From: Sasha Levin <sasha.levin@oracle.com>
To: Raghavendra K T <raghavendra.kt@linux.vnet.ibm.com>,
tglx@linutronix.de, mingo@redhat.com, hpa@zytor.com,
peterz@infradead.org, torvalds@linux-foundation.org
Cc: waiman.long@hp.com, jeremy@goop.org, ak@linux.intel.com,
a.ryabinin@samsung.com, xen-devel@lists.xenproject.org,
kvm@vger.kernel.org, konrad.wilk@oracle.com, riel@redhat.com,
x86@kernel.org, oleg@redhat.com, linux-kernel@vger.kernel.org,
paul.gortmaker@windriver.com, davej@redhat.com,
pbonzini@redhat.com, akpm@linux-foundation.org,
paulmck@linux.vnet.ibm.com,
virtualization@lists.linux-foundation.org,
borntraeger@de.ibm.com
Subject: Re: [PATCH] x86 spinlock: Fix memory corruption on completing completions
Date: Fri, 06 Feb 2015 10:20:01 -0500 [thread overview]
Message-ID: <54D4DBA1.1030905@oracle.com> (raw)
In-Reply-To: <1423234148-13886-1-git-send-email-raghavendra.kt@linux.vnet.ibm.com>
On 02/06/2015 09:49 AM, Raghavendra K T wrote:
> static __always_inline void arch_spin_unlock(arch_spinlock_t *lock)
> {
> if (TICKET_SLOWPATH_FLAG &&
> - static_key_false(¶virt_ticketlocks_enabled)) {
> - arch_spinlock_t prev;
> + static_key_false(¶virt_ticketlocks_enabled)) {
> + __ticket_t prev_head;
>
> - prev = *lock;
> + prev_head = lock->tickets.head;
> add_smp(&lock->tickets.head, TICKET_LOCK_INC);
>
> /* add_smp() is a full mb() */
>
> - if (unlikely(lock->tickets.tail & TICKET_SLOWPATH_FLAG))
> - __ticket_unlock_slowpath(lock, prev);
> + if (unlikely(lock->tickets.tail & TICKET_SLOWPATH_FLAG)) {
> + BUILD_BUG_ON(((__ticket_t)NR_CPUS) != NR_CPUS);
> + __ticket_unlock_kick(lock, prev_head);
Can we modify it slightly to avoid potentially accessing invalid memory:
diff --git a/arch/x86/include/asm/spinlock.h b/arch/x86/include/asm/spinlock.h
index 5315887..cd22d73 100644
--- a/arch/x86/include/asm/spinlock.h
+++ b/arch/x86/include/asm/spinlock.h
@@ -144,13 +144,13 @@ static __always_inline void arch_spin_unlock(arch_spinlock_t *lock
if (TICKET_SLOWPATH_FLAG &&
static_key_false(¶virt_ticketlocks_enabled)) {
__ticket_t prev_head;
-
+ bool needs_kick = lock->tickets.tail & TICKET_SLOWPATH_FLAG;
prev_head = lock->tickets.head;
add_smp(&lock->tickets.head, TICKET_LOCK_INC);
/* add_smp() is a full mb() */
- if (unlikely(lock->tickets.tail & TICKET_SLOWPATH_FLAG)) {
+ if (unlikely(needs_kick)) {
BUILD_BUG_ON(((__ticket_t)NR_CPUS) != NR_CPUS);
__ticket_unlock_kick(lock, prev_head);
}
Thanks,
Sasha
WARNING: multiple messages have this Message-ID (diff)
From: Sasha Levin <sasha.levin@oracle.com>
To: Raghavendra K T <raghavendra.kt@linux.vnet.ibm.com>,
tglx@linutronix.de, mingo@redhat.com, hpa@zytor.com,
peterz@infradead.org, torvalds@linux-foundation.org
Cc: konrad.wilk@oracle.com, pbonzini@redhat.com,
paulmck@linux.vnet.ibm.com, waiman.long@hp.com, davej@redhat.com,
oleg@redhat.com, x86@kernel.org, jeremy@goop.org,
paul.gortmaker@windriver.com, ak@linux.intel.com,
jasowang@redhat.com, linux-kernel@vger.kernel.org,
kvm@vger.kernel.org, virtualization@lists.linux-foundation.org,
xen-devel@lists.xenproject.org, riel@redhat.com,
borntraeger@de.ibm.com, akpm@linux-foundation.org,
a.ryabinin@samsung.com
Subject: Re: [PATCH] x86 spinlock: Fix memory corruption on completing completions
Date: Fri, 06 Feb 2015 10:20:01 -0500 [thread overview]
