From: Marcelo Tosatti <mtosatti@redhat.com>
To: "Yang, Sheng" <sheng.yang@intel.com>
Cc: "kvm@vger.kernel.org" <kvm@vger.kernel.org>,
Avi Kivity <avi@redhat.com>, Chris Wright <chrisw@redhat.com>
Subject: Re: KVM: protect assigned dev workqueue, int handler and irq acker
Date: Fri, 27 Feb 2009 14:54:31 -0300 [thread overview]
Message-ID: <20090227175431.GA10839@amt.cnet> (raw)
In-Reply-To: <200902271217.01918.sheng.yang@intel.com>
On Fri, Feb 27, 2009 at 12:17:01PM +0800, Yang, Sheng wrote:
> On Friday 27 February 2009 07:50:54 Marcelo Tosatti wrote:
> > Can someone with HW test this please?
>
> Good catch! The patch works fine on my side.
>
> Can it be a per-device lock? One big lock for all assigned device seems
> restrict scalability.
Since all state is per-device, yes.
Can you please review, test and ack the patch below?
Thanks.
> > -----
> >
> > kvm_assigned_dev_ack_irq is vulnerable to a race condition with the
> > interrupt handler function. It does:
> >
> > if (dev->host_irq_disabled) {
> > enable_irq(dev->host_irq);
> > dev->host_irq_disabled = false;
> > }
> >
> > If an interrupt triggers before the host->dev_irq_disabled assignment,
> > it will disable the interrupt and set dev->host_irq_disabled to true.
> >
> > On return to kvm_assigned_dev_ack_irq, dev->host_irq_disabled is set to
> > false, and the next kvm_assigned_dev_ack_irq call will fail to reenable
> > it.
> >
> > Other than that, having the interrupt handler and work handlers run in
> > parallel sounds like asking for trouble (could not spot any obvious
> > problem, but better not have to, its fragile).
>
> Well, my original purpose is a FIFO between interrupt handler and work(for
> MSI-X), but seems too complex... And I also don't see any problem for now...
>
> --
> regards
> Yang, Sheng
diff --git a/include/linux/kvm_host.h b/include/linux/kvm_host.h
index 3832243..16bf60b 100644
--- a/include/linux/kvm_host.h
+++ b/include/linux/kvm_host.h
@@ -349,6 +349,7 @@ struct kvm_assigned_dev_kernel {
int flags;
struct pci_dev *dev;
struct kvm *kvm;
+ spinlock_t assigned_dev_lock;
};
struct kvm_irq_mask_notifier {
diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
index 4d2be16..b7d060f 100644
--- a/virt/kvm/kvm_main.c
+++ b/virt/kvm/kvm_main.c
@@ -41,6 +41,7 @@
#include <linux/pagemap.h>
#include <linux/mman.h>
#include <linux/swap.h>
+#include <linux/spinlock.h>
#include <asm/processor.h>
#include <asm/io.h>
@@ -132,6 +133,7 @@ static void kvm_assigned_dev_interrupt_work_handler(struct work_struct *work)
* finer-grained lock, update this
*/
mutex_lock(&kvm->lock);
+ spin_lock_irq(&assigned_dev->assigned_dev_lock);
if (assigned_dev->irq_requested_type & KVM_ASSIGNED_DEV_MSIX) {
struct kvm_guest_msix_entry *guest_entries =
assigned_dev->guest_msix_entries;
@@ -158,18 +160,21 @@ static void kvm_assigned_dev_interrupt_work_handler(struct work_struct *work)
}
}
+ spin_unlock_irq(&assigned_dev->assigned_dev_lock);
mutex_unlock(&assigned_dev->kvm->lock);
}
static irqreturn_t kvm_assigned_dev_intr(int irq, void *dev_id)
{
+ unsigned long flags;
struct kvm_assigned_dev_kernel *assigned_dev =
(struct kvm_assigned_dev_kernel *) dev_id;
+ spin_lock_irqsave(&assigned_dev->assigned_dev_lock, flags);
if (assigned_dev->irq_requested_type == KVM_ASSIGNED_DEV_MSIX) {
int index = find_index_from_host_irq(assigned_dev, irq);
if (index < 0)
- return IRQ_HANDLED;
+ goto out;
assigned_dev->guest_msix_entries[index].flags |=
KVM_ASSIGNED_MSIX_PENDING;
}
@@ -179,6 +184,8 @@ static irqreturn_t kvm_assigned_dev_intr(int irq, void *dev_id)
disable_irq_nosync(irq);
assigned_dev->host_irq_disabled = true;
+out:
+ spin_unlock_irqrestore(&assigned_dev->assigned_dev_lock, flags);
return IRQ_HANDLED;
}
@@ -186,6 +193,7 @@ static irqreturn_t kvm_assigned_dev_intr(int irq, void *dev_id)
static void kvm_assigned_dev_ack_irq(struct kvm_irq_ack_notifier *kian)
{
struct kvm_assigned_dev_kernel *dev;
+ unsigned long flags;
if (kian->gsi == -1)
return;
@@ -198,10 +206,12 @@ static void kvm_assigned_dev_ack_irq(struct kvm_irq_ack_notifier *kian)
/* The guest irq may be shared so this ack may be
* from another device.
*/
+ spin_lock_irqsave(&dev->assigned_dev_lock, flags);
if (dev->host_irq_disabled) {
enable_irq(dev->host_irq);
dev->host_irq_disabled = false;
}
+ spin_unlock_irqrestore(&dev->assigned_dev_lock, flags);
}
/* The function implicit hold kvm->lock mutex due to cancel_work_sync() */
@@ -604,6 +614,7 @@ static int kvm_vm_ioctl_assign_device(struct kvm *kvm,
match->dev = dev;
match->irq_source_id = -1;
match->kvm = kvm;
+ spin_lock_init(&match->assigned_dev_lock);
list_add(&match->list, &kvm->arch.assigned_dev_head);
next prev parent reply other threads:[~2009-02-27 17:55 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-02-26 23:50 KVM: protect assigned dev workqueue, int handler and irq acker Marcelo Tosatti
2009-02-27 4:17 ` Yang, Sheng
2009-02-27 17:54 ` Marcelo Tosatti [this message]
2009-03-02 7:01 ` Yang, Sheng
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20090227175431.GA10839@amt.cnet \
--to=mtosatti@redhat.com \
--cc=avi@redhat.com \
--cc=chrisw@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=sheng.yang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox