[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v8 02/13] vpci: use per-domain PCI lock to protect vpci structure

  • To: Roger Pau Monné <roger.pau@xxxxxxxxxx>
  • From: Volodymyr Babchuk <Volodymyr_Babchuk@xxxxxxxx>
  • Date: Thu, 27 Jul 2023 00:56:54 +0000
  • Accept-language: en-US
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=epam.com; dmarc=pass action=none header.from=epam.com; dkim=pass header.d=epam.com; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=4zvYSg9XZJzXH2On3TfL2LgzVK+msbqdA11xLOM0gLQ=; b=Dn5OAMsfTe3V3wYcAgLqZ7NHH1n/bW+1y0QMdndmGZrZwXw9gCW94NWU8cNptUZdzrzQSqVlkULP+dY7OScK4iIRXkEKWV5Ns80hT0E24g/4FfF56CP4xb12sUZAdgy0d4BePqRYE2gQnOq3KMFUVqyGdiuv10iDOCbRQm/e0b2dlI5m0nxP14fSXagm9eHA5Ms018hZucb7GzYLhZOPSgYJaRn4Vntag4TXiZbrHwvwwnho4CcPcnXdAKUMTh7yhfN6voJ6qaS1t8+VQhCjVKOg0rvppSMD24wKVPWw7MxGLNKA/9rmVOEHC9/gy+sMevcffkvvuumtX/y3pT6P7w==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=BChNfXacez+hg2QbzLtDisznDXr3obN5xDPQzc8MQd4OXIW9iwgoEcDvh6CTqgS5RCoZmmuvfO/lR2V5y7cG8edk1jD5Twy4aNBj08JvSNfcNPUtMaOg8esKl3aRjhulnsmcRqclGy8+pz132eGgxTnF9HdJutWMNWtUR7ZgFHoM4TLcdhfVk0M3Bsd8Sq+1TlZYm0bsecvGnGZnF3QVur3uxvemA/GZrnwipL2G2OZJdIi6EXGfAB7d8Fa0+PV+46OF116nacx7LuqdjBWtAX3CAJHGjLUQnk9mpFZz/altfof1P8waDEEF24MhBT+NMognKPNv9rmaU3h2RxkvfQ==
  • Cc: "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Oleksandr Andrushchenko <Oleksandr_Andrushchenko@xxxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>
  • Delivery-date: Thu, 27 Jul 2023 00:57:23 +0000
  • List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
  • Thread-index: AQHZuqGrLMJPz1ipBEu4urExXp8yi6/CgxUAgAWEoICAA8vwgIAA+VsA
  • Thread-topic: [PATCH v8 02/13] vpci: use per-domain PCI lock to protect vpci structure
Hi Roger,

Roger Pau Monné <roger.pau@xxxxxxxxxx> writes:

> On Wed, Jul 26, 2023 at 01:17:58AM +0000, Volodymyr Babchuk wrote:
>> 
>> Hi Roger,
>> 
>> Roger Pau Monné <roger.pau@xxxxxxxxxx> writes:
>> 
>> > On Thu, Jul 20, 2023 at 12:32:31AM +0000, Volodymyr Babchuk wrote:
>> >> From: Oleksandr Andrushchenko <oleksandr_andrushchenko@xxxxxxxx>
>> >> @@ -498,6 +537,7 @@ void vpci_write(pci_sbdf_t sbdf, unsigned int reg, 
>> >> unsigned int size,
>> >>          ASSERT(data_offset < size);
>> >>      }
>> >>      spin_unlock(&pdev->vpci->lock);
>> >> +    unlock_locks(d);
>> >
>> > There's one issue here, some handlers will cal pcidevs_lock(), which
>> > will result in a lock over inversion, as in the previous patch we
>> > agreed that the locking order was pcidevs_lock first, d->pci_lock
>> > after.
>> >
>> > For example the MSI control_write() handler will call
>> > vpci_msi_arch_enable() which takes the pcidevs lock.  I think I will
>> > have to look into using a dedicated lock for MSI related handling, as
>> > that's the only place where I think we have this pattern of taking the
>> > pcidevs_lock after the d->pci_lock.
>> 
>> I'll mention this in the commit message. Is there something else that I
>> should do right now?
>
> Well, I don't think we want to commit this as-is with a known lock
> inversion.
>
> The functions that require the pcidevs lock are:
>
> pt_irq_{create,destroy}_bind()
> unmap_domain_pirq()
>
> AFAICT those functions require the lock in order to assert that the
> underlying device doesn't go away, as they do also use d->event_lock
> in order to get exclusive access to the data fields.  Please double
> check that I'm not mistaken.

You are right, all three function does not access any of PCI state
directly. However...

> If that's accurate you will have to check the call tree that spawns
> from those functions in order to modify the asserts to check for
> either the pcidevs or the per-domain pci_list lock being taken.

... I checked calls for PT_IRQ_TYPE_MSI case, there is only call that
bothers me: hvm_pi_update_irte(), which calls IO-MMU code via
vmx_pi_update_irte():

amd_iommu_msi_msg_update_ire() or msi_msg_write_remap_rte().

Both functions read basic pdev fields like sbfd or type. I see no
problem there, as values of those fields are not supposed to be changed.
Also those function use own locks to protect shared state. But as IO-MMU
code is quite convoluted it is hard to be sure that it is safe to call
those functions without holding pdevs_lock. All I can say is that those
functions and their callees have no ASSERT(pcidevs_locked()).

-- 
WBR, Volodymyr

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.