From mboxrd@z Thu Jan  1 00:00:00 1970
From: David Vrabel <david.vrabel@citrix.com>
Subject: Re: [PATCH v2 1/1] evtchn: make EVTCHNOP_reset suitable
	for kexec
Date: Wed, 30 Jul 2014 15:03:56 +0100
Message-ID: <53D8FB4C.8060309@citrix.com>
References: <1406726810-2557-1-git-send-email-vkuznets@redhat.com>
	<1406726810-2557-2-git-send-email-vkuznets@redhat.com>
	<53D8F635.3070601@citrix.com>
	<53D914E10200007800027AB6@mail.emea.novell.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
Received: from mail6.bemta5.messagelabs.com ([195.245.231.135])
	by lists.xen.org with esmtp (Exim 4.72)
	(envelope-from <david.vrabel@citrix.com>) id 1XCUU6-0007ya-V1
	for xen-devel@lists.xenproject.org; Wed, 30 Jul 2014 14:04:03 +0000
In-Reply-To: <53D914E10200007800027AB6@mail.emea.novell.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: Jan Beulich <JBeulich@suse.com>, xen-devel@lists.xenproject.org, Vitaly Kuznetsov <vkuznets@redhat.com>
Cc: Andrew Cooper <andrew.cooper3@citrix.com>, Andrew Jones <drjones@redhat.com>, Ian Campbell <Ian.Campbell@citrix.com>
List-Id: xen-devel@lists.xenproject.org

On 30/07/14 14:53, Jan Beulich wrote:
>>>> On 30.07.14 at 15:42, <david.vrabel@citrix.com> wrote:
>> On 30/07/14 14:26, Vitaly Kuznetsov wrote:
>>> --- a/xen/common/event_channel.c
>>> +++ b/xen/common/event_channel.c
>>> @@ -957,6 +957,17 @@ static long evtchn_reset(evtchn_reset_t *r)
>>>      for ( i = 0; port_is_valid(d, i); i++ )
>>>          (void)__evtchn_close(d, i);
>>>  
>>> +    if ( (d == current->domain) && d->evtchn_fifo )
>>> +    {
>>> +        /*
>>> +         * Guest domain called EVTCHNOP_reset with DOMID_SELF, destroying
>>> +         * FIFO event array and control blocks, resetting evtchn_port_ops to
>>> +         * evtchn_port_ops_2l.
>>> +         */
>>> +        evtchn_fifo_destroy(d);
>>> +        evtchn_2l_init(d);
>>
>> You need to take d->event_lock around this if, or the guest could try to
>> bind another event whilst the ABI is in an inconsistent state.
> 
> True, but then not just around this. Subsequent to any of the
> __evtchn_close() invocations above, a port could also get
> re-used (resulting in at least leaks). So I guess after taking the
> lock there would also need to be a loop checking that all ports
> are still closed (and return an error if they aren't).

I considered this but I think the only side effect would be losing a
pending event, and it would be sufficient to document that guests should
not bind events while calling EVTCHNOP_reset.

David