From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
To: Konrad Rzeszutek Wilk <konrad@kernel.org>
Cc: "Stefano Stabellini" <sstabellini@kernel.org>,
"Wei Liu" <wei.liu2@citrix.com>,
"George Dunlap" <George.Dunlap@eu.citrix.com>,
"Andrew Cooper" <andrew.cooper3@citrix.com>,
"Ian Jackson" <ian.jackson@eu.citrix.com>,
"Tim Deegan" <tim@xen.org>,
"Ross Lagerwall" <ross.lagerwall@citrix.com>,
"Jan Beulich" <jbeulich@suse.com>,
xen-devel@lists.xenproject.org,
"Roger Pau Monné" <roger.pau@citrix.com>
Subject: Re: [PATCH] xsplice: Don't perform multiple operations on same payload once work is scheduled.
Date: Thu, 28 Apr 2016 22:15:43 -0400 [thread overview]
Message-ID: <20160429021543.GD9673@char.us.oracle.com> (raw)
In-Reply-To: <20160429015212.GA12857@localhost.localdomain>
On Thu, Apr 28, 2016 at 09:52:14PM -0400, Konrad Rzeszutek Wilk wrote:
> On Fri, Apr 29, 2016 at 12:23:38AM +0100, Andrew Cooper wrote:
> > On 28/04/2016 19:16, Konrad Rzeszutek Wilk wrote:
> > > diff --git a/xen/common/xsplice.c b/xen/common/xsplice.c
> > > index 1b67d39..48088ce 100644
> > > --- a/xen/common/xsplice.c
> > > +++ b/xen/common/xsplice.c
> > > @@ -1099,6 +1099,13 @@ static void xsplice_do_action(void)
> > > data->rc = rc;
> > > }
> > >
> > > +static bool_t is_work_scheduled(struct payload *data)
> >
> > const struct payload *data
>
> Yes!
> >
> > Otherwise, Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
>
> And of course 5 hours later I realized there is a more straightforward
> for this. It follows the same idea but it piggyback on data->rc
> being set by 'schedule_work' to -EAGAIN once work is scheduled:
Err, 'schedule_work' does not set data->rc to -EAGAIN. It happens
within xsplice_do_action:
data->rc = -EAGAIN;
rc = schedule_work(data, action->cmd, action->timeout);
(for either replace, revert, or apply).
>
> It could even be rolled in "xsplice: Implement support for
> applying/reverting/replacing patches."
>
>
> >From 83053e3f984b67dfae74cb64e75b8871b9d236ca Mon Sep 17 00:00:00 2001
> From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
> Date: Thu, 28 Apr 2016 21:22:49 -0400
> Subject: [PATCH] xsplice: Check data->rc for -EAGAIN to guard against races.
> MIME-Version: 1.0
> Content-Type: text/plain; charset=UTF-8
> Content-Transfer-Encoding: 8bit
>
> Currently it is possible to:
>
> 1) xc_xsplice_apply()
> \-> xsplice_action
> spin_lock(payload_lock)
> \- schedule_work()
> data->rc=-EAGAIN
> spin_unlock(payload_lock);
>
> 2) xc_xsplice_unload()
> \-> xsplice_action
> spin_lock(payload_lock)
> free_payload(data);
> spin_unlock(payload_lock);
>
> .. all CPUs are quiesced.
>
> 3) check_for_xsplice_work()
> \-> apply_payload
> \-> arch_xsplice_apply_jmp
> BOOM
> data->rc =0
>
> The reason is that state is in 'CHECKED' which changes to 'APPLIED'
> once check_for_xsplice_work finishes (and it updates data->rc to zero).
>
> But we have a race between 1) -> 3) where one can manipulate the payload
> (as the state is in 'CHECKED' from which you can apply/revert and unload).
>
> This patch adds a simple check on data->rc to see if it is in -EAGAIN
> which means that schedule_work has been called for this payload.
