From: Wei Liu <wei.liu2@citrix.com>
To: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Cc: "Stefano Stabellini" <sstabellini@kernel.org>,
"Wei Liu" <wei.liu2@citrix.com>,
"George Dunlap" <George.Dunlap@eu.citrix.com>,
"Andrew Cooper" <andrew.cooper3@citrix.com>,
"Ian Jackson" <ian.jackson@eu.citrix.com>,
"Tim Deegan" <tim@xen.org>,
"Ross Lagerwall" <ross.lagerwall@citrix.com>,
"Jan Beulich" <jbeulich@suse.com>,
xen-devel@lists.xenproject.org,
"Roger Pau Monné" <roger.pau@citrix.com>
Subject: Re: [PATCH v2] xsplice: Don't perform multiple operations on same payload once work is scheduled.
Date: Fri, 29 Apr 2016 10:43:41 +0100 [thread overview]
Message-ID: <20160429094341.GB12693@citrix.com> (raw)
In-Reply-To: <1461922955-16207-1-git-send-email-konrad.wilk@oracle.com>
On Fri, Apr 29, 2016 at 05:42:35AM -0400, Konrad Rzeszutek Wilk wrote:
> Currently it is possible to:
>
> 1) xc_xsplice_apply()
> \-> xsplice_action
> spin_lock(payload_lock)
> \- schedule_work()
> spin_unlock(payload_lock);
>
> 2) xc_xsplice_unload()
> \-> xsplice_action
> spin_lock(payload_lock)
> free_payload(data);
> spin_unlock(payload_lock);
>
> .. all CPUs are quiesced.
>
> 3) check_for_xsplice_work()
> \-> apply_payload
> \-> arch_xsplice_apply_jmp
> BOOM
>
> The reason is that state is in 'CHECKED' which changes to 'APPLIED'
> once check_for_xsplice_work finishes. So we have a race between 1) -> 3)
> where one can manipulate the payload.
>
> To guard against this we add a check in xsplice_action to not allow
> any actions if schedule_work has been called for this specific payload.
>
> The function 'is_work_scheduled' checks xsplice_work which is safe as:
> - The ->do_work changes to 1 under the payload_lock (which we also hold).
> - The ->do_work changes to 0 when all CPUs are quisced and IRQs have
> been disabled.
>
> Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
> Reported-and-Tested-by: Roger Pau Monné <roger.pau@citrix.com>
> Reviewed-by: Andrew Cooper <andrew.cooper3@citrix.com>
Release-acked-by: Wei Liu <wei.liu2@citrix.com>
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
http://lists.xen.org/xen-devel
prev parent reply other threads:[~2016-04-29 9:43 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-04-29 9:42 [PATCH v2] xsplice: Don't perform multiple operations on same payload once work is scheduled Konrad Rzeszutek Wilk
2016-04-29 9:43 ` Wei Liu [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160429094341.GB12693@citrix.com \
--to=wei.liu2@citrix.com \
--cc=George.Dunlap@eu.citrix.com \
--cc=andrew.cooper3@citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=jbeulich@suse.com \
--cc=konrad.wilk@oracle.com \
--cc=roger.pau@citrix.com \
--cc=ross.lagerwall@citrix.com \
--cc=sstabellini@kernel.org \
--cc=tim@xen.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.