* [PATCH 0/2] x86/perf: A CR4.PCE bugfix and clarification
@ 2017-03-16 19:59 Andy Lutomirski
2017-03-16 19:59 ` [PATCH 1/2] x86/perf: Fix CR4.PCE propagation to use active_mm instead of mm Andy Lutomirski
2017-03-16 19:59 ` [PATCH 2/2] x86/perf: Clarify why x86_pmu_event_mapped() isn't racy Andy Lutomirski
0 siblings, 2 replies; 5+ messages in thread
From: Andy Lutomirski @ 2017-03-16 19:59 UTC (permalink / raw)
To: X86 ML; +Cc: linux-kernel, Borislav Petkov, Vince Weaver, Andy Lutomirski
Hi all-
Vince found a bug in our CR4.PCE handling. While investigating, I
found what looked like another bug but actually wasn't.
Here's a fix for the bug (cc'd to stable) and a comment and lockdep
annotation for why the other non-bug isn't actually a bug.
Andy Lutomirski (2):
x86/perf: Fix CR4.PCE propagation to use active_mm instead of mm
x86/perf: Clarify why x86_pmu_event_mapped() isn't racy
arch/x86/events/core.c | 16 ++++++++++++++--
1 file changed, 14 insertions(+), 2 deletions(-)
--
2.9.3
^ permalink raw reply [flat|nested] 5+ messages in thread
* [PATCH 1/2] x86/perf: Fix CR4.PCE propagation to use active_mm instead of mm
2017-03-16 19:59 [PATCH 0/2] x86/perf: A CR4.PCE bugfix and clarification Andy Lutomirski
@ 2017-03-16 19:59 ` Andy Lutomirski
2017-03-17 10:16 ` [tip:perf/urgent] " tip-bot for Andy Lutomirski
2017-03-16 19:59 ` [PATCH 2/2] x86/perf: Clarify why x86_pmu_event_mapped() isn't racy Andy Lutomirski
1 sibling, 1 reply; 5+ messages in thread
From: Andy Lutomirski @ 2017-03-16 19:59 UTC (permalink / raw)
To: X86 ML
Cc: linux-kernel, Borislav Petkov, Vince Weaver, Andy Lutomirski, stable
If one thread mmaps a perf event while another thread in the same mm
is in some context where active_mm != mm (which can happen in the
scheduler, for example), refresh_pce() would write the wrong value
to CR4.PCE. This broke some PAPI tests.
Cc: stable@vger.kernel.org
Fixes: 7911d3f7af14 ("perf/x86: Only allow rdpmc if a perf_event is mapped")
Reported-and-tested-by: Vince Weaver <vincent.weaver@maine.edu>
Signed-off-by: Andy Lutomirski <luto@kernel.org>
---
arch/x86/events/core.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/x86/events/core.c b/arch/x86/events/core.c
index 349d4d17aa7f..4f564df73b8f 100644
--- a/arch/x86/events/core.c
+++ b/arch/x86/events/core.c
@@ -2101,8 +2101,8 @@ static int x86_pmu_event_init(struct perf_event *event)
static void refresh_pce(void *ignored)
{
- if (current->mm)
- load_mm_cr4(current->mm);
+ if (current->active_mm)
+ load_mm_cr4(current->active_mm);
}
static void x86_pmu_event_mapped(struct perf_event *event)
--
2.9.3
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH 2/2] x86/perf: Clarify why x86_pmu_event_mapped() isn't racy
2017-03-16 19:59 [PATCH 0/2] x86/perf: A CR4.PCE bugfix and clarification Andy Lutomirski
2017-03-16 19:59 ` [PATCH 1/2] x86/perf: Fix CR4.PCE propagation to use active_mm instead of mm Andy Lutomirski
@ 2017-03-16 19:59 ` Andy Lutomirski
2017-03-17 10:17 ` [tip:perf/urgent] " tip-bot for Andy Lutomirski
1 sibling, 1 reply; 5+ messages in thread
From: Andy Lutomirski @ 2017-03-16 19:59 UTC (permalink / raw)
To: X86 ML; +Cc: linux-kernel, Borislav Petkov, Vince Weaver, Andy Lutomirski
Naively, it looks racy, but mmap_sem saves it. Add a comment and a
lockdep assertion.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
---
arch/x86/events/core.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/arch/x86/events/core.c b/arch/x86/events/core.c
index 4f564df73b8f..2aa1ad194db2 100644
--- a/arch/x86/events/core.c
+++ b/arch/x86/events/core.c
@@ -2110,6 +2110,18 @@ static void x86_pmu_event_mapped(struct perf_event *event)
if (!(event->hw.flags & PERF_X86_EVENT_RDPMC_ALLOWED))
return;
+ /*
+ * This function relies on not being called concurrently in two
+ * tasks in the same mm. Otherwise one task could observe
+ * perf_rdpmc_allowed > 1 and return all the way back to
+ * userspace with CR4.PCE clear while another task is still
+ * doing on_each_cpu_mask() to propagate CR4.PCE.
