[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH v1 0/2] x86/amd_node: harden amd_smn_init() against Xen dom0 topology
- To: Penny Zheng <penny.zheng@xxxxxxx>, x86@xxxxxxxxxx
- From: Jiaqing Zhao <Zhao.Jiaqing@xxxxxxx>
- Date: Thu, 7 May 2026 16:37:43 +0800
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=amd.com; dmarc=pass action=none header.from=amd.com; dkim=pass header.d=amd.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=xS59B/GMJw0Zpz6SzS4Qy4tfXnjcb9uz8yPFcu81sbo=; b=g+S4wtR5ObEM+LBeonTkLpWlWYLUUXDx7vuLOVoSF8RX8jJMOwB2Sz6QY0C/SzpdItFexMqOGV1pijzlTcS0n55pmlb/QprJuSl7TzdWeXUqZzP8EZaUwyrz5PzcQaaoPvDz54jA73PNvPaSi6S9pNlW4W/pfTGD42dezlW3aJvuO1LYtmEjDyRobJ5P4qM2IuiA9pM6wNjqFWR+m4oWVr6QX2wNyY5a9pP06fGSQvqOEtg4PrDXVZMnBXVzMSq5YMhMEilmhjPkYlnfX+c/k6PJTvkyVSRdAd8t4xb878YIGu7KEFT0Ys+5XFp/1R4KXskRPgvHNTbKvmNNalnY4A==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=ZtDv33+SiDfMdsHdf0pW4kImxsxDlxl9vmKJ9TalN81w4TBOGSbIhFh7ZVU6q6SR5fTlFWfBVPYoA1bAKDOVHwE1QnzFX7PeoUalXAG0U7Ilaqwf1ld7pb1TmaBNvYHWYSrEECWCQGaQlv7h0QBvNifevItucB3e2enzaCejszvfJLJXYc+l4+d9yyoDmordUI8BFmjmc3Gw1adljQezCS61guzlblWM2RhnDvKEfkNRbgCLDYV1d7fxEjxLwcgl/tM0/VX33iPIrfRBfB2pIvADzytkJkfVJnAKll3jfseexNJPMHGvcEpf/Q0oGACOHxN+mn5OBGevni8tNqFtAA==
- Authentication-results: eu.smtp.expurgate.cloud; dkim=pass header.s=selector1 header.d=amd.com header.i="@amd.com" header.h="From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck"
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=amd.com;
- Cc: ray.huang@xxxxxxx, Jason.Andryuk@xxxxxxx, stefano.stabellini@xxxxxxx, Mario Limonciello <mario.limonciello@xxxxxxx>, Yazen Ghannam <yazen.ghannam@xxxxxxx>, Thomas Gleixner <tglx@xxxxxxxxxx>, Ingo Molnar <mingo@xxxxxxxxxx>, Borislav Petkov <bp@xxxxxxxxx>, Dave Hansen <dave.hansen@xxxxxxxxxxxxxxx>, "H. Peter Anvin" <hpa@xxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx
- Delivery-date: Thu, 07 May 2026 08:59:40 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
This amd_smn_init div0 oops is also observed on 6.19.14+deb14 (Debian testing)
and 6.18.27. Given that 6.18 is LTS, suggesting `Cc: stable@xxxxxxxxxxxxxxx`
to get it backported.
Thanks,
Jiaqing
On 2026-05-06 13:55, Penny Zheng wrote:
> While booting a recent linux-next kernel as a Xen PVH dom0 on x86, the kernel
> oopses very early during fs_initcall:
>
> Oops: divide error: 0000 [#1] SMP NOPTI
> RIP: 0010:amd_smn_init+0x188/0x2e0
>
> Followed: on a kernel that survives the divide, it will fail by a NULL pointer
> dereference from the first SMN consumer (amd_pmc_probe -> amd_smn_read).
>
> Root cause
> ==========
>
> To prevent each dom0 vCPU from looking like an SMT sibling of another
> vCPU, Xen synthesizes guest x2APIC IDs as vcpu_index * 2. This spacing every
> vCPU's APIC ID by 2 can push the synthesized IDs past the package-field
> boundary. Linux then infers more "packages" and therefore more AMD
> nodes via amd_num_nodes() than the platform actually has, while the
> PCI-side host-bridge scan correctly reports the number of root complex.
>
> The fixes are tested on Xen 4.20 PVH dom0 on AMD Zen (16 vCPUs) on top of
> linux-next/master (next-20260505).
>
> Penny Zheng (2):
> x86/amd_node: avoid divide-by-zero in amd_smn_init() under Xen dom0
> x86/amd_node: reject SMN access when amd_smn_init() did not complete
>
> arch/x86/kernel/amd_node.c | 23 ++++++++++++++++++++---
> 1 file changed, 20 insertions(+), 3 deletions(-)
>
|
