From: "Roger Pau Monné" <roger.pau@citrix.com>
To: Jan Beulich <jbeulich@suse.com>
Cc: "xen-devel@lists.xenproject.org" <xen-devel@lists.xenproject.org>,
"Andrew Cooper" <andrew.cooper3@citrix.com>,
George Dunlap <George.Dunlap@eu.citrix.com>,
Ian Jackson <iwj@xenproject.org>, Julien Grall <julien@xen.org>,
Wei Liu <wl@xen.org>, Stefano Stabellini <sstabellini@kernel.org>,
Paul Durrant <paul@xen.org>
Subject: Re: [PATCH 12/12] evtchn: convert domain event lock to an r/w one
Date: Mon, 28 Sep 2020 18:44:35 +0200 [thread overview]
Message-ID: <20200928164435.GP19254@Air-de-Roger> (raw)
In-Reply-To: <5fee2432-7b94-2f91-5f17-c9eb3ec9f126@suse.com>
On Mon, Sep 28, 2020 at 01:02:43PM +0200, Jan Beulich wrote:
> Especially for the use in evtchn_move_pirqs() (called when moving a vCPU
> across pCPU-s) and the ones in EOI handling in PCI pass-through code,
> serializing perhaps an entire domain isn't helpful when no state (which
> isn't e.g. further protected by the per-channel lock) changes.
>
> Unfortunately this implies dropping of lock profiling for this lock,
> until r/w locks may get enabled for such functionality.
>
> While ->notify_vcpu_id is now meant to be consistently updated with the
> per-channel lock held for writing, an extension applies to ECS_PIRQ: The
> field is also guaranteed to not change with the per-domain event lock
> held. Therefore the unlink_pirq_port() call from evtchn_bind_vcpu() as
> well as the link_pirq_port() one from evtchn_bind_pirq() could in
> principle be moved out of the per-channel locked regions, but this
> further code churn didn't seem worth it.
>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
> ---
> RFC:
> * In evtchn_bind_vcpu() the question is whether limiting the use of
> write_lock() to just the ECS_PIRQ case is really worth it.
IMO I would just use use write_lock() at the top of the function in
place of the current spin_lock. The more fine grained change should be
done as a follow up patch if it's worth it. TBH event channels
shouldn't change vCPU that frequently that using a more fine grained
approach matters much.
> * In flask_get_peer_sid() the question is whether we wouldn't better
> switch to using the per-channel lock.
>
> --- a/xen/arch/x86/hvm/vmsi.c
> +++ b/xen/arch/x86/hvm/vmsi.c
> @@ -465,7 +465,7 @@ int msixtbl_pt_register(struct domain *d
> int r = -EINVAL;
>
> ASSERT(pcidevs_locked());
> - ASSERT(spin_is_locked(&d->event_lock));
> + ASSERT(rw_is_write_locked(&d->event_lock));
FWIW, we could switch rw_is_write_locked to use
_is_write_locked_by_me (or introduce rw_is_write_locked_by_me, albeit
I think all users of rw_is_write_locked care about the lock being
taken by them).
> @@ -1098,7 +1108,7 @@ int evtchn_reset(struct domain *d, bool
> if ( d != current->domain && !d->controller_pause_count )
> return -EINVAL;
>
> - spin_lock(&d->event_lock);
> + read_lock(&d->event_lock);
>
> /*
> * If we are resuming, then start where we stopped. Otherwise, check
> @@ -1109,7 +1119,7 @@ int evtchn_reset(struct domain *d, bool
> if ( i > d->next_evtchn )
> d->next_evtchn = i;
Using the read lock to write to d->next_evtchn here...
>
> - spin_unlock(&d->event_lock);
> + read_unlock(&d->event_lock);
>
> if ( !i )
> return -EBUSY;
> @@ -1121,14 +1131,14 @@ int evtchn_reset(struct domain *d, bool
> /* NB: Choice of frequency is arbitrary. */
> if ( !(i & 0x3f) && hypercall_preempt_check() )
> {
> - spin_lock(&d->event_lock);
> + write_lock(&d->event_lock);
> d->next_evtchn = i;
... but the write lock here instead seems inconsistent.
> - spin_unlock(&d->event_lock);
> + write_unlock(&d->event_lock);
> return -ERESTART;
> }
> }
>
> - spin_lock(&d->event_lock);
> + write_lock(&d->event_lock);
>
> d->next_evtchn = 0;
>
> @@ -1557,7 +1568,7 @@ static void domain_dump_evtchn_info(stru
> "Polling vCPUs: {%*pbl}\n"
> " port [p/m/s]\n", d->domain_id, d->max_vcpus, d->poll_mask);
>
> - spin_lock(&d->event_lock);
> + read_lock(&d->event_lock);
Since this is a debug key, I would suggest using read_trylock in order
to prevent blocking if a CPU is stuck while holding the event_lock in
write mode.
