From nobody Fri May 3 11:54:38 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) client-ip=192.237.175.120; envelope-from=xen-devel-bounces@lists.xenproject.org; helo=lists.xenproject.org; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org ARC-Seal: i=1; a=rsa-sha256; t=1600803089; cv=none; d=zohomail.com; s=zohoarc; b=SBKrF5ZSR9RkNzIZkoLk3Yec97W5BbTNgLzC/j7uFz8Ig+vMaFbUWwOGA2YhtN599LTBPetmoCgFsVsFQyttPUV08/ps7xeAZZTt0wS3QUMDsGNUHofv5uKnpvID9qBwxRP9GAcgvgFX2cEktk2DWFeGzvEppsR2KBxOBnP0G6w= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1600803089; h=Cc:Date:From:List-Subscribe:List-Post:List-Id:List-Help:List-Unsubscribe:Message-ID:Sender:Subject:To; bh=ELBXVt1YC1Qe7ZCtCl75qu55Vh/Op3lvAE15ZVrRx0Y=; b=OwY8HAfoGFE7kmJKhqGdU3POXBVPh1+F4D1OiCWGciFr2NJJ+0ICO9RlQK6O4sBs2mAVd8b69OmYjPN2PBorbi6yBcfrRc8PYKwKW608VKd7/tqBNn4S2nHGX07q24PQYXBd/D+4n0Dks/uakZJ4RGfV0kEl5kH73X77ee02jFs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of lists.xenproject.org designates 192.237.175.120 as permitted sender) smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Return-Path: Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) by mx.zohomail.com with SMTPS id 1600803089912515.2847116420265; Tue, 22 Sep 2020 12:31:29 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kKo0P-0007um-Kp; Tue, 22 Sep 2020 19:31:13 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kKo0O-0007uT-9u for xen-devel@lists.xenproject.org; Tue, 22 Sep 2020 19:31:12 +0000 Received: from mail.xenproject.org (unknown [104.130.215.37]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id f1bf7b1d-ca89-41a5-93ad-9b81dc24f978; Tue, 22 Sep 2020 19:31:11 +0000 (UTC) Received: from xenbits.xenproject.org ([104.239.192.120]) by mail.xenproject.org with esmtp (Exim 4.92) (envelope-from ) id 1kKo0M-0006vT-Hv; Tue, 22 Sep 2020 19:31:10 +0000 Received: from 54-240-197-235.amazon.com ([54.240.197.235] helo=ufe34d9ed68d054.ant.amazon.com) by xenbits.xenproject.org with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1kKo0M-0001Ol-7y; Tue, 22 Sep 2020 19:31:10 +0000 X-Inumbo-ID: f1bf7b1d-ca89-41a5-93ad-9b81dc24f978 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xen.org; s=20200302mail; h=Message-Id:Date:Subject:Cc:To:From; bh=ELBXVt1YC1Qe7ZCtCl75qu55Vh/Op3lvAE15ZVrRx0Y=; b=MR3f16SzaVCy/g/mW16ug8/6zt roLS5I+3Tx7LH/MD9mfOHrzB9YI70NKTJZs3irB+TCOi7/K30YgmWNpIzXceu6BxSg3QKdDE2JsuO xfGdHg6HY2QT3HPEnMetH+Umc2XAfLpauKqGODFqlrb6+I3eAbbcxLpUKQrU6aYeZbVM=; From: Julien Grall To: xen-devel@lists.xenproject.org Cc: julien@xen.org, Julien Grall , Stefano Stabellini , Volodymyr Babchuk , Andrew Cooper , Jan Beulich , George Dunlap , Dario Faggioli , Bertrand Marquis Subject: [RESEND][PATCH] xen/arm: sched: Ensure the vCPU context is seen before vcpu_pause() returns Date: Tue, 22 Sep 2020 20:31:04 +0100 Message-Id: <20200922193104.20604-1-julien@xen.org> X-Mailer: git-send-email 2.17.1 X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" X-ZohoMail-DKIM: pass (identity @xen.org) Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" From: Julien Grall Some callers of vcpu_pause() will expect to access the latest vcpu context when the function returns (see XENDOMCTL_{set,get}vcpucontext}. However, the latest vCPU context can only be observed after v->is_running has been observed to be false. As there is no memory barrier instruction generated, a processor could try to speculatively access the vCPU context before it was observed. To prevent the corruption of the vCPU context, we need to insert a memory barrier instruction after v->is_running is observed and before the context is accessed. This barrier is added in sync_vcpu_execstate() as it seems to be the place where we expect the synchronization to happen. Signed-off-by: Julien Grall Acked-by: Stefano Stabellini Reviewed-by: Bertrand Marquis --- Cc: Andrew Cooper Cc: Jan Beulich Cc: George Dunlap Cc: Dario Faggioli Cc: Bertrand Marquis I am also adding the x86 and scheduler maintainers because I am not sure whether this barrier should be part of the common code instead. --- xen/arch/arm/domain.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/xen/arch/arm/domain.c b/xen/arch/arm/domain.c index 9258f6d3faa2..3b37f899b9da 100644 --- a/xen/arch/arm/domain.c +++ b/xen/arch/arm/domain.c @@ -371,7 +371,20 @@ void sync_local_execstate(void) =20 void sync_vcpu_execstate(struct vcpu *v) { - /* Nothing to do -- no lazy switching */ + /* + * We don't support lazy switching. + * + * However the context may have been saved from a remote pCPU so we + * need a barrier to ensure it is observed before continuing. + * + * Per vcpu_context_saved(), the context can be observed when + * v->is_running is false (the caller should check it before calling + * this function). + * + * Note this is a full barrier to also prevent update of the context + * to happen before it was observed. + */ + smp_mb(); } =20 #define NEXT_ARG(fmt, args) = \ --=20 2.17.1