* [PATCH v2] xen/pvcalls: don't call bind_evtchn_to_irqhandler() under lock
@ 2023-04-03 9:27 Juergen Gross
2023-04-04 15:36 ` Oleksandr Tyshchenko
2023-04-07 22:08 ` Stefano Stabellini
0 siblings, 2 replies; 3+ messages in thread
From: Juergen Gross @ 2023-04-03 9:27 UTC (permalink / raw
To: linux-kernel
Cc: Juergen Gross, Stefano Stabellini, Oleksandr Tyshchenko,
xen-devel, Dan Carpenter
bind_evtchn_to_irqhandler() shouldn't be called under spinlock, as it
can sleep.
This requires to move the calls of create_active() out of the locked
regions. This is no problem, as the worst which could happen would be
a spurious call of the interrupt handler, causing a spurious wake_up().
Reported-by: Dan Carpenter <error27@gmail.com>
Link: https://lore.kernel.org/lkml/Y+JUIl64UDmdkboh@kadam/
Signed-off-by: Juergen Gross <jgross@suse.com>
---
V2:
- remove stale spin_unlock() (Oleksandr Tyshchenko)
---
drivers/xen/pvcalls-front.c | 46 +++++++++++++++++++++----------------
1 file changed, 26 insertions(+), 20 deletions(-)
diff --git a/drivers/xen/pvcalls-front.c b/drivers/xen/pvcalls-front.c
index d5d589bda243..b72ee9379d77 100644
--- a/drivers/xen/pvcalls-front.c
+++ b/drivers/xen/pvcalls-front.c
@@ -227,22 +227,30 @@ static irqreturn_t pvcalls_front_event_handler(int irq, void *dev_id)
static void free_active_ring(struct sock_mapping *map);
-static void pvcalls_front_free_map(struct pvcalls_bedata *bedata,
- struct sock_mapping *map)
+static void pvcalls_front_destroy_active(struct pvcalls_bedata *bedata,
+ struct sock_mapping *map)
{
int i;
unbind_from_irqhandler(map->active.irq, map);
- spin_lock(&bedata->socket_lock);
- if (!list_empty(&map->list))
- list_del_init(&map->list);
- spin_unlock(&bedata->socket_lock);
+ if (bedata) {
+ spin_lock(&bedata->socket_lock);
+ if (!list_empty(&map->list))
+ list_del_init(&map->list);
+ spin_unlock(&bedata->socket_lock);
+ }
for (i = 0; i < (1 << PVCALLS_RING_ORDER); i++)
gnttab_end_foreign_access(map->active.ring->ref[i], NULL);
gnttab_end_foreign_access(map->active.ref, NULL);
free_active_ring(map);
+}
+
+static void pvcalls_front_free_map(struct pvcalls_bedata *bedata,
+ struct sock_mapping *map)
+{
+ pvcalls_front_destroy_active(bedata, map);
kfree(map);
}
@@ -433,19 +441,18 @@ int pvcalls_front_connect(struct socket *sock, struct sockaddr *addr,
pvcalls_exit_sock(sock);
return ret;
}
-
- spin_lock(&bedata->socket_lock);
- ret = get_request(bedata, &req_id);
+ ret = create_active(map, &evtchn);
if (ret < 0) {
- spin_unlock(&bedata->socket_lock);
free_active_ring(map);
pvcalls_exit_sock(sock);
return ret;
}
- ret = create_active(map, &evtchn);
+
+ spin_lock(&bedata->socket_lock);
+ ret = get_request(bedata, &req_id);
if (ret < 0) {
spin_unlock(&bedata->socket_lock);
- free_active_ring(map);
+ pvcalls_front_destroy_active(NULL, map);
pvcalls_exit_sock(sock);
return ret;
}
@@ -821,28 +828,27 @@ int pvcalls_front_accept(struct socket *sock, struct socket *newsock, int flags)
pvcalls_exit_sock(sock);
return ret;
}
- spin_lock(&bedata->socket_lock);
- ret = get_request(bedata, &req_id);
