[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH] VMX: sync CPU state upon vCPU destruction

To: "JBeulich@xxxxxxxx" <JBeulich@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxxxxxxxxx>
From: Sergey Dyasli <sergey.dyasli@xxxxxxxxxx>
Date: Fri, 10 Nov 2017 08:41:22 +0000
Accept-language: en-GB, en-US
Cc: Igor Druzhinin <igor.druzhinin@xxxxxxxxxx>, Kevin Tian <kevin.tian@xxxxxxxxx>, Sergey Dyasli <sergey.dyasli@xxxxxxxxxx>, Andrew Cooper <Andrew.Cooper3@xxxxxxxxxx>, "julien.grall@xxxxxxx" <julien.grall@xxxxxxx>, "raistlin@xxxxxxxx" <raistlin@xxxxxxxx>, "jun.nakajima@xxxxxxxxx" <jun.nakajima@xxxxxxxxx>
Delivery-date: Fri, 10 Nov 2017 08:42:08 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>
Thread-index: AQHTWWo5hdIM4pJks0asIwKvgMT4qqMNO8cA
Thread-topic: [Xen-devel] [PATCH] VMX: sync CPU state upon vCPU destruction

On Thu, 2017-11-09 at 07:49 -0700, Jan Beulich wrote:
> See the code comment being added for why we need this.
> 
> Reported-by: Igor Druzhinin <igor.druzhinin@xxxxxxxxxx>
> Signed-off-by: Jan Beulich <jbeulich@xxxxxxxx>
> 
> --- a/xen/arch/x86/hvm/vmx/vmx.c
> +++ b/xen/arch/x86/hvm/vmx/vmx.c
> @@ -479,7 +479,13 @@ static void vmx_vcpu_destroy(struct vcpu
>       * we should disable PML manually here. Note that vmx_vcpu_destroy is 
> called
>       * prior to vmx_domain_destroy so we need to disable PML for each vcpu
>       * separately here.
> +     *
> +     * Before doing that though, flush all state for the vCPU previously 
> having
> +     * run on the current CPU, so that this flushing of state won't happen 
> from
> +     * the TLB flush IPI handler behind the back of a vmx_vmcs_enter() /
> +     * vmx_vmcs_exit() section.
>       */
> +    sync_local_execstate();
>      vmx_vcpu_disable_pml(v);
>      vmx_destroy_vmcs(v);
>      passive_domain_destroy(v);

This patch fixes only one particular issue and not the general problem.
What if vmcs is cleared, possibly in some future code, at another place?

The original intent of vmx_vmcs_reload() is correct: it lazily loads
the vmcs when it's needed. It's just the logic which checks for
v->is_running inside vmx_ctxt_switch_from() is flawed: v might be
"running" on another pCPU.

IMHO there are 2 possible solutions:

    1. Add additional pCPU check into vmx_ctxt_switch_from()
    2. Drop v->is_running check inside vmx_ctxt_switch_from() making
       vmx_vmcs_reload() unconditional.

Thanks,
Sergey
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH] VMX: sync CPU state upon vCPU destruction
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH] VMX: sync CPU state upon vCPU destruction
  - From: Dario Faggioli

References:
- [Xen-devel] [PATCH] VMX: sync CPU state upon vCPU destruction
  - From: Jan Beulich

Prev by Date: [Xen-devel] [PATCH v2 2/2] x86/mm: fix a potential race condition in modify_xen_mappings().
Next by Date: Re: [Xen-devel] [xen-unstable test] 115555: regressions - FAIL
Previous by thread: Re: [Xen-devel] [PATCH] VMX: sync CPU state upon vCPU destruction
Next by thread: Re: [Xen-devel] [PATCH] VMX: sync CPU state upon vCPU destruction
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.