KEEP_SEVERITY ||
1306 severity == MCE_UCNA_SEVERITY) && !no_way_out)
1309 arch___set_bit(i, toclear);
1311 /* Machine check event was not enabled. Clear, but ignore. */
1312 if (severity == MCE_NO_SEVERITY)
1317 /* assuming valid severity level != 0 */
1318 m->severity = severity;
1321 * Enable instrumentation around the mce_log() call which is
1322 * done in #MC context, where instrumentation is disabled.
1324 instrumentation_begin();
1326 instrumentation_end();
1328 if (severity > *worst) {
1334 /* mce_clear_state will clear *final, save locally for use later */
1340 static void kill_me_now(struct callback_head *ch)
1342 struct task_struct *p = container_of(ch, struct task_struct, mce_kill_me);
1348 static void kill_me_maybe(struct callback_head *cb)
1350 struct task_struct *p = container_of(cb, struct task_struct, mce_kill_me);
1351 int flags = MF_ACTION_REQUIRED;
1356 pr_err("Uncorrected hardware memory error in user-access at %llx", p->mce_addr);
1359 flags |= MF_MUST_KILL;
1361 pfn = (p->mce_addr & MCI_ADDR_PHYSADDR) >> PAGE_SHIFT;
1362 ret = memory_failure(pfn, flags);
1364 set_mce_nospec(pfn);
1370 * -EHWPOISON from memory_failure() means that it already sent SIGBUS
1371 * to the current process with the proper error info,
1372 * -EOPNOTSUPP means hwpoison_filter() filtered the error event,
1374 * In both cases, no further processing is required.
1376 if (ret == -EHWPOISON || ret == -EOPNOTSUPP)
1379 pr_err("Memory error not recovered");
1383 static void kill_me_never(struct callback_head *cb)
1385 struct task_struct *p = container_of(cb, struct task_struct, mce_kill_me);
1389 pr_err("Kernel accessed poison in user space at %llx\n", p->mce_addr);
1390 pfn = (p->mce_addr & MCI_ADDR_PHYSADDR) >> PAGE_SHIFT;
1391 if (!memory_failure(pfn, 0))
1392 set_mce_nospec(pfn);
1395 static void queue_task_work(struct mce *m, char *msg, void (*func)(struct callback_head *))
1397 int count = ++current->mce_count;
1399 /* First call, save all the details */
1401 current->mce_addr = m->addr;
1402 current->mce_kflags = m->kflags;
1403 current->mce_ripv = !!(m->mcgstatus & MCG_STATUS_RIPV);
1404 current->mce_whole_page = whole_page(m);
1405 current->mce_kill_me.func = func;
1408 /* Ten is likely overkill. Don't expect more than two faults before task_work() */
1410 mce_panic("Too many consecutive machine checks while accessing user data", m, msg);
1412 /* Second or later call, make sure page address matches the one from first call */
1413 if (count > 1 && (current->mce_addr >> PAGE_SHIFT) != (m->addr >> PAGE_SHIFT))
1414 mce_panic("Consecutive machine checks to different user pages", m, msg);
1416 /* Do not call task_work_add() more than once */
1420 task_work_add(current, ¤t->mce_kill_me, TWA_RESUME);
1423 /* Handle unconfigured int18 (should never happen) */
1424 static noinstr void unexpected_machine_check(struct pt_regs *regs)
1426 instrumentation_begin();
1427 pr_err("CPU#%d: Unexpected int18 (Machine Check)\n",
1428 smp_processor_id());
1429 instrumentation_end();
1433 * The actual machine check handler. This only handles real exceptions when
1434 * something got corrupted coming in through int 18.
1436 * This is executed in #MC context not subject to normal locking rules.
1437 * This implies that most kernel services cannot be safely used. Don't even
1438 * think about putting a printk in there!
1440 * On Intel systems this is entered on all CPUs in parallel through
1441 * MCE broadcast. However some CPUs might be broken beyond repair,
1442 * so be always careful when synchronizing with others.
1444 * Tracing and kprobes are disabled: if we interrupted a kernel context
1445 * with IF=1, we need to minimize stack usage. There are also recursion
1446 * issues: if the machine check was due to a failure of the memory
1447 * backing the user stack, tracing that reads the user stack will cause
1448 * potentially infinite recursion.
1450 * Currently, the #MC handler calls out to a number of external facilities
1451 * and, therefore, allows instrumentation around them. The optimal thing to
1452 * have would be to do the absolutely minimal work required in #MC context
1453 * and have instrumentation disabled only around that. Further processing can
1454 * then happen in process context where instrumentation is allowed. Achieving
1455 * that requires careful auditing and modifications. Until then, the code
1456 * allows instrumentation temporarily, where required. *
1458 noinstr void do_machine_check(struct pt_regs *regs)
1460 int worst = 0, order, no_way_out, kill_current_task, lmce, taint = 0;
1461 DECLARE_BITMAP(valid_banks, MAX_NR_BANKS) = { 0 };
1462 DECLARE_BITMAP(toclear, MAX_NR_BANKS) = { 0 };
1463 struct mce m, *final;
1466 if (unlikely(mce_flags.p5))
1467 return pentium_machine_check(regs);
1468 else if (unlikely(mce_flags.winchip))
1469 return winchip_machine_check(regs);
1470 else if (unlikely(!mca_cfg.initialized))
1471 return unexpected_machine_check(regs);
1473 if (mce_flags.skx_repmov_quirk && quirk_skylake_repmov())
1477 * Establish sequential order between the CPUs entering the machine
1483 * If no_way_out gets set, there is no safe way to recover from this
1489 * If kill_current_task is not set, there might be a way to recover from this
1492 kill_current_task = 0;
1495 * MCEs are always local on AMD. Same is determined by MCG_STATUS_LMCES
1500 this_cpu_inc(mce_exception_count);
1502 mce_gather_info(&m, regs);
1505 final = this_cpu_ptr(&mces_seen);
1508 no_way_out = mce_no_way_out(&m, &msg, valid_banks, regs);
1513 * When no restart IP might need to kill or panic.
1514 * Assume the worst for now, but if we find the
1515 * severity is MCE_AR_SEVERITY we have other options.
1517 if (!(m.mcgstatus & MCG_STATUS_RIPV))
1518 kill_current_task = 1;
1520 * Check if this MCE is signaled to only this logical processor,
1521 * on Intel, Zhaoxin only.
1523 if (m.cpuvendor == X86_VENDOR_INTEL ||
1524 m.cpuvendor == X86_VENDOR_ZHAOXIN)
1525 lmce = m.mcgstatus & MCG_STATUS_LMCES;
1528 * Local machine check may already know that we have to panic.
1529 * Broadcast machine check begins rendezvous in mce_start()
1530 * Go through all banks in exclusion of the other CPUs. This way we
1531 * don't report duplicated events on shared banks because the first one
1532 * to see it will clear it.
1536 mce_panic("Fatal local machine check", &m, msg);
1538 order = mce_start(&no_way_out);
1541 taint = __mc_scan_banks(&m, regs, final, toclear, valid_banks, no_way_out, &worst);
1544 mce_clear_state(toclear);
1547 * Do most of the synchronization with other CPUs.
1548 * When there's any problem use only local no_way_out state.
1551 if (mce_end(order) < 0) {
1553 no_way_out = worst >= MCE_PANIC_SEVERITY;
1556 mce_panic("Fatal machine check on current CPU", &m, msg);
1560 * If there was a fatal machine check we should have
1561 * already called mce_panic earlier in this function.
1562 * Since we re-read the banks, we might have found
1563 * something new. Check again to see if we found a
1564 * fatal error. We call "mce_severity()" again to
1565 * make sure we have the right "msg".
1567 if (worst >= MCE_PANIC_SEVERITY) {
1568 mce_severity(&m, regs, &msg, true);
1569 mce_panic("Local fatal machine check!", &m, msg);
1574 * Enable instrumentation around the external facilities like task_work_add()
1575 * (via queue_task_work()), fixup_exception() etc. For now, that is. Fixing this
1576 * properly would need a lot more involved reorganization.
1578 instrumentation_begin();
1581 add_taint(TAINT_MACHINE_CHECK, LOCKDEP_NOW_UNRELIABLE);
1583 if (worst != MCE_AR_SEVERITY && !kill_current_task)
1586 /* Fault was in user mode and we need to take some action */
1587 if ((m.cs & 3) == 3) {
1588 /* If this triggers there is no way to recover. Die hard. */
1589 BUG_ON(!on_thread_stack() || !user_mode(regs));
1591 if (!mce_usable_address(&m))
1592 queue_task_work(&m, msg, kill_me_now);
1594 queue_task_work(&m, msg, kill_me_maybe);
1598 * Handle an MCE which has happened in kernel space but from
1599 * which the kernel can recover: ex_has_fault_handler() has
1600 * already verified that the rIP at which the error happened is
1601 * a rIP from which the kernel can recover (by jumping to
1602 * recovery code specified in _ASM_EXTABLE_FAULT()) and the
1603 * corresponding exception handler which would do that is the
1606 if (m.kflags & MCE_IN_KERNEL_RECOV) {
1607 if (!fixup_exception(regs, X86_TRAP_MC, 0, 0))
1608 mce_panic("Failed kernel mode recovery", &m, msg);
1611 if (m.kflags & MCE_IN_KERNEL_COPYIN)
1612 queue_task_work(&m, msg, kill_me_never);
1616 instrumentation_end();
1619 mce_wrmsrl(MSR_IA32_MCG_STATUS, 0);
1621 EXPORT_SYMBOL_GPL(do_machine_check);
1623 #ifndef CONFIG_MEMORY_FAILURE
1624 int memory_failure(unsigned long pfn, int flags)
1626 /* mce_severity() should not hand us an ACTION_REQUIRED error */
1627 BUG_ON(flags & MF_ACTION_REQUIRED);
1628 pr_err("Uncorrected memory error in page 0x%lx ignored\n"
1629 "Rebuild kernel with CONFIG_MEMORY_FAILURE=y for smarter handling\n",
1637 * Periodic polling timer for "silent" machine check errors. If the
1638 * poller finds an MCE, poll 2x faster. When the poller finds no more
1639 * errors, poll 2x slower (up to check_interval seconds).
1641 static unsigned long check_interval = INITIAL_CHECK_INTERVAL;
1643 static DEFINE_PER_CPU(unsigned long, mce_next_interval); /* in jiffies */
1644 static DEFINE_PER_CPU(struct timer_list, mce_timer);
1646 static void __start_timer(struct timer_list *t, unsigned long interval)
1648 unsigned long when = jiffies + interval;
1649 unsigned long flags;
1651 local_irq_save(flags);
1653 if (!timer_pending(t) || time_before(when, t->expires))
1654 mod_timer(t, round_jiffies(when));
1656 local_irq_restore(flags);
1659 static void mc_poll_banks_default(void)
1661 machine_check_poll(0, this_cpu_ptr(&mce_poll_banks));
1664 void (*mc_poll_banks)(void) = mc_poll_banks_default;
1666 static void mce_timer_fn(struct timer_list *t)
1668 struct timer_list *cpu_t = this_cpu_ptr(&mce_timer);
1671 WARN_ON(cpu_t != t);
1673 iv = __this_cpu_read(mce_next_interval);
1675 if (mce_available(this_cpu_ptr(&cpu_info)))
1679 * Alert userspace if needed. If we logged an MCE, reduce the polling
1680 * interval, otherwise increase the polling interval.
1682 if (mce_notify_irq())
1683 iv = max(iv / 2, (unsigned long) HZ/100);
1685 iv = min(iv * 2, round_jiffies_relative(check_interval * HZ));
1687 if (mce_get_storm_mode()) {
1688 __start_timer(t, HZ);
1690 __this_cpu_write(mce_next_interval, iv);
1691 __start_timer(t, iv);
1696 * When a storm starts on any bank on this CPU, switch to polling
1697 * once per second. When the storm ends, revert to the default
1700 void mce_timer_kick(bool storm)
1702 struct timer_list *t = this_cpu_ptr(&mce_timer);
1704 mce_set_storm_mode(storm);
1707 __start_timer(t, HZ);
1709 __this_cpu_write(mce_next_interval, check_interval * HZ);
1712 /* Must not be called in IRQ context where del_timer_sync() can deadlock */
1713 static void mce_timer_delete_all(void)
1717 for_each_online_cpu(cpu)
1718 del_timer_sync(&per_cpu(mce_timer, cpu));
1722 * Notify the user(s) about new machine check events.
1723 * Can be called from interrupt context, but not from machine check/NMI
1726 int mce_notify_irq(void)
1728 /* Not more than two messages every minute */
1729 static DEFINE_RATELIMIT_STATE(ratelimit, 60*HZ, 2);
1731 if (test_and_clear_bit(0, &mce_need_notify)) {
1734 if (__ratelimit(&ratelimit))
1735 pr_info(HW_ERR "Machine check events logged\n");
1741 EXPORT_SYMBOL_GPL(mce_notify_irq);
1743 static void __mcheck_cpu_mce_banks_init(void)
1745 struct mce_bank *mce_banks = this_cpu_ptr(mce_banks_array);
1746 u8 n_banks = this_cpu_read(mce_num_banks);
1749 for (i = 0; i < n_banks; i++) {
1750 struct mce_bank *b = &mce_banks[i];
1753 * Init them all, __mcheck_cpu_apply_quirks() is going to apply
1754 * the required vendor quirks before
1755 * __mcheck_cpu_init_clear_banks() does the final bank setup.
1763 * Initialize Machine Checks for a CPU.
1765 static void __mcheck_cpu_cap_init(void)
1770 rdmsrl(MSR_IA32_MCG_CAP, cap);
1772 b = cap & MCG_BANKCNT_MASK;
1774 if (b > MAX_NR_BANKS) {
1775 pr_warn("CPU%d: Using only %u machine check banks out of %u\n",
1776 smp_processor_id(), MAX_NR_BANKS, b);
1780 this_cpu_write(mce_num_banks, b);
1782 __mcheck_cpu_mce_banks_init();
1784 /* Use accurate RIP reporting if available. */
1785 if ((cap & MCG_EXT_P) && MCG_EXT_CNT(cap) >= 9)
1786 mca_cfg.rip_msr = MSR_IA32_MCG_EIP;
1788 if (cap & MCG_SER_P)
1792 static void __mcheck_cpu_init_generic(void)
1794 enum mcp_flags m_fl = 0;
1795 mce_banks_t all_banks;
1798 if (!mca_cfg.bootlog)
1802 * Log the machine checks left over from the previous reset. Log them
1803 * only, do not start processing them. That will happen in mcheck_late_init()
1804 * when all consumers have been registered on the notifier chain.
1806 bitmap_fill(all_banks, MAX_NR_BANKS);
1807 machine_check_poll(MCP_UC | MCP_QUEUE_LOG | m_fl, &all_banks);
1809 cr4_set_bits(X86_CR4_MCE);
1811 rdmsrl(MSR_IA32_MCG_CAP, cap);
1812 if (cap & MCG_CTL_P)
1813 wrmsr(MSR_IA32_MCG_CTL, 0xffffffff, 0xffffffff);
1816 static void __mcheck_cpu_init_clear_banks(void)
1818 struct mce_bank *mce_banks = this_cpu_ptr(mce_banks_array);
1821 for (i = 0; i < this_cpu_read(mce_num_banks); i++) {
1822 struct mce_bank *b = &mce_banks[i];
1826 wrmsrl(mca_msr_reg(i, MCA_CTL), b->ctl);
1827 wrmsrl(mca_msr_reg(i, MCA_STATUS), 0);
1832 * Do a final check to see if there are any unused/RAZ banks.
1834 * This must be done after the banks have been initialized and any quirks have
1837 * Do not call this from any user-initiated flows, e.g. CPU hotplug or sysfs.
1838 * Otherwise, a user who disables a bank will not be able to re-enable it
1839 * without a system reboot.
1841 static void __mcheck_cpu_check_banks(void)
1843 struct mce_bank *mce_banks = this_cpu_ptr(mce_banks_array);
1847 for (i = 0; i < this_cpu_read(mce_num_banks); i++) {
1848 struct mce_bank *b = &mce_banks[i];
1853 rdmsrl(mca_msr_reg(i, MCA_CTL), msrval);
1858 /* Add per CPU specific workarounds here */
1859 static int __mcheck_cpu_apply_quirks(struct cpuinfo_x86 *c)
1861 struct mce_bank *mce_banks = this_cpu_ptr(mce_banks_array);
1862 struct mca_config *cfg = &mca_cfg;
1864 if (c->x86_vendor == X86_VENDOR_UNKNOWN) {
1865 pr_info("unknown CPU type - not enabling MCE support\n");
1869 /* This should be disabled by the BIOS, but isn't always */
1870 if (c->x86_vendor == X86_VENDOR_AMD) {
1871 if (c->x86 == 15 && this_cpu_read(mce_num_banks) > 4) {
1873 * disable GART TBL walk error reporting, which
1874 * trips off incorrectly with the IOMMU & 3ware
1877 clear_bit(10, (unsigned long *)&mce_banks[4].ctl);
1879 if (c->x86 < 0x11 && cfg->bootlog < 0) {
1881 * Lots of broken BIOS around that don't clear them
1882 * by default and leave crap in there. Don't log:
1887 * Various K7s with broken bank 0 around. Always disable
1890 if (c->x86 == 6 && this_cpu_read(mce_num_banks) > 0)
1891 mce_banks[0].ctl = 0;
1894 * overflow_recov is supported for F15h Models 00h-0fh
1895 * even though we don't have a CPUID bit for it.
1897 if (c->x86 == 0x15 && c->x86_model <= 0xf)
1898 mce_flags.overflow_recov = 1;
1900 if (c->x86 >= 0x17 && c->x86 <= 0x1A)
1901 mce_flags.zen_ifu_quirk = 1;
1905 if (c->x86_vendor == X86_VENDOR_INTEL) {
1907 * SDM documents that on family 6 bank 0 should not be written
1908 * because it aliases to another special BIOS controlled
1910 * But it's not aliased anymore on model 0x1a+
1911 * Don't ignore bank 0 completely because there could be a
1912 * valid event later, merely don't write CTL0.
1915 if (c->x86 == 6 && c->x86_model < 0x1A && this_cpu_read(mce_num_banks) > 0)
1916 mce_banks[0].init = false;
1919 * All newer Intel systems support MCE broadcasting. Enable
1920 * synchronization with a one second timeout.
1922 if ((c->x86 > 6 || (c->x86 == 6 && c->x86_model >= 0xe)) &&
1923 cfg->monarch_timeout < 0)
1924 cfg->monarch_timeout = USEC_PER_SEC;
1927 * There are also broken BIOSes on some Pentium M and
1930 if (c->x86 == 6 && c->x86_model <= 13 && cfg->bootlog < 0)
1933 if (c->x86 == 6 && c->x86_model == 45)
1934 mce_flags.snb_ifu_quirk = 1;
1937 * Skylake, Cascacde Lake and Cooper Lake require a quirk on
1940 if (c->x86 == 6 && c->x86_model == INTEL_FAM6_SKYLAKE_X)
1941 mce_flags.skx_repmov_quirk = 1;
1944 if (c->x86_vendor == X86_VENDOR_ZHAOXIN) {
1946 * All newer Zhaoxin CPUs support MCE broadcasting. Enable
1947 * synchronization with a one second timeout.
1949 if (c->x86 > 6 || (c->x86_model == 0x19 || c->x86_model == 0x1f)) {
1950 if (cfg->monarch_timeout < 0)
1951 cfg->monarch_timeout = USEC_PER_SEC;
1955 if (cfg->monarch_timeout < 0)
1956 cfg->monarch_timeout = 0;
1957 if (cfg->bootlog != 0)
1958 cfg->panic_timeout = 30;
1963 static int __mcheck_cpu_ancient_init(struct cpuinfo_x86 *c)
1968 switch (c->x86_vendor) {
1969 case X86_VENDOR_INTEL:
1970 intel_p5_mcheck_init(c);
1973 case X86_VENDOR_CENTAUR:
1974 winchip_mcheck_init(c);
1975 mce_flags.winchip = 1;
1985 * Init basic CPU features needed for early decoding of MCEs.
1987 static void __mcheck_cpu_init_early(struct cpuinfo_x86 *c)
1989 if (c->x86_vendor == X86_VENDOR_AMD || c->x86_vendor == X86_VENDOR_HYGON) {
1990 mce_flags.overflow_recov = !!cpu_has(c, X86_FEATURE_OVERFLOW_RECOV);
1991 mce_flags.succor = !!cpu_has(c, X86_FEATURE_SUCCOR);
1992 mce_flags.smca = !!cpu_has(c, X86_FEATURE_SMCA);
1993 mce_flags.amd_threshold = 1;
1997 static void mce_centaur_feature_init(struct cpuinfo_x86 *c)
1999 struct mca_config *cfg = &mca_cfg;
2002 * All newer Centaur CPUs support MCE broadcasting. Enable
2003 * synchronization with a one second timeout.
2005 if ((c->x86 == 6 && c->x86_model == 0xf && c->x86_stepping >= 0xe) ||
2007 if (cfg->monarch_timeout < 0)
2008 cfg->monarch_timeout = USEC_PER_SEC;
2012 static void mce_zhaoxin_feature_init(struct cpuinfo_x86 *c)
2014 struct mce_bank *mce_banks = this_cpu_ptr(mce_banks_array);
2017 * These CPUs have MCA bank 8 which reports only one error type called
2018 * SVAD (System View Address Decoder). The reporting of that error is
2019 * controlled by IA32_MC8.CTL.0.
2021 * If enabled, prefetching on these CPUs will cause SVAD MCE when
2022 * virtual machines start and result in a system panic. Always disable
2023 * bank 8 SVAD error by default.