>
> If the payload aborts in check_for_xsplice_work (timed out, etc),
> the data->rc will be -EBUSY -so one can still unload the payload or
> retry the operation.
>
> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
> Reported-by: Roger Pau Monné <roger.pau@citrix.com>
>
> ---
> CC: Andrew Cooper <andrew.cooper3@citrix.com>
> CC: George Dunlap <George.Dunlap@eu.citrix.com>
> CC: Ian Jackson <ian.jackson@eu.citrix.com>
> CC: Jan Beulich <jbeulich@suse.com>
> CC: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
> CC: Stefano Stabellini <sstabellini@kernel.org>
> CC: Tim Deegan <tim@xen.org>
> CC: Wei Liu <wei.liu2@citrix.com>
> CC: Ross Lagerwall <ross.lagerwall@citrix.com>
> ---
> ---
> xen/common/xsplice.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/xen/common/xsplice.c b/xen/common/xsplice.c
> index 1b67d39..0bc7e0f 100644
> --- a/xen/common/xsplice.c
> +++ b/xen/common/xsplice.c
> @@ -1363,6 +1363,9 @@ static int xsplice_action(xen_sysctl_xsplice_action_t *action)
> return PTR_ERR(data);
> }
>
> + if ( data->rc == -EAGAIN ) /* schedule_work has been called. */
> + goto out;
> +
> switch ( action->cmd )
> {
> case XSPLICE_ACTION_UNLOAD:
> @@ -1423,6 +1426,7 @@ static int xsplice_action(xen_sysctl_xsplice_action_t *action)
> break;
> }
>
> + out:
> spin_unlock(&payload_lock);
>
> return rc;
> --
> 2.4.0
>
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
next prev parent reply other threads:[~2016-04-29 2:15 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-27 19:26 [PATCH v10] xSplice v1 design and implementation Konrad Rzeszutek Wilk
2016-04-27 19:26 ` [PATCH v10 01/24] xsplice: Design document Konrad Rzeszutek Wilk
2016-04-27 19:26 ` [PATCH v10 02/24] xen/xsplice: Hypervisor implementation of XEN_XSPLICE_op Konrad Rzeszutek Wilk
2016-04-28 11:08 ` Jan Beulich
2016-04-27 19:27 ` [PATCH v10 03/24] libxc: Implementation of XEN_XSPLICE_op in libxc Konrad Rzeszutek Wilk
2016-04-27 19:27 ` [PATCH v10 04/24] xen-xsplice: Tool to manipulate xsplice payloads Konrad Rzeszutek Wilk
2016-05-01 13:34 ` George Dunlap
2016-05-01 18:08 ` Wei Liu
2016-05-02 0:50 ` Konrad Rzeszutek Wilk
2016-04-27 19:27 ` [PATCH v10 05/24] arm/x86: Use struct virtual_region to do bug, symbol, and (x86) exception tables lookup Konrad Rzeszutek Wilk
2016-04-27 19:27 ` [PATCH v10 06/24] arm/x86/vmap: Add vmalloc_xen and vm_init_type Konrad Rzeszutek Wilk
2016-04-27 19:27 ` [PATCH v10 07/24] xsplice: Add helper elf routines Konrad Rzeszutek Wilk
2016-04-28 11:17 ` Jan Beulich
2016-04-27 19:27 ` [PATCH v10 08/24] xsplice: Implement payload loading Konrad Rzeszutek Wilk
2016-04-28 11:21 ` Jan Beulich
2016-04-27 19:27 ` [PATCH v10 09/24] xsplice: Implement support for applying/reverting/replacing patches Konrad Rzeszutek Wilk
2016-04-27 19:27 ` [PATCH v10 10/24] x86/xen_hello_world.xsplice: Test payload for patching 'xen_extra_version' Konrad Rzeszutek Wilk
