| Message ID | 20180417170943.1767-1-mr.nuke.me@gmail.com (mailing list archive) |
|---|---|
| State | New, archived |
| Delegated to: | Bjorn Helgaas |
| Headers | show |
On 4/17/2018 1:09 PM, Alexandru Gagniuc wrote: > On errors reported from CPER, cper_print_bits() was used to log the > AER bits. This resulted in hard-to-understand messages, without a > prefix. Instead use __aer_print_error() for both native AER and CPER > to provide a more consistent log format. > > Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Tested-by: Tyler Baicar <tbaicar@codeaurora.org> Thanks! > --- > drivers/pci/pcie/aer/aerdrv_errprint.c | 16 +++++++++------- > 1 file changed, 9 insertions(+), 7 deletions(-) > > diff --git a/drivers/pci/pcie/aer/aerdrv_errprint.c b/drivers/pci/pcie/aer/aerdrv_errprint.c > index cfc89dd57831..cfae4d52f848 100644 > --- a/drivers/pci/pcie/aer/aerdrv_errprint.c > +++ b/drivers/pci/pcie/aer/aerdrv_errprint.c > @@ -216,28 +216,30 @@ EXPORT_SYMBOL_GPL(cper_severity_to_aer); > void cper_print_aer(struct pci_dev *dev, int aer_severity, > struct aer_capability_regs *aer) > { > - int layer, agent, status_strs_size, tlp_header_valid = 0; > + int layer, agent, tlp_header_valid = 0; > u32 status, mask; > - const char **status_strs; > + struct aer_err_info info; > > if (aer_severity == AER_CORRECTABLE) { > status = aer->cor_status; > mask = aer->cor_mask; > - status_strs = aer_correctable_error_string; > - status_strs_size = ARRAY_SIZE(aer_correctable_error_string); > } else { > status = aer->uncor_status; > mask = aer->uncor_mask; > - status_strs = aer_uncorrectable_error_string; > - status_strs_size = ARRAY_SIZE(aer_uncorrectable_error_string); > tlp_header_valid = status & AER_LOG_TLP_MASKS; > } > > layer = AER_GET_LAYER_ERROR(aer_severity, status); > agent = AER_GET_AGENT(aer_severity, status); > > + memset(&info, 0, sizeof(info)); > + info.severity = aer_severity; > + info.status = status; > + info.mask = mask; > + info.first_error = 0x1f; > + > pci_err(dev, "aer_status: 0x%08x, aer_mask: 0x%08x\n", status, mask); > - cper_print_bits("", status, status_strs, status_strs_size); > + __aer_print_error(dev, &info); > pci_err(dev, "aer_layer=%s, aer_agent=%s\n", > aer_error_layer[layer], aer_agent_string[agent]); >
On Tue, Apr 17, 2018 at 12:09:43PM -0500, Alexandru Gagniuc wrote: > On errors reported from CPER, cper_print_bits() was used to log the > AER bits. This resulted in hard-to-understand messages, without a > prefix. Instead use __aer_print_error() for both native AER and CPER > to provide a more consistent log format. > > Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> > --- > drivers/pci/pcie/aer/aerdrv_errprint.c | 16 +++++++++------- > 1 file changed, 9 insertions(+), 7 deletions(-) > > diff --git a/drivers/pci/pcie/aer/aerdrv_errprint.c b/drivers/pci/pcie/aer/aerdrv_errprint.c > index cfc89dd57831..cfae4d52f848 100644 > --- a/drivers/pci/pcie/aer/aerdrv_errprint.c > +++ b/drivers/pci/pcie/aer/aerdrv_errprint.c > @@ -216,28 +216,30 @@ EXPORT_SYMBOL_GPL(cper_severity_to_aer); > void cper_print_aer(struct pci_dev *dev, int aer_severity, > struct aer_capability_regs *aer) > { > - int layer, agent, status_strs_size, tlp_header_valid = 0; > + int layer, agent, tlp_header_valid = 0; > u32 status, mask; > - const char **status_strs; > + struct aer_err_info info; > > if (aer_severity == AER_CORRECTABLE) { > status = aer->cor_status; > mask = aer->cor_mask; > - status_strs = aer_correctable_error_string; > - status_strs_size = ARRAY_SIZE(aer_correctable_error_string); > } else { > status = aer->uncor_status; > mask = aer->uncor_mask; > - status_strs = aer_uncorrectable_error_string; > - status_strs_size = ARRAY_SIZE(aer_uncorrectable_error_string); > tlp_header_valid = status & AER_LOG_TLP_MASKS; > } > > layer = AER_GET_LAYER_ERROR(aer_severity, status); > agent = AER_GET_AGENT(aer_severity, status); > > + memset(&info, 0, sizeof(info)); > + info.severity = aer_severity; > + info.status = status; > + info.mask = mask; > + info.first_error = 0x1f; I like this patch a lot, but where does this "first_error = 0x1f" come from? I assume this is supposed to be the "First Error Pointer" in the Advanced Error Capabilities and Control register (PCIe r4.0, sec 7.8.4.7). There is a "cap_control" field in struct aer_capability_regs; should we be using that here? > + > pci_err(dev, "aer_status: 0x%08x, aer_mask: 0x%08x\n", status, mask); > - cper_print_bits("", status, status_strs, status_strs_size); > + __aer_print_error(dev, &info); > pci_err(dev, "aer_layer=%s, aer_agent=%s\n", > aer_error_layer[layer], aer_agent_string[agent]); > > -- > 2.14.3 >
On 04/27/2018 05:43 PM, Bjorn Helgaas wrote: > On Tue, Apr 17, 2018 at 12:09:43PM -0500, Alexandru Gagniuc wrote: >> On errors reported from CPER, cper_print_bits() was used to log the >> AER bits. This resulted in hard-to-understand messages, without a >> prefix. Instead use __aer_print_error() for both native AER and CPER >> to provide a more consistent log format. >> >> Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> >> --- >> drivers/pci/pcie/aer/aerdrv_errprint.c | 16 +++++++++------- >> 1 file changed, 9 insertions(+), 7 deletions(-) >> >> diff --git a/drivers/pci/pcie/aer/aerdrv_errprint.c b/drivers/pci/pcie/aer/aerdrv_errprint.c >> index cfc89dd57831..cfae4d52f848 100644 >> --- a/drivers/pci/pcie/aer/aerdrv_errprint.c >> +++ b/drivers/pci/pcie/aer/aerdrv_errprint.c >> @@ -216,28 +216,30 @@ EXPORT_SYMBOL_GPL(cper_severity_to_aer); >> void cper_print_aer(struct pci_dev *dev, int aer_severity, >> struct aer_capability_regs *aer) >> { >> - int layer, agent, status_strs_size, tlp_header_valid = 0; >> + int layer, agent, tlp_header_valid = 0; >> u32 status, mask; >> - const char **status_strs; >> + struct aer_err_info info; >> >> if (aer_severity == AER_CORRECTABLE) { >> status = aer->cor_status; >> mask = aer->cor_mask; >> - status_strs = aer_correctable_error_string; >> - status_strs_size = ARRAY_SIZE(aer_correctable_error_string); >> } else { >> status = aer->uncor_status; >> mask = aer->uncor_mask; >> - status_strs = aer_uncorrectable_error_string; >> - status_strs_size = ARRAY_SIZE(aer_uncorrectable_error_string); >> tlp_header_valid = status & AER_LOG_TLP_MASKS; >> } >> >> layer = AER_GET_LAYER_ERROR(aer_severity, status); >> agent = AER_GET_AGENT(aer_severity, status); >> >> + memset(&info, 0, sizeof(info)); >> + info.severity = aer_severity; >> + info.status = status; >> + info.mask = mask; >> + info.first_error = 0x1f; > > I like this patch a lot, but where does this "first_error = 0x1f" come > from? aer_(un)correctable_error_string don't go to [0x1f], so this guarantees us we don't print "(First)". > I assume this is supposed to be the "First Error Pointer" in the > Advanced Error Capabilities and Control register (PCIe r4.0, sec > 7.8.4.7). There is a "cap_control" field in struct > aer_capability_regs; should we be using that here? There is a way to extract it from the PCI regs, and it's quite simple. IIRC, it should be all f's when the capability is not implemented. I wanted to avoid any further parsing of PCI regs in this patch. I can see a way to use even more common printk code, but that requires validating the PCI regs we get from firmware. That means we need to make a guarantee about CPER that is beyond the scope of this patch. Alex >> + >> pci_err(dev, "aer_status: 0x%08x, aer_mask: 0x%08x\n", status, mask); >> - cper_print_bits("", status, status_strs, status_strs_size); >> + __aer_print_error(dev, &info); >> pci_err(dev, "aer_layer=%s, aer_agent=%s\n", >> aer_error_layer[layer], aer_agent_string[agent]); >> >> -- >> 2.14.3 >>
