From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1753875AbbEZNOQ (ORCPT <rfc822;w@1wt.eu>);
	Tue, 26 May 2015 09:14:16 -0400
Received: from mail-oi0-f44.google.com ([209.85.218.44]:32785 "EHLO
	mail-oi0-f44.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1753842AbbEZNNy (ORCPT
	<rfc822;linux-kernel@vger.kernel.org>);
	Tue, 26 May 2015 09:13:54 -0400
MIME-Version: 1.0
In-Reply-To: <20150522134056.GG3644@twins.programming.kicks-ass.net>
References: <20150522132905.416122812@infradead.org>
	<20150522133135.353044581@infradead.org>
	<20150522134056.GG3644@twins.programming.kicks-ass.net>
Date: Tue, 26 May 2015 02:24:38 -0700
Message-ID: <CABPqkBTzQ0z6erv4dnotFKu=KystkSRJG2ovxBhsp5vFFFufqg@mail.gmail.com>
Subject: Re: [PATCH v2 01/11] perf,x86: Fix event/group validation
From: Stephane Eranian <eranian@google.com>
To: Peter Zijlstra <peterz@infradead.org>
Cc: Ingo Molnar <mingo@kernel.org>, Vince Weaver <vincent.weaver@maine.edu>,
        Jiri Olsa <jolsa@redhat.com>, "Liang, Kan" <kan.liang@intel.com>,
        LKML <linux-kernel@vger.kernel.org>, Andrew Hunter <ahh@google.com>,
        Maria Dimakopoulou <maria.n.dimakopoulou@gmail.com>
Content-Type: text/plain; charset=UTF-8
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Fri, May 22, 2015 at 6:40 AM, Peter Zijlstra <peterz@infradead.org> wrote:
> On Fri, May 22, 2015 at 03:29:06PM +0200, Peter Zijlstra wrote:
>> @@ -788,9 +788,9 @@ int x86_schedule_events(struct cpu_hw_ev
>>               x86_pmu.start_scheduling(cpuc);
>>
>>       for (i = 0, wmin = X86_PMC_IDX_MAX, wmax = 0; i < n; i++) {
>> +             cpuc->event_constraint[i] = NULL;
>
> ^^^ that is new, which is esp. important in light of the
> intel_get_event_constraints() hunk below, which would happily continue
> life with a garbage constraint.
>
You've moved the constraint list from event to cpuc. Yet, it is still
an array of pointers
to constraints. So here you are saying, that in the case validate_group() is
preempted and there is a context switch, there is still a risk of
overwriting the
constraint? I don't see how because validate_group() is using a fake_cpuc.
So yes, the cpuc->event_constraint[] array is modified but it is not the same
as the actual cpuc used by non-validate code. Or am I still missing something?

When using dynamic constraints, we already have constraint storage in cpuc
(to avoid calling kmalloc() in ctxsw context). Thus, I am wondering if it would
not be easier to always use cpuc for constraint storage (no more pointers).

>>               c = x86_pmu.get_event_constraints(cpuc, i, cpuc->event_list[i]);
>> +             cpuc->event_constraint[i] = c;
>>
>>               wmin = min(wmin, c->weight);
>>               wmax = max(wmax, c->weight);
>
>
>> +++ b/arch/x86/kernel/cpu/perf_event_intel.c
>> @@ -2106,7 +2106,7 @@ static struct event_constraint *
>>  intel_get_event_constraints(struct cpu_hw_events *cpuc, int idx,
>>                           struct perf_event *event)
>>  {
>> -     struct event_constraint *c1 = event->hw.constraint;
>> +     struct event_constraint *c1 = cpuc->event_constraint[idx];
>>       struct event_constraint *c2;
>>
>>       /*