Re: [PATCH 2/3] xen: correct race in alloc_p2m_pmd()

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Juergen Gross <jgross@suse.com>
To: David Vrabel <david.vrabel@citrix.com>,
	linux-kernel@vger.kernel.org, xen-devel@lists.xensource.com,
	konrad.wilk@oracle.com, boris.ostrovsky@oracle.com
Subject: Re: [PATCH 2/3] xen: correct race in alloc_p2m_pmd()
Date: Fri, 09 Jan 2015 16:17:08 +0100	[thread overview]
Message-ID: <54AFF0F4.1030608@suse.com> (raw)
In-Reply-To: <54AFEF2A.3090403@citrix.com>

On 01/09/2015 04:09 PM, David Vrabel wrote:
> On 08/01/15 17:01, Juergen Gross wrote:
>> When allocating a new pmd for the linear mapped p2m list a check is
>> done for not introducing another pmd when this just happened on
>> another cpu. In this case the old pte pointer was returned which
>> points to the p2m_missing or p2m_identity page. The correct value
>> would be the pointer to the found new page.
>
> Looking at the check I don't see how it works at all.
>
> alloc_p2m() looks up the address of the PTE page
>
> 	ptep = lookup_address(addr, &level);
> 	pte_pg = (pte_t *)((unsigned long)ptep & ~(PAGE_SIZE - 1));
>
> But the check under the lock that is still true does:
>
> 	ptechk = lookup_address(vaddr, &level);
> 	if (ptechk == pte_pg) {
>
> So I don't see how this works unless (by chance) we happen to get the
> first entry in the PTE page.

The check under lock tests vaddr which is pmd aligned.

> It also doesn't handle racing with p2m_missing_pte to p2m_identity_pte
> (or vice-versa) change.

The change is always and only for missing/identity to individual pmd.
There is no transition between all missing and identity pmds.

> Something like:
>
> 	ptechk = lookup_address(vaddr, &level);
> 	ptechk = (pte_t *)((unsigned long)ptechk & ~(PAGE_SIZE - 1));
> 	if (ptechk == p2m_missing_pte || ptechk == p2m_identity) {
>                set_pmd(..)
>
> Perhaps?

Would work, but is more complicated than needed. :-)


Juergen

>
> David
>
>> --- a/arch/x86/xen/p2m.c
>> +++ b/arch/x86/xen/p2m.c
>> @@ -440,10 +440,9 @@ EXPORT_SYMBOL_GPL(get_phys_to_machine);
>>    * a new pmd is to replace p2m_missing_pte or p2m_identity_pte by a individual
>>    * pmd. In case of PAE/x86-32 there are multiple pmds to allocate!
>>    */
>> -static pte_t *alloc_p2m_pmd(unsigned long addr, pte_t *ptep, pte_t *pte_pg)
>> +static pte_t *alloc_p2m_pmd(unsigned long addr, pte_t *pte_pg)
>>   {
>>   	pte_t *ptechk;
>> -	pte_t *pteret = ptep;
>>   	pte_t *pte_newpg[PMDS_PER_MID_PAGE];
>>   	pmd_t *pmdp;
>>   	unsigned int level;
>> @@ -477,8 +476,6 @@ static pte_t *alloc_p2m_pmd(unsigned long addr, pte_t *ptep, pte_t *pte_pg)
>>   		if (ptechk == pte_pg) {
>>   			set_pmd(pmdp,
>>   				__pmd(__pa(pte_newpg[i]) | _KERNPG_TABLE));
>> -			if (vaddr == (addr & ~(PMD_SIZE - 1)))
>> -				pteret = pte_offset_kernel(pmdp, addr);
>>   			pte_newpg[i] = NULL;
>>   		}
>>
>> @@ -492,7 +489,7 @@ static pte_t *alloc_p2m_pmd(unsigned long addr, pte_t *ptep, pte_t *pte_pg)
>>   		vaddr += PMD_SIZE;
>>   	}
>>
>> -	return pteret;
>> +	return lookup_address(addr, &level);
>>   }
>>
>>   /*
>> @@ -521,7 +518,7 @@ static bool alloc_p2m(unsigned long pfn)
>>
>>   	if (pte_pg == p2m_missing_pte || pte_pg == p2m_identity_pte) {
>>   		/* PMD level is missing, allocate a new one */
>> -		ptep = alloc_p2m_pmd(addr, ptep, pte_pg);
>> +		ptep = alloc_p2m_pmd(addr, pte_pg);
>>   		if (!ptep)
>>   			return false;
>>   	}
>>
>
>

next prev parent reply	other threads:[~2015-01-09 15:17 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-01-08 17:01 [PATCH 0/3] xen: correct several bugs in new p2m list setup Juergen Gross
2015-01-08 17:01 ` [PATCH 1/3] xen: correct error for building p2m list on 32 bits Juergen Gross
2015-01-08 17:01 ` [PATCH 2/3] xen: correct race in alloc_p2m_pmd() Juergen Gross
2015-01-09 15:09   ` David Vrabel
2015-01-09 15:09     ` David Vrabel
2015-01-09 15:17     ` Juergen Gross [this message]
2015-01-08 17:01 ` [PATCH 3/3] xen: use correct type for physical addresses Juergen Gross
2015-01-09  9:57   ` [Xen-devel] " Jan Beulich
2015-01-09 12:51     ` David Vrabel
2015-01-09 12:51       ` David Vrabel
2015-01-09 12:56       ` [Xen-devel] " Jan Beulich
2015-01-09 12:56         ` Jan Beulich
2015-01-09 15:10         ` [Xen-devel] " David Vrabel
2015-01-09 15:10           ` David Vrabel
2015-01-09  9:57   ` Jan Beulich
2015-01-09 12:51   ` [Xen-devel] " David Vrabel
2015-01-09 12:51     ` David Vrabel

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=54AFF0F4.1030608@suse.com \
    --to=jgross@suse.com \
    --cc=boris.ostrovsky@oracle.com \
    --cc=david.vrabel@citrix.com \
    --cc=konrad.wilk@oracle.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=xen-devel@lists.xensource.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.