From: George Dunlap <George.Dunlap@eu.citrix.com>
To: Andres Lagar-Cavilla <andres@lagarcavilla.org>
Cc: olaf@aepfle.de, xen-devel@lists.xensource.com,
andres@gridcentric.ca, tim@xen.org, keir.xen@gmail.com,
adin@gridcentric.ca
Subject: Re: [PATCH 1 of 6] The PoD code may split a 1GB superpage in a potentially unlocked way
Date: Tue, 15 Nov 2011 15:39:59 +0000 [thread overview]
Message-ID: <CAFLBxZYJuXAkdr=8eJM8eHEki5x+x2qz1vga4eQx-msD+VZXxw@mail.gmail.com> (raw)
In-Reply-To: <d9a344a5c1e375befd24.1321307322@xdev.gridcentric.ca>
(Including xen-devel in my reply...)
On Mon, Nov 14, 2011 at 9:48 PM, Andres Lagar-Cavilla
<andres@lagarcavilla.org> wrote:
> xen/arch/x86/mm/p2m-pod.c | 1 -
> xen/arch/x86/mm/p2m-pt.c | 9 ++++++---
> 2 files changed, 6 insertions(+), 4 deletions(-)
>
>
> The path p2m-lookup -> p2m-pt->get_entry -> 1GB PoD superpage ->
> pod_demand_populate ends in the pod code performing a p2m_set_entry with
> no locks held (in order to split the 1GB superpage into 512 2MB ones)
>
> Further, it calls p2m_unlock after that, which will break the spinlock.
Yeah, not sure how this got to be the way it did... good catch.
Acked-by: George Dunlap <george.dunlap@eu.citrix.com>
>
> This patch attempts to fix that.
>
> Signed-off-by: Andres Lagar-Cavilla <andres@lagarcavilla.org>
>
> diff -r 0844b17df7a9 -r d9a344a5c1e3 xen/arch/x86/mm/p2m-pod.c
> --- a/xen/arch/x86/mm/p2m-pod.c
> +++ b/xen/arch/x86/mm/p2m-pod.c
> @@ -987,7 +987,6 @@ p2m_pod_demand_populate(struct p2m_domai
> set_p2m_entry(p2m, gfn_aligned, _mfn(0), PAGE_ORDER_2M,
> p2m_populate_on_demand, p2m->default_access);
> audit_p2m(p2m, 1);
> - p2m_unlock(p2m);
> return 0;
> }
>
> diff -r 0844b17df7a9 -r d9a344a5c1e3 xen/arch/x86/mm/p2m-pt.c
> --- a/xen/arch/x86/mm/p2m-pt.c
> +++ b/xen/arch/x86/mm/p2m-pt.c
> @@ -542,10 +542,11 @@ pod_retry_l3:
> /* The read has succeeded, so we know that mapping exists */
> if ( q != p2m_query )
> {
> - if ( !p2m_pod_demand_populate(p2m, gfn, PAGE_ORDER_1G, q) )
> + if ( !p2m_pod_check_and_populate(p2m, gfn,
> + (l1_pgentry_t *) &l3e, PAGE_ORDER_1G, q) )
> goto pod_retry_l3;
> p2mt = p2m_invalid;
> - printk("%s: Allocate 1GB failed!\n", __func__);
> + gdprintk(XENLOG_ERR, "%s: Allocate 1GB failed!\n", __func__);
> goto out;
> }
> else
> @@ -743,8 +744,10 @@ pod_retry_l3:
> {
> if ( q != p2m_query )
> {
> - if ( !p2m_pod_demand_populate(p2m, gfn, PAGE_ORDER_1G, q) )
> + if ( !p2m_pod_check_and_populate(p2m, gfn,
> + (l1_pgentry_t *) l3e, PAGE_ORDER_1G, q) )
> goto pod_retry_l3;
> + gdprintk(XENLOG_ERR, "%s: Allocate 1GB failed!\n", __func__);
> }
> else
> *t = p2m_populate_on_demand;
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xensource.com
> http://lists.xensource.com/xen-devel
>
next prev parent reply other threads:[~2011-11-15 15:39 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-11-14 21:48 [PATCH 0 of 6] P2M various fixes Andres Lagar-Cavilla
2011-11-14 21:48 ` [PATCH 1 of 6] The PoD code may split a 1GB superpage in a potentially unlocked way Andres Lagar-Cavilla
2011-11-15 15:39 ` George Dunlap [this message]
2011-11-14 21:48 ` [PATCH 2 of 6] Fix handling of m2p map in set_shared_p2m_entry Andres Lagar-Cavilla
2011-11-14 21:48 ` [PATCH 3 of 6] Make HAP log dirty disable return the correct rc Andres Lagar-Cavilla
2011-11-15 10:33 ` George Dunlap
2011-11-14 21:48 ` [PATCH 4 of 6] When passing no bitmap for the shadow log dirty bitmap clean up, we should not get EFAULT Andres Lagar-Cavilla
2011-11-14 21:48 ` [PATCH 5 of 6] Rework stale p2m auditing Andres Lagar-Cavilla
2011-11-15 12:14 ` George Dunlap
2011-11-15 15:38 ` Andres Lagar-Cavilla
2011-11-24 15:30 ` Tim Deegan
2011-11-24 16:21 ` Andres Lagar-Cavilla
2011-11-24 16:26 ` Tim Deegan
2011-11-14 21:48 ` [PATCH 6 of 6] Add libxc wrapper for p2m audit domctl Andres Lagar-Cavilla
2011-11-24 15:32 ` [PATCH 0 of 6] P2M various fixes Tim Deegan
2011-11-24 15:55 ` Andres Lagar-Cavilla
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAFLBxZYJuXAkdr=8eJM8eHEki5x+x2qz1vga4eQx-msD+VZXxw@mail.gmail.com' \
--to=george.dunlap@eu.citrix.com \
--cc=adin@gridcentric.ca \
--cc=andres@gridcentric.ca \
--cc=andres@lagarcavilla.org \
--cc=keir.xen@gmail.com \
--cc=olaf@aepfle.de \
--cc=tim@xen.org \
--cc=xen-devel@lists.xensource.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).