2016-04-28 11:25 ` Jan Beulich
2016-04-27 19:27 ` [PATCH v10 11/24] xsplice, symbols: Implement symbol name resolution on address Konrad Rzeszutek Wilk
2016-04-27 19:27 ` [PATCH v10 12/24] xsplice, symbols: Implement fast symbol names -> virtual addresses lookup Konrad Rzeszutek Wilk
2016-04-27 19:27 ` [PATCH v10 13/24] x86, xsplice: Print payload's symbol name and payload name in backtraces Konrad Rzeszutek Wilk
2016-04-27 19:27 ` [PATCH v10 14/24] xsplice: Add support for bug frames Konrad Rzeszutek Wilk
2016-04-27 19:27 ` [PATCH v10 15/24] xsplice: Add support for exception tables Konrad Rzeszutek Wilk
2016-04-27 19:27 ` [PATCH v10 16/24] xsplice: Add support for alternatives Konrad Rzeszutek Wilk
2016-04-27 19:27 ` [PATCH v10 17/24] build_id: Provide ld-embedded build-ids Konrad Rzeszutek Wilk
2016-04-29 16:38 ` Jan Beulich
2016-04-29 17:23 ` Konrad Rzeszutek Wilk
2016-05-02 6:02 ` Jan Beulich
2016-05-02 11:05 ` Wei Liu
2016-05-02 11:13 ` Jan Beulich
2016-05-02 11:19 ` Wei Liu
2016-05-02 11:26 ` Jan Beulich
2016-04-27 19:27 ` [PATCH v10 18/24] xsplice: Print build_id in keyhandler and on bootup Konrad Rzeszutek Wilk
2016-04-27 19:27 ` [PATCH v10 19/24] XENVER_build_id/libxc: Provide ld-embedded build-id Konrad Rzeszutek Wilk
2016-04-27 19:27 ` [PATCH v10 20/24] libxl: info: Display build_id of the hypervisor Konrad Rzeszutek Wilk
2016-04-27 19:27 ` [PATCH v10 21/24] xsplice: Stacking build-id dependency checking Konrad Rzeszutek Wilk
2016-04-28 11:33 ` Jan Beulich
2016-05-02 6:37 ` Jan Beulich
2016-05-02 13:06 ` Konrad Rzeszutek Wilk
2016-04-27 19:27 ` [PATCH v10 22/24] xsplice/xen_replace_world: Test-case for XSPLICE_ACTION_REPLACE Konrad Rzeszutek Wilk
2016-04-28 11:35 ` Jan Beulich
2016-04-27 19:27 ` [PATCH v10 23/24] xsplice: Prevent duplicate payloads from being loaded Konrad Rzeszutek Wilk
2016-04-27 19:27 ` [PATCH v10 24/24] MAINTAINERS/xsplice: Add myself and Ross as the maintainers Konrad Rzeszutek Wilk
2016-04-28 11:47 ` [PATCH v10] xSplice v1 design and implementation Wei Liu
2016-04-28 18:16 ` [PATCH] xsplice: Don't perform multiple operations on same payload once work is scheduled Konrad Rzeszutek Wilk
2016-04-28 20:50 ` Wei Liu
2016-04-28 23:23 ` Andrew Cooper
2016-04-29 1:52 ` Konrad Rzeszutek Wilk
2016-04-29 2:15 ` Konrad Rzeszutek Wilk [this message]
2016-04-29 7:35 ` Jan Beulich
2016-04-29 7:49 ` Konrad Rzeszutek Wilk
2016-04-29 8:02 ` Jan Beulich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160429021543.GD9673@char.us.oracle.com \
--to=konrad.wilk@oracle.com \
--cc=George.Dunlap@eu.citrix.com \
--cc=andrew.cooper3@citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=jbeulich@suse.com \
--cc=konrad@kernel.org \
--cc=roger.pau@citrix.com \
--cc=ross.lagerwall@citrix.com \
--cc=sstabellini@kernel.org \
--cc=tim@xen.org \
--cc=wei.liu2@citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.