xen: fix xen_qlock_wait()
diff mbox series

Message ID 20181109120413.9539-1-jgross@suse.com
State New
Headers show
Series
  • xen: fix xen_qlock_wait()
Related show

Commit Message

Juergen Gross Nov. 9, 2018, 12:04 p.m. UTC
Commit a856531951dc80 ("xen: make xen_qlock_wait() nestable")
introduced a regression for Xen guests running fully virtualized
(HVM or PVH mode). The Xen hypervisor wouldn't return from the poll
hypercall with interrupts disabled in case of an interrupt (for PV
guests it does).

So instead of disabling interrupts in xen_qlock_wait() use a nesting
counter to avoid calling xen_clear_irq_pending() in case
xen_qlock_wait() is nested.

Fixes: a856531951dc80 ("xen: make xen_qlock_wait() nestable")
Cc: stable@vger.kernel.org
Signed-off-by: Juergen Gross <jgross@suse.com>
---
 arch/x86/xen/spinlock.c | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

Comments

Boris Ostrovsky Nov. 9, 2018, 2:53 p.m. UTC | #1
On 11/9/18 7:04 AM, Juergen Gross wrote:
> Commit a856531951dc80 ("xen: make xen_qlock_wait() nestable")
> introduced a regression for Xen guests running fully virtualized
> (HVM or PVH mode). The Xen hypervisor wouldn't return from the poll
> hypercall with interrupts disabled in case of an interrupt (for PV
> guests it does).
>
> So instead of disabling interrupts in xen_qlock_wait() use a nesting
> counter to avoid calling xen_clear_irq_pending() in case
> xen_qlock_wait() is nested.
>
> Fixes: a856531951dc80 ("xen: make xen_qlock_wait() nestable")
> Cc: stable@vger.kernel.org
> Signed-off-by: Juergen Gross <jgross@suse.com>

This needs Sander's Reported-by.

> ---
>  arch/x86/xen/spinlock.c | 14 ++++++++------
>  1 file changed, 8 insertions(+), 6 deletions(-)
>
> diff --git a/arch/x86/xen/spinlock.c b/arch/x86/xen/spinlock.c
> index 441c88262169..1c8a8816a402 100644
> --- a/arch/x86/xen/spinlock.c
> +++ b/arch/x86/xen/spinlock.c
> @@ -9,6 +9,7 @@
>  #include <linux/log2.h>
>  #include <linux/gfp.h>
>  #include <linux/slab.h>
> +#include <linux/atomic.h>
>  
>  #include <asm/paravirt.h>
>  #include <asm/qspinlock.h>
> @@ -21,6 +22,7 @@
>  
>  static DEFINE_PER_CPU(int, lock_kicker_irq) = -1;
>  static DEFINE_PER_CPU(char *, irq_name);
> +static DEFINE_PER_CPU(atomic_t, xen_qlock_wait_nest);

I'd move this to xen_qlock_wait().

