[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH RFC 9/9] AMD/IOMMU: correct IRTE updating



>>> On 18.06.19 at 15:28, <andrew.cooper3@xxxxxxxxxx> wrote:
> On 13/06/2019 14:28, Jan Beulich wrote:
>> While for 32-bit IRTEs I think we can safely continue to assume that the
>> writes will translate to a single MOV, the use of CMPXCHG16B is more
>> heavy handed than necessary for the 128-bit form, and the flushing
>> didn't get done along the lines of what the specification says. Mark
>> entries to be updated as not remapped (which will result in interrupt
>> requests to get target aborted, but the interrupts should be masked
>> anyway at that point in time), issue the flush, and only then write the
>> new entry. In the 128-bit IRTE case set RemapEn separately last, to that
>> the ordering of the writes of the two 64-bit halves won't matter.
>>
>> In update_intremap_entry_from_msi_msg() also fold the duplicate initial
>> lock determination and acquire into just a single instance.
>>
>> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
> 
> Looking at this patch, I think quite a bit of it should be folded into
> patch 4.

Not that much - the changes to update_intremap_entry()
could go there, and then of course the on change to
iov_supports_xt(). But that's about it - the rest isn't specific to
handling of 128-bit IRTEs, and hence wouldn't belong there.

What could be discussed is moving the change here towards the
start of the series, ahead of the ones playing with how IRTEs
get updated. I've put it last for now because (a) I've added it
last, after the CMPXCHG16B approach was already tested and
(b) because of its RFC status (I don't want it to block the rest of
the series).

>  However, my review suggestions on that patch take precedent
> over the net result here.

Sure - let's settle on the least bad variant of that one first. I did
already reply there.

>> ---
>> RFC: Putting the flush invocations in loops isn't overly nice, but I
>>      don't think this can really be abused, since callers up the stack
>>      hold further locks. Nevertheless I'd like to ask for better
>>      suggestions.
> 
> Lets focus on getting it functioning first, and fast second.

My remark wasn't about this being slow, but the theoretical risk of
this allowing for a DoS attack.

>  However, I
> think we can do better than the loop.  Let me dig some notes out.

Thanks much,
Jan



_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxx
https://lists.xenproject.org/mailman/listinfo/xen-devel

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.