From: Oleg Nesterov <oleg@redhat.com>
To: Sasha Levin <sasha.levin@oracle.com>
Cc: jeremy@goop.org,
Raghavendra K T <raghavendra.kt@linux.vnet.ibm.com>,
kvm@vger.kernel.org, peterz@infradead.org,
virtualization@lists.linux-foundation.org,
paul.gortmaker@windriver.com, hpa@zytor.com, ak@linux.intel.com,
a.ryabinin@samsung.com, x86@kernel.org, borntraeger@de.ibm.com,
mingo@redhat.com, xen-devel@lists.xenproject.org,
paulmck@linux.vnet.ibm.com, riel@redhat.com,
konrad.wilk@oracle.com, davej@redhat.com, tglx@linutronix.de,
waiman.long@hp.com, linux-kernel@vger.kernel.org,
pbonzini@redhat.com, akpm@linux-foundation.org,
torvalds@linux-foundation.org
Subject: Re: [PATCH] x86 spinlock: Fix memory corruption on completing completions
Date: Sun, 8 Feb 2015 18:14:57 +0100 [thread overview]
Message-ID: <20150208171457.GA18766@redhat.com> (raw)
In-Reply-To: <54D4DBA1.1030905@oracle.com>
On 02/06, Sasha Levin wrote:
>
> Can we modify it slightly to avoid potentially accessing invalid memory:
>
> diff --git a/arch/x86/include/asm/spinlock.h b/arch/x86/include/asm/spinlock.h
> index 5315887..cd22d73 100644
> --- a/arch/x86/include/asm/spinlock.h
> +++ b/arch/x86/include/asm/spinlock.h
> @@ -144,13 +144,13 @@ static __always_inline void arch_spin_unlock(arch_spinlock_t *lock
> if (TICKET_SLOWPATH_FLAG &&
> static_key_false(¶virt_ticketlocks_enabled)) {
> __ticket_t prev_head;
> -
> + bool needs_kick = lock->tickets.tail & TICKET_SLOWPATH_FLAG;
> prev_head = lock->tickets.head;
> add_smp(&lock->tickets.head, TICKET_LOCK_INC);
>
> /* add_smp() is a full mb() */
>
> - if (unlikely(lock->tickets.tail & TICKET_SLOWPATH_FLAG)) {
> + if (unlikely(needs_kick)) {
This doesn't look right too...
We need to guarantee that either unlock() sees TICKET_SLOWPATH_FLAG, or
the calller of __ticket_enter_slowpath() sees the result of add_smp().
Suppose that kvm_lock_spinning() is called right before add_smp() and it
sets SLOWPATH. It will block then because .head != want, and it needs
__ticket_unlock_kick().
Oleg.
WARNING: multiple messages have this Message-ID (diff)
From: Oleg Nesterov <oleg@redhat.com>
To: Sasha Levin <sasha.levin@oracle.com>
Cc: Raghavendra K T <raghavendra.kt@linux.vnet.ibm.com>,
tglx@linutronix.de, mingo@redhat.com, hpa@zytor.com,
peterz@infradead.org, torvalds@linux-foundation.org,
konrad.wilk@oracle.com, pbonzini@redhat.com,
paulmck@linux.vnet.ibm.com, waiman.long@hp.com, davej@redhat.com,
x86@kernel.org, jeremy@goop.org, paul.gortmaker@windriver.com,
ak@linux.intel.com, jasowang@redhat.com,
linux-kernel@vger.kernel.org, kvm@vger.kernel.org,
virtualization@lists.linux-foundation.org,
xen-devel@lists.xenproject.org, riel@redhat.com,
borntraeger@de.ibm.com, akpm@linux-foundation.org,
a.ryabinin@samsung.com
Subject: Re: [PATCH] x86 spinlock: Fix memory corruption on completing completions
Date: Sun, 8 Feb 2015 18:14:57 +0100 [thread overview]
Message-ID: <20150208171457.GA18766@redhat.com> (raw)
In-Reply-To: <54D4DBA1.1030905@oracle.com>
On 02/06, Sasha Levin wrote:
>
> Can we modify it slightly to avoid potentially accessing invalid memory:
>
> diff --git a/arch/x86/include/asm/spinlock.h b/arch/x86/include/asm/spinlock.h
> index 5315887..cd22d73 100644
> --- a/arch/x86/include/asm/spinlock.h
> +++ b/arch/x86/include/asm/spinlock.h
> @@ -144,13 +144,13 @@ static __always_inline void arch_spin_unlock(arch_spinlock_t *lock
> if (TICKET_SLOWPATH_FLAG &&
> static_key_false(¶virt_ticketlocks_enabled)) {
> __ticket_t prev_head;
> -
> + bool needs_kick = lock->tickets.tail & TICKET_SLOWPATH_FLAG;
> prev_head = lock->tickets.head;
> add_smp(&lock->tickets.head, TICKET_LOCK_INC);
>
> /* add_smp() is a full mb() */
>
> - if (unlikely(lock->tickets.tail & TICKET_SLOWPATH_FLAG)) {
> + if (unlikely(needs_kick)) {
This doesn't look right too...