+ ret = create_active(map2, &evtchn);
if (ret < 0) {
- clear_bit(PVCALLS_FLAG_ACCEPT_INFLIGHT,
- (void *)&map->passive.flags);
- spin_unlock(&bedata->socket_lock);
free_active_ring(map2);
kfree(map2);
+ clear_bit(PVCALLS_FLAG_ACCEPT_INFLIGHT,
+ (void *)&map->passive.flags);
pvcalls_exit_sock(sock);
return ret;
}
- ret = create_active(map2, &evtchn);
+ spin_lock(&bedata->socket_lock);
+ ret = get_request(bedata, &req_id);
if (ret < 0) {
- free_active_ring(map2);
- kfree(map2);
clear_bit(PVCALLS_FLAG_ACCEPT_INFLIGHT,
(void *)&map->passive.flags);
spin_unlock(&bedata->socket_lock);
+ pvcalls_front_free_map(bedata, map2);
pvcalls_exit_sock(sock);
return ret;
}
+
list_add_tail(&map2->list, &bedata->socket_mappings);
req = RING_GET_REQUEST(&bedata->ring, req_id);
--
2.35.3
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH v2] xen/pvcalls: don't call bind_evtchn_to_irqhandler() under lock
2023-04-03 9:27 [PATCH v2] xen/pvcalls: don't call bind_evtchn_to_irqhandler() under lock Juergen Gross
@ 2023-04-04 15:36 ` Oleksandr Tyshchenko
2023-04-07 22:08 ` Stefano Stabellini
1 sibling, 0 replies; 3+ messages in thread
From: Oleksandr Tyshchenko @ 2023-04-04 15:36 UTC (permalink / raw
To: Juergen Gross
Cc: Stefano Stabellini, xen-devel@lists.xenproject.org, Dan Carpenter,
linux-kernel@vger.kernel.org
On 03.04.23 12:27, Juergen Gross wrote:
Hello Juergen
> bind_evtchn_to_irqhandler() shouldn't be called under spinlock, as it
> can sleep.
>
> This requires to move the calls of create_active() out of the locked
> regions. This is no problem, as the worst which could happen would be
> a spurious call of the interrupt handler, causing a spurious wake_up().
>
> Reported-by: Dan Carpenter <error27@gmail.com>
> Link: https://urldefense.com/v3/__https://lore.kernel.org/lkml/Y*JUIl64UDmdkboh@kadam/__;Kw!!GF_29dbcQIUBPA!wTyU032PQPxqlpIfuWRwb-DYE1K8P0bRWJyJICa7IEbAwQ0_aeZwknAWwxJ_cv_tWGY42f5NPgn6JHtZsiGP$ [lore[.]kernel[.]org]
> Signed-off-by: Juergen Gross <jgross@suse.com>
> ---
> V2:
> - remove stale spin_unlock() (Oleksandr Tyshchenko)
Reviewed-by: Oleksandr Tyshchenko <oleksandr_tyshchenko@epam.com>
> ---
> drivers/xen/pvcalls-front.c | 46 +++++++++++++++++++++----------------
> 1 file changed, 26 insertions(+), 20 deletions(-)
>
> diff --git a/drivers/xen/pvcalls-front.c b/drivers/xen/pvcalls-front.c
> index d5d589bda243..b72ee9379d77 100644
> --- a/drivers/xen/pvcalls-front.c
> +++ b/drivers/xen/pvcalls-front.c
> @@ -227,22 +227,30 @@ static irqreturn_t pvcalls_front_event_handler(int irq, void *dev_id)
>
> static void free_active_ring(struct sock_mapping *map);
>
> -static void pvcalls_front_free_map(struct pvcalls_bedata *bedata,
> - struct sock_mapping *map)
> +static void pvcalls_front_destroy_active(struct pvcalls_bedata *bedata,
> + struct sock_mapping *map)
> {
> int i;
>
> unbind_from_irqhandler(map->active.irq, map);
>
> - spin_lock(&bedata->socket_lock);
> - if (!list_empty(&map->list))
> - list_del_init(&map->list);
> - spin_unlock(&bedata->socket_lock);
> + if (bedata) {
> + spin_lock(&bedata->socket_lock);
