From mboxrd@z Thu Jan 1 00:00:00 1970 From: Cornelia Huck Subject: [PATCH v2 1/5] KVM: eventfd: Fix lock order inversion. Date: Mon, 17 Mar 2014 19:11:35 +0100 Message-ID: <1395079899-29239-2-git-send-email-cornelia.huck@de.ibm.com> References: <1395079899-29239-1-git-send-email-cornelia.huck@de.ibm.com> Cc: borntraeger@de.ibm.com, agraf@suse.de, pbonzini@redhat.com, gleb@kernel.org, Cornelia Huck To: kvm@vger.kernel.org, linux-s390@vger.kernel.org, qemu-devel@nongnu.org Return-path: Received: from e06smtp12.uk.ibm.com ([195.75.94.108]:38451 "EHLO e06smtp12.uk.ibm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755233AbaCQSLt (ORCPT ); Mon, 17 Mar 2014 14:11:49 -0400 Received: from /spool/local by e06smtp12.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Mon, 17 Mar 2014 18:11:48 -0000 In-Reply-To: <1395079899-29239-1-git-send-email-cornelia.huck@de.ibm.com> Sender: kvm-owner@vger.kernel.org List-ID: When registering a new irqfd, we call its ->poll method to collect any event that might have previously been pending so that we can trigger it. This is done under the kvm->irqfds.lock, which means the eventfd's ctx lock is taken under it. However, if we get a POLLHUP in irqfd_wakeup, we will be called with the ctx lock held before getting the irqfds.lock to deactivate the irqfd, causing lockdep to complain. Calling the ->poll method does not really need the irqfds.lock, so let's just move it after we've given up the irqfds.lock in kvm_irqfd_assign(). Signed-off-by: Cornelia Huck --- virt/kvm/eventfd.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/virt/kvm/eventfd.c b/virt/kvm/eventfd.c index abe4d60..29c2a04 100644 --- a/virt/kvm/eventfd.c +++ b/virt/kvm/eventfd.c @@ -391,19 +391,19 @@ kvm_irqfd_assign(struct kvm *kvm, struct kvm_irqfd *args) lockdep_is_held(&kvm->irqfds.lock)); irqfd_update(kvm, irqfd, irq_rt); - events = f.file->f_op->poll(f.file, &irqfd->pt); - list_add_tail(&irqfd->list, &kvm->irqfds.items); + spin_unlock_irq(&kvm->irqfds.lock); + /* * Check if there was an event already pending on the eventfd * before we registered, and trigger it as if we didn't miss it. */ + events = f.file->f_op->poll(f.file, &irqfd->pt); + if (events & POLLIN) schedule_work(&irqfd->inject); - spin_unlock_irq(&kvm->irqfds.lock); - /* * do not drop the file until the irqfd is fully initialized, otherwise * we might race against the POLLHUP -- 1.7.9.5