From: David Vrabel <david.vrabel@citrix.com>
To: David Vrabel <david.vrabel@citrix.com>
Cc: Keir Fraser <keir@xen.org>, Jan Beulich <jbeulich@suse.com>,
xen-devel@lists.xen.org
Subject: Re: [PATCH 2/2] evtchn/fifo: don't corrupt queues if an old tail moves queues
Date: Fri, 15 Nov 2013 13:15:53 +0000 [thread overview]
Message-ID: <52861E89.2080301@citrix.com> (raw)
In-Reply-To: <1384256328-20223-3-git-send-email-david.vrabel@citrix.com>
On 12/11/13 11:38, David Vrabel wrote:
> From: David Vrabel <david.vrabel@citrix.com>
>
> An event may still be the tail of a queue even if the queue is now
> empty (an 'old tail' event). There is logic to handle the case when
> this old tail event needs to be added to the now empty queue (by
> checking for q->tail == port).
>
> However, if the old tail event on queue A is moved to a different
> queue B (by changing its VCPU or priority), the event may then be
> linked onto queue B. When another event is linked onto queue A it
> will check the old tail, see that it is linked (but on queue B) and
> overwrite the LINK field, corrupting both queues.
This fix is not quite right so don't apply.
> --- a/xen/common/event_fifo.c
> +++ b/xen/common/event_fifo.c
> @@ -98,6 +98,47 @@ static bool_t evtchn_fifo_set_link(const struct domain *d, event_word_t *word,
> return 1;
> }
>
> +static bool_t test_and_set_linked(const struct domain *d,
> + struct evtchn *evtchn,
> + struct evtchn_fifo_queue *q,
> + event_word_t *word)
> +{
> + struct vcpu *old_v;
> + struct evtchn_fifo_queue *old_q;
> + bool_t was_linked;
> + unsigned long flags;
> +
> + old_v = d->vcpu[evtchn->last_vcpu_id];
> + old_q = &old_v->evtchn_fifo->queue[evtchn->last_priority];
> +
> + evtchn->last_vcpu_id = evtchn->notify_vcpu_id;
> + evtchn->last_priority = evtchn->priority;
We set the last queue here even if we're not moving it yet.
David
prev parent reply other threads:[~2013-11-15 13:15 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-11-12 11:38 [PATCHv4 0/2] Xen: FIFO-based event channel ABI fixes David Vrabel
2013-11-12 11:38 ` [PATCH 1/2] evtchn/fifo: don't spin indefinitely when setting LINK David Vrabel
2013-11-20 15:19 ` David Vrabel
2013-11-22 12:08 ` Jan Beulich
2013-11-12 11:38 ` [PATCH 2/2] evtchn/fifo: don't corrupt queues if an old tail moves queues David Vrabel
2013-11-15 13:15 ` David Vrabel [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=52861E89.2080301@citrix.com \
--to=david.vrabel@citrix.com \
--cc=jbeulich@suse.com \
--cc=keir@xen.org \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.