On 04/28/2018 11:46 AM, Alex G. wrote: > On 04/27/2018 05:43 PM, Bjorn Helgaas wrote: >> On Tue, Apr 17, 2018 at 12:09:43PM -0500, Alexandru Gagniuc wrote: (snip) >>> + memset(&info, 0, sizeof(info)); >>> + info.severity = aer_severity; >>> + info.status = status; >>> + info.mask = mask; >>> + info.first_error = 0x1f; >> >> I like this patch a lot, but where does this "first_error = 0x1f" come >> from? > > aer_(un)correctable_error_string don't go to [0x1f], so this guarantees > us we don't print "(First)". > >> I assume this is supposed to be the "First Error Pointer" in the >> Advanced Error Capabilities and Control register (PCIe r4.0, sec >> 7.8.4.7). There is a "cap_control" field in struct >> aer_capability_regs; should we be using that here? > > There is a way to extract it from the PCI regs, and it's quite simple. > IIRC, it should be all f's when the capability is not implemented. I > wanted to avoid any further parsing of PCI regs in this patch. I could update the offending line to say: + info.first_error = PCI_ERR_CAP_FEP(aer->cap_control); Though I still have the concerns with validating CPER data: > I can see a way to use even more common printk code, but that requires > validating the PCI regs we get from firmware. That means we need to make > a guarantee about CPER that is beyond the scope of this patch. > > Alex >
On Sat, Apr 28, 2018 at 12:07:48PM -0500, Alex G. wrote: > On 04/28/2018 11:46 AM, Alex G. wrote: > > On 04/27/2018 05:43 PM, Bjorn Helgaas wrote: > > > On Tue, Apr 17, 2018 at 12:09:43PM -0500, Alexandru Gagniuc wrote: > (snip) > > > > + memset(&info, 0, sizeof(info)); > > > > + info.severity = aer_severity; > > > > + info.status = status; > > > > + info.mask = mask; > > > > + info.first_error = 0x1f; > > > > > > I like this patch a lot, but where does this "first_error = 0x1f" come > > > from? > > > > aer_(un)correctable_error_string don't go to [0x1f], so this guarantees > > us we don't print "(First)". > > > > > I assume this is supposed to be the "First Error Pointer" in the > > > Advanced Error Capabilities and Control register (PCIe r4.0, sec > > > 7.8.4.7). There is a "cap_control" field in struct > > > aer_capability_regs; should we be using that here? > > > > There is a way to extract it from the PCI regs, and it's quite simple. > > IIRC, it should be all f's when the capability is not implemented. I > > wanted to avoid any further parsing of PCI regs in this patch. > > I could update the offending line to say: > + info.first_error = PCI_ERR_CAP_FEP(aer->cap_control); That's what I would have expected. So I'd say either do this, or add a comment about why it's not the right thing to do. > Though I still have the concerns with validating CPER data: > > > I can see a way to use even more common printk code, but that requires > > validating the PCI regs we get from firmware. That means we need to make > > a guarantee about CPER that is beyond the scope of this patch. Sounds like this is material for another patch, but if/when you do that, I'd like to understand your concern about validating the registers we get from firmware. Are you worried about getting incorrect register contents, then printing the wrong info, making the wrong decision about how to recover, something else? Bjorn
On 04/30/2018 12:15 PM, Bjorn Helgaas wrote: > On Sat, Apr 28, 2018 at 12:07:48PM -0500, Alex G. wrote: (snip) >> I could update the offending line to say: >> + info.first_error = PCI_ERR_CAP_FEP(aer->cap_control); > > That's what I would have expected. So I'd say either do this, or add > a comment about why it's not the right thing to do. Okay. >> Though I still have the concerns with validating CPER data: >> >>> I can see a way to use even more common printk code, but that requires >>> validating the PCI regs we get from firmware. That means we need to make >>> a guarantee about CPER that is beyond the scope of this patch. > > Sounds like this is material for another patch, but if/when you do > that, I'd like to understand your concern about validating the > registers we get from firmware. Are you worried about getting > incorrect register contents, then printing the wrong info, making > the wrong decision about how to recover, something else? I don't trust firmware, and I have daymares about firmware leaving these fields uninitialized. In jargon, I'd like to treat it as external untrusted serialized data. Alex
