[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH] xen/arm: avoid vtimer flip-flop transition in context switch

  • To: <xen-devel@xxxxxxxxxxxxxxxxxxxx>
  • From: Wei Chen <wei.chen@xxxxxxx>
  • Date: Wed, 15 Jun 2022 09:39:09 +0800
  • Arc-authentication-results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 63.35.35.123) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com; arc=pass (0 oda=1 ltdi=1 spf=[1,1,smtp.mailfrom=arm.com] dmarc=[1,1,header.from=arm.com])
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 40.67.248.234) smtp.rcpttodomain=lists.xenproject.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=none (message not signed); arc=none
  • Arc-message-signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=eVHM+ZSTPQplj51mDH4GF5q/liVjrtXDoFS+oFNMT8s=; b=gJoqHcoc67E1gW8XmRBbqXfFHIJm9wkHUbLp38lM9UGht3Y9pmGhCmp28oQawBWq3QMPIpcRlm5oUkMiee5wFGpPenhVoP6sDpdAcDnBPdQzdLPZ6zgExcpAqos6R2LNckwfHYpihcIFGOldLd5uhx5VhYxQ4orNhSx2jpOErWRAh/Jp1GW/TmE8Kc8yuDrOb7d2b21DFK4RhCqOkzOSTYbNsrtqlpEPAff4GoLT49kQ41fg/x4YIHtxbMR+07LdbZuXRZA6JLvAJdhDiBx25O8ybiyTsOx6BLhgW0aeeRdgiHBWstY8f/oI3VuL8TzPLhxEBxg1lU7Ao+JuOhQc6Q==
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=eVHM+ZSTPQplj51mDH4GF5q/liVjrtXDoFS+oFNMT8s=; b=Yl5IE10H/55w/fwBRjwarZNZAejktNx+Tz8sQ9qcK28FXRulOsx5qLOQG+3rpV2k5fapCQ3HHGXvR7NbGTvaGL9Khelmw4cGEmdP5wfqay9yVsFsQynD6JsY9fvjJ6tXP40U8rVFrinEffu8JJGG9kNLFeXIp5scSwkY9EdXsIHOZOEXwk7MVN7vG8RlXQcjigKirIliNwy3WsEMAu5mfzfotUTktKo5LmPS3VnQFBHnfW7HXcFOiWzK3NyfxFfZtcxHsyYSNaxmY5bn+fC5T+W0B2tF8dajCmrgkSXK7JLJTzpI2uyiTYbLkDyEaDJODy9ckuZumqeTvHFE9MTuDg==
  • Arc-seal: i=2; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=pass; b=QjvTfJMsay8g6lB2ozoWUEc3WoTDegZtr8pSpkqAMKTi22MVwnq4LscPxuuhj5GjZ45Z+5Hx392xU5hp6PJbS5QbNLqCw+xl1A3vn2kiZdzaytcfWgENJp49DAUP/X5BaiR81SvuZLiFcRT4Fpr22smH9Hju76GzJHoo1U0Dnihi2nDLrYBIQHlc1KEo2coy7s1n6fsGp9Olf6vMhE3lkZ8FHs1vcZ8RiWeJRT/JA5N5xDxU7qSntcu9u0q3Frooor12b6TU4W7wWs4QUoR7aFSN9TxsIuK0965QPOdSRbtR7D9Oxyw1R3/di3geCDzgJ1HRp3yZdxOj5lEGh7dXlA==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=GySrC5+LOSc1cCzWphaPkAEyEuXj2+srzQxNFAQH/SokJnua3+Yp/GPil8fyk9310YmN1MllglnrClwkA3ZCqkpg20VqIvVO5ChI8ekvCjYaLFWOYhIKzL9v8Kx1Mj4P0Tj+Ia2jEuYJUDRuQyrOcKVeEEfuL7b8QnJE3dcYbwsfbM6/2M9uBMavYVMVz+KPc0AfS4koypMp/GOgcChlQSlUyJzHvKgc8gwPldsGJ9pz7WMbln/5lVrvJqQW4c+5lftMYZIDzqlSdDPN5VatpUZ9dkmsZaBv8I3R0iRDCxmyxL8rKB7GeMzEPBXBXYrEW0WMgcdyK+BIvpcqHqEsMw==
  • Cc: <nd@xxxxxxx>, Wei Chen <wei.chen@xxxxxxx>, Stefano Stabellini <sstabellini@xxxxxxxxxx>, Julien Grall <julien@xxxxxxx>, Bertrand Marquis <bertrand.marquis@xxxxxxx>, Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
  • Delivery-date: Wed, 15 Jun 2022 01:40:06 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Nodisclaimer: true
virt_vtimer_save is calculating the new time for the vtimer and
has a potential risk of timer flip in:
"v->arch.virt_timer.cval + v->domain->arch.virt_timer_base.offset
- boot_count".
In this formula, "cval + offset" could make uint64_t overflow.
Generally speaking, this is difficult to trigger. But unfortunately
the problem was encountered with a platform where the timer started
with a very huge initial value, like 0xF333899122223333. On this
platform cval + offset is overflowing after running for a while.

So in this patch, we adjust the formula to use "offset - boot_count"
first, and then use the result to plus cval. This will avoid the
uint64_t overflow.

Signed-off-by: Wei Chen <wei.chen@xxxxxxx>
---
 xen/arch/arm/vtimer.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/xen/arch/arm/vtimer.c b/xen/arch/arm/vtimer.c
index 5bb5970f58..86e63303c8 100644
--- a/xen/arch/arm/vtimer.c
+++ b/xen/arch/arm/vtimer.c
@@ -144,8 +144,9 @@ void virt_timer_save(struct vcpu *v)
     if ( (v->arch.virt_timer.ctl & CNTx_CTL_ENABLE) &&
          !(v->arch.virt_timer.ctl & CNTx_CTL_MASK))
     {
-        set_timer(&v->arch.virt_timer.timer, 
ticks_to_ns(v->arch.virt_timer.cval +
-                  v->domain->arch.virt_timer_base.offset - boot_count));
+        set_timer(&v->arch.virt_timer.timer,
+                  ticks_to_ns(v->domain->arch.virt_timer_base.offset -
+                              boot_count + v->arch.virt_timer.cval));
     }
 }
 
-- 
2.25.1

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.