From: "Radim Krčmář" <rkrcmar@redhat.com>
To: Roman Kagan <rkagan@virtuozzo.com>,
Paolo Bonzini <pbonzini@redhat.com>,
kvm@vger.kernel.org, Evgeny Yakovlev <eyakovlev@virtuozzo.com>,
"Denis V . Lunev" <den@openvz.org>,
Eduardo Habkost <ehabkost@redhat.com>,
Igor Mammedov <imammedo@redhat.com>
Subject: Re: [PATCH v3 0/2] kvm: x86: hyperv: fix userspace interaction flaws
Date: Thu, 13 Jul 2017 20:52:38 +0200 [thread overview]
Message-ID: <20170713185238.GG28875@potion> (raw)
In-Reply-To: <20170713181549.GA10777@rkaganb.sw.ru>
2017-07-13 21:15+0300, Roman Kagan:
> On Thu, Jul 13, 2017 at 06:41:29PM +0200, Radim Krčmář wrote:
> > 2017-07-13 18:38+0200, Radim Krčmář:
> > > 2017-07-13 17:45+0200, Radim Krčmář:
> > > > 2017-07-13 18:29+0300, Roman Kagan:
> > > > > On Fri, Jun 23, 2017 at 12:54:25PM +0200, Paolo Bonzini wrote:
> > > > > > On 22/06/2017 15:51, Roman Kagan wrote:
> > > > > > Looks good, thanks.
> > > > >
> > > > > Are there still any problems with this series?
> > > > > I don't see it in kvm queue, so presumably it wasn't accepted...
> > > >
> > > > No, the problem was on my side. Queing it for the end of this merge
> > > > window. Thanks for the ping.
> > >
> > > And took it out after hitting a bug: we're asking for the VP_INDEX before the
> > > VCPU is in kvm->vcpus[], but the index is its position in that array.
> > > I think we can just use kvm->online_vcpus instead of kvm_vcpu_get_idx().
> >
> > Ugh, definitely no, we're not under kvm->lock there.
> > Assigning the VP_INDEX in kvm_arch_vcpu_postcreate() would be doable,
> > but adding a new callback before exposing the VCPU fd is probably safer.
>
> But kvm_arch_vcpu_postcreate() *is* the last thing that's called before
> returning the VCPU fd. Isn't it the right place to do it? Or do you
> mean a dedicated kvm_hv_vcpu_postcreate() call rather than open-coding
> it there?
It is, I just didn't want to guarantee that nothing bad can happen
1) after create_vcpu_fd() -- another thread can already access the fd
(getting its number just takes some guess-work)
2) after atomic_inc(&kvm->online_vcpus) -- the VCPU's vp_index is still
invalid 0, but someone (get_vcpu_by_vpidx()) might look at it
I'd prefer to reuse kvm_arch_vcpu_postcreate() if it looks ok to you.
(Adding a new call only after all sane solutions have failed.)
> Roman,
> fixing his scripts not to ignore errors from insmod when smoke-testing
> kernel modules (facepalm)...
:) tests for tests for ...
next prev parent reply other threads:[~2017-07-13 18:52 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-22 13:51 [PATCH v3 0/2] kvm: x86: hyperv: fix userspace interaction flaws Roman Kagan
2017-06-22 13:51 ` [PATCH v3 1/2] kvm: x86: hyperv: add KVM_CAP_HYPERV_SYNIC2 Roman Kagan
2017-06-22 13:51 ` [PATCH v3 2/2] kvm: x86: hyperv: make VP_INDEX managed by userspace Roman Kagan
2017-06-23 10:54 ` [PATCH v3 0/2] kvm: x86: hyperv: fix userspace interaction flaws Paolo Bonzini
2017-07-13 15:29 ` Roman Kagan
2017-07-13 15:45 ` Radim Krčmář
2017-07-13 16:38 ` Radim Krčmář
2017-07-13 16:41 ` Radim Krčmář
2017-07-13 18:15 ` Roman Kagan
2017-07-13 18:52 ` Radim Krčmář [this message]
2017-07-13 19:15 ` Roman Kagan
2017-07-13 16:55 ` Roman Kagan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170713185238.GG28875@potion \
--to=rkrcmar@redhat.com \
--cc=den@openvz.org \
--cc=ehabkost@redhat.com \
--cc=eyakovlev@virtuozzo.com \
--cc=imammedo@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=pbonzini@redhat.com \
--cc=rkagan@virtuozzo.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.