+ *
+ * For now, this can't happen because all callers hold mmap_sem
+ * for write. If this changes, we'll need a different solution.
+ */
+ lockdep_assert_held_exclusive(¤t->mm->mmap_sem);
+
if (atomic_inc_return(¤t->mm->context.perf_rdpmc_allowed) == 1)
on_each_cpu_mask(mm_cpumask(current->mm), refresh_pce, NULL, 1);
}
--
2.9.3
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [tip:perf/urgent] x86/perf: Fix CR4.PCE propagation to use active_mm instead of mm
2017-03-16 19:59 ` [PATCH 1/2] x86/perf: Fix CR4.PCE propagation to use active_mm instead of mm Andy Lutomirski
@ 2017-03-17 10:16 ` tip-bot for Andy Lutomirski
0 siblings, 0 replies; 5+ messages in thread
From: tip-bot for Andy Lutomirski @ 2017-03-17 10:16 UTC (permalink / raw)
To: linux-tip-commits
Cc: luto, mingo, acme, vincent.weaver, eranian, hpa, peterz,
alexander.shishkin, torvalds, tglx, bpetkov, linux-kernel, jolsa
Commit-ID: 5dc855d44c2ad960a86f593c60461f1ae1566b6d
Gitweb: http://git.kernel.org/tip/5dc855d44c2ad960a86f593c60461f1ae1566b6d
Author: Andy Lutomirski <luto@kernel.org>
AuthorDate: Thu, 16 Mar 2017 12:59:39 -0700
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Fri, 17 Mar 2017 08:28:26 +0100
x86/perf: Fix CR4.PCE propagation to use active_mm instead of mm
If one thread mmaps a perf event while another thread in the same mm
is in some context where active_mm != mm (which can happen in the
scheduler, for example), refresh_pce() would write the wrong value
to CR4.PCE. This broke some PAPI tests.
