From mboxrd@z Thu Jan  1 00:00:00 1970
From: Jike Song <jike.song@intel.com>
Subject: Re: [Qemu-devel] [PATCH 1/2] KVM: page track: add a new notifier
 type: track_flush_slot
Date: Fri, 21 Oct 2016 10:47:09 +0800
Message-ID: <580981AD.6010205@intel.com>
References: <c9d63f52-9b6f-5752-2111-773b33adc426@redhat.com> <1259cdba-c137-c3da-abe2-ecf51aec6738@linux.intel.com> <e992eb4e-0806-8f6e-851d-36eaf389a897@redhat.com> <ea9dffe6-7afa-4862-e46f-6f780a309e46@linux.intel.com> <523e1446-75f1-fe3a-d818-f7d238d57751@redhat.com> <5800B579.9000705@intel.com> <20161014084158.623087aa@t450s.home> <20161014084601.2a50ba87@t450s.home> <20161014163545.GA6121@nvidia.com> <20161014105124.42b438a6@t450s.home> <20161014221901.GA8865@nvidia.com> <20161017100229.1474ae33@t450s.home> <580617BD.8000300@intel.com> <20161018085918.61ec0e93@t450s.home> <5806DB2D.6090306@intel.com> <2f04a53d-261c-7fb5-6825-117da6a1307d@intel.com> <f66b030e-490e-8480-ff19-71116f42040a@redhat.com> <06340187-61d8-ed7a-e40d-264ca3eb4b37@linux.intel.com> <6067bf7d-42ba-0ffd-5131-da74f60
 296d4@redhat.com> <d098b5c1-935f-0977-b0c9-93ed6bcbe882@linux.intel.com> <d194c696-e5d3-390e-7d27-a4889787ed1a@redhat.com> <3FF9A87CC29019478F02EAECEB93CDC838D28085@shsmsx102.ccr.corp.intel.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Cc: Paolo Bonzini <pbonzini@redhat.com>,
        Xiao Guangrong <guangrong.xiao@linux.intel.com>,
        Alex Williamson <alex.williamson@redhat.com>,
        "Tian, Kevin" <kevin.tian@intel.com>, Neo Jia <cjia@nvidia.com>,
        "kvm@vger.kernel.org" <kvm@vger.kernel.org>,
        qemu-devel <qemu-devel@nongnu.org>,
        "Chen, Xiaoguang" <xiaoguang.chen@intel.com>,
        Kirti Wankhede <kwankhede@nvidia.com>
To: "Xiao, Guangrong" <guangrong.xiao@intel.com>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mga03.intel.com ([134.134.136.65]:34752 "EHLO mga03.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1752492AbcJUCuO (ORCPT <rfc822;kvm@vger.kernel.org>);
        Thu, 20 Oct 2016 22:50:14 -0400
In-Reply-To: <3FF9A87CC29019478F02EAECEB93CDC838D28085@shsmsx102.ccr.corp.intel.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On 10/21/2016 01:19 AM, Xiao, Guangrong wrote:
>> On 10/19/2016 10:14 PM, Paolo Bonzini wrote:
>>> On 19/10/2016 15:39, Xiao Guangrong wrote:
>>>
>>>
>>> I understood that KVM side is safe, however, vfio side is independent 
>>> with kvm and the user of usrdata can fetch kvm struct at any time, 
>>> consider this scenario:
>>>
>>> CPU 0                         CPU 1
>>> KVM:                         VFIO/userdata user
>>>   kvm_ioctl_create_device
>>>      get_kvm()
>>>                             vfio_group_get_usrdata(vfio_group)
>>>   kvm_device_release
>>>     put_kvm()
>>>                             !!! kvm refcount has gone
>>>                             use KVM struct
>>>
>>> Then, the user of userdata have fetched kvm struct but the refcount 
>>> has already gone.
>> 
>> vfio_group_set_usrdata (actually) kvm_vfio_group_set_kvm has called
>>kvm_get_kvm too, however.  What you need is a mutex that is taken by
>>vfio_group_set_usrdata and by the callers of vfio_group_get_usrdata.
> 
> Yes, mutex can fix it and is good to me. :)

Thanks everyone, I'll cook another patch according to your guidance.