> --- a/xen/drivers/passthrough/io.c
> +++ b/xen/drivers/passthrough/io.c
> @@ -105,7 +105,7 @@ static void pt_pirq_softirq_reset(struct
> {
> struct domain *d = pirq_dpci->dom;
>
> - ASSERT(spin_is_locked(&d->event_lock));
> + ASSERT(rw_is_write_locked(&d->event_lock));
>
> switch ( cmpxchg(&pirq_dpci->state, 1 << STATE_SCHED, 0) )
> {
> @@ -162,7 +162,7 @@ static void pt_irq_time_out(void *data)
> const struct hvm_irq_dpci *dpci;
> const struct dev_intx_gsi_link *digl;
>
> - spin_lock(&irq_map->dom->event_lock);
> + read_lock(&irq_map->dom->event_lock);
Is it fine to use the lock in read mode here? It's likely to change
the flags by adding HVM_IRQ_DPCI_EOI_LATCH, and hence should use the
lock in write mode?
As I think that's the lock that's supposed to protect changes to the
flags field?
> static void hvm_dirq_assist(struct domain *d, struct hvm_pirq_dpci *pirq_dpci)
> @@ -893,7 +893,7 @@ static void hvm_dirq_assist(struct domai
> return;
> }
>
> - spin_lock(&d->event_lock);
> + read_lock(&d->event_lock);
It's also not clear to me that a read lock can be used here, since you
increase a couple of counters of hvm_pirq_dpci which doesn't seem to
be protected by any other lock?
> if ( test_and_clear_bool(pirq_dpci->masked) )
> {
> struct pirq *pirq = dpci_pirq(pirq_dpci);
> @@ -947,7 +947,7 @@ static void hvm_dirq_assist(struct domai
> }
>
> out:
> - spin_unlock(&d->event_lock);
> + read_unlock(&d->event_lock);
> }
>
> static void hvm_pirq_eoi(struct pirq *pirq,
> @@ -1012,7 +1012,7 @@ void hvm_dpci_eoi(struct domain *d, unsi
>
> if ( is_hardware_domain(d) )
> {
> - spin_lock(&d->event_lock);
> + read_lock(&d->event_lock);
> hvm_gsi_eoi(d, guest_gsi, ent);
> goto unlock;
> }
> @@ -1023,7 +1023,7 @@ void hvm_dpci_eoi(struct domain *d, unsi
> return;
> }
>
> - spin_lock(&d->event_lock);
> + read_lock(&d->event_lock);
> hvm_irq_dpci = domain_get_irq_dpci(d);
>
> if ( !hvm_irq_dpci )
> @@ -1033,7 +1033,7 @@ void hvm_dpci_eoi(struct domain *d, unsi
> __hvm_dpci_eoi(d, girq, ent);
__hvm_dpci_eoi will call hvm_pirq_eoi and that seems to require a
write lock, as it modifies pirq_dpci.
>
> unlock:
> - spin_unlock(&d->event_lock);
> + read_unlock(&d->event_lock);
> }
>
> /*
> --- a/xen/drivers/passthrough/pci.c
> +++ b/xen/drivers/passthrough/pci.c
> @@ -883,7 +883,7 @@ static int pci_clean_dpci_irqs(struct do
> if ( !is_hvm_domain(d) )
> return 0;
>
> - spin_lock(&d->event_lock);
> + write_lock(&d->event_lock);
> hvm_irq_dpci = domain_get_irq_dpci(d);
> if ( hvm_irq_dpci != NULL )
> {
> @@ -901,14 +901,14 @@ static int pci_clean_dpci_irqs(struct do
> ret = pt_pirq_iterate(d, pci_clean_dpci_irq, NULL);
> if ( ret )
> {
> - spin_unlock(&d->event_lock);
> + read_unlock(&d->event_lock);
This should be a write_unlock AFAICT.
> return ret;
> }
>
> hvm_domain_irq(d)->dpci = NULL;
> free_hvm_irq_dpci(hvm_irq_dpci);
> }
> - spin_unlock(&d->event_lock);
> + write_unlock(&d->event_lock);
> return 0;
> }
>
> --- a/xen/drivers/passthrough/vtd/x86/hvm.c
> +++ b/xen/drivers/passthrough/vtd/x86/hvm.c
> @@ -54,7 +54,7 @@ void hvm_dpci_isairq_eoi(struct domain *
> if ( !is_iommu_enabled(d) )
> return;
>
> - spin_lock(&d->event_lock);
> + read_lock(&d->event_lock);
I think this also needs to be a write lock, as you modify pirq_dpci
bits in _hvm_dpci_isairq_eoi.
>
> dpci = domain_get_irq_dpci(d);
>
> @@ -63,5 +63,5 @@ void hvm_dpci_isairq_eoi(struct domain *
> /* Multiple mirq may be mapped to one isa irq */
> pt_pirq_iterate(d, _hvm_dpci_isairq_eoi, (void *)(long)isairq);
> }
> - spin_unlock(&d->event_lock);
> + read_unlock(&d->event_lock);
> }
> --- a/xen/include/xen/sched.h
> +++ b/xen/include/xen/sched.h
> @@ -373,7 +373,7 @@ struct domain
> unsigned int xen_evtchns;
> /* Port to resume from in evtchn_reset(), when in a continuation. */
> unsigned int next_evtchn;
> - spinlock_t event_lock;
> + rwlock_t event_lock;
It would be nice to add a comment regarding what fields does
event_lock protect. It's kind of a very generic lock name that I think
has been abused a bit.