Reported-and-tested-by: Vince Weaver <vincent.weaver@maine.edu>
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Borislav Petkov <bpetkov@suse.de>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephane Eranian <eranian@google.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: stable@vger.kernel.org
Fixes: 7911d3f7af14 ("perf/x86: Only allow rdpmc if a perf_event is mapped")
Link: http://lkml.kernel.org/r/0c5b38a76ea50e405f9abe07a13dfaef87c173a1.1489694270.git.luto@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/events/core.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/arch/x86/events/core.c b/arch/x86/events/core.c
index 1635c0c..e07b36c 100644
--- a/arch/x86/events/core.c
+++ b/arch/x86/events/core.c
@@ -2100,8 +2100,8 @@ static int x86_pmu_event_init(struct perf_event *event)
static void refresh_pce(void *ignored)
{
- if (current->mm)
- load_mm_cr4(current->mm);
+ if (current->active_mm)
+ load_mm_cr4(current->active_mm);
}
static void x86_pmu_event_mapped(struct perf_event *event)
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [tip:perf/urgent] x86/perf: Clarify why x86_pmu_event_mapped() isn't racy
2017-03-16 19:59 ` [PATCH 2/2] x86/perf: Clarify why x86_pmu_event_mapped() isn't racy Andy Lutomirski
@ 2017-03-17 10:17 ` tip-bot for Andy Lutomirski
0 siblings, 0 replies; 5+ messages in thread
From: tip-bot for Andy Lutomirski @ 2017-03-17 10:17 UTC (permalink / raw)
To: linux-tip-commits
Cc: torvalds, alexander.shishkin, linux-kernel, bpetkov, luto, tglx,
vincent.weaver, eranian, jolsa, hpa, mingo, peterz, acme
Commit-ID: 4b07372a32c0c1505a7634ad7e607d83340ef645
Gitweb: http://git.kernel.org/tip/4b07372a32c0c1505a7634ad7e607d83340ef645
Author: Andy Lutomirski <luto@kernel.org>
AuthorDate: Thu, 16 Mar 2017 12:59:40 -0700
Committer: Ingo Molnar <mingo@kernel.org>
CommitDate: Fri, 17 Mar 2017 08:28:26 +0100
x86/perf: Clarify why x86_pmu_event_mapped() isn't racy
Naively, it looks racy, but ->mmap_sem saves it. Add a comment and a
lockdep assertion.
Signed-off-by: Andy Lutomirski <luto@kernel.org>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Borislav Petkov <bpetkov@suse.de>
Cc: H. Peter Anvin <hpa@zytor.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephane Eranian <eranian@google.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vince Weaver <vincent.weaver@maine.edu>
Link: http://lkml.kernel.org/r/03a1e629063899168dfc4707f3bb6e581e21f5c6.1489694270.git.luto@kernel.org
Signed-off-by: Ingo Molnar <mingo@kernel.org>
---
arch/x86/events/core.c | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/arch/x86/events/core.c b/arch/x86/events/core.c
index e07b36c..183a972 100644
--- a/arch/x86/events/core.c
+++ b/arch/x86/events/core.c
@@ -2109,6 +2109,18 @@ static void x86_pmu_event_mapped(struct perf_event *event)
if (!(event->hw.flags & PERF_X86_EVENT_RDPMC_ALLOWED))
return;
+ /*
+ * This function relies on not being called concurrently in two
+ * tasks in the same mm. Otherwise one task could observe
+ * perf_rdpmc_allowed > 1 and return all the way back to
+ * userspace with CR4.PCE clear while another task is still
+ * doing on_each_cpu_mask() to propagate CR4.PCE.
+ *
+ * For now, this can't happen because all callers hold mmap_sem
+ * for write. If this changes, we'll need a different solution.
+ */
+ lockdep_assert_held_exclusive(¤t->mm->mmap_sem);
+
if (atomic_inc_return(¤t->mm->context.perf_rdpmc_allowed) == 1)
on_each_cpu_mask(mm_cpumask(current->mm), refresh_pce, NULL, 1);
}
^ permalink raw reply related [flat|nested] 5+ messages in thread
end of thread, other threads:[~2017-03-17 10:43 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-03-16 19:59 [PATCH 0/2] x86/perf: A CR4.PCE bugfix and clarification Andy Lutomirski
2017-03-16 19:59 ` [PATCH 1/2] x86/perf: Fix CR4.PCE propagation to use active_mm instead of mm Andy Lutomirski
2017-03-17 10:16 ` [tip:perf/urgent] " tip-bot for Andy Lutomirski
2017-03-16 19:59 ` [PATCH 2/2] x86/perf: Clarify why x86_pmu_event_mapped() isn't racy Andy Lutomirski
2017-03-17 10:17 ` [tip:perf/urgent] " tip-bot for Andy Lutomirski
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.