--
Thanks,
Jike


From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:47902)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jike.song@intel.com>) id 1bxPuU-000123-K2
	for qemu-devel@nongnu.org; Thu, 20 Oct 2016 22:50:19 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <jike.song@intel.com>) id 1bxPuR-0003Wm-Hu
	for qemu-devel@nongnu.org; Thu, 20 Oct 2016 22:50:18 -0400
Received: from mga06.intel.com ([134.134.136.31]:12502)
	by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
	(Exim 4.71) (envelope-from <jike.song@intel.com>) id 1bxPuR-0003WL-8U
	for qemu-devel@nongnu.org; Thu, 20 Oct 2016 22:50:15 -0400
Message-ID: <580981AD.6010205@intel.com>
Date: Fri, 21 Oct 2016 10:47:09 +0800
From: Jike Song <jike.song@intel.com>
MIME-Version: 1.0
References: <c9d63f52-9b6f-5752-2111-773b33adc426@redhat.com>
	<1259cdba-c137-c3da-abe2-ecf51aec6738@linux.intel.com>
	<e992eb4e-0806-8f6e-851d-36eaf389a897@redhat.com>
	<ea9dffe6-7afa-4862-e46f-6f780a309e46@linux.intel.com>
	<523e1446-75f1-fe3a-d818-f7d238d57751@redhat.com>
	<5800B579.9000705@intel.com> <20161014084158.623087aa@t450s.home>
	<20161014084601.2a50ba87@t450s.home>
	<20161014163545.GA6121@nvidia.com>
	<20161014105124.42b438a6@t450s.home>
	<20161014221901.GA8865@nvidia.com>
	<20161017100229.1474ae33@t450s.home> <580617BD.8000300@intel.com>
	<20161018085918.61ec0e93@t450s.home> <5806DB2D.6090306@intel.com>
	<2f04a53d-261c-7fb5-6825-117da6a1307d@intel.com>
	<f66b030e-490e-8480-ff19-71116f42040a@redhat.com>
	<06340187-61d8-ed7a-e40d-264ca3eb4b37@linux.intel.com>
	<6067bf7d-42ba-0ffd-5131-da74f60296d4@redhat.com>
	<d098b5c1-935f-0977-b0c9-93ed6bcbe882@linux.intel.com>
	<d194c696-e5d3-390e-7d27-a4889787ed1a@redhat.com>
	<3FF9A87CC29019478F02EAECEB93CDC838D28085@shsmsx102.ccr.corp.intel.com>
In-Reply-To: <3FF9A87CC29019478F02EAECEB93CDC838D28085@shsmsx102.ccr.corp.intel.com>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH 1/2] KVM: page track: add a new notifier
 type: track_flush_slot
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: "Xiao, Guangrong" <guangrong.xiao@intel.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>, Xiao Guangrong <guangrong.xiao@linux.intel.com>, Alex Williamson <alex.williamson@redhat.com>, "Tian, Kevin" <kevin.tian@intel.com>, Neo Jia <cjia@nvidia.com>, "kvm@vger.kernel.org" <kvm@vger.kernel.org>, qemu-devel <qemu-devel@nongnu.org>, "Chen, Xiaoguang" <xiaoguang.chen@intel.com>, Kirti Wankhede <kwankhede@nvidia.com>

On 10/21/2016 01:19 AM, Xiao, Guangrong wrote:
>> On 10/19/2016 10:14 PM, Paolo Bonzini wrote:
>>> On 19/10/2016 15:39, Xiao Guangrong wrote:
>>>
>>>
>>> I understood that KVM side is safe, however, vfio side is independent 
>>> with kvm and the user of usrdata can fetch kvm struct at any time, 
>>> consider this scenario:
>>>
>>> CPU 0                         CPU 1
>>> KVM:                         VFIO/userdata user
>>>   kvm_ioctl_create_device
>>>      get_kvm()
>>>                             vfio_group_get_usrdata(vfio_group)
>>>   kvm_device_release
>>>     put_kvm()
>>>                             !!! kvm refcount has gone
>>>                             use KVM struct
>>>
>>> Then, the user of userdata have fetched kvm struct but the refcount 
>>> has already gone.
>> 
>> vfio_group_set_usrdata (actually) kvm_vfio_group_set_kvm has called
>>kvm_get_kvm too, however.  What you need is a mutex that is taken by
>>vfio_group_set_usrdata and by the callers of vfio_group_get_usrdata.
> 
> Yes, mutex can fix it and is good to me. :)

Thanks everyone, I'll cook another patch according to your guidance.

--
Thanks,
Jike