Either way,

Reviewed-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>

>  static bool xen_pvspin = true;
>  
>  static void xen_qlock_kick(int cpu)
> @@ -39,25 +41,25 @@ static void xen_qlock_kick(int cpu)
>   */
>  static void xen_qlock_wait(u8 *byte, u8 val)
>  {
> -	unsigned long flags;
>  	int irq = __this_cpu_read(lock_kicker_irq);
> +	atomic_t *nest_cnt = this_cpu_ptr(&xen_qlock_wait_nest);
>  
>  	/* If kicker interrupts not initialized yet, just spin */
>  	if (irq == -1 || in_nmi())
>  		return;
>  
> -	/* Guard against reentry. */
> -	local_irq_save(flags);
> +	/* Detect reentry. */
> +	atomic_inc(nest_cnt);
>  
> -	/* If irq pending already clear it. */
> -	if (xen_test_irq_pending(irq)) {
> +	/* If irq pending already and no nested call clear it. */
> +	if (atomic_read(nest_cnt) == 1 && xen_test_irq_pending(irq)) {
>  		xen_clear_irq_pending(irq);
>  	} else if (READ_ONCE(*byte) == val) {
>  		/* Block until irq becomes pending (or a spurious wakeup) */
>  		xen_poll_irq(irq);
>  	}
>  
> -	local_irq_restore(flags);
> +	atomic_dec(nest_cnt);
>  }
>  
>  static irqreturn_t dummy_handler(int irq, void *dev_id)
Sander Eikelenboom Nov. 9, 2018, 3:02 p.m. UTC | #2
On 09/11/18 13:04, Juergen Gross wrote:
> Commit a856531951dc80 ("xen: make xen_qlock_wait() nestable")
> introduced a regression for Xen guests running fully virtualized
> (HVM or PVH mode). The Xen hypervisor wouldn't return from the poll
> hypercall with interrupts disabled in case of an interrupt (for PV
> guests it does).
> 
> So instead of disabling interrupts in xen_qlock_wait() use a nesting
> counter to avoid calling xen_clear_irq_pending() in case
> xen_qlock_wait() is nested.
> 
> Fixes: a856531951dc80 ("xen: make xen_qlock_wait() nestable")
> Cc: stable@vger.kernel.org
> Signed-off-by: Juergen Gross <jgross@suse.com>

Although you don't seem too interested, you can stick on a:
Tested-by: Sander Eikelenboom <linux@eikelenboom.it>
if you like.

--
Sander

> ---
>  arch/x86/xen/spinlock.c | 14 ++++++++------
>  1 file changed, 8 insertions(+), 6 deletions(-)
> 
> diff --git a/arch/x86/xen/spinlock.c b/arch/x86/xen/spinlock.c
> index 441c88262169..1c8a8816a402 100644
> --- a/arch/x86/xen/spinlock.c
> +++ b/arch/x86/xen/spinlock.c
> @@ -9,6 +9,7 @@
>  #include <linux/log2.h>
>  #include <linux/gfp.h>
>  #include <linux/slab.h>
> +#include <linux/atomic.h>
>  
>  #include <asm/paravirt.h>
>  #include <asm/qspinlock.h>
> @@ -21,6 +22,7 @@
>  
>  static DEFINE_PER_CPU(int, lock_kicker_irq) = -1;
>  static DEFINE_PER_CPU(char *, irq_name);
> +static DEFINE_PER_CPU(atomic_t, xen_qlock_wait_nest);
>  static bool xen_pvspin = true;
>  
>  static void xen_qlock_kick(int cpu)
> @@ -39,25 +41,25 @@ static void xen_qlock_kick(int cpu)
>   */
>  static void xen_qlock_wait(u8 *byte, u8 val)
>  {
> -	unsigned long flags;
>  	int irq = __this_cpu_read(lock_kicker_irq);
> +	atomic_t *nest_cnt = this_cpu_ptr(&xen_qlock_wait_nest);
>  
>  	/* If kicker interrupts not initialized yet, just spin */
>  	if (irq == -1 || in_nmi())
>  		return;
>  
> -	/* Guard against reentry. */
> -	local_irq_save(flags);
> +	/* Detect reentry. */
> +	atomic_inc(nest_cnt);
>  
> -	/* If irq pending already clear it. */
> -	if (xen_test_irq_pending(irq)) {
> +	/* If irq pending already and no nested call clear it. */
> +	if (atomic_read(nest_cnt) == 1 && xen_test_irq_pending(irq)) {
>  		xen_clear_irq_pending(irq);
>  	} else if (READ_ONCE(*byte) == val) {
>  		/* Block until irq becomes pending (or a spurious wakeup) */
>  		xen_poll_irq(irq);
>  	}
>  
> -	local_irq_restore(flags);
> +	atomic_dec(nest_cnt);
>  }
>  
>  static irqreturn_t dummy_handler(int irq, void *dev_id)
>
Juergen Gross Nov. 9, 2018, 3:20 p.m. UTC | #3
On 09/11/2018 16:02, Sander Eikelenboom wrote:
> On 09/11/18 13:04, Juergen Gross wrote:
>> Commit a856531951dc80 ("xen: make xen_qlock_wait() nestable")
>> introduced a regression for Xen guests running fully virtualized
>> (HVM or PVH mode). The Xen hypervisor wouldn't return from the poll
>> hypercall with interrupts disabled in case of an interrupt (for PV
>> guests it does).
>>
>> So instead of disabling interrupts in xen_qlock_wait() use a nesting
>> counter to avoid calling xen_clear_irq_pending() in case
>> xen_qlock_wait() is nested.
>>
>> Fixes: a856531951dc80 ("xen: make xen_qlock_wait() nestable")
>> Cc: stable@vger.kernel.org
>> Signed-off-by: Juergen Gross <jgross@suse.com>
> 
> Although you don't seem too interested, you can stick on a:
> Tested-by: Sander Eikelenboom <linux@eikelenboom.it>
> if you like.

I am interested.

OTOH I wanted to post the patch officially to give others the chance to
send remarks.


Juergen

> 
> --
> Sander
> 
>> ---
>>  arch/x86/xen/spinlock.c | 14 ++++++++------
>>  1 file changed, 8 insertions(+), 6 deletions(-)
>>
>> diff --git a/arch/x86/xen/spinlock.c b/arch/x86/xen/spinlock.c
>> index 441c88262169..1c8a8816a402 100644
>> --- a/arch/x86/xen/spinlock.c
>> +++ b/arch/x86/xen/spinlock.c
>> @@ -9,6 +9,7 @@
>>  #include <linux/log2.h>
>>  #include <linux/gfp.h>
>>  #include <linux/slab.h>
>> +#include <linux/atomic.h>
>>  
>>  #include <asm/paravirt.h>
>>  #include <asm/qspinlock.h>
>> @@ -21,6 +22,7 @@
>>  
>>  static DEFINE_PER_CPU(int, lock_kicker_irq) = -1;
>>  static DEFINE_PER_CPU(char *, irq_name);
>> +static DEFINE_PER_CPU(atomic_t, xen_qlock_wait_nest);
>>  static bool xen_pvspin = true;
>>  
>>  static void xen_qlock_kick(int cpu)
>> @@ -39,25 +41,25 @@ static void xen_qlock_kick(int cpu)
>>   */
>>  static void xen_qlock_wait(u8 *byte, u8 val)
>>  {
>> -	unsigned long flags;
>>  	int irq = __this_cpu_read(lock_kicker_irq);
>> +	atomic_t *nest_cnt = this_cpu_ptr(&xen_qlock_wait_nest);
>>  
>>  	/* If kicker interrupts not initialized yet, just spin */
>>  	if (irq == -1 || in_nmi())
>>  		return;
>>  
>> -	/* Guard against reentry. */
>> -	local_irq_save(flags);
>> +	/* Detect reentry. */
>> +	atomic_inc(nest_cnt);
>>  
>> -	/* If irq pending already clear it. */
>> -	if (xen_test_irq_pending(irq)) {
>> +	/* If irq pending already and no nested call clear it. */
>> +	if (atomic_read(nest_cnt) == 1 && xen_test_irq_pending(irq)) {
>>  		xen_clear_irq_pending(irq);
>>  	} else if (READ_ONCE(*byte) == val) {
>>  		/* Block until irq becomes pending (or a spurious wakeup) */
>>  		xen_poll_irq(irq);
>>  	}
>>  
>> -	local_irq_restore(flags);
>> +	atomic_dec(nest_cnt);
>>  }
>>  
>>  static irqreturn_t dummy_handler(int irq, void *dev_id)
>>
> 
>
Sander Eikelenboom Nov. 9, 2018, 3:29 p.m. UTC | #4
On 09/11/18 16:20, Juergen Gross wrote:
> On 09/11/2018 16:02, Sander Eikelenboom wrote:
>> On 09/11/18 13:04, Juergen Gross wrote:
>>> Commit a856531951dc80 ("xen: make xen_qlock_wait() nestable")
>>> introduced a regression for Xen guests running fully virtualized
>>> (HVM or PVH mode). The Xen hypervisor wouldn't return from the poll
>>> hypercall with interrupts disabled in case of an interrupt (for PV
>>> guests it does).
>>>
>>> So instead of disabling interrupts in xen_qlock_wait() use a nesting
>>> counter to avoid calling xen_clear_irq_pending() in case
>>> xen_qlock_wait() is nested.
>>>
>>> Fixes: a856531951dc80 ("xen: make xen_qlock_wait() nestable")
>>> Cc: stable@vger.kernel.org
>>> Signed-off-by: Juergen Gross <jgross@suse.com>
>>
>> Although you don't seem too interested, you can stick on a:
>> Tested-by: Sander Eikelenboom <linux@eikelenboom.it>
>> if you like.
> 
> I am interested.
> 
> OTOH I wanted to post the patch officially to give others the chance to
> send remarks.

