[Qemu-devel] [PATCH] s390x/kvm: Fix potential deadlock in sigp handling

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Christian Borntraeger <borntraeger@de.ibm.com>
To: Paolo Bonzini <pbonzini@redhat.com>
Cc: Cornelia Huck <cornelia.huck@de.ibm.com>,
	qemu-devel <qemu-devel@nongnu.org>,
	KVM list <kvm@vger.kernel.org>,
	Christian Borntraeger <borntraeger@de.ibm.com>
Subject: [Qemu-devel] [PATCH] s390x/kvm: Fix potential deadlock in sigp handling
Date: Tue, 20 Sep 2016 13:57:51 +0200	[thread overview]
Message-ID: <1474372671-21695-1-git-send-email-borntraeger@de.ibm.com> (raw)
In-Reply-To: <c9438426-1f1e-c6eb-9b90-79a6b62e537a@redhat.com>

FYI, unless I find a better alternative,  I plan to go with this patch.
------snip------
[PATCH] s390x/kvm: Fix potential deadlock in sigp handling

If two VCPUs exit at the same time and target each other
with a sigp, both could run into a deadlock as run_on_cpu
on CPU0 will free the BQL when starting the CPU1 target routine.
CPU1 will run its sigp initiater for CPU0 before handling
the run_on_cpu requests, thus resulting in a dead lock.

As all qemu SIGPs are slow path anway we can use a big sigp
lock and allow only one SIGP for the guest at a time. We will
return condition code 2 (BUSY) on contention to the guest.

Reported-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Christian Borntraeger <borntraeger@de.ibm.com>
Reviewed-by: Cornelia Huck <cornelia.huck@de.ibm.com>
---
 target-s390x/kvm.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/target-s390x/kvm.c b/target-s390x/kvm.c
index f348745..a9fa831 100644
--- a/target-s390x/kvm.c
+++ b/target-s390x/kvm.c
@@ -133,6 +133,8 @@ const KVMCapabilityInfo kvm_arch_required_capabilities[] = {
     KVM_CAP_LAST_INFO
 };
 
+static QemuMutex qemu_sigp_mutex;
+
 static int cap_sync_regs;
 static int cap_async_pf;
 static int cap_mem_op;
@@ -358,6 +360,8 @@ int kvm_arch_init(MachineState *ms, KVMState *s)
         rc = compat_disable_facilities(s, fac_mask, ARRAY_SIZE(fac_mask));
     }
 
+    qemu_mutex_init(&qemu_sigp_mutex);
+
     return rc;
 }
 
@@ -1845,6 +1849,11 @@ static int handle_sigp(S390CPU *cpu, struct kvm_run *run, uint8_t ipa1)
     status_reg = &env->regs[r1];
     param = (r1 % 2) ? env->regs[r1] : env->regs[r1 + 1];
 
+    if (qemu_mutex_trylock(&qemu_sigp_mutex)) {
+        ret = SIGP_CC_BUSY;
+        goto out;
+    }
+
     switch (order) {
     case SIGP_SET_ARCH:
         ret = sigp_set_architecture(cpu, param, status_reg);
@@ -1854,7 +1863,9 @@ static int handle_sigp(S390CPU *cpu, struct kvm_run *run, uint8_t ipa1)
         dst_cpu = s390_cpu_addr2state(env->regs[r3]);
         ret = handle_sigp_single_dst(dst_cpu, order, param, status_reg);
     }
+    qemu_mutex_unlock(&qemu_sigp_mutex);
 
+out:
     trace_kvm_sigp_finished(order, CPU(cpu)->cpu_index,
                             dst_cpu ? CPU(dst_cpu)->cpu_index : -1, ret);
 
-- 
2.5.5

     prev parent reply	other threads:[~2016-09-20 11:57 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-09-12 16:44 [Qemu-devel] [s390] possible deadlock in handle_sigp? Paolo Bonzini
2016-09-12 17:37 ` Christian Borntraeger
2016-09-12 18:03   ` Paolo Bonzini
2016-09-13 13:06     ` Christian Borntraeger
2016-09-15 19:21       ` David Hildenbrand
2016-09-15 20:50         ` Paolo Bonzini
2016-09-19  8:15         ` Christian Borntraeger
2016-09-19 11:25           ` David Hildenbrand
2016-09-19 11:45             ` Christian Borntraeger
2016-09-20 11:57 ` Christian Borntraeger [this message]

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:f348745 dfblob:a9fa831 )
 OR (
bs:"[Qemu-devel] [PATCH] s390x/kvm: Fix potential deadlock in sigp handling" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1474372671-21695-1-git-send-email-borntraeger@de.ibm.com \
    --to=borntraeger@de.ibm.com \
    --cc=cornelia.huck@de.ibm.com \
    --cc=kvm@vger.kernel.org \
    --cc=pbonzini@redhat.com \
    --cc=qemu-devel@nongnu.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).