Message-ID: <54D4DBA1.1030905@oracle.com> (raw)
In-Reply-To: <1423234148-13886-1-git-send-email-raghavendra.kt@linux.vnet.ibm.com>
On 02/06/2015 09:49 AM, Raghavendra K T wrote:
> static __always_inline void arch_spin_unlock(arch_spinlock_t *lock)
> {
> if (TICKET_SLOWPATH_FLAG &&
> - static_key_false(¶virt_ticketlocks_enabled)) {
> - arch_spinlock_t prev;
> + static_key_false(¶virt_ticketlocks_enabled)) {
> + __ticket_t prev_head;
>
> - prev = *lock;
> + prev_head = lock->tickets.head;
> add_smp(&lock->tickets.head, TICKET_LOCK_INC);
>
> /* add_smp() is a full mb() */
>
> - if (unlikely(lock->tickets.tail & TICKET_SLOWPATH_FLAG))
> - __ticket_unlock_slowpath(lock, prev);
> + if (unlikely(lock->tickets.tail & TICKET_SLOWPATH_FLAG)) {
> + BUILD_BUG_ON(((__ticket_t)NR_CPUS) != NR_CPUS);
> + __ticket_unlock_kick(lock, prev_head);
Can we modify it slightly to avoid potentially accessing invalid memory:
diff --git a/arch/x86/include/asm/spinlock.h b/arch/x86/include/asm/spinlock.h
index 5315887..cd22d73 100644
--- a/arch/x86/include/asm/spinlock.h
+++ b/arch/x86/include/asm/spinlock.h
@@ -144,13 +144,13 @@ static __always_inline void arch_spin_unlock(arch_spinlock_t *lock
if (TICKET_SLOWPATH_FLAG &&
static_key_false(¶virt_ticketlocks_enabled)) {
__ticket_t prev_head;
-
+ bool needs_kick = lock->tickets.tail & TICKET_SLOWPATH_FLAG;
prev_head = lock->tickets.head;
add_smp(&lock->tickets.head, TICKET_LOCK_INC);
/* add_smp() is a full mb() */
- if (unlikely(lock->tickets.tail & TICKET_SLOWPATH_FLAG)) {
+ if (unlikely(needs_kick)) {
BUILD_BUG_ON(((__ticket_t)NR_CPUS) != NR_CPUS);
__ticket_unlock_kick(lock, prev_head);
}
Thanks,
Sasha
next prev parent reply other threads:[~2015-02-06 15:20 UTC|newest]
Thread overview: 111+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-02-06 14:49 [PATCH] x86 spinlock: Fix memory corruption on completing completions Raghavendra K T
2015-02-06 15:20 ` Sasha Levin
2015-02-06 15:20 ` Sasha Levin [this message]
2015-02-06 15:20 ` Sasha Levin
2015-02-06 16:15 ` Linus Torvalds
2015-02-06 16:15 ` Linus Torvalds
2015-02-06 16:15 ` Linus Torvalds
2015-02-06 16:15 ` Linus Torvalds
2015-02-06 17:03 ` Andrey Ryabinin
2015-02-06 17:03 ` Andrey Ryabinin
2015-02-06 17:03 ` Andrey Ryabinin
2015-02-06 17:03 ` Andrey Ryabinin
2015-02-08 17:14 ` Oleg Nesterov
2015-02-08 17:14 ` Oleg Nesterov
2015-02-08 17:14 ` Oleg Nesterov
2015-02-06 16:25 ` Linus Torvalds
2015-02-06 16:25 ` Linus Torvalds
2015-02-06 16:25 ` Linus Torvalds
2015-02-06 16:25 ` Linus Torvalds
2015-02-06 19:42 ` Davidlohr Bueso
2015-02-06 19:42 ` Davidlohr Bueso
2015-02-06 19:42 ` Davidlohr Bueso
2015-02-06 19:42 ` Davidlohr Bueso
2015-02-06 21:15 ` Sasha Levin
2015-02-06 21:15 ` Sasha Levin
2015-02-06 21:15 ` Sasha Levin
2015-02-06 21:15 ` Sasha Levin
2015-02-06 23:24 ` Davidlohr Bueso
2015-02-06 23:24 ` Davidlohr Bueso
2015-02-06 23:24 ` Davidlohr Bueso
2015-02-06 23:24 ` Davidlohr Bueso
2015-02-08 17:49 ` Raghavendra K T
2015-02-08 17:49 ` Raghavendra K T
2015-02-08 17:49 ` Raghavendra K T
2015-02-08 17:49 ` Raghavendra K T
2015-02-06 18:57 ` Sasha Levin
2015-02-06 18:57 ` Sasha Levin
2015-02-06 18:57 ` Sasha Levin
2015-02-08 17:57 ` Raghavendra K T
2015-02-08 17:57 ` Raghavendra K T
2015-02-08 17:57 ` Raghavendra K T
2015-02-08 21:14 ` Jeremy Fitzhardinge
2015-02-08 21:14 ` Jeremy Fitzhardinge
2015-02-08 21:14 ` Jeremy Fitzhardinge
2015-02-09 9:34 ` Raghavendra K T
2015-02-09 9:34 ` Raghavendra K T
2015-02-09 9:34 ` Raghavendra K T
2015-02-09 12:02 ` Peter Zijlstra
2015-02-09 12:02 ` Peter Zijlstra
2015-02-09 12:02 ` Peter Zijlstra
2015-02-09 12:52 ` Raghavendra K T
2015-02-09 12:52 ` Raghavendra K T
2015-02-09 12:52 ` Raghavendra K T
2015-02-10 0:53 ` Linus Torvalds
2015-02-10 0:53 ` Linus Torvalds
2015-02-10 0:53 ` Linus Torvalds
2015-02-10 0:53 ` Linus Torvalds
2015-02-10 9:30 ` Raghavendra K T
2015-02-10 9:30 ` Raghavendra K T
2015-02-10 9:30 ` Raghavendra K T
2015-02-10 13:18 ` Denys Vlasenko
2015-02-10 13:18 ` Denys Vlasenko
2015-02-10 13:18 ` Denys Vlasenko
2015-02-10 13:18 ` Denys Vlasenko
2015-02-10 13:20 ` Denys Vlasenko
2015-02-10 13:20 ` Denys Vlasenko
2015-02-10 13:20 ` Denys Vlasenko
2015-02-10 13:20 ` Denys Vlasenko
2015-02-10 14:24 ` Oleg Nesterov
2015-02-10 14:24 ` Oleg Nesterov
2015-02-10 14:24 ` Oleg Nesterov
2015-02-10 14:24 ` Oleg Nesterov
2015-02-10 13:23 ` Sasha Levin
2015-02-10 13:23 ` Sasha Levin
2015-02-10 13:23 ` Sasha Levin
2015-02-10 13:26 ` Oleg Nesterov
2015-02-10 13:26 ` Oleg Nesterov
2015-02-10 13:26 ` Oleg Nesterov
2015-02-11 1:18 ` Jeremy Fitzhardinge
2015-02-11 1:18 ` Jeremy Fitzhardinge
2015-02-11 1:18 ` Jeremy Fitzhardinge
2015-02-11 1:18 ` Jeremy Fitzhardinge
2015-02-11 17:24 ` Oleg Nesterov
2015-02-11 17:24 ` Oleg Nesterov
2015-02-11 17:24 ` Oleg Nesterov
2015-02-11 17:24 ` Oleg Nesterov
2015-02-11 23:15 ` Jeremy Fitzhardinge
2015-02-11 23:15 ` Jeremy Fitzhardinge
2015-02-11 23:28 ` Linus Torvalds
2015-02-12 7:08 ` Jeremy Fitzhardinge
2015-02-12 7:08 ` Jeremy Fitzhardinge
2015-02-11 23:28 ` Linus Torvalds
2015-02-12 14:18 ` Oleg Nesterov
2015-02-12 14:18 ` Oleg Nesterov
2015-02-12 14:18 ` Oleg Nesterov
2015-02-12 14:18 ` Oleg Nesterov
2015-02-11 23:15 ` Jeremy Fitzhardinge
2015-02-11 23:15 ` Jeremy Fitzhardinge
2015-02-11 11:08 ` Raghavendra K T
2015-02-11 11:08 ` Raghavendra K T
2015-02-11 11:08 ` Raghavendra K T
2015-02-11 17:38 ` Oleg Nesterov
2015-02-11 17:38 ` Oleg Nesterov
2015-02-11 17:38 ` Oleg Nesterov
2015-02-11 18:38 ` Raghavendra K T
2015-02-11 18:38 ` Raghavendra K T
2015-02-11 18:38 ` Raghavendra K T
2015-02-11 18:38 ` Raghavendra K T
2015-02-11 11:08 ` Raghavendra K T
-- strict thread matches above, loose matches on Subject: below --
2015-02-06 14:49 Raghavendra K T
2015-02-06 14:49 Raghavendra K T
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54D4DBA1.1030905@oracle.com \
--to=sasha.levin@oracle.com \
--cc=a.ryabinin@samsung.com \
--cc=ak@linux.intel.com \
--cc=akpm@linux-foundation.org \
--cc=borntraeger@de.ibm.com \
--cc=davej@redhat.com \
--cc=hpa@zytor.com \
--cc=jeremy@goop.org \
--cc=konrad.wilk@oracle.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@redhat.com \
--cc=oleg@redhat.com \
--cc=paul.gortmaker@windriver.com \
--cc=paulmck@linux.vnet.ibm.com \
--cc=pbonzini@redhat.com \
--cc=peterz@infradead.org \
--cc=raghavendra.kt@linux.vnet.ibm.com \
--cc=riel@redhat.com \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
--cc=virtualization@lists.linux-foundation.org \
--cc=waiman.long@hp.com \
--cc=x86@kernel.org \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.