We need to guarantee that either unlock() sees TICKET_SLOWPATH_FLAG, or
the calller of __ticket_enter_slowpath() sees the result of add_smp().
Suppose that kvm_lock_spinning() is called right before add_smp() and it
sets SLOWPATH. It will block then because .head != want, and it needs
__ticket_unlock_kick().
Oleg.
next prev parent reply other threads:[~2015-02-08 17:14 UTC|newest]
Thread overview: 111+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-02-06 14:49 [PATCH] x86 spinlock: Fix memory corruption on completing completions Raghavendra K T
2015-02-06 15:20 ` Sasha Levin
2015-02-06 15:20 ` Sasha Levin
2015-02-06 16:15 ` Linus Torvalds
2015-02-06 16:15 ` Linus Torvalds
2015-02-06 16:15 ` Linus Torvalds
2015-02-06 17:03 ` Andrey Ryabinin
2015-02-06 17:03 ` Andrey Ryabinin
2015-02-06 17:03 ` Andrey Ryabinin
2015-02-06 17:03 ` Andrey Ryabinin
2015-02-06 16:15 ` Linus Torvalds
2015-02-08 17:14 ` Oleg Nesterov
2015-02-08 17:14 ` Oleg Nesterov [this message]
2015-02-08 17:14 ` Oleg Nesterov
2015-02-06 15:20 ` Sasha Levin
2015-02-06 16:25 ` Linus Torvalds
2015-02-06 16:25 ` Linus Torvalds
2015-02-06 16:25 ` Linus Torvalds
2015-02-06 16:25 ` Linus Torvalds
2015-02-06 19:42 ` Davidlohr Bueso
2015-02-06 19:42 ` Davidlohr Bueso
2015-02-06 21:15 ` Sasha Levin
2015-02-06 21:15 ` Sasha Levin
2015-02-06 21:15 ` Sasha Levin
2015-02-06 23:24 ` Davidlohr Bueso
2015-02-06 23:24 ` Davidlohr Bueso
2015-02-06 23:24 ` Davidlohr Bueso
2015-02-06 23:24 ` Davidlohr Bueso
2015-02-06 21:15 ` Sasha Levin
2015-02-06 19:42 ` Davidlohr Bueso
2015-02-06 19:42 ` Davidlohr Bueso
2015-02-08 17:49 ` Raghavendra K T
2015-02-08 17:49 ` Raghavendra K T
2015-02-08 17:49 ` Raghavendra K T
2015-02-08 17:49 ` Raghavendra K T
2015-02-06 18:57 ` Sasha Levin
2015-02-06 18:57 ` Sasha Levin
2015-02-06 18:57 ` Sasha Levin
2015-02-08 17:57 ` Raghavendra K T
2015-02-08 17:57 ` Raghavendra K T
2015-02-08 17:57 ` Raghavendra K T
2015-02-08 21:14 ` Jeremy Fitzhardinge
2015-02-08 21:14 ` Jeremy Fitzhardinge
2015-02-08 21:14 ` Jeremy Fitzhardinge
2015-02-09 9:34 ` Raghavendra K T
2015-02-09 12:02 ` Peter Zijlstra
2015-02-09 12:02 ` Peter Zijlstra
2015-02-09 12:52 ` Raghavendra K T
2015-02-09 12:52 ` Raghavendra K T
2015-02-09 12:52 ` Raghavendra K T
2015-02-10 0:53 ` Linus Torvalds
2015-02-10 0:53 ` Linus Torvalds
2015-02-10 0:53 ` Linus Torvalds
2015-02-10 0:53 ` Linus Torvalds
2015-02-10 9:30 ` Raghavendra K T
2015-02-10 9:30 ` Raghavendra K T
2015-02-10 9:30 ` Raghavendra K T
2015-02-10 13:18 ` Denys Vlasenko
2015-02-10 13:18 ` Denys Vlasenko
2015-02-10 13:18 ` Denys Vlasenko
2015-02-10 13:18 ` Denys Vlasenko
2015-02-10 13:20 ` Denys Vlasenko
2015-02-10 13:20 ` Denys Vlasenko
2015-02-10 13:20 ` Denys Vlasenko
2015-02-10 13:20 ` Denys Vlasenko
2015-02-10 14:24 ` Oleg Nesterov
2015-02-10 14:24 ` Oleg Nesterov
2015-02-10 14:24 ` Oleg Nesterov
2015-02-10 14:24 ` Oleg Nesterov
2015-02-10 13:23 ` Sasha Levin
2015-02-10 13:23 ` Sasha Levin
2015-02-10 13:23 ` Sasha Levin
2015-02-10 13:26 ` Oleg Nesterov
2015-02-10 13:26 ` Oleg Nesterov
2015-02-10 13:26 ` Oleg Nesterov
2015-02-11 1:18 ` Jeremy Fitzhardinge
2015-02-11 1:18 ` Jeremy Fitzhardinge
2015-02-11 1:18 ` Jeremy Fitzhardinge
2015-02-11 1:18 ` Jeremy Fitzhardinge
2015-02-11 17:24 ` Oleg Nesterov
2015-02-11 17:24 ` Oleg Nesterov
2015-02-11 17:24 ` Oleg Nesterov
2015-02-11 23:15 ` Jeremy Fitzhardinge
2015-02-11 23:15 ` Jeremy Fitzhardinge
2015-02-11 23:15 ` Jeremy Fitzhardinge
2015-02-11 23:28 ` Linus Torvalds
2015-02-12 7:08 ` Jeremy Fitzhardinge
2015-02-12 7:08 ` Jeremy Fitzhardinge
2015-02-11 23:28 ` Linus Torvalds
2015-02-12 14:18 ` Oleg Nesterov
2015-02-12 14:18 ` Oleg Nesterov
2015-02-12 14:18 ` Oleg Nesterov
2015-02-12 14:18 ` Oleg Nesterov
2015-02-11 23:15 ` Jeremy Fitzhardinge
2015-02-11 17:24 ` Oleg Nesterov
2015-02-11 11:08 ` Raghavendra K T
2015-02-11 11:08 ` Raghavendra K T
2015-02-11 11:08 ` Raghavendra K T
2015-02-11 17:38 ` Oleg Nesterov
2015-02-11 17:38 ` Oleg Nesterov
2015-02-11 18:38 ` Raghavendra K T
2015-02-11 18:38 ` Raghavendra K T
2015-02-11 18:38 ` Raghavendra K T
2015-02-11 18:38 ` Raghavendra K T
2015-02-11 17:38 ` Oleg Nesterov
2015-02-11 11:08 ` Raghavendra K T
2015-02-09 12:02 ` Peter Zijlstra
2015-02-09 9:34 ` Raghavendra K T
2015-02-09 9:34 ` Raghavendra K T
-- strict thread matches above, loose matches on Subject: below --
2015-02-06 14:49 Raghavendra K T
2015-02-06 14:49 Raghavendra K T
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150208171457.GA18766@redhat.com \
--to=oleg@redhat.com \
--cc=a.ryabinin@samsung.com \
--cc=ak@linux.intel.com \
--cc=akpm@linux-foundation.org \
--cc=borntraeger@de.ibm.com \
--cc=davej@redhat.com \
--cc=hpa@zytor.com \
--cc=jeremy@goop.org \
--cc=konrad.wilk@oracle.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=paul.gortmaker@windriver.com \
--cc=paulmck@linux.vnet.ibm.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=raghavendra.kt@linux.vnet.ibm.com \
--cc=riel@redhat.com \
--cc=sasha.levin@oracle.com \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=virtualization@lists.linux-foundation.org \
--cc=waiman.long@hp.com \
--cc=x86@kernel.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.