[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 01/21] KVM: use store-release to mark dirty pages as harvested
From: |
Paolo Bonzini |
Subject: |
[PULL 01/21] KVM: use store-release to mark dirty pages as harvested |
Date: |
Mon, 19 Sep 2022 19:34:29 +0200 |
The following scenario can happen if QEMU sets more RESET flags while
the KVM_RESET_DIRTY_RINGS ioctl is ongoing on another host CPU:
CPU0 CPU1 CPU2
------------------------ ------------------ ------------------------
fill gfn0
store-rel flags for gfn0
fill gfn1
store-rel flags for gfn1
load-acq flags for gfn0
set RESET for gfn0
load-acq flags for gfn1
set RESET for gfn1
do ioctl! ----------->
ioctl(RESET_RINGS)
fill gfn2
store-rel flags for gfn2
load-acq flags for gfn2
set RESET for gfn2
process gfn0
process gfn1
process gfn2
do ioctl!
etc.
The three load-acquire in CPU0 synchronize with the three store-release
in CPU2, but CPU0 and CPU1 are only synchronized up to gfn1 and CPU1
may miss gfn2's fields other than flags.
The kernel must be able to cope with invalid values of the fields, and
userspace *will* invoke the ioctl once more. However, once the RESET flag
is cleared on gfn2, it is lost forever, therefore in the above scenario
CPU1 must read the correct value of gfn2's fields.
Therefore RESET must be set with a store-release, that will synchronize
with KVM's load-acquire in CPU1.
Cc: Gavin Shan <gshan@redhat.com>
Reviewed-by: Peter Xu <peterx@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
---
accel/kvm/kvm-all.c | 18 +++++++++++++++++-
1 file changed, 17 insertions(+), 1 deletion(-)
diff --git a/accel/kvm/kvm-all.c b/accel/kvm/kvm-all.c
index 136c8eaed3..7c8ce18bdd 100644
--- a/accel/kvm/kvm-all.c
+++ b/accel/kvm/kvm-all.c
@@ -728,7 +728,23 @@ static bool dirty_gfn_is_dirtied(struct kvm_dirty_gfn *gfn)
static void dirty_gfn_set_collected(struct kvm_dirty_gfn *gfn)
{
- gfn->flags = KVM_DIRTY_GFN_F_RESET;
+ /*
+ * Use a store-release so that the CPU that executes KVM_RESET_DIRTY_RINGS
+ * sees the full content of the ring:
+ *
+ * CPU0 CPU1 CPU2
+ *
------------------------------------------------------------------------------
+ * fill gfn0
+ * store-rel flags
for gfn0
+ * load-acq flags for gfn0
+ * store-rel RESET for gfn0
+ * ioctl(RESET_RINGS)
+ * load-acq flags for gfn0
+ * check if flags have RESET
+ *
+ * The synchronization goes from CPU2 to CPU0 to CPU1.
+ */
+ qatomic_store_release(&gfn->flags, KVM_DIRTY_GFN_F_RESET);
}
/*
--
2.37.2
- [PULL 00/21] Misc patches for 2022-09-19, Paolo Bonzini, 2022/09/19
- [PULL 01/21] KVM: use store-release to mark dirty pages as harvested,
Paolo Bonzini <=
- [PULL 02/21] target/i386: Raise #GP on unaligned m128 accesses when required., Paolo Bonzini, 2022/09/19
- [PULL 03/21] kvm: fix memory leak on failure to read stats descriptors, Paolo Bonzini, 2022/09/19
- [PULL 04/21] spapr_pci: fix leak in spapr_phb_vfio_get_loc_code, Paolo Bonzini, 2022/09/19
- [PULL 06/21] coverity: put NUBus under m68k component, Paolo Bonzini, 2022/09/19
- [PULL 07/21] smbios: sanitize type from external type before checking have_fields_bitmap, Paolo Bonzini, 2022/09/19
- [PULL 08/21] tests: unit: simplify test-visitor-serialization list tests, Paolo Bonzini, 2022/09/19
- [PULL 10/21] tests: unit: add NULL-pointer check, Paolo Bonzini, 2022/09/19
- [PULL 09/21] tests: test-qga: close socket on failure to connect, Paolo Bonzini, 2022/09/19
- [PULL 05/21] coverity: add new RISC-V component, Paolo Bonzini, 2022/09/19
- [PULL 15/21] audio: add help option for -audio and -audiodev, Paolo Bonzini, 2022/09/19