From mboxrd@z Thu Jan  1 00:00:00 1970
From: Avi Kivity <avi@qumranet.com>
Subject: Re: [patch 2/2] KVM: close timer injection race window in __vcpu_run
Date: Sun, 08 Jun 2008 10:17:15 +0300
Message-ID: <484B877B.1080108@qumranet.com>
References: <20080606193734.495417169@localhost.localdomain> <20080606194010.961258871@localhost.localdomain>
Mime-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: Chris Wright <chrisw@redhat.com>, kvm@vger.kernel.org
To: Marcelo Tosatti <mtosatti@redhat.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from il.qumranet.com ([212.179.150.194]:48852 "EHLO il.qumranet.com"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1753800AbYFHHRQ (ORCPT <rfc822;kvm@vger.kernel.org>);
	Sun, 8 Jun 2008 03:17:16 -0400
In-Reply-To: <20080606194010.961258871@localhost.localdomain>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

Marcelo Tosatti wrote:
> If a timer fires after kvm_inject_pending_timer_irqs() but before
> local_irq_disable() the code will enter guest mode and only inject such
> timer interrupt the next time an unrelated event causes an exit.
>
> It would be simpler if the timer->pending irq conversion could be done
> with IRQ's disabled, so that the above problem cannot happen.
>
> For now introduce a new vcpu requests bit to cancel guest entry.
>
> Signed-off-by: Marcelo Tosatti <mtosatti@redhat.com>
>
>   

Applied this too.

> Index: kvm/arch/x86/kvm/i8254.c
> ===================================================================
> --- kvm.orig/arch/x86/kvm/i8254.c
> +++ kvm/arch/x86/kvm/i8254.c
> @@ -200,9 +200,12 @@ static int __pit_timer_fn(struct kvm_kpi
>  
>  	atomic_inc(&pt->pending);
>  	smp_mb__after_atomic_inc();
> -	if (vcpu0 && waitqueue_active(&vcpu0->wq)) {
> -		vcpu0->arch.mp_state = KVM_MP_STATE_RUNNABLE;
> -		wake_up_interruptible(&vcpu0->wq);
> +	if (vcpu0) {
> +		set_bit(KVM_REQ_PENDING_TIMER, &vcpu0->requests);
> +		if (waitqueue_active(&vcpu0->wq)) {
> +			vcpu0->arch.mp_state = KVM_MP_STATE_RUNNABLE;
> +			wake_up_interruptible(&vcpu0->wq);
> +		}
>  	}
>  
>   

We probably ought to wakeup only if pt->pending was zero, no?

-- 
error compiling committee.c: too many arguments to function