OK, would be nice to at least be CC'ed on patches going upstream when
you have been reporting stuff.

--
Sander


> 
> Juergen
> 
>>
>> --
>> Sander
>>
>>> ---
>>>  arch/x86/xen/spinlock.c | 14 ++++++++------
>>>  1 file changed, 8 insertions(+), 6 deletions(-)
>>>
>>> diff --git a/arch/x86/xen/spinlock.c b/arch/x86/xen/spinlock.c
>>> index 441c88262169..1c8a8816a402 100644
>>> --- a/arch/x86/xen/spinlock.c
>>> +++ b/arch/x86/xen/spinlock.c
>>> @@ -9,6 +9,7 @@
>>>  #include <linux/log2.h>
>>>  #include <linux/gfp.h>
>>>  #include <linux/slab.h>
>>> +#include <linux/atomic.h>
>>>  
>>>  #include <asm/paravirt.h>
>>>  #include <asm/qspinlock.h>
>>> @@ -21,6 +22,7 @@
>>>  
>>>  static DEFINE_PER_CPU(int, lock_kicker_irq) = -1;
>>>  static DEFINE_PER_CPU(char *, irq_name);
>>> +static DEFINE_PER_CPU(atomic_t, xen_qlock_wait_nest);
>>>  static bool xen_pvspin = true;
>>>  
>>>  static void xen_qlock_kick(int cpu)
>>> @@ -39,25 +41,25 @@ static void xen_qlock_kick(int cpu)
>>>   */
>>>  static void xen_qlock_wait(u8 *byte, u8 val)
>>>  {
>>> -	unsigned long flags;
>>>  	int irq = __this_cpu_read(lock_kicker_irq);
>>> +	atomic_t *nest_cnt = this_cpu_ptr(&xen_qlock_wait_nest);
>>>  
>>>  	/* If kicker interrupts not initialized yet, just spin */
>>>  	if (irq == -1 || in_nmi())
>>>  		return;
>>>  
>>> -	/* Guard against reentry. */
>>> -	local_irq_save(flags);
>>> +	/* Detect reentry. */
>>> +	atomic_inc(nest_cnt);
>>>  
>>> -	/* If irq pending already clear it. */
>>> -	if (xen_test_irq_pending(irq)) {
>>> +	/* If irq pending already and no nested call clear it. */
>>> +	if (atomic_read(nest_cnt) == 1 && xen_test_irq_pending(irq)) {
>>>  		xen_clear_irq_pending(irq);
>>>  	} else if (READ_ONCE(*byte) == val) {
>>>  		/* Block until irq becomes pending (or a spurious wakeup) */
>>>  		xen_poll_irq(irq);
>>>  	}
>>>  
>>> -	local_irq_restore(flags);
>>> +	atomic_dec(nest_cnt);
>>>  }
>>>  
>>>  static irqreturn_t dummy_handler(int irq, void *dev_id)
>>>
>>
>>
>
Juergen Gross Nov. 9, 2018, 3:35 p.m. UTC | #5
On 09/11/2018 16:29, Sander Eikelenboom wrote:
> On 09/11/18 16:20, Juergen Gross wrote:
>> On 09/11/2018 16:02, Sander Eikelenboom wrote:
>>> On 09/11/18 13:04, Juergen Gross wrote:
>>>> Commit a856531951dc80 ("xen: make xen_qlock_wait() nestable")
>>>> introduced a regression for Xen guests running fully virtualized
>>>> (HVM or PVH mode). The Xen hypervisor wouldn't return from the poll
>>>> hypercall with interrupts disabled in case of an interrupt (for PV
>>>> guests it does).
>>>>
>>>> So instead of disabling interrupts in xen_qlock_wait() use a nesting
>>>> counter to avoid calling xen_clear_irq_pending() in case
>>>> xen_qlock_wait() is nested.
>>>>
>>>> Fixes: a856531951dc80 ("xen: make xen_qlock_wait() nestable")
>>>> Cc: stable@vger.kernel.org
>>>> Signed-off-by: Juergen Gross <jgross@suse.com>
>>>
>>> Although you don't seem too interested, you can stick on a:
>>> Tested-by: Sander Eikelenboom <linux@eikelenboom.it>
>>> if you like.
>>
>> I am interested.
>>
>> OTOH I wanted to post the patch officially to give others the chance to
>> send remarks.
> 
> OK, would be nice to at least be CC'ed on patches going upstream when
> you have been reporting stuff.

Sorry, my fault.


Juergen

Patch
diff mbox series

diff --git a/arch/x86/xen/spinlock.c b/arch/x86/xen/spinlock.c
index 441c88262169..1c8a8816a402 100644
--- a/arch/x86/xen/spinlock.c
+++ b/arch/x86/xen/spinlock.c
@@ -9,6 +9,7 @@ 
 #include <linux/log2.h>
 #include <linux/gfp.h>
 #include <linux/slab.h>
+#include <linux/atomic.h>
 
 #include <asm/paravirt.h>
 #include <asm/qspinlock.h>
@@ -21,6 +22,7 @@ 
 
 static DEFINE_PER_CPU(int, lock_kicker_irq) = -1;
 static DEFINE_PER_CPU(char *, irq_name);
+static DEFINE_PER_CPU(atomic_t, xen_qlock_wait_nest);
 static bool xen_pvspin = true;
 
 static void xen_qlock_kick(int cpu)
@@ -39,25 +41,25 @@  static void xen_qlock_kick(int cpu)
  */
 static void xen_qlock_wait(u8 *byte, u8 val)
 {
-	unsigned long flags;
 	int irq = __this_cpu_read(lock_kicker_irq);
+	atomic_t *nest_cnt = this_cpu_ptr(&xen_qlock_wait_nest);
 
 	/* If kicker interrupts not initialized yet, just spin */
 	if (irq == -1 || in_nmi())
 		return;
 
-	/* Guard against reentry. */
-	local_irq_save(flags);
+	/* Detect reentry. */
+	atomic_inc(nest_cnt);
 
-	/* If irq pending already clear it. */
-	if (xen_test_irq_pending(irq)) {
+	/* If irq pending already and no nested call clear it. */
+	if (atomic_read(nest_cnt) == 1 && xen_test_irq_pending(irq)) {
 		xen_clear_irq_pending(irq);
 	} else if (READ_ONCE(*byte) == val) {
 		/* Block until irq becomes pending (or a spurious wakeup) */
 		xen_poll_irq(irq);
 	}
 
-	local_irq_restore(flags);
+	atomic_dec(nest_cnt);
 }
 
 static irqreturn_t dummy_handler(int irq, void *dev_id)