2025 if ((c->x86 == 7 && c->x86_model == 0x1b) ||
2026 (c->x86_model == 0x19 || c->x86_model == 0x1f)) {
2027 if (this_cpu_read(mce_num_banks) > 8)
2028 mce_banks[8].ctl = 0;
2035 static void mce_zhaoxin_feature_clear(struct cpuinfo_x86 *c)
2040 static void __mcheck_cpu_init_vendor(struct cpuinfo_x86 *c)
2042 switch (c->x86_vendor) {
2043 case X86_VENDOR_INTEL:
2044 mce_intel_feature_init(c);
2047 case X86_VENDOR_AMD: {
2048 mce_amd_feature_init(c);
2052 case X86_VENDOR_HYGON:
2053 mce_hygon_feature_init(c);
2056 case X86_VENDOR_CENTAUR:
2057 mce_centaur_feature_init(c);
2060 case X86_VENDOR_ZHAOXIN:
2061 mce_zhaoxin_feature_init(c);
2069 static void __mcheck_cpu_clear_vendor(struct cpuinfo_x86 *c)
2071 switch (c->x86_vendor) {
2072 case X86_VENDOR_INTEL:
2073 mce_intel_feature_clear(c);
2076 case X86_VENDOR_ZHAOXIN:
2077 mce_zhaoxin_feature_clear(c);
2085 static void mce_start_timer(struct timer_list *t)
2087 unsigned long iv = check_interval * HZ;
2089 if (mca_cfg.ignore_ce || !iv)
2092 this_cpu_write(mce_next_interval, iv);
2093 __start_timer(t, iv);
2096 static void __mcheck_cpu_setup_timer(void)
2098 struct timer_list *t = this_cpu_ptr(&mce_timer);
2100 timer_setup(t, mce_timer_fn, TIMER_PINNED);
2103 static void __mcheck_cpu_init_timer(void)
2105 struct timer_list *t = this_cpu_ptr(&mce_timer);
2107 timer_setup(t, mce_timer_fn, TIMER_PINNED);
2111 bool filter_mce(struct mce *m)
2113 if (boot_cpu_data.x86_vendor == X86_VENDOR_AMD)
2114 return amd_filter_mce(m);
2115 if (boot_cpu_data.x86_vendor == X86_VENDOR_INTEL)
2116 return intel_filter_mce(m);
2121 static __always_inline void exc_machine_check_kernel(struct pt_regs *regs)
2123 irqentry_state_t irq_state;
2125 WARN_ON_ONCE(user_mode(regs));
2128 * Only required when from kernel mode. See
2129 * mce_check_crashing_cpu() for details.
2131 if (mca_cfg.initialized && mce_check_crashing_cpu())
2134 irq_state = irqentry_nmi_enter(regs);
2136 do_machine_check(regs);
2138 irqentry_nmi_exit(regs, irq_state);
2141 static __always_inline void exc_machine_check_user(struct pt_regs *regs)
2143 irqentry_enter_from_user_mode(regs);
2145 do_machine_check(regs);
2147 irqentry_exit_to_user_mode(regs);
2150 #ifdef CONFIG_X86_64
2151 /* MCE hit kernel mode */
2152 DEFINE_IDTENTRY_MCE(exc_machine_check)
2156 dr7 = local_db_save();
2157 exc_machine_check_kernel(regs);
2158 local_db_restore(dr7);
2161 /* The user mode variant. */
2162 DEFINE_IDTENTRY_MCE_USER(exc_machine_check)
2166 dr7 = local_db_save();
2167 exc_machine_check_user(regs);
2168 local_db_restore(dr7);
2171 #ifdef CONFIG_X86_FRED
2173 * When occurred on different ring level, i.e., from user or kernel
2174 * context, #MCE needs to be handled on different stack: User #MCE
2175 * on current task stack, while kernel #MCE on a dedicated stack.
2177 * This is exactly how FRED event delivery invokes an exception
2178 * handler: ring 3 event on level 0 stack, i.e., current task stack;
2179 * ring 0 event on the #MCE dedicated stack specified in the
2180 * IA32_FRED_STKLVLS MSR. So unlike IDT, the FRED machine check entry
2181 * stub doesn't do stack switch.
2183 DEFINE_FREDENTRY_MCE(exc_machine_check)
2187 dr7 = local_db_save();
2188 if (user_mode(regs))
2189 exc_machine_check_user(regs);
2191 exc_machine_check_kernel(regs);
2192 local_db_restore(dr7);
2196 /* 32bit unified entry point */
2197 DEFINE_IDTENTRY_RAW(exc_machine_check)
2201 dr7 = local_db_save();
2202 if (user_mode(regs))
2203 exc_machine_check_user(regs);
2205 exc_machine_check_kernel(regs);
2206 local_db_restore(dr7);
2211 * Called for each booted CPU to set up machine checks.
2212 * Must be called with preempt off:
2214 void mcheck_cpu_init(struct cpuinfo_x86 *c)
2216 if (mca_cfg.disabled)
2219 if (__mcheck_cpu_ancient_init(c))
2222 if (!mce_available(c))
2225 __mcheck_cpu_cap_init();
2227 if (__mcheck_cpu_apply_quirks(c) < 0) {
2228 mca_cfg.disabled = 1;
2232 if (mce_gen_pool_init()) {
2233 mca_cfg.disabled = 1;
2234 pr_emerg("Couldn't allocate MCE records pool!\n");
2238 mca_cfg.initialized = 1;
2240 __mcheck_cpu_init_early(c);
2241 __mcheck_cpu_init_generic();
2242 __mcheck_cpu_init_vendor(c);
2243 __mcheck_cpu_init_clear_banks();
2244 __mcheck_cpu_check_banks();
2245 __mcheck_cpu_setup_timer();
2249 * Called for each booted CPU to clear some machine checks opt-ins
2251 void mcheck_cpu_clear(struct cpuinfo_x86 *c)
2253 if (mca_cfg.disabled)
2256 if (!mce_available(c))
2260 * Possibly to clear general settings generic to x86
2261 * __mcheck_cpu_clear_generic(c);
2263 __mcheck_cpu_clear_vendor(c);
2267 static void __mce_disable_bank(void *arg)
2269 int bank = *((int *)arg);
2270 __clear_bit(bank, this_cpu_ptr(mce_poll_banks));
2271 cmci_disable_bank(bank);
2274 void mce_disable_bank(int bank)
2276 if (bank >= this_cpu_read(mce_num_banks)) {
2278 "Ignoring request to disable invalid MCA bank %d.\n",
2282 set_bit(bank, mce_banks_ce_disabled);
2283 on_each_cpu(__mce_disable_bank, &bank, 1);
2287 * mce=off Disables machine check
2288 * mce=no_cmci Disables CMCI
2289 * mce=no_lmce Disables LMCE
2290 * mce=dont_log_ce Clears corrected events silently, no log created for CEs.
