From: Matthew Rosato <mjrosato@linux.ibm.com>
To: Yi Liu <yi.l.liu@intel.com>, alex.williamson@redhat.com
Cc: kevin.tian@intel.com, kvm@vger.kernel.org, jgg@nvidia.com
Subject: Re: [Patch 1/1] vfio: Move "device->open_count--" out of group_rwsem in vfio_device_open()
Date: Mon, 20 Jun 2022 16:13:11 -0400 [thread overview]
Message-ID: <98a0b35a-ff5d-419b-1eba-af6c565de244@linux.ibm.com> (raw)
In-Reply-To: <20220620085459.200015-2-yi.l.liu@intel.com>
On 6/20/22 4:54 AM, Yi Liu wrote:
> No need to protect open_count with group_rwsem
>
> Fixes: 421cfe6596f6 ("vfio: remove VFIO_GROUP_NOTIFY_SET_KVM")
>
> cc: Matthew Rosato <mjrosato@linux.ibm.com>
> cc: Jason Gunthorpe <jgg@nvidia.com>
> Signed-off-by: Yi Liu <yi.l.liu@intel.com>
Seems pretty harmless as-is, but you are correct group_rwsem can be
dropped earlier; we do not protect the count with group_rwsem elsewhere
(see vfio_device_fops_release as a comparison, where we already drop
group_rwsem before open_count--)
FWIW, this change now also drops group_rswem before setting device->kvm
= NULL, but that's also OK (again, just like vfio_device_fops_release)
-- While the setting of device->kvm before open_device is technically
done while holding the group_rwsem, this is done to protect the group
kvm value we are copying from, and we should not be relying on that to
protect the contents of device->kvm; instead we assume this value will
not change until after the device is closed and while under the
dev_set->lock.
Reviewed-by: Matthew Rosato <mjrosato@linux.ibm.com>
> ---
> drivers/vfio/vfio.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/vfio/vfio.c b/drivers/vfio/vfio.c
> index 61e71c1154be..44c3bf8023ac 100644
> --- a/drivers/vfio/vfio.c
> +++ b/drivers/vfio/vfio.c
> @@ -1146,10 +1146,10 @@ static struct file *vfio_device_open(struct vfio_device *device)
> if (device->open_count == 1 && device->ops->close_device)
> device->ops->close_device(device);
> err_undo_count:
> + up_read(&device->group->group_rwsem);
> device->open_count--;
> if (device->open_count == 0 && device->kvm)
> device->kvm = NULL;
> - up_read(&device->group->group_rwsem);
> mutex_unlock(&device->dev_set->lock);
> module_put(device->dev->driver->owner);
> err_unassign_container:
next prev parent reply other threads:[~2022-06-20 20:16 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-20 8:54 [Patch 0/1] A bug fix to the error handling path in vfio_device_open() Yi Liu
2022-06-20 8:54 ` [Patch 1/1] vfio: Move "device->open_count--" out of group_rwsem " Yi Liu
2022-06-20 20:13 ` Matthew Rosato [this message]
2022-06-21 1:31 ` Yi Liu
2022-06-21 2:49 ` Tian, Kevin
2022-06-21 2:59 ` Yi Liu
2022-06-21 3:26 ` Tian, Kevin
2022-06-21 3:35 ` Yi Liu
2022-06-24 14:05 ` Jason Gunthorpe
2022-06-27 7:45 ` Yi Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=98a0b35a-ff5d-419b-1eba-af6c565de244@linux.ibm.com \
--to=mjrosato@linux.ibm.com \
--cc=alex.williamson@redhat.com \
--cc=jgg@nvidia.com \
--cc=kevin.tian@intel.com \
--cc=kvm@vger.kernel.org \
--cc=yi.l.liu@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.