|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH v2] xsplice: Don't perform multiple operations on same payload once work is scheduled.
On Fri, Apr 29, 2016 at 05:42:35AM -0400, Konrad Rzeszutek Wilk wrote: > Currently it is possible to: > > 1) xc_xsplice_apply() > \-> xsplice_action > spin_lock(payload_lock) > \- schedule_work() > spin_unlock(payload_lock); > > 2) xc_xsplice_unload() > \-> xsplice_action > spin_lock(payload_lock) > free_payload(data); > spin_unlock(payload_lock); > > .. all CPUs are quiesced. > > 3) check_for_xsplice_work() > \-> apply_payload > \-> arch_xsplice_apply_jmp > BOOM > > The reason is that state is in 'CHECKED' which changes to 'APPLIED' > once check_for_xsplice_work finishes. So we have a race between 1) -> 3) > where one can manipulate the payload. > > To guard against this we add a check in xsplice_action to not allow > any actions if schedule_work has been called for this specific payload. > > The function 'is_work_scheduled' checks xsplice_work which is safe as: > - The ->do_work changes to 1 under the payload_lock (which we also hold). > - The ->do_work changes to 0 when all CPUs are quisced and IRQs have > been disabled. > > Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@xxxxxxxxxx> > Reported-and-Tested-by: Roger Pau Monné <roger.pau@xxxxxxxxxx> > Reviewed-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> Release-acked-by: Wei Liu <wei.liu2@xxxxxxxxxx> _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |