[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [RESEND][PATCH] xen/arm: sched: Ensure the vCPU context is seen before vcpu_pause() returns

  • To: Julien Grall <julien@xxxxxxx>
  • From: Bertrand Marquis <Bertrand.Marquis@xxxxxxx>
  • Date: Wed, 23 Sep 2020 13:53:07 +0000
  • Accept-language: en-GB, en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=arm.com; dmarc=pass action=none header.from=arm.com; dkim=pass header.d=arm.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=//vJF8G1yOodS8pPdwUnTlQxO9P8XGazngby0jS6XsE=; b=JBSEmEgWAascfMzN/En9E6HGoewxZ+AlQ5gTzw+9KxIlDnoSeEX7bpzVdtMCiwwH/3vKZE75t0YObUuLPisiLeWAfBmM2whcAhmLRzeSb5R/9JKN6QmM7ercTLowx244oWC5/KZVngYMT3lUr9fg9q+xyB3oTRm/MANzD4QkuTdutPbkVGy2PFzBWbgE4oSS50Gcm1EVJk8j8LPxH80E1+XPe03D6nn33welAxk8dwD9HTV/6Qge8FkszYwwi9Nd6VnVzpeg8e55F4CCiZrj5VWGZVt+/q25qCwzItk8WK09EUwqbAj08s7HJHZ42loXPPz2o27HC5hIJwoJ0zD6gA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=oOJdK6tEj1CYZ35OI1qBoT+cvg1C9AvhLrRcL0OSu0kAXoJJZE93dyXYXVp5epLde96gnGElUS9kvn5djdXk0gmaiUXTHI8U8G4tNhDplZl8HxdaWwy8QlLjth/nz6N4D3bC/ngodXLTF/LiDPhfR8pJBmovqIU4ROBk6nwC/kwDdWdm9L4glumnqUJZSV+2KNnyKldiRtNAB2Gmgu1appoIFn6lFoJlQC6h9hFwaQtaZ4uQ5NVuBf2YC88it9F3H2s1Xz6ZeG6SGSADA6kwR4pNsPOTdX4OFv+PDwGpAd0ZmxER58QoYKPXaOnHr1m8vTWQ8bAL4Z5B8NhC/d3z3w==
  • Authentication-results-original: xen.org; dkim=none (message not signed) header.d=none;xen.org; dmarc=none action=none header.from=arm.com;
  • Cc: "open list:X86" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Julien Grall <jgrall@xxxxxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Dario Faggioli <dfaggioli@xxxxxxxx>
  • Delivery-date: Wed, 23 Sep 2020 13:53:20 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Nodisclaimer: true
  • Original-authentication-results: xen.org; dkim=none (message not signed) header.d=none;xen.org; dmarc=none action=none header.from=arm.com;
  • Thread-index: AQHWkRb3YbUANCat5069iZiL+rQxOal2P42A
  • Thread-topic: [RESEND][PATCH] xen/arm: sched: Ensure the vCPU context is seen before vcpu_pause() returns
Hi,

> On 22 Sep 2020, at 20:31, Julien Grall <julien@xxxxxxx> wrote:
> 
> From: Julien Grall <jgrall@xxxxxxxxxx>
> 
> Some callers of vcpu_pause() will expect to access the latest vcpu
> context when the function returns (see XENDOMCTL_{set,get}vcpucontext}.
> 
> However, the latest vCPU context can only be observed after
> v->is_running has been observed to be false.
> 
> As there is no memory barrier instruction generated, a processor could
> try to speculatively access the vCPU context before it was observed.
> 
> To prevent the corruption of the vCPU context, we need to insert a
> memory barrier instruction after v->is_running is observed and before
> the context is accessed. This barrier is added in sync_vcpu_execstate()
> as it seems to be the place where we expect the synchronization to
> happen.
> 
> Signed-off-by: Julien Grall <jgrall@xxxxxxxxxx>
Reviewed-by: Bertrand Marquis <bertrand.marquis@xxxxxxx>

Cheers
Bertrand

> 
> ---
> 
> Cc: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
> Cc: Jan Beulich <jbeulich@xxxxxxxx>
> Cc: George Dunlap <george.dunlap@xxxxxxxxxx>
> Cc: Dario Faggioli <dfaggioli@xxxxxxxx>
> Cc: Bertrand Marquis <Bertrand.Marquis@xxxxxxx>
> 
> I am also adding the x86 and scheduler maintainers because I am not sure
> whether this barrier should be part of the common code instead.
> ---
> xen/arch/arm/domain.c | 15 ++++++++++++++-
> 1 file changed, 14 insertions(+), 1 deletion(-)
> 
> diff --git a/xen/arch/arm/domain.c b/xen/arch/arm/domain.c
> index 9258f6d3faa2..3b37f899b9da 100644
> --- a/xen/arch/arm/domain.c
> +++ b/xen/arch/arm/domain.c
> @@ -371,7 +371,20 @@ void sync_local_execstate(void)
> 
> void sync_vcpu_execstate(struct vcpu *v)
> {
> -    /* Nothing to do -- no lazy switching */
> +    /*
> +     * We don't support lazy switching.
> +     *
> +     * However the context may have been saved from a remote pCPU so we
> +     * need a barrier to ensure it is observed before continuing.
> +     *
> +     * Per vcpu_context_saved(), the context can be observed when
> +     * v->is_running is false (the caller should check it before calling
> +     * this function).
> +     *
> +     * Note this is a full barrier to also prevent update of the context
> +     * to happen before it was observed.
> +     */
> +    smp_mb();
> }
> 
> #define NEXT_ARG(fmt, args)                                                 \
> -- 
> 2.17.1
>

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.