2291 * mce=print_all Print all machine check logs to console
2292 * mce=ignore_ce Disables polling and CMCI, corrected events are not cleared.
2293 * mce=TOLERANCELEVEL[,monarchtimeout] (number, see above)
2294 * monarchtimeout is how long to wait for other CPUs on machine
2295 * check, or 0 to not wait
2296 * mce=bootlog Log MCEs from before booting. Disabled by default on AMD Fam10h
2298 * mce=nobootlog Don't log MCEs from before booting.
2299 * mce=bios_cmci_threshold Don't program the CMCI threshold
2300 * mce=recovery force enable copy_mc_fragile()
2302 static int __init mcheck_enable(char *str)
2304 struct mca_config *cfg = &mca_cfg;
2312 if (!strcmp(str, "off"))
2314 else if (!strcmp(str, "no_cmci"))
2315 cfg->cmci_disabled = true;
2316 else if (!strcmp(str, "no_lmce"))
2317 cfg->lmce_disabled = 1;
2318 else if (!strcmp(str, "dont_log_ce"))
2319 cfg->dont_log_ce = true;
2320 else if (!strcmp(str, "print_all"))
2321 cfg->print_all = true;
2322 else if (!strcmp(str, "ignore_ce"))
2323 cfg->ignore_ce = true;
2324 else if (!strcmp(str, "bootlog") || !strcmp(str, "nobootlog"))
2325 cfg->bootlog = (str[0] == 'b');
2326 else if (!strcmp(str, "bios_cmci_threshold"))
2327 cfg->bios_cmci_threshold = 1;
2328 else if (!strcmp(str, "recovery"))
2330 else if (isdigit(str[0]))
2331 get_option(&str, &(cfg->monarch_timeout));
2333 pr_info("mce argument %s ignored. Please use /sys\n", str);
2338 __setup("mce", mcheck_enable);
2340 int __init mcheck_init(void)
2342 mce_register_decode_chain(&early_nb);
2343 mce_register_decode_chain(&mce_uc_nb);
2344 mce_register_decode_chain(&mce_default_nb);
2346 INIT_WORK(&mce_work, mce_gen_pool_process);
2347 init_irq_work(&mce_irq_work, mce_irq_work_cb);
2353 * mce_syscore: PM support
2357 * Disable machine checks on suspend and shutdown. We can't really handle
2360 static void mce_disable_error_reporting(void)
2362 struct mce_bank *mce_banks = this_cpu_ptr(mce_banks_array);
2365 for (i = 0; i < this_cpu_read(mce_num_banks); i++) {
2366 struct mce_bank *b = &mce_banks[i];
2369 wrmsrl(mca_msr_reg(i, MCA_CTL), 0);
2374 static void vendor_disable_error_reporting(void)
2377 * Don't clear on Intel or AMD or Hygon or Zhaoxin CPUs. Some of these
2378 * MSRs are socket-wide. Disabling them for just a single offlined CPU
2379 * is bad, since it will inhibit reporting for all shared resources on
2380 * the socket like the last level cache (LLC), the integrated memory
2381 * controller (iMC), etc.
2383 if (boot_cpu_data.x86_vendor == X86_VENDOR_INTEL ||
2384 boot_cpu_data.x86_vendor == X86_VENDOR_HYGON ||
2385 boot_cpu_data.x86_vendor == X86_VENDOR_AMD ||
2386 boot_cpu_data.x86_vendor == X86_VENDOR_ZHAOXIN)
2389 mce_disable_error_reporting();
2392 static int mce_syscore_suspend(void)
2394 vendor_disable_error_reporting();
2398 static void mce_syscore_shutdown(void)
2400 vendor_disable_error_reporting();
2404 * On resume clear all MCE state. Don't want to see leftovers from the BIOS.
