1 /*
2 * nmi.c - Safe printk in NMI context
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License
6 * as published by the Free Software Foundation; either version 2
7 * of the License, or (at your option) any later version.
8 *
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, see <http://www.gnu.org/licenses/>.
16 */
17
18 #include <linux/preempt.h>
19 #include <linux/spinlock.h>
20 #include <linux/debug_locks.h>
21 #include <linux/smp.h>
22 #include <linux/cpumask.h>
23 #include <linux/irq_work.h>
24 #include <linux/printk.h>
25
26 #include "internal.h"
27
28 /*
29 * printk() could not take logbuf_lock in NMI context. Instead,
30 * it uses an alternative implementation that temporary stores
31 * the strings into a per-CPU buffer. The content of the buffer
32 * is later flushed into the main ring buffer via IRQ work.
33 *
34 * The alternative implementation is chosen transparently
35 * via @printk_func per-CPU variable.
36 *
37 * The implementation allows to flush the strings also from another CPU.
38 * There are situations when we want to make sure that all buffers
39 * were handled or when IRQs are blocked.
40 */
41 DEFINE_PER_CPU(printk_func_t, printk_func) = vprintk_default;
42 static int printk_nmi_irq_ready;
43 atomic_t nmi_message_lost;
44
45 #define NMI_LOG_BUF_LEN ((1 << CONFIG_NMI_LOG_BUF_SHIFT) - \
46 sizeof(atomic_t) - sizeof(struct irq_work))
47
48 struct nmi_seq_buf {
49 atomic_t len; /* length of written data */
50 struct irq_work work; /* IRQ work that flushes the buffer */
51 unsigned char buffer[NMI_LOG_BUF_LEN];
52 };
53 static DEFINE_PER_CPU(struct nmi_seq_buf, nmi_print_seq);
54
55 /*
56 * Safe printk() for NMI context. It uses a per-CPU buffer to
57 * store the message. NMIs are not nested, so there is always only
58 * one writer running. But the buffer might get flushed from another
59 * CPU, so we need to be careful.
60 */
vprintk_nmi(const char * fmt,va_list args)61 static int vprintk_nmi(const char *fmt, va_list args)
62 {
63 struct nmi_seq_buf *s = this_cpu_ptr(&nmi_print_seq);
64 int add = 0;
65 size_t len;
66
67 again:
68 len = atomic_read(&s->len);
69
70 if (len >= sizeof(s->buffer)) {
71 atomic_inc(&nmi_message_lost);
72 return 0;
73 }
74
75 /*
76 * Make sure that all old data have been read before the buffer was
77 * reseted. This is not needed when we just append data.
78 */
79 if (!len)
80 smp_rmb();
81
82 add = vsnprintf(s->buffer + len, sizeof(s->buffer) - len, fmt, args);
83
84 /*
85 * Do it once again if the buffer has been flushed in the meantime.
86 * Note that atomic_cmpxchg() is an implicit memory barrier that
87 * makes sure that the data were written before updating s->len.
88 */
89 if (atomic_cmpxchg(&s->len, len, len + add) != len)
90 goto again;
91
92 /* Get flushed in a more safe context. */
93 if (add && printk_nmi_irq_ready) {
94 /* Make sure that IRQ work is really initialized. */
95 smp_rmb();
96 irq_work_queue(&s->work);
97 }
98
99 return add;
100 }
101
printk_nmi_flush_line(const char * text,int len)102 static void printk_nmi_flush_line(const char *text, int len)
103 {
104 /*
105 * The buffers are flushed in NMI only on panic. The messages must
106 * go only into the ring buffer at this stage. Consoles will get
107 * explicitly called later when a crashdump is not generated.
108 */
109 if (in_nmi())
110 printk_deferred("%.*s", len, text);
111 else
112 printk("%.*s", len, text);
113
114 }
115
116 /*
117 * printk one line from the temporary buffer from @start index until
118 * and including the @end index.
119 */
printk_nmi_flush_seq_line(struct nmi_seq_buf * s,int start,int end)120 static void printk_nmi_flush_seq_line(struct nmi_seq_buf *s,
121 int start, int end)
122 {
123 const char *buf = s->buffer + start;
124
125 printk_nmi_flush_line(buf, (end - start) + 1);
126 }
127
128 /*
129 * Flush data from the associated per_CPU buffer. The function
130 * can be called either via IRQ work or independently.
