From nobody Sun Feb  8 03:58:30 2026
Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.9])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 546F32FD7A3
	for <linux-kernel@vger.kernel.org>; Wed,  7 Jan 2026 14:01:25 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=192.198.163.9
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1767794487; cv=none;
 b=mCpxTY8gk9RM3mnu/8G61caZPIquPqBgI4vydouax2sSd6LcmunD2QwIEZ85pvFOXAH8mrDBlPS8SEx1PZIj0m/fDKxiV6hwu2IbDwWGAsxfAI/b77Xjf2eAdPKpQUASJCFGAX2cNJvTY5wqFHz4A21wRE2h2HTHH/RYgApxxBE=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1767794487; c=relaxed/simple;
	bh=8bhDnDo0qyTf96055rxYOFIVzAeiADwJ+58G2Wt62dQ=;
	h=From:To:Cc:Subject:Date:Message-ID:MIME-Version;
 b=dEgvTmnl6wqI54hQBPwlqhl6i0m+FdQvZjmIakJ03tgUulT4IMCh6aG0icBxIrGMp9yqRIU6TPOReRjlyV/75ujHvvu9D14PZHftCzYmkTe/RW/jUN2HBrKLKzOoXFgq1beHtC/kEeLQfzhuL5eQ74RSTXbtyiSNhujvKJ6owKU=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=intel.com;
 spf=pass smtp.mailfrom=intel.com;
 dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com
 header.b=JAPpNjXM; arc=none smtp.client-ip=192.198.163.9
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=intel.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=intel.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com
 header.b="JAPpNjXM"
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1767794485; x=1799330485;
  h=from:to:cc:subject:date:message-id:mime-version:
   content-transfer-encoding;
  bh=8bhDnDo0qyTf96055rxYOFIVzAeiADwJ+58G2Wt62dQ=;
  b=JAPpNjXMAwj/8aBHhMOwrqOKJPUA72Q6kdZm4u2VdtvKieEk9zVq2ZBB
   mre+FEterdqItDZy9udIBqxzueA8upjl8oQZiSYCATjKUPfoPK6hyG9fU
   Qv0/nqAB5HYiXjTdtDzwQ04cwRygxOiEhHWrqzTl+Ecn4sp/wqZY+lgza
   j8K9TaMKtLqwQjwFK2jYTuZUpUopu07LYt6e2qfgJq1gS8RXtT22t61jQ
   RotvrBXgbSUJ9mxfx0WHlzGu1tAvjBXwWJBzB9H2AJSS/aVkf6VGUswkd
   8X/BQUQByRBsRGEo7kRULYV47U0pw0Ptx9quvnzqurymwd+U3Da0S2/7P
   A==;
X-CSE-ConnectionGUID: efukmYxUT/e79b1Ulh5nXA==
X-CSE-MsgGUID: b5oB/KO1RVWF2eQ9W1RnyQ==
X-IronPort-AV: E=McAfee;i="6800,10657,11664"; a="79881378"
X-IronPort-AV: E=Sophos;i="6.21,208,1763452800";
   d="scan'208";a="79881378"
Received: from orviesa009.jf.intel.com ([10.64.159.149])
  by fmvoesa103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 07 Jan 2026 06:01:23 -0800
X-CSE-ConnectionGUID: M9y9UqSxR5ip9vu4ZFhCcQ==
X-CSE-MsgGUID: sCHNVIOKTZWPiaeDUGyiYg==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="6.21,208,1763452800";
   d="scan'208";a="202705681"
Received: from lxy-clx-4s.sh.intel.com ([10.239.48.22])
  by orviesa009.jf.intel.com with ESMTP; 07 Jan 2026 06:01:20 -0800
From: Xiaoyao Li <xiaoyao.li@intel.com>
To: Dave Hansen <dave.hansen@linux.intel.com>,
	Thomas Gleixner <tglx@linutronix.de>,
	Ingo Molnar <mingo@redhat.com>,
	Borislav Petkov <bp@alien8.de>,
	x86@kernel.org
Cc: "H. Peter Anvin" <hpa@zytor.com>,
	reinette.chatre@intel.com,
	Kiryl Shutsemau <kas@kernel.org>,
	rick.p.edgecombe@intel.com,
	linux-kernel@vger.kernel.org,
	xiaoyao.li@intel.com,
	chenyi.qiang@intel.com,
	chao.p.peng@intel.com
Subject: [PATCH v2] x86/split_lock: Handle unexpected split lock as fatal
Date: Wed,  7 Jan 2026 21:49:55 +0800
Message-ID: <20260107134955.3293885-1-xiaoyao.li@intel.com>
X-Mailer: git-send-email 2.43.0
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

