All of lore.kernel.org
 help / color / mirror / Atom feed
From: Jason Gunthorpe <jgg@nvidia.com>
To: Tony Krowiak <akrowiak@linux.ibm.com>
Cc: linux-s390@vger.kernel.org, linux-kernel@vger.kernel.org,
	borntraeger@de.ibm.com, cohuck@redhat.com,
	pasic@linux.vnet.ibm.com, jjherne@linux.ibm.com,
	alex.williamson@redhat.com, kwankhede@nvidia.com,
	frankja@linux.ibm.com, david@redhat.com, imbrenda@linux.ibm.com,
	hca@linux.ibm.com
Subject: Re: [PATCH 2/3] s390/vfio-ap: introduce two new r/w locks to replace wait_queue_head_t
Date: Fri, 11 Jun 2021 14:05:26 -0300	[thread overview]
Message-ID: <20210611170526.GU1002214@nvidia.com> (raw)
In-Reply-To: <20210609224634.575156-3-akrowiak@linux.ibm.com>

On Wed, Jun 09, 2021 at 06:46:33PM -0400, Tony Krowiak wrote:
> This patch introduces two new r/w locks to replace the wait_queue_head_t
> that was introduced to fix a lockdep splat reported when testing
> pass-through of AP queues to a Secure Execution guest. This was the
> abbreviated dependency chain reported by lockdep that was fixed using
> a wait queue:
> 
> kvm_arch_crypto_set_masks+0x4a/0x2b8 [kvm]        kvm->lock
> vfio_ap_mdev_group_notifier+0x154/0x170 [vfio_ap] matrix_dev->lock
> 
> handle_pqap+0x56/0x1d0 [vfio_ap]    matrix_dev->lock
> kvm_vcpu_ioctl+0x2cc/0x898 [kvm]    vcpu->mutex
> 
> kvm_s390_cpus_to_pv+0x4e/0xf8 [kvm]   vcpu->mutex
> kvm_arch_vm_ioctl+0x3ec/0x550 [kvm]   kvm->lock

Is the problem larger than kvm_arch_crypto_set_masks()? If not it
looks easy enough to fix, just pull the kvm->lock out of
kvm_arch_crypto_set_masks() and obtain it in vfio_ap_mdev_set_kvm()
before the rwsem. Now your locks are in the right order and all should
be well?

> +static int vfio_ap_mdev_matrix_store_lock(struct ap_matrix_mdev *matrix_mdev)
> +{
> +	if (!down_write_trylock(&matrix_mdev->rwsem))
> +		return -EBUSY;
> +
> +	if (matrix_mdev->kvm) {
> +		up_write(&matrix_mdev->rwsem);
> +		return -EBUSY;
> +	}
> +
> +	if (!down_write_trylock(&matrix_mdev->matrix.rwsem)) {
> +		up_write(&matrix_mdev->rwsem);
> +		return -EBUSY;
> +	}
> +
> +	return 0;
> +}

This double locking is quite strange, at least it deserves a detailed
comment? The comments suggest these locks protect distinct data so..

> +
> +	ret = vfio_ap_mdev_matrix_store_lock(matrix_mdev);
> +	if (ret)
> +		return ret;
>  
>  	clear_bit_inv((unsigned long)apqi, matrix_mdev->matrix.aqm);

here it obtained both locks but only touched matrix.aqm which is only
protected by the inner lock - what was the point of obtaining the
outer lock?

Also, not convinced down_write_trylock() is appropriate from a sysfs
callback, it should block and wait, surely? Otherwise userspace gets
random racy failures depending on what the kernel is doing??

Jason

  reply	other threads:[~2021-06-11 17:05 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-06-09 22:46 [PATCH 0/3] s390/vfio-ap: refactor mdev remove callback and locks Tony Krowiak
2021-06-09 22:46 ` [PATCH 1/3] s390/vfio-ap: clean up mdev resources when remove callback invoked Tony Krowiak
2021-06-11 16:48   ` Jason Gunthorpe
2021-06-14 17:29     ` Tony Krowiak
2021-06-15  7:43     ` Christian Borntraeger
2021-06-09 22:46 ` [PATCH 2/3] s390/vfio-ap: introduce two new r/w locks to replace wait_queue_head_t Tony Krowiak
2021-06-11 17:05   ` Jason Gunthorpe [this message]
2021-06-11 17:11     ` David Hildenbrand
2021-06-11 17:41       ` Jason Gunthorpe
2021-06-09 22:46 ` [PATCH 3/3] s390/vfio-ap: r/w lock for PQAP interception handler function pointer Tony Krowiak
2021-06-11 17:06   ` Jason Gunthorpe
2021-06-15  8:55   ` Christian Borntraeger
2021-06-15 18:08     ` Tony Krowiak
2021-06-15 18:55     ` Tony Krowiak

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210611170526.GU1002214@nvidia.com \
    --to=jgg@nvidia.com \
    --cc=akrowiak@linux.ibm.com \
    --cc=alex.williamson@redhat.com \
    --cc=borntraeger@de.ibm.com \
    --cc=cohuck@redhat.com \
    --cc=david@redhat.com \
    --cc=frankja@linux.ibm.com \
    --cc=hca@linux.ibm.com \
    --cc=imbrenda@linux.ibm.com \
    --cc=jjherne@linux.ibm.com \
    --cc=kwankhede@nvidia.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-s390@vger.kernel.org \
    --cc=pasic@linux.vnet.ibm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.