131 */
__printk_nmi_flush(struct irq_work * work)132 static void __printk_nmi_flush(struct irq_work *work)
133 {
134 static raw_spinlock_t read_lock =
135 __RAW_SPIN_LOCK_INITIALIZER(read_lock);
136 struct nmi_seq_buf *s = container_of(work, struct nmi_seq_buf, work);
137 unsigned long flags;
138 size_t len, size;
139 int i, last_i;
140
141 /*
142 * The lock has two functions. First, one reader has to flush all
143 * available message to make the lockless synchronization with
144 * writers easier. Second, we do not want to mix messages from
145 * different CPUs. This is especially important when printing
146 * a backtrace.
147 */
148 raw_spin_lock_irqsave(&read_lock, flags);
149
150 i = 0;
151 more:
152 len = atomic_read(&s->len);
153
154 /*
155 * This is just a paranoid check that nobody has manipulated
156 * the buffer an unexpected way. If we printed something then
157 * @len must only increase.
158 */
159 if (i && i >= len) {
160 const char *msg = "printk_nmi_flush: internal error\n";
161
162 printk_nmi_flush_line(msg, strlen(msg));
163 }
164
165 if (!len)
166 goto out; /* Someone else has already flushed the buffer. */
167
168 /* Make sure that data has been written up to the @len */
169 smp_rmb();
170
171 size = min(len, sizeof(s->buffer));
172 last_i = i;
173
174 /* Print line by line. */
175 for (; i < size; i++) {
176 if (s->buffer[i] == '\n') {
177 printk_nmi_flush_seq_line(s, last_i, i);
178 last_i = i + 1;
179 }
180 }
181 /* Check if there was a partial line. */
182 if (last_i < size) {
183 printk_nmi_flush_seq_line(s, last_i, size - 1);
184 printk_nmi_flush_line("\n", strlen("\n"));
185 }
186
187 /*
188 * Check that nothing has got added in the meantime and truncate
189 * the buffer. Note that atomic_cmpxchg() is an implicit memory
190 * barrier that makes sure that the data were copied before
191 * updating s->len.
192 */
193 if (atomic_cmpxchg(&s->len, len, 0) != len)
194 goto more;
195
196 out:
197 raw_spin_unlock_irqrestore(&read_lock, flags);
198 }
199
200 /**
201 * printk_nmi_flush - flush all per-cpu nmi buffers.
202 *
203 * The buffers are flushed automatically via IRQ work. This function
204 * is useful only when someone wants to be sure that all buffers have
205 * been flushed at some point.
206 */
printk_nmi_flush(void)207 void printk_nmi_flush(void)
208 {
209 int cpu;
210
211 for_each_possible_cpu(cpu)
212 __printk_nmi_flush(&per_cpu(nmi_print_seq, cpu).work);
213 }
214
215 /**
216 * printk_nmi_flush_on_panic - flush all per-cpu nmi buffers when the system
217 * goes down.
218 *
219 * Similar to printk_nmi_flush() but it can be called even in NMI context when
220 * the system goes down. It does the best effort to get NMI messages into
221 * the main ring buffer.
222 *
223 * Note that it could try harder when there is only one CPU online.
224 */
printk_nmi_flush_on_panic(void)225 void printk_nmi_flush_on_panic(void)
226 {
227 /*
228 * Make sure that we could access the main ring buffer.
229 * Do not risk a double release when more CPUs are up.
230 */
231 if (in_nmi() && raw_spin_is_locked(&logbuf_lock)) {
232 if (num_online_cpus() > 1)
233 return;
234
235 debug_locks_off();
236 raw_spin_lock_init(&logbuf_lock);
237 }
238
239 printk_nmi_flush();
240 }
241
printk_nmi_init(void)242 void __init printk_nmi_init(void)
243 {
244 int cpu;
245
246 for_each_possible_cpu(cpu) {
247 struct nmi_seq_buf *s = &per_cpu(nmi_print_seq, cpu);
248
249 init_irq_work(&s->work, __printk_nmi_flush);
250 }
251
252 /* Make sure that IRQ works are initialized before enabling. */
253 smp_wmb();
254 printk_nmi_irq_ready = 1;
255
256 /* Flush pending messages that did not have scheduled IRQ works. */
257 printk_nmi_flush();
258 }
259
printk_nmi_enter(void)260 void printk_nmi_enter(void)
261 {
262 this_cpu_write(printk_func, vprintk_nmi);
263 }
264
printk_nmi_exit(void)265 void printk_nmi_exit(void)
266 {
267 this_cpu_write(printk_func, vprintk_default);
268 }
269