> + if (!list_empty(&map->list))
> + list_del_init(&map->list);
> + spin_unlock(&bedata->socket_lock);
> + }
>
> for (i = 0; i < (1 << PVCALLS_RING_ORDER); i++)
> gnttab_end_foreign_access(map->active.ring->ref[i], NULL);
> gnttab_end_foreign_access(map->active.ref, NULL);
> free_active_ring(map);
> +}
> +
> +static void pvcalls_front_free_map(struct pvcalls_bedata *bedata,
> + struct sock_mapping *map)
> +{
> + pvcalls_front_destroy_active(bedata, map);
>
> kfree(map);
> }
> @@ -433,19 +441,18 @@ int pvcalls_front_connect(struct socket *sock, struct sockaddr *addr,
> pvcalls_exit_sock(sock);
> return ret;
> }
> -
> - spin_lock(&bedata->socket_lock);
> - ret = get_request(bedata, &req_id);
> + ret = create_active(map, &evtchn);
> if (ret < 0) {
> - spin_unlock(&bedata->socket_lock);
> free_active_ring(map);
> pvcalls_exit_sock(sock);
> return ret;
> }
> - ret = create_active(map, &evtchn);
> +
> + spin_lock(&bedata->socket_lock);
> + ret = get_request(bedata, &req_id);
> if (ret < 0) {
> spin_unlock(&bedata->socket_lock);
> - free_active_ring(map);
> + pvcalls_front_destroy_active(NULL, map);
> pvcalls_exit_sock(sock);
> return ret;
> }
> @@ -821,28 +828,27 @@ int pvcalls_front_accept(struct socket *sock, struct socket *newsock, int flags)
> pvcalls_exit_sock(sock);
> return ret;
> }
> - spin_lock(&bedata->socket_lock);
> - ret = get_request(bedata, &req_id);
> + ret = create_active(map2, &evtchn);
> if (ret < 0) {
> - clear_bit(PVCALLS_FLAG_ACCEPT_INFLIGHT,
> - (void *)&map->passive.flags);
> - spin_unlock(&bedata->socket_lock);
> free_active_ring(map2);
> kfree(map2);
> + clear_bit(PVCALLS_FLAG_ACCEPT_INFLIGHT,
> + (void *)&map->passive.flags);
> pvcalls_exit_sock(sock);
> return ret;
> }
>
> - ret = create_active(map2, &evtchn);
> + spin_lock(&bedata->socket_lock);
> + ret = get_request(bedata, &req_id);
> if (ret < 0) {
> - free_active_ring(map2);
> - kfree(map2);
> clear_bit(PVCALLS_FLAG_ACCEPT_INFLIGHT,
> (void *)&map->passive.flags);
> spin_unlock(&bedata->socket_lock);
> + pvcalls_front_free_map(bedata, map2);
> pvcalls_exit_sock(sock);
> return ret;
> }
> +
> list_add_tail(&map2->list, &bedata->socket_mappings);
>
> req = RING_GET_REQUEST(&bedata->ring, req_id);
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH v2] xen/pvcalls: don't call bind_evtchn_to_irqhandler() under lock
2023-04-03 9:27 [PATCH v2] xen/pvcalls: don't call bind_evtchn_to_irqhandler() under lock Juergen Gross
2023-04-04 15:36 ` Oleksandr Tyshchenko
@ 2023-04-07 22:08 ` Stefano Stabellini
1 sibling, 0 replies; 3+ messages in thread
From: Stefano Stabellini @ 2023-04-07 22:08 UTC (permalink / raw
To: Juergen Gross
Cc: linux-kernel, Stefano Stabellini, Oleksandr Tyshchenko, xen-devel,
Dan Carpenter
On Mon, 3 Apr 2023, Juergen Gross wrote:
> bind_evtchn_to_irqhandler() shouldn't be called under spinlock, as it
> can sleep.
>
> This requires to move the calls of create_active() out of the locked
> regions. This is no problem, as the worst which could happen would be
> a spurious call of the interrupt handler, causing a spurious wake_up().
