Xen project Mailing List

Re: [PATCH v4 02/11] vpci: cancel pending map/unmap on vpci removal

To: Oleksandr Andrushchenko <Oleksandr_Andrushchenko@xxxxxxxx>

Date: Tue, 16 Nov 2021 12:38:59 +0100

Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=suse.com; dmarc=pass action=none header.from=suse.com; dkim=pass header.d=suse.com; arc=none

Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=QJKE5vr/D4gfhGfldimFjSOhdHdidhHHc1z1RpUaYaY=; b=TFN9snr/kSEK4JmqT7SvW73/JezDYPqYG5rB45Y1DfH4LKdgf4sgh0qxQGBuOuEHVnJ2XWgtfHV76PsFKQzuBJGThwmgDTwxaaXFpHqV5MF5uc85KjEWt3lGSX2eoikzR5xH5wYuL6LKFkvnnIigHHq/Qud+nL7w8dv3rDV8Hy/35a+QkTVQqOWzbxLdWF+q8Id4UhLqaCg52hFQ1ZVQwqmEgb2FxRsD434kWjtM4a8NjzEwM7IGJVNAlo6MQ8KvUjDutVQQowpN1FN5ZLbTtRXZm4eEx+w3BJcfSsKBZ2NYg4tXl+PoQbieXFApALL9JYLkvLG0qJOqL2pTfMjMaA==

Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=IIX3+W8W9f7iQF05Oigg6Ufpy/ayG1JevCakwf5VH3NYY2ZGDW2BuxFHNtEdXw3oE5B3ZEPpHEKmH4pvu+pswK3jk+tLNBn+yc9z4VwO1BwQaMWWbs8ulIPg2sPJGlz4Zuwidx9d/pI2GQ12ClbXDSiD2wRN/qyHnnwF4o1JCzMUzCH5Z80KlIoAay6dkY4p3rH9O+6u9Z0nm1bf3T9gG3uVqRwEmYwKkBPSESzJadg7aZB4Pqlrj0jjG6A9qt192nnWxXI+UvBcYix2ISuZtQdZWIJw3aIrm5n07m2p8tXpdDMDz9bj+DHBpdT0Bl991m7BqQgVsMVeK2d7sBfGVA==

Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=suse.com;

Cc: "julien@xxxxxxx" <julien@xxxxxxx>, "sstabellini@xxxxxxxxxx" <sstabellini@xxxxxxxxxx>, Oleksandr Tyshchenko <Oleksandr_Tyshchenko@xxxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Artem Mygaiev <Artem_Mygaiev@xxxxxxxx>, "roger.pau@xxxxxxxxxx" <roger.pau@xxxxxxxxxx>, "andrew.cooper3@xxxxxxxxxx" <andrew.cooper3@xxxxxxxxxx>, "george.dunlap@xxxxxxxxxx" <george.dunlap@xxxxxxxxxx>, "paul@xxxxxxx" <paul@xxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Rahul Singh <rahul.singh@xxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>

Delivery-date: Tue, 16 Nov 2021 11:39:13 +0000

List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On 16.11.2021 09:23, Oleksandr Andrushchenko wrote: > > > On 16.11.21 10:01, Jan Beulich wrote: >> On 16.11.2021 08:32, Oleksandr Andrushchenko wrote: >>> On 15.11.21 18:56, Jan Beulich wrote: >>>> On 05.11.2021 07:56, Oleksandr Andrushchenko wrote: >>>>> @@ -165,6 +164,18 @@ bool vpci_process_pending(struct vcpu *v) >>>>> return false; >>>>> } >>>>> >>>>> +void vpci_cancel_pending(const struct pci_dev *pdev) >>>>> +{ >>>>> + struct vcpu *v = current; >>>>> + >>>>> + /* Cancel any pending work now. */ >>>> Doesn't "any" include pending work on all vCPU-s of the guest, not >>>> just current? Is current even relevant (as in: part of the correct >>>> domain), considering ... >>>> >>>>> --- a/xen/drivers/vpci/vpci.c >>>>> +++ b/xen/drivers/vpci/vpci.c >>>>> @@ -51,6 +51,8 @@ void vpci_remove_device(struct pci_dev *pdev) >>>>> xfree(r); >>>>> } >>>>> spin_unlock(&pdev->vpci->lock); >>>>> + >>>>> + vpci_cancel_pending(pdev); >>>> ... this code path, when coming here from pci_{add,remove}_device()? >>>> >>>> I can agree that there's a problem here, but I think you need to >>>> properly (i.e. in a race free manner) drain pending work. >>> Yes, the code is inconsistent with this respect. I am thinking about: >>> >>> void vpci_cancel_pending(const struct pci_dev *pdev) >>> { >>> struct domain *d = pdev->domain; >>> struct vcpu *v; >>> >>> /* Cancel any pending work now. */ >>> domain_lock(d); >>> for_each_vcpu ( d, v ) >>> { >>> vcpu_pause(v); >>> if ( v->vpci.mem && v->vpci.pdev == pdev) >> Nit: Same style issue as in the original patch. > Will fix >> >>> { >>> rangeset_destroy(v->vpci.mem); >>> v->vpci.mem = NULL; >>> } >>> vcpu_unpause(v); >>> } >>> domain_unlock(d); >>> } >>> >>> which seems to solve all the concerns. Is this what you mean? >> Something along these lines. I expect you will want to make use of >> domain_pause_except_self(), > Yes, this is what is needed here, thanks. The only question is that > > int domain_pause_except_self(struct domain *d) > { > [snip] > /* Avoid racing with other vcpus which may want to be pausing us */ > if ( !spin_trylock(&d->hypercall_deadlock_mutex) ) > return -ERESTART; > > so it is not clear what do we do in case of -ERESTART: do we want to spin? > Otherwise we will leave the job not done effectively not canceling the > pending work. Any idea other then spinning? Depends on the call chain you come through. There may need to be some rearrangements such that you may be able to preempt the enclosing hypercall. Jan

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.