The kernel can receive #AC fault on split lock access even when
X86_FEATURE_SPLIT_LOCK_DETECT is not enumerated. For example, this can
occur with a TDX guest running under a Linux host with split lock
detection enabled.

The default "warning" mode of handling user split lock depends on being
able to temporarily disable detection to recover from the split lock event.
However, when X86_FEATURE_SPLIT_LOCK_DETECT is not enumerated, the MSR
or the bit that disables detection is normally not accessible. This means
the feature cannot be disabled and the "warning" mode will not work. The
"fatal" mode, however, can still work properly.

Handle split locks as fatal in such cases.

Signed-off-by: Xiaoyao Li <xiaoyao.li@intel.com>
Acked-by: Kiryl Shutsemau <kas@kernel.org>
---
Changes in v2:
- handle it generally instead of special-casing TDX guest; [Kiryl]

v1: https://lore.kernel.org/all/20251126100205.1729391-1-xiaoyao.li@intel.c=
om/

Notes:
- Kiryl suggested to check cpu_model_supports_sld in v1, while this v2
  checks X86_FEATURE_SPLIT_LOCK_DETECT. Because I found the latter can
  cover the purpose of the former in current kernel. I also sent a patch
  separately to clean up cpu_model_supports_sld. [1]

- Patch 2 of v1 is dropped in this v2, since v2 is not TDX specific
  anymore. If anyone has interest on whether to enhance sld_state_show()
  to call out the potential unexpected #AC behavior for TDX guest or
  for more general cases, we can discuss here.

[1] https://lore.kernel.org/all/20251218080044.2615106-1-xiaoyao.li@intel.c=
om/
---
 arch/x86/kernel/cpu/bus_lock.c | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/arch/x86/kernel/cpu/bus_lock.c b/arch/x86/kernel/cpu/bus_lock.c
index dbc99a47be45..68721f1a2cb0 100644
--- a/arch/x86/kernel/cpu/bus_lock.c
+++ b/arch/x86/kernel/cpu/bus_lock.c
@@ -316,9 +316,25 @@ void bus_lock_init(void)
 	wrmsrq(MSR_IA32_DEBUGCTLMSR, val);
 }
=20
+static bool split_lock_fatal(void)
+{
+	/*
+	 * If #AC occurs on split lock without X86_FEATURE_SPLIT_LOCK_DETECT
+	 * the kernel cannot handle it by disabling the detection. Treat it as
+	 * fatal regardless of the sld_state.
+	 */
+	if (!cpu_feature_enabled(X86_FEATURE_SPLIT_LOCK_DETECT))
+		return true;
+
+	if (sld_state =3D=3D sld_fatal)
+		return true;
+
+	return false;
+}
+
 bool handle_user_split_lock(struct pt_regs *regs, long error_code)
 {
-	if ((regs->flags & X86_EFLAGS_AC) || sld_state =3D=3D sld_fatal)
+	if ((regs->flags & X86_EFLAGS_AC) || split_lock_fatal())
 		return false;
 	split_lock_warn(regs->ip);
 	return true;
--=20
2.43.0