From: "Daniel P. Berrangé" <berrange@redhat.com>
To: "Marc-André Lureau" <marcandre.lureau@gmail.com>
Cc: "Markus Armbruster" <armbru@redhat.com>,
"Dr. David Alan Gilbert" <dgilbert@redhat.com>,
qemu-devel@nongnu.org, "Beraldo Leal" <bleal@redhat.com>,
"Eric Blake" <eblake@redhat.com>, "Stefan Weil" <sw@weilnetz.de>,
"Alex Bennée" <alex.bennee@linaro.org>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Laurent Vivier" <lvivier@redhat.com>,
"Gerd Hoffmann" <kraxel@redhat.com>,
"Michael Roth" <michael.roth@amd.com>,
"Philippe Mathieu-Daudé" <philmd@linaro.org>,
"Thomas Huth" <thuth@redhat.com>,
"Wainer dos Santos Moschetta" <wainersm@redhat.com>
Subject: Re: [PATCH v3 06/10] monitor: release the lock before calling close()
Date: Tue, 14 Feb 2023 13:49:07 +0000 [thread overview]
Message-ID: <Y+uRUyP/xTn6neMk@redhat.com> (raw)
In-Reply-To: <CAJ+F1CL45o4Ro=0TGZU2yOK2nz9OfMX1jCFRKfDxZfXzRbdoRg@mail.gmail.com>
On Tue, Feb 14, 2023 at 05:36:32PM +0400, Marc-André Lureau wrote:
> Hi
>
> On Tue, Feb 14, 2023 at 5:34 PM Markus Armbruster <armbru@redhat.com> wrote:
> >
> > marcandre.lureau@redhat.com writes:
> >
> > > From: Marc-André Lureau <marcandre.lureau@redhat.com>
> > >
> > > As per comment, presumably to avoid syscall in critical section.
> > >
> > > Fixes: 0210c3b39bef08 ("monitor: Use LOCK_GUARD macros")
> > > Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
> > > ---
> > > monitor/fds.c | 4 +++-
> > > 1 file changed, 3 insertions(+), 1 deletion(-)
> > >
> > > diff --git a/monitor/fds.c b/monitor/fds.c
> > > index 26b39a0ce6..03c5e97c35 100644
> > > --- a/monitor/fds.c
> > > +++ b/monitor/fds.c
> > > @@ -80,7 +80,7 @@ void qmp_getfd(const char *fdname, Error **errp)
> > > return;
> > > }
> > >
> > > - QEMU_LOCK_GUARD(&cur_mon->mon_lock);
> > > + qemu_mutex_lock(&cur_mon->mon_lock);
> > > QLIST_FOREACH(monfd, &cur_mon->fds, next) {
> > > if (strcmp(monfd->name, fdname) != 0) {
> > > continue;
> > > @@ -88,6 +88,7 @@ void qmp_getfd(const char *fdname, Error **errp)
> > >
> > > tmp_fd = monfd->fd;
> > > monfd->fd = fd;
> > > + qemu_mutex_unlock(&cur_mon->mon_lock);
> > > /* Make sure close() is outside critical section */
> > > close(tmp_fd);
> > > return;
> > > @@ -98,6 +99,7 @@ void qmp_getfd(const char *fdname, Error **errp)
> > > monfd->fd = fd;
> > >
> > > QLIST_INSERT_HEAD(&cur_mon->fds, monfd, next);
> > > + qemu_mutex_unlock(&cur_mon->mon_lock);
> > > }
> > >
> > > void qmp_closefd(const char *fdname, Error **errp)
> >
> > This confused me. I think I understand now, but let's double-check.
> >
> > You're reverting commit 0210c3b39bef08 for qmp_getfd() because it
> > extended the criticial section beyond the close(), invalidating the
> > comment. Correct?
>
> Correct
>
> > Did it actually break anything?
>
> Not that I know of (David admitted over IRC that this was not intended)
Conceptually the only risk here is that 'close()' blocks for a
prolonged period of time, which prevents another thread from
acquiring the mutex.
First, the chances of close() blocking are incredibly low for
socket FDs which have not yet been used to transmit data. It
would require a malicious mgmt app to pass an unexpected FD
type that could block but that's quite hard, and we consider
the QMP client be a trusted entity anyway.
As for another thread blocking on the mutex I'm not convinced
that'll happen either. The FD set is scoped to the current
monitor. Almost certainly the FD is going to be consumed by
a later QMP device-add/object-add command, in the same thread.
Processing of that later QMP command will be delayed regardless
of whether the close is inside or outside the critical section.
AFAICT keeping close() oujtside the critical section serves
no purpose and we could just stick with the lock guard and
delete the comment.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2023-02-14 13:50 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-02-07 14:25 [PATCH v3 00/10] Teach 'getfd' QMP command to import win32 sockets marcandre.lureau
2023-02-07 14:25 ` [PATCH v3 01/10] tests: fix path separator, use g_build_filename() marcandre.lureau
2023-02-07 14:25 ` [PATCH v3 02/10] char: do not double-close fd when failing to add client marcandre.lureau
2023-02-07 14:43 ` Thomas Huth
2023-02-07 14:25 ` [PATCH v3 03/10] tests/docker: fix a win32 error due to portability marcandre.lureau
2023-02-27 12:11 ` Alex Bennée
2023-02-07 14:25 ` [PATCH v3 04/10] osdep: implement qemu_socketpair() for win32 marcandre.lureau
2023-02-07 14:25 ` [PATCH v3 05/10] qmp: 'add_client' actually expects sockets marcandre.lureau
2023-02-14 13:25 ` Markus Armbruster
2023-02-07 14:25 ` [PATCH v3 06/10] monitor: release the lock before calling close() marcandre.lureau
2023-02-07 14:52 ` Philippe Mathieu-Daudé
2023-02-14 13:33 ` Markus Armbruster
2023-02-14 13:36 ` Marc-André Lureau
2023-02-14 13:49 ` Daniel P. Berrangé [this message]
2023-02-14 16:23 ` Markus Armbruster
2023-02-14 16:55 ` Peter Xu
2023-02-28 18:51 ` Dr. David Alan Gilbert
2023-03-02 9:34 ` Alex Bennée
2023-03-06 15:29 ` Markus Armbruster
2023-03-06 15:35 ` Markus Armbruster
2023-02-07 14:25 ` [PATCH v3 07/10] qapi: implement conditional command arguments marcandre.lureau
2023-02-09 12:41 ` Markus Armbruster
2023-02-12 20:59 ` Marc-André Lureau
2023-02-17 8:28 ` Markus Armbruster
2023-02-18 10:45 ` Marc-André Lureau
2023-02-20 8:09 ` Markus Armbruster
2023-02-22 8:05 ` Marc-André Lureau
2023-02-22 10:23 ` Markus Armbruster
2023-02-22 10:29 ` Marc-André Lureau
2023-02-27 11:22 ` Marc-André Lureau
2023-02-28 15:58 ` Eric Blake
2023-03-01 9:24 ` Daniel P. Berrangé
2023-03-01 13:16 ` Markus Armbruster
2023-03-01 13:21 ` Marc-André Lureau
2023-03-02 6:58 ` Markus Armbruster
2023-03-02 9:31 ` Daniel P. Berrangé
2023-03-02 11:09 ` Markus Armbruster
2023-03-02 13:30 ` Markus Armbruster
2023-02-28 15:54 ` Eric Blake
2023-02-28 19:16 ` Marc-André Lureau
2023-02-07 14:25 ` [PATCH v3 08/10] qmp: teach 'getfd' to import sockets on win32 marcandre.lureau
2023-02-07 14:50 ` Philippe Mathieu-Daudé
2023-02-07 14:54 ` Daniel P. Berrangé
2023-02-08 7:28 ` Marc-André Lureau
2023-02-17 9:48 ` Markus Armbruster
2023-02-18 10:15 ` Marc-André Lureau
2023-02-20 8:26 ` Markus Armbruster
2023-02-20 9:30 ` Daniel P. Berrangé
2023-02-20 9:52 ` Marc-André Lureau
2023-02-20 10:50 ` Markus Armbruster
2023-02-07 14:25 ` [PATCH v3 09/10] libqtest: make qtest_qmp_add_client work " marcandre.lureau
2023-02-07 14:50 ` Philippe Mathieu-Daudé
2023-02-07 14:25 ` [PATCH v3 10/10] qtest: enable vnc-display test " marcandre.lureau
2023-02-07 14:37 ` Philippe Mathieu-Daudé
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y+uRUyP/xTn6neMk@redhat.com \
--to=berrange@redhat.com \
--cc=alex.bennee@linaro.org \
--cc=armbru@redhat.com \
--cc=bleal@redhat.com \
--cc=dgilbert@redhat.com \
--cc=eblake@redhat.com \
--cc=kraxel@redhat.com \
--cc=lvivier@redhat.com \
--cc=marcandre.lureau@gmail.com \
--cc=michael.roth@amd.com \
--cc=pbonzini@redhat.com \
--cc=philmd@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=sw@weilnetz.de \
--cc=thuth@redhat.com \
--cc=wainersm@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).