From nobody Fri Apr 26 18:40:13 2024 Delivered-To: importer@patchew.org Received-SPF: none (zohomail.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; spf=none (zohomail.com: 192.237.175.120 is neither permitted nor denied by domain of lists.xenproject.org) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1580985575040472.14450105802393; Thu, 6 Feb 2020 02:39:35 -0800 (PST) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1izeYP-00049y-EI; Thu, 06 Feb 2020 10:38:37 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1izeYO-00049t-U7 for xen-devel@lists.xenproject.org; Thu, 06 Feb 2020 10:38:36 +0000 Received: from mail-wm1-f65.google.com (unknown [209.85.128.65]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id d419a0a2-48cc-11ea-8952-bc764e2007e4; Thu, 06 Feb 2020 10:38:36 +0000 (UTC) Received: by mail-wm1-f65.google.com with SMTP id b17so6416452wmb.0 for ; Thu, 06 Feb 2020 02:38:36 -0800 (PST) Received: from ufe34d9ed68d054.ant.amazon.com (54-240-197-235.amazon.com. [54.240.197.235]) by smtp.gmail.com with ESMTPSA id i3sm331904wrc.6.2020.02.06.02.38.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 06 Feb 2020 02:38:34 -0800 (PST) X-Inumbo-ID: d419a0a2-48cc-11ea-8952-bc764e2007e4 X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=e7qnaz6GkiY6pKmtiP2RmOD3xGUmtWPxz/kMf2Nt2rY=; b=F68MrAOTpDdNrfl4ln3JPGc1rlBel3GsfZCgmk/sG7qwNN8XAbzvVp5dIEUiN0KzoB 1UKoJ6TzS1Xr8BX1wEWGPdBDgqQOe5kcSE1UiUsqmJE9PdrGBVaSxhgsHNQLw11FF5DU ZseiRzRPPi8ZZjWPUW2iZEGcY5QBK8h4OIGs5B30dL1la7BEd/oumLnElCa9oAOPHyQQ AO2wwZrU7O1IBQJdYpSjo3rFL9X49w1Vd4wjxnfeazZGKs1XTxU1vf4j/4sGifmJTl3k Dq6hWfRdKUMD9ruBHoyUIIraeo6AeO3KSbPLEwf87MwzYrF51/4BEsNE8nHcpbp4unpu A6cQ== X-Gm-Message-State: APjAAAXitnKk3aim90o4nOCySEIbd4qVsFopSn2FCBGocRiD6mrkhnit +7EcQnjBuRAhB1i2DHAREEH9SYWz X-Google-Smtp-Source: APXvYqzMT+SVjc8loVg+B4bOqgDZnfLuy/9QJn6+pELS2JYeaAAkLIj+FA4bnQ35NgUFli4PrxvQ2g== X-Received: by 2002:a1c:a584:: with SMTP id o126mr3642558wme.163.1580985515179; Thu, 06 Feb 2020 02:38:35 -0800 (PST) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Thu, 6 Feb 2020 10:38:33 +0000 Message-Id: <20200206103833.15355-1-julien@xen.org> X-Mailer: git-send-email 2.17.1 Subject: [Xen-devel] [PATCH v2] xen/mm: Avoid assuming the page is inuse in assign_pages() X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: pdurrant@amazon.com, julien@xen.org, Julien Grall MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" From: Julien Grall At the moment, assign_pages() on the page to be inuse (PGC_state_inuse) and the state value to be 0. However, the code may race with the page offlining code (see offline_page()). Depending on the ordering, the page may be in offlining state (PGC_state_offlining) before it is assigned to a domain. On debug build, this may result to hit the assert or just clobber the state. On non-debug build, the state will get clobbered. Incidentally the flag PGC_broken will get clobbered as well. Grab the heap_lock to prevent a race with offline_page() and keep the state and broken flag around. Signed-off-by: Julien Grall --- Changes in v2: - Superseed <20200204133357.32101-1-julien@xen.org> - Fix the race with offline_page() --- xen/common/page_alloc.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/xen/common/page_alloc.c b/xen/common/page_alloc.c index 97902d42c1..a684dbf37c 100644 --- a/xen/common/page_alloc.c +++ b/xen/common/page_alloc.c @@ -2283,15 +2283,27 @@ int assign_pages( get_knownalive_domain(d); } =20 + spin_lock(&heap_lock); for ( i =3D 0; i < (1 << order); i++ ) { + /* + * We should only be here if the page is inuse or offlining. + * The latter happen if we race with mark_page_offline() as we + * don't hold the heap_lock. + */ + ASSERT(page_state_is(&pg[i], inuse) || + page_state_is(&pg[i], offlining)); + ASSERT(!(pg[i].count_info & ~(PGC_state | PGC_broken))); ASSERT(page_get_owner(&pg[i]) =3D=3D NULL); - ASSERT(!pg[i].count_info); page_set_owner(&pg[i], d); smp_wmb(); /* Domain pointer must be visible before updating refcn= t. */ - pg[i].count_info =3D PGC_allocated | 1; + + pg[i].count_info &=3D PGC_state | PGC_broken; + pg[i].count_info |=3D PGC_allocated | 1; + page_list_add_tail(&pg[i], &d->page_list); } + spin_unlock(&heap_lock); =20 out: spin_unlock(&d->page_alloc_lock); --=20 2.17.1 _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel