[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH V2] common/vm_event: synchronize vCPU state in vm_event_resume()

To: Jan Beulich <JBeulich@xxxxxxxx>
From: Tamas K Lengyel <tamas@xxxxxxxxxxxxx>
Date: Wed, 10 Aug 2016 08:44:30 -0600
Cc: Razvan Cojocaru <rcojocaru@xxxxxxxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxx>
Delivery-date: Wed, 10 Aug 2016 14:45:04 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Aug 10, 2016 05:52, "Jan Beulich" <JBeulich@xxxxxxxx> wrote:
>
> >>> On 10.08.16 at 12:55, <rcojocaru@xxxxxxxxxxxxxxx> wrote:
> > On 08/10/2016 01:12 PM, Jan Beulich wrote:
> >>>>> On 10.08.16 at 09:35, <rcojocaru@xxxxxxxxxxxxxxx> wrote:
> >>> --- a/xen/common/vm_event.c
> >>> +++ b/xen/common/vm_event.c
> >>> @@ -388,6 +388,13 @@ void vm_event_resume(struct domain *d, struct
> > vm_event_domain *ved)
> >>> v = d->vcpu[rsp.vcpu_id];
> >>>
> >>> /*
> >>> + * Make sure the vCPU state has been synchronized for the custom
> >>> + * handlers.
> >>> + */
> >>> + if ( atomic_read(&v->vm_event_pause_count) )
> >>> + sync_vcpu_execstate(v);
> >>
> >> It seems to me that the latest with this change using a simple
> >> atomic_t won't suffice anymore - you'd now really need to
> >> make sure the user mode tools can't resume that vCPU behind
> >> your back, which aiui can only be achieved by using a suitable
> >> lock (perhaps a read/write one if reading the pause count is
> >> more common than updating it).
> >
> > I'm not sure how that would happen, vm_event_vcpu_pause() increments
> > v->vm_event_pause_count, and then calls vcpu_pause_nosync(v), which then
> > increments it's own counter.
> >
> > So there doesn't seem to be a possibility of v->vm_event_pause_count
> > being > 0 while the vCPU is unpaused, and there should also be no
> > possibility that vm_event_resume() and vm_event_pause() could happen on
> > the same vCPU at the same time.
>
> Here you say "should", which is exactly what worries me: Is it
> technically possible or not? If it is, there is the potential for a
> race (with a buggy or malicious user mode tool). If there isn't,
> calling out what it is that guarantees that in the commit
> message (or even a code comment) would be much appreciated.
>

The vm_event pause count is only decremented with vm_event responses. We only have one ring and one consumer of the ring, so even if you have multiple responses placed on the ring only on gets processed at any time.

Tamas

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

References:
- [Xen-devel] [PATCH V2] common/vm_event: synchronize vCPU state in vm_event_resume()
  - From: Razvan Cojocaru
- Re: [Xen-devel] [PATCH V2] common/vm_event: synchronize vCPU state in vm_event_resume()
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH V2] common/vm_event: synchronize vCPU state in vm_event_resume()
  - From: Razvan Cojocaru
- Re: [Xen-devel] [PATCH V2] common/vm_event: synchronize vCPU state in vm_event_resume()
  - From: Jan Beulich

Prev by Date: Re: [Xen-devel] [PATCH 1/2] x86/vmx: dump MSR load area
Next by Date: Re: [Xen-devel] [PATCH v2 01/25] arm/altp2m: Add first altp2m HVMOP stubs.
Previous by thread: Re: [Xen-devel] [PATCH V2] common/vm_event: synchronize vCPU state in vm_event_resume()
Next by thread: [Xen-devel] xl dump-core fails, j!=nr_pages
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.