2405 * Only one CPU is active at this time, the others get re-added later using
2408 static void mce_syscore_resume(void)
2410 __mcheck_cpu_init_generic();
2411 __mcheck_cpu_init_vendor(raw_cpu_ptr(&cpu_info));
2412 __mcheck_cpu_init_clear_banks();
2415 static struct syscore_ops mce_syscore_ops = {
2416 .suspend = mce_syscore_suspend,
2417 .shutdown = mce_syscore_shutdown,
2418 .resume = mce_syscore_resume,
2422 * mce_device: Sysfs support
2425 static void mce_cpu_restart(void *data)
2427 if (!mce_available(raw_cpu_ptr(&cpu_info)))
2429 __mcheck_cpu_init_generic();
2430 __mcheck_cpu_init_clear_banks();
2431 __mcheck_cpu_init_timer();
2434 /* Reinit MCEs after user configuration changes */
2435 static void mce_restart(void)
2437 mce_timer_delete_all();
2438 on_each_cpu(mce_cpu_restart, NULL, 1);
2439 mce_schedule_work();
2442 /* Toggle features for corrected errors */
2443 static void mce_disable_cmci(void *data)
2445 if (!mce_available(raw_cpu_ptr(&cpu_info)))
2450 static void mce_enable_ce(void *all)
2452 if (!mce_available(raw_cpu_ptr(&cpu_info)))
2457 __mcheck_cpu_init_timer();
2460 static const struct bus_type mce_subsys = {
2461 .name = "machinecheck",
2462 .dev_name = "machinecheck",
2465 DEFINE_PER_CPU(struct device *, mce_device);
2467 static inline struct mce_bank_dev *attr_to_bank(struct device_attribute *attr)
2469 return container_of(attr, struct mce_bank_dev, attr);
2472 static ssize_t show_bank(struct device *s, struct device_attribute *attr,
2475 u8 bank = attr_to_bank(attr)->bank;
2478 if (bank >= per_cpu(mce_num_banks, s->id))
2481 b = &per_cpu(mce_banks_array, s->id)[bank];
2486 return sprintf(buf, "%llx\n", b->ctl);
2489 static ssize_t set_bank(struct device *s, struct device_attribute *attr,
2490 const char *buf, size_t size)
2492 u8 bank = attr_to_bank(attr)->bank;
2496 if (kstrtou64(buf, 0, &new) < 0)
2499 if (bank >= per_cpu(mce_num_banks, s->id))
2502 b = &per_cpu(mce_banks_array, s->id)[bank];
2513 static ssize_t set_ignore_ce(struct device *s,
2514 struct device_attribute *attr,
2515 const char *buf, size_t size)
2519 if (kstrtou64(buf, 0, &new) < 0)
2522 mutex_lock(&mce_sysfs_mutex);
2523 if (mca_cfg.ignore_ce ^ !!new) {
2525 /* disable ce features */
2526 mce_timer_delete_all();
2527 on_each_cpu(mce_disable_cmci, NULL, 1);
2528 mca_cfg.ignore_ce = true;
2530 /* enable ce features */
2531 mca_cfg.ignore_ce = false;
2532 on_each_cpu(mce_enable_ce, (void *)1, 1);
2535 mutex_unlock(&mce_sysfs_mutex);
2540 static ssize_t set_cmci_disabled(struct device *s,
2541 struct device_attribute *attr,
2542 const char *buf, size_t size)
2546 if (kstrtou64(buf, 0, &new) < 0)
2549 mutex_lock(&mce_sysfs_mutex);
2550 if (mca_cfg.cmci_disabled ^ !!new) {
2553 on_each_cpu(mce_disable_cmci, NULL, 1);
2554 mca_cfg.cmci_disabled = true;
2557 mca_cfg.cmci_disabled = false;
2558 on_each_cpu(mce_enable_ce, NULL, 1);
2561 mutex_unlock(&mce_sysfs_mutex);
2566 static ssize_t store_int_with_restart(struct device *s,
2567 struct device_attribute *attr,
2568 const char *buf, size_t size)
2570 unsigned long old_check_interval = check_interval;
2571 ssize_t ret = device_store_ulong(s, attr, buf, size);
2573 if (check_interval == old_check_interval)
2576 mutex_lock(&mce_sysfs_mutex);
2578 mutex_unlock(&mce_sysfs_mutex);
2583 static DEVICE_INT_ATTR(monarch_timeout, 0644, mca_cfg.monarch_timeout);
2584 static DEVICE_BOOL_ATTR(dont_log_ce, 0644, mca_cfg.dont_log_ce);
2585 static DEVICE_BOOL_ATTR(print_all, 0644, mca_cfg.print_all);
2587 static struct dev_ext_attribute dev_attr_check_interval = {
2588 __ATTR(check_interval, 0644, device_show_int, store_int_with_restart),
2592 static struct dev_ext_attribute dev_attr_ignore_ce = {
2593 __ATTR(ignore_ce, 0644, device_show_bool, set_ignore_ce),
2597 static struct dev_ext_attribute dev_attr_cmci_disabled = {
2598 __ATTR(cmci_disabled, 0644, device_show_bool, set_cmci_disabled),
2599 &mca_cfg.cmci_disabled
2602 static struct device_attribute *mce_device_attrs[] = {
2603 &dev_attr_check_interval.attr,
2604 #ifdef CONFIG_X86_MCELOG_LEGACY
2607 &dev_attr_monarch_timeout.attr,
2608 &dev_attr_dont_log_ce.attr,
2609 &dev_attr_print_all.attr,
2610 &dev_attr_ignore_ce.attr,
2611 &dev_attr_cmci_disabled.attr,
2615 static cpumask_var_t mce_device_initialized;
2617 static void mce_device_release(struct device *dev)
2622 /* Per CPU device init. All of the CPUs still share the same bank device: */
2623 static int mce_device_create(unsigned int cpu)
2629 dev = per_cpu(mce_device, cpu);
2633 dev = kzalloc(sizeof(*dev), GFP_KERNEL);
2637 dev->bus = &mce_subsys;
2638 dev->release = &mce_device_release;
2640 err = device_register(dev);
2646 for (i = 0; mce_device_attrs[i]; i++) {
2647 err = device_create_file(dev, mce_device_attrs[i]);
2651 for (j = 0; j < per_cpu(mce_num_banks, cpu); j++) {
2652 err = device_create_file(dev, &mce_bank_devs[j].attr);
2656 cpumask_set_cpu(cpu, mce_device_initialized);
2657 per_cpu(mce_device, cpu) = dev;
2662 device_remove_file(dev, &mce_bank_devs[j].attr);
2665 device_remove_file(dev, mce_device_attrs[i]);
2667 device_unregister(dev);
2672 static void mce_device_remove(unsigned int cpu)
2674 struct device *dev = per_cpu(mce_device, cpu);
2677 if (!cpumask_test_cpu(cpu, mce_device_initialized))
2680 for (i = 0; mce_device_attrs[i]; i++)
2681 device_remove_file(dev, mce_device_attrs[i]);
2683 for (i = 0; i < per_cpu(mce_num_banks, cpu); i++)
2684 device_remove_file(dev, &mce_bank_devs[i].attr);
2686 device_unregister(dev);
2687 cpumask_clear_cpu(cpu, mce_device_initialized);
2688 per_cpu(mce_device, cpu) = NULL;
2691 /* Make sure there are no machine checks on offlined CPUs. */
2692 static void mce_disable_cpu(void)
2694 if (!mce_available(raw_cpu_ptr(&cpu_info)))
2697 if (!cpuhp_tasks_frozen)
2700 vendor_disable_error_reporting();
2703 static void mce_reenable_cpu(void)
2705 struct mce_bank *mce_banks = this_cpu_ptr(mce_banks_array);
2708 if (!mce_available(raw_cpu_ptr(&cpu_info)))
2711 if (!cpuhp_tasks_frozen)
2713 for (i = 0; i < this_cpu_read(mce_num_banks); i++) {
2714 struct mce_bank *b = &mce_banks[i];
2717 wrmsrl(mca_msr_reg(i, MCA_CTL), b->ctl);
2721 static int mce_cpu_dead(unsigned int cpu)
2723 /* intentionally ignoring frozen here */
2724 if (!cpuhp_tasks_frozen)
2729 static int mce_cpu_online(unsigned int cpu)
2731 struct timer_list *t = this_cpu_ptr(&mce_timer);
2734 mce_device_create(cpu);
2736 ret = mce_threshold_create_device(cpu);
2738 mce_device_remove(cpu);
2746 static int mce_cpu_pre_down(unsigned int cpu)
2748 struct timer_list *t = this_cpu_ptr(&mce_timer);
2752 mce_threshold_remove_device(cpu);
2753 mce_device_remove(cpu);
2757 static __init void mce_init_banks(void)
2761 for (i = 0; i < MAX_NR_BANKS; i++) {
2762 struct mce_bank_dev *b = &mce_bank_devs[i];
2763 struct device_attribute *a = &b->attr;
2767 sysfs_attr_init(&a->attr);
2768 a->attr.name = b->attrname;
2769 snprintf(b->attrname, ATTR_LEN, "bank%d", i);
2771 a->attr.mode = 0644;
2772 a->show = show_bank;
2773 a->store = set_bank;
2778 * When running on XEN, this initcall is ordered against the XEN mcelog
2781 * device_initcall(xen_late_init_mcelog);
2782 * device_initcall_sync(mcheck_init_device);
2784 static __init int mcheck_init_device(void)
2789 * Check if we have a spare virtual bit. This will only become
2790 * a problem if/when we move beyond 5-level page tables.
2792 MAYBE_BUILD_BUG_ON(__VIRTUAL_MASK_SHIFT >= 63);
2794 if (!mce_available(&boot_cpu_data)) {
2799 if (!zalloc_cpumask_var(&mce_device_initialized, GFP_KERNEL)) {
2806 err = subsys_system_register(&mce_subsys, NULL);
2810 err = cpuhp_setup_state(CPUHP_X86_MCE_DEAD, "x86/mce:dead", NULL,
2816 * Invokes mce_cpu_online() on all CPUs which are online when
2817 * the state is installed.
2819 err = cpuhp_setup_state(CPUHP_AP_ONLINE_DYN, "x86/mce:online",
2820 mce_cpu_online, mce_cpu_pre_down);
2822 goto err_out_online;
2824 register_syscore_ops(&mce_syscore_ops);
2829 cpuhp_remove_state(CPUHP_X86_MCE_DEAD);
2832 free_cpumask_var(mce_device_initialized);
2835 pr_err("Unable to init MCE device (rc: %d)\n", err);
2839 device_initcall_sync(mcheck_init_device);
2842 * Old style boot options parsing. Only for compatibility.
2844 static int __init mcheck_disable(char *str)
2846 mca_cfg.disabled = 1;
2849 __setup("nomce", mcheck_disable);
2851 #ifdef CONFIG_DEBUG_FS
2852 struct dentry *mce_get_debugfs_dir(void)
2854 static struct dentry *dmce;
2857 dmce = debugfs_create_dir("mce", NULL);
2862 static void mce_reset(void)
2864 atomic_set(&mce_fake_panicked, 0);
2865 atomic_set(&mce_executing, 0);
2866 atomic_set(&mce_callin, 0);
2867 atomic_set(&global_nwo, 0);
2868 cpumask_setall(&mce_missing_cpus);
2871 static int fake_panic_get(void *data, u64 *val)
2877 static int fake_panic_set(void *data, u64 val)
2884 DEFINE_DEBUGFS_ATTRIBUTE(fake_panic_fops, fake_panic_get, fake_panic_set,
2887 static void __init mcheck_debugfs_init(void)
2889 struct dentry *dmce;
2891 dmce = mce_get_debugfs_dir();
2892 debugfs_create_file_unsafe("fake_panic", 0444, dmce, NULL,
2896 static void __init mcheck_debugfs_init(void) { }
2899 static int __init mcheck_late_init(void)
2901 if (mca_cfg.recovery)
2902 enable_copy_mc_fragile();
2904 mcheck_debugfs_init();
2907 * Flush out everything that has been logged during early boot, now that
2908 * everything has been initialized (workqueues, decoders, ...).
2910 mce_schedule_work();
2914 late_initcall(mcheck_late_init);
projects / linux-2.6-microblaze.git / blob