On Mon, Apr 30, 2018 at 12:41:26PM -0500, Alex G. wrote: > On 04/30/2018 12:15 PM, Bjorn Helgaas wrote: > > On Sat, Apr 28, 2018 at 12:07:48PM -0500, Alex G. wrote: > > (snip) > >> I could update the offending line to say: > >> + info.first_error = PCI_ERR_CAP_FEP(aer->cap_control); > > > > That's what I would have expected. So I'd say either do this, or add > > a comment about why it's not the right thing to do. > > Okay. > > >> Though I still have the concerns with validating CPER data: > >> > >>> I can see a way to use even more common printk code, but that requires > >>> validating the PCI regs we get from firmware. That means we need to make > >>> a guarantee about CPER that is beyond the scope of this patch. > > > > Sounds like this is material for another patch, but if/when you do > > that, I'd like to understand your concern about validating the > > registers we get from firmware. Are you worried about getting > > incorrect register contents, then printing the wrong info, making > > the wrong decision about how to recover, something else? > > I don't trust firmware, and I have daymares about firmware leaving these > fields uninitialized. In jargon, I'd like to treat it as external > untrusted serialized data. That makes good sense to me. In this particular case, we only test first_error for equality: __aer_print_error(...) { ... pci_err(dev, " [%2d] %-22s%s\n", i, errmsg, info->first_error == i ? " (First)" : ""); so I don't think there's any danger. If we were using it to index an array or something, we should certainly validate it first.
diff --git a/drivers/pci/pcie/aer/aerdrv_errprint.c b/drivers/pci/pcie/aer/aerdrv_errprint.c index cfc89dd57831..cfae4d52f848 100644 --- a/drivers/pci/pcie/aer/aerdrv_errprint.c +++ b/drivers/pci/pcie/aer/aerdrv_errprint.c @@ -216,28 +216,30 @@ EXPORT_SYMBOL_GPL(cper_severity_to_aer); void cper_print_aer(struct pci_dev *dev, int aer_severity, struct aer_capability_regs *aer) { - int layer, agent, status_strs_size, tlp_header_valid = 0; + int layer, agent, tlp_header_valid = 0; u32 status, mask; - const char **status_strs; + struct aer_err_info info; if (aer_severity == AER_CORRECTABLE) { status = aer->cor_status; mask = aer->cor_mask; - status_strs = aer_correctable_error_string; - status_strs_size = ARRAY_SIZE(aer_correctable_error_string); } else { status = aer->uncor_status; mask = aer->uncor_mask; - status_strs = aer_uncorrectable_error_string; - status_strs_size = ARRAY_SIZE(aer_uncorrectable_error_string); tlp_header_valid = status & AER_LOG_TLP_MASKS; } layer = AER_GET_LAYER_ERROR(aer_severity, status); agent = AER_GET_AGENT(aer_severity, status); + memset(&info, 0, sizeof(info)); + info.severity = aer_severity; + info.status = status; + info.mask = mask; + info.first_error = 0x1f; + pci_err(dev, "aer_status: 0x%08x, aer_mask: 0x%08x\n", status, mask); - cper_print_bits("", status, status_strs, status_strs_size); + __aer_print_error(dev, &info); pci_err(dev, "aer_layer=%s, aer_agent=%s\n", aer_error_layer[layer], aer_agent_string[agent]);
On errors reported from CPER, cper_print_bits() was used to log the AER bits. This resulted in hard-to-understand messages, without a prefix. Instead use __aer_print_error() for both native AER and CPER to provide a more consistent log format. Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> --- drivers/pci/pcie/aer/aerdrv_errprint.c | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-)