From mboxrd@z Thu Jan  1 00:00:00 1970
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Subject: Re: [PATCH] xen/gntdev: Fix sleep-inside-spinlock
Date: Thu, 13 Oct 2011 11:40:53 -0400
Message-ID: <20111013154053.GA12588@phenom.oracle.com>
References: <1318353219.21925.80.camel@Palantir>
	<20111011173228.GB32406@phenom.oracle.com>
	<4E9495F6.4070301@tycho.nsa.gov>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Return-path: <xen-devel-bounces@lists.xensource.com>
Content-Disposition: inline
In-Reply-To: <4E9495F6.4070301@tycho.nsa.gov>
List-Unsubscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xensource.com>
List-Help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-Subscribe: <http://lists.xensource.com/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
Sender: xen-devel-bounces@lists.xensource.com
Errors-To: xen-devel-bounces@lists.xensource.com
To: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Cc: xen-devel <xen-devel@lists.xensource.com>, Dario Faggioli <raistlin@linux.it>
List-Id: xen-devel@lists.xenproject.org

On Tue, Oct 11, 2011 at 03:16:06PM -0400, Daniel De Graaf wrote:
> On 10/11/2011 01:32 PM, Konrad Rzeszutek Wilk wrote:
> > On Tue, Oct 11, 2011 at 07:13:38PM +0200, Dario Faggioli wrote:
> >> Hello everyone,

Dario, does the patch fix the problem for you?

.. snip..
> it'll also trigger this message; that's also fixed here. Compile tested only.
> 
> -------------------------------------------------------->8
> 
> gntdev_put_map tries to acquire a mutex when freeing pages back to the
> xenballoon pool, so it cannot be called with a spinlock held. In
> gntdev_release, the spinlock is not needed as we are freeing the
> structure later; in the ioctl, only the list manipulation needs to be
> under the lock.
> 
> Reported-By: Dario Faggioli <raistlin@linux.it>
> Signed-off-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
> ---
>  drivers/xen/gntdev.c |    5 ++---
>  1 files changed, 2 insertions(+), 3 deletions(-)
> 
> diff --git a/drivers/xen/gntdev.c b/drivers/xen/gntdev.c
> index f914b26..23b1c83 100644
> --- a/drivers/xen/gntdev.c
> +++ b/drivers/xen/gntdev.c
> @@ -462,13 +462,11 @@ static int gntdev_release(struct inode *inode, struct file *flip)
>  
>  	pr_debug("priv %p\n", priv);
>  
> -	spin_lock(&priv->lock);
>  	while (!list_empty(&priv->maps)) {
>  		map = list_entry(priv->maps.next, struct grant_map, next);
>  		list_del(&map->next);
>  		gntdev_put_map(map);
>  	}
> -	spin_unlock(&priv->lock);
>  
>  	if (use_ptemod)
>  		mmu_notifier_unregister(&priv->mn, priv->mm);
> @@ -532,10 +530,11 @@ static long gntdev_ioctl_unmap_grant_ref(struct gntdev_priv *priv,
>  	map = gntdev_find_map_index(priv, op.index >> PAGE_SHIFT, op.count);
>  	if (map) {
>  		list_del(&map->next);
> -		gntdev_put_map(map);
>  		err = 0;
>  	}
>  	spin_unlock(&priv->lock);
> +	if (map)
> +		gntdev_put_map(map);
>  	return err;
>  }
>  
> -- 
> 1.7.6.4