>
> Reported-by: Dan Carpenter <error27@gmail.com>
> Link: https://lore.kernel.org/lkml/Y+JUIl64UDmdkboh@kadam/
> Signed-off-by: Juergen Gross <jgross@suse.com>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
> ---
> V2:
> - remove stale spin_unlock() (Oleksandr Tyshchenko)
> ---
> drivers/xen/pvcalls-front.c | 46 +++++++++++++++++++++----------------
> 1 file changed, 26 insertions(+), 20 deletions(-)
>
> diff --git a/drivers/xen/pvcalls-front.c b/drivers/xen/pvcalls-front.c
> index d5d589bda243..b72ee9379d77 100644
> --- a/drivers/xen/pvcalls-front.c
> +++ b/drivers/xen/pvcalls-front.c
> @@ -227,22 +227,30 @@ static irqreturn_t pvcalls_front_event_handler(int irq, void *dev_id)
>
> static void free_active_ring(struct sock_mapping *map);
>
> -static void pvcalls_front_free_map(struct pvcalls_bedata *bedata,
> - struct sock_mapping *map)
> +static void pvcalls_front_destroy_active(struct pvcalls_bedata *bedata,
> + struct sock_mapping *map)
> {
> int i;
>
> unbind_from_irqhandler(map->active.irq, map);
>
> - spin_lock(&bedata->socket_lock);
> - if (!list_empty(&map->list))
> - list_del_init(&map->list);
> - spin_unlock(&bedata->socket_lock);
> + if (bedata) {
> + spin_lock(&bedata->socket_lock);
> + if (!list_empty(&map->list))
> + list_del_init(&map->list);
> + spin_unlock(&bedata->socket_lock);
> + }
>
> for (i = 0; i < (1 << PVCALLS_RING_ORDER); i++)
> gnttab_end_foreign_access(map->active.ring->ref[i], NULL);
> gnttab_end_foreign_access(map->active.ref, NULL);
> free_active_ring(map);
> +}
> +
> +static void pvcalls_front_free_map(struct pvcalls_bedata *bedata,
> + struct sock_mapping *map)
> +{
> + pvcalls_front_destroy_active(bedata, map);
>
> kfree(map);
> }
> @@ -433,19 +441,18 @@ int pvcalls_front_connect(struct socket *sock, struct sockaddr *addr,
> pvcalls_exit_sock(sock);
> return ret;
> }
> -
> - spin_lock(&bedata->socket_lock);
> - ret = get_request(bedata, &req_id);
> + ret = create_active(map, &evtchn);
> if (ret < 0) {
> - spin_unlock(&bedata->socket_lock);
> free_active_ring(map);
> pvcalls_exit_sock(sock);
> return ret;
> }
> - ret = create_active(map, &evtchn);
> +
> + spin_lock(&bedata->socket_lock);
> + ret = get_request(bedata, &req_id);
> if (ret < 0) {
> spin_unlock(&bedata->socket_lock);
> - free_active_ring(map);
> + pvcalls_front_destroy_active(NULL, map);
> pvcalls_exit_sock(sock);
> return ret;
> }
> @@ -821,28 +828,27 @@ int pvcalls_front_accept(struct socket *sock, struct socket *newsock, int flags)
> pvcalls_exit_sock(sock);
> return ret;
> }
> - spin_lock(&bedata->socket_lock);
> - ret = get_request(bedata, &req_id);
> + ret = create_active(map2, &evtchn);
> if (ret < 0) {
> - clear_bit(PVCALLS_FLAG_ACCEPT_INFLIGHT,
> - (void *)&map->passive.flags);
> - spin_unlock(&bedata->socket_lock);
> free_active_ring(map2);
> kfree(map2);
> + clear_bit(PVCALLS_FLAG_ACCEPT_INFLIGHT,
> + (void *)&map->passive.flags);
> pvcalls_exit_sock(sock);
> return ret;
> }
>
> - ret = create_active(map2, &evtchn);
> + spin_lock(&bedata->socket_lock);
> + ret = get_request(bedata, &req_id);
> if (ret < 0) {
> - free_active_ring(map2);
> - kfree(map2);
> clear_bit(PVCALLS_FLAG_ACCEPT_INFLIGHT,
> (void *)&map->passive.flags);
> spin_unlock(&bedata->socket_lock);
> + pvcalls_front_free_map(bedata, map2);
> pvcalls_exit_sock(sock);
> return ret;
> }
> +
> list_add_tail(&map2->list, &bedata->socket_mappings);
>
> req = RING_GET_REQUEST(&bedata->ring, req_id);
> --
> 2.35.3
>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-04-07 22:09 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-04-03 9:27 [PATCH v2] xen/pvcalls: don't call bind_evtchn_to_irqhandler() under lock Juergen Gross
2023-04-04 15:36 ` Oleksandr Tyshchenko
2023-04-07 22:08 ` Stefano Stabellini
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).