Not that it needs to be done in that patch.
Thanks, Roger.
next prev parent reply other threads:[~2020-09-28 16:45 UTC|newest]
Thread overview: 60+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-09-28 10:54 [PATCH 00/12] evtchn: recent XSAs follow-on Jan Beulich
2020-09-28 10:56 ` [PATCH 01/12] evtchn: refuse EVTCHNOP_status for Xen-bound event channels Jan Beulich
2020-09-29 8:49 ` Julien Grall
2020-09-29 15:39 ` Paul Durrant
2020-09-28 10:56 ` [PATCH 02/12] evtchn: avoid race in get_xen_consumer() Jan Beulich
2020-09-29 9:35 ` Julien Grall
2020-09-29 15:44 ` Paul Durrant
2020-09-29 15:58 ` Jan Beulich
2020-09-28 10:57 ` [PATCH 03/12] evtchn: don't call Xen consumer callback with per-channel lock held Jan Beulich
2020-09-29 10:16 ` Julien Grall
2020-09-29 10:54 ` Jan Beulich
2020-09-28 10:57 ` [PATCH 04/12] evtchn: evtchn_set_priority() needs to acquire the per-channel lock Jan Beulich
2020-09-29 10:21 ` Julien Grall
2020-09-29 11:49 ` Jan Beulich
2020-09-29 16:31 ` Paul Durrant
2020-09-30 6:29 ` Jan Beulich
2020-09-30 6:41 ` Jan Beulich
2020-09-30 7:31 ` Paul Durrant
2020-09-30 8:31 ` Jan Beulich
2020-09-30 8:36 ` Paul Durrant
2020-09-30 8:41 ` Jan Beulich
2020-09-28 10:58 ` [PATCH 05/12] evtchn/sched: reject poll requests for unusable ports Jan Beulich
2020-09-29 12:17 ` Julien Grall
2020-09-29 13:00 ` Dario Faggioli
2020-09-29 16:51 ` Paul Durrant
2020-09-28 10:59 ` [PATCH 06/12] evtchn: don't bypass unlinking pIRQ when closing port Jan Beulich
2020-09-29 17:07 ` Paul Durrant
2020-09-28 11:00 ` [PATCH 07/12] evtchn: cut short evtchn_reset()'s loop in the common case Jan Beulich
2020-09-29 17:16 ` Paul Durrant
2020-10-01 15:54 ` Julien Grall
2020-09-28 11:00 ` [PATCH 08/12] evtchn: ECS_CLOSED => ECS_FREE Jan Beulich
2020-09-29 12:19 ` Julien Grall
2020-09-29 16:56 ` Paul Durrant
2020-09-28 11:00 ` [PATCH 09/12] evtchn: move FIFO-private struct declarations Jan Beulich
2020-09-29 12:26 ` Julien Grall
2020-09-29 12:49 ` Jan Beulich
2020-09-30 8:43 ` Julien Grall
2020-09-30 7:37 ` Paul Durrant
2020-09-30 8:32 ` Jan Beulich
2020-09-28 11:01 ` [PATCH 10/12] evtchn/fifo: use stable fields when recording "last queue" information Jan Beulich
2020-09-29 12:29 ` Julien Grall
2020-09-30 7:35 ` Paul Durrant
2020-09-30 8:35 ` Jan Beulich
2020-09-30 8:38 ` Paul Durrant
2020-09-28 11:02 ` [PATCH 11/12] evtchn: convert vIRQ lock to an r/w one Jan Beulich
2020-09-29 13:03 ` Julien Grall
2020-09-29 13:37 ` Jan Beulich
2020-09-29 17:18 ` Julien Grall
2020-09-30 6:26 ` Jan Beulich
2020-09-30 9:09 ` Julien Grall
2020-09-30 7:58 ` Paul Durrant
2020-09-30 8:37 ` Jan Beulich
2020-09-30 8:52 ` Paul Durrant
2020-09-30 10:16 ` Jan Beulich
2020-10-01 16:21 ` Julien Grall
2020-10-02 6:12 ` Jan Beulich
2020-10-02 8:43 ` Julien Grall
2020-09-28 11:02 ` [PATCH 12/12] evtchn: convert domain event " Jan Beulich
2020-09-28 16:44 ` Roger Pau Monné [this message]
2020-09-29 14:32 ` Jan Beulich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200928164435.GP19254@Air-de-Roger \
--to=roger.pau@citrix.com \
--cc=George.Dunlap@eu.citrix.com \
--cc=andrew.cooper3@citrix.com \
--cc=iwj@xenproject.org \
--cc=jbeulich@suse.com \
--cc=julien@xen.org \
--cc=paul@xen.org \
--cc=sstabellini@kernel.org \
--cc=wl@xen.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.