From: Sean Christopherson <seanjc@google.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: Vitaly Kuznetsov <vkuznets@redhat.com>,
Wanpeng Li <wanpengli@tencent.com>,
Jim Mattson <jmattson@google.com>, Joerg Roedel <joro@8bytes.org>,
kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
David Woodhouse <dwmw@amazon.co.uk>,
Mingwei Zhang <mizhang@google.com>,
Maxim Levitsky <mlevitsk@redhat.com>
Subject: Re: [PATCH v2 6/8] KVM: Fix multiple races in gfn=>pfn cache refresh
Date: Fri, 20 May 2022 14:59:17 +0000 [thread overview]
Message-ID: <YoesxTEUsdlCLgtb@google.com> (raw)
In-Reply-To: <035a5300-27e1-e212-1ed7-0449e9d20615@redhat.com>
On Fri, May 20, 2022, Paolo Bonzini wrote:
> On 4/27/22 03:40, Sean Christopherson wrote:
> > + * Wait for mn_active_invalidate_count, not mmu_notifier_count,
> > + * to go away, as the invalidation in the mmu_notifier event
> > + * occurs_before_ mmu_notifier_count is elevated.
> > + *
> > + * Note, mn_active_invalidate_count can change at any time as
> > + * it's not protected by gpc->lock. But, it is guaranteed to
> > + * be elevated before the mmu_notifier acquires gpc->lock, and
> > + * isn't dropped until after mmu_notifier_seq is updated. So,
> > + * this task may get a false positive of sorts, i.e. see an
> > + * elevated count and wait even though it's technically safe to
> > + * proceed (becase the mmu_notifier will invalidate the cache
> > + *_after_ it's refreshed here), but the cache will never be
> > + * refreshed with stale data, i.e. won't get false negatives.
>
> I am all for lavish comments, but I think this is even too detailed.
Yeah, the false positive/negative stuff is probably overkill.
> What about:
>
> /*
> * mn_active_invalidate_count acts for all intents and purposes
> * like mmu_notifier_count here; but we cannot use the latter
> * because the invalidation in the mmu_notifier event occurs
> * _before_ mmu_notifier_count is elevated.
Looks good, though I'd prefer to avoid the "we", and explicitly call out that its
the invalidation of the caches.
/*
* mn_active_invalidate_count acts for all intents and purposes
* like mmu_notifier_count here; but the latter cannot be used
* here because the invalidation of caches in the mmu_notifier
* event occurs _before_ mmu_notifier_count is elevated.
*
* Note, it does not matter that mn_active_invalidate_count
* is not protected by gpc->lock. It is guaranteed to
* be elevated before the mmu_notifier acquires gpc->lock, and
* isn't dropped until after mmu_notifier_seq is updated.
*/
Also, you'll definitely want to look at v3 of this series. I'm 99% certain I didn't
change the comment though :-)
https://lore.kernel.org/all/20220429210025.3293691-1-seanjc@google.com
next prev parent reply other threads:[~2022-05-20 14:59 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-27 1:39 [PATCH v2 0/8] KVM: Fix mmu_notifier vs. pfncache vs. pfncache races Sean Christopherson
2022-04-27 1:39 ` [PATCH v2 1/8] Revert "KVM: Do not speculatively mark pfn cache valid to "fix" race" Sean Christopherson
2022-04-27 1:39 ` [PATCH v2 2/8] Revert "KVM: Fix race between mmu_notifier invalidation and pfncache refresh" Sean Christopherson
2022-04-27 1:39 ` [PATCH v2 3/8] KVM: Drop unused @gpa param from gfn=>pfn cache's __release_gpc() helper Sean Christopherson
2022-04-27 1:40 ` [PATCH v2 4/8] KVM: Put the extra pfn reference when reusing a pfn in the gpc cache Sean Christopherson
2022-04-27 1:40 ` [PATCH v2 5/8] KVM: Do not incorporate page offset into gfn=>pfn cache user address Sean Christopherson
2022-04-27 1:40 ` [PATCH v2 6/8] KVM: Fix multiple races in gfn=>pfn cache refresh Sean Christopherson
2022-04-27 14:10 ` Sean Christopherson
2022-04-28 3:39 ` Lai Jiangshan
2022-04-28 14:33 ` Sean Christopherson
2022-05-20 14:49 ` Paolo Bonzini
2022-05-20 14:58 ` Paolo Bonzini
2022-05-20 15:02 ` Sean Christopherson
2022-05-20 14:59 ` Sean Christopherson [this message]
2024-08-05 11:04 ` David Woodhouse
2024-08-05 11:08 ` [PATCH] KVM: Move gfn_to_pfn_cache invalidation to invalidate_range_end hook David Woodhouse
2024-08-06 0:45 ` Sean Christopherson
2024-08-06 9:06 ` David Woodhouse
2024-08-06 14:03 ` Sean Christopherson
2024-08-06 14:24 ` David Woodhouse
2024-08-06 15:57 ` Sean Christopherson
2024-08-06 16:40 ` David Woodhouse
2024-08-22 9:00 ` David Woodhouse
2022-04-27 1:40 ` [PATCH v2 7/8] KVM: Do not pin pages tracked by gfn=>pfn caches Sean Christopherson
2022-04-27 1:40 ` [PATCH v2 8/8] DO NOT MERGE: Hack-a-test to verify gpc invalidation+refresh Sean Christopherson
2022-04-27 15:17 ` David Woodhouse
2022-04-27 20:23 ` Sean Christopherson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YoesxTEUsdlCLgtb@google.com \
--to=seanjc@google.com \
--cc=dwmw@amazon.co.uk \
--cc=jmattson@google.com \
--cc=joro@8bytes.org \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mizhang@google.com \
--cc=mlevitsk@redhat.com \
--cc=pbonzini@redhat.com \
--cc=vkuznets@redhat.com \
--cc=wanpengli@tencent.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.