From: "K. Y. Srinivasan" <kys@microsoft.com>
To: gregkh@linuxfoundation.org, linux-kernel@vger.kernel.org,
devel@linuxdriverproject.org, olaf@aepfle.de, apw@canonical.com,
vkuznets@redhat.com, jasowang@redhat.com
Cc: Dexuan Cui <decui@microsoft.com>, "K. Y. Srinivasan" <kys@microsoft.com>
Subject: [PATCH RESEND 16/27] Drivers: hv: vmbus: serialize process_chn_event() and vmbus_close_internal()
Date: Mon, 14 Dec 2015 16:01:47 -0800 [thread overview]
Message-ID: <1450137718-26366-16-git-send-email-kys@microsoft.com> (raw)
In-Reply-To: <1450137718-26366-1-git-send-email-kys@microsoft.com>
From: Dexuan Cui <decui@microsoft.com>
process_chn_event(), running in the tasklet, can race with
vmbus_close_internal() in the case of SMP guest, e.g., when the former is
accessing channel->inbound.ring_buffer, the latter could be freeing the
ring_buffer pages.
To resolve the race, we can serialize them by disabling the tasklet when
the latter is running here.
Signed-off-by: Dexuan Cui <decui@microsoft.com>
Signed-off-by: K. Y. Srinivasan <kys@microsoft.com>
---
drivers/hv/channel.c | 21 +++++++++++++++++++--
1 files changed, 19 insertions(+), 2 deletions(-)
diff --git a/drivers/hv/channel.c b/drivers/hv/channel.c
index c4dcab0..f7f3d5c 100644
--- a/drivers/hv/channel.c
+++ b/drivers/hv/channel.c
@@ -28,6 +28,7 @@
#include <linux/module.h>
#include <linux/hyperv.h>
#include <linux/uio.h>
+#include <linux/interrupt.h>
#include "hyperv_vmbus.h"
@@ -496,8 +497,21 @@ static void reset_channel_cb(void *arg)
static int vmbus_close_internal(struct vmbus_channel *channel)
{
struct vmbus_channel_close_channel *msg;
+ struct tasklet_struct *tasklet;
int ret;
+ /*
+ * process_chn_event(), running in the tasklet, can race
+ * with vmbus_close_internal() in the case of SMP guest, e.g., when
+ * the former is accessing channel->inbound.ring_buffer, the latter
+ * could be freeing the ring_buffer pages.
+ *
+ * To resolve the race, we can serialize them by disabling the
+ * tasklet when the latter is running here.
+ */
+ tasklet = hv_context.event_dpc[channel->target_cpu];
+ tasklet_disable(tasklet);
+
channel->state = CHANNEL_OPEN_STATE;
channel->sc_creation_callback = NULL;
/* Stop callback and cancel the timer asap */
@@ -525,7 +539,7 @@ static int vmbus_close_internal(struct vmbus_channel *channel)
* If we failed to post the close msg,
* it is perhaps better to leak memory.
*/
- return ret;
+ goto out;
}
/* Tear down the gpadl for the channel's ring buffer */
@@ -538,7 +552,7 @@ static int vmbus_close_internal(struct vmbus_channel *channel)
* If we failed to teardown gpadl,
* it is perhaps better to leak memory.
*/
- return ret;
+ goto out;
}
}
@@ -555,6 +569,9 @@ static int vmbus_close_internal(struct vmbus_channel *channel)
if (channel->rescind)
hv_process_channel_removal(channel,
channel->offermsg.child_relid);
+out:
+ tasklet_enable(tasklet);
+
return ret;
}
--
1.7.4.1
next prev parent reply other threads:[~2015-12-14 22:31 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-12-15 0:01 [PATCH RESEND 00/27] Drivers: hv: Miscellaneous fixes K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 01/27] Drivers: hv: util: Increase the timeout for util services K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 02/27] Drivers: hv: utils: run polling callback always in interrupt context K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 03/27] tools: hv: report ENOSPC errors in hv_fcopy_daemon K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 04/27] tools: hv: remove repeated HV_FCOPY string K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 05/27] Drivers: hv: util: catch allocation errors K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 06/27] Drivers: hv: utils: use memdup_user in hvt_op_write K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 07/27] drivers/hv: cleanup synic msrs if vmbus connect failed K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 08/27] drivers:hv: Export a function that maps Linux CPU num onto Hyper-V proc num K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 09/27] drivers:hv: Export the API to invoke a hypercall on Hyper-V K. Y. Srinivasan
2015-12-15 3:07 ` Greg KH
2015-12-15 4:13 ` KY Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 10/27] drivers:hv: Define the channel type for Hyper-V PCI Express pass-through K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 11/27] Drivers: hv: vss: run only on supported host versions K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 12/27] Drivers: hv: vmbus: Use uuid_le type consistently K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 13/27] Drivers: hv: vmbus: Use uuid_le_cmp() for comparing GUIDs K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 14/27] Drivers: hv: vmbus: Get rid of the unused macro K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 15/27] Drivers: hv: vmbus: Get rid of the unused irq variable K. Y. Srinivasan
2015-12-15 0:01 ` K. Y. Srinivasan [this message]
2015-12-15 0:01 ` [PATCH RESEND 17/27] Drivers: hv: vmbus: do sanity check of channel state in vmbus_close_internal() K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 18/27] Drivers: hv: vmbus: fix rescind-offer handling for device without a driver K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 19/27] Drivers: hv: vmbus: release relid on error in vmbus_process_offer() K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 20/27] Drivers: hv: vmbus: channge vmbus_connection.channel_lock to mutex K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 21/27] drivers:hv: Allow for MMIO claims that span ACPI _CRS records K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 22/27] tools/hv: Use include/uapi with __EXPORTED_HEADERS__ K. Y. Srinivasan
2015-12-15 3:11 ` Greg KH
2015-12-15 18:14 ` Kamal Mostafa
2015-12-15 18:21 ` [PATCH v2] " Kamal Mostafa
2015-12-15 18:46 ` Greg KH
2016-01-06 23:56 ` [PATCH v2 RESEND] " Kamal Mostafa
2015-12-15 0:01 ` [PATCH RESEND 23/27] Drivers: hv: vmbus: Fix a Host signaling bug K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 24/27] drivers/hv: correct tsc page sequence invalid value K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 25/27] Drivers: hv: vmbus: Force all channel messages to be delivered on CPU 0 K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 26/27] Drivers: hv: utils: Invoke the poll function after handshake K. Y. Srinivasan
2015-12-15 0:01 ` [PATCH RESEND 27/27] tools: hv: vss: fix the write()'s argument: error -> vss_msg K. Y. Srinivasan
-- strict thread matches above, loose matches on Subject: below --
2015-12-12 4:21 [PATCH RESEND 00/27] Drivers: hv: Miscellaneous fixes K. Y. Srinivasan
2015-12-12 4:21 ` [PATCH RESEND 01/27] Drivers: hv: util: Increase the timeout for util services K. Y. Srinivasan
2015-12-12 4:21 ` [PATCH RESEND 16/27] Drivers: hv: vmbus: serialize process_chn_event() and vmbus_close_internal() K. Y. Srinivasan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1450137718-26366-16-git-send-email-kys@microsoft.com \
--to=kys@microsoft.com \
--cc=apw@canonical.com \
--cc=decui@microsoft.com \
--cc=devel@linuxdriverproject.org \
--cc=gregkh@linuxfoundation.org \
--cc=jasowang@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=olaf@aepfle.de \
--cc=vkuznets@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.