From patchwork Wed Jan 29 09:28:07 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Varad Gautam X-Patchwork-Id: 11355741 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 615B5924 for ; Wed, 29 Jan 2020 09:29:36 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 3D98320716 for ; Wed, 29 Jan 2020 09:29:36 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=amazon.de header.i=@amazon.de header.b="i7wBOiSU" DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 3D98320716 Authentication-Results: mail.kernel.org; dmarc=fail (p=quarantine dis=none) header.from=amazon.de Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iwje7-0007Qx-IX; Wed, 29 Jan 2020 09:28:27 +0000 Received: from all-amaz-eas1.inumbo.com ([34.197.232.57] helo=us1-amaz-eas2.inumbo.com) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1iwje6-0007Qk-Ea for xen-devel@lists.xenproject.org; Wed, 29 Jan 2020 09:28:26 +0000 X-Inumbo-ID: b3a587f4-4279-11ea-885e-12813bfff9fa Received: from smtp-fw-2101.amazon.com (unknown [72.21.196.25]) by us1-amaz-eas2.inumbo.com (Halon) with ESMTPS id b3a587f4-4279-11ea-885e-12813bfff9fa; Wed, 29 Jan 2020 09:28:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.de; i=@amazon.de; q=dns/txt; s=amazon201209; t=1580290107; x=1611826107; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=xNIgQDpC4hWiI4vjE+YyDKoeJyG8ne9nKinyDj3a61c=; b=i7wBOiSUT6EhexKSKIiEIcSXznnkiJ9sMhoDGNFQAOG0BVCC/FB/fVkJ 7Wi6rSkOUz2rVNfnVGLhrYPwb4jHEqUowZj0gElaf3cF4g2yqeMWiTsS2 jBm4D6s9sA8pPWmPQO/Bomu15zYTU5TcWd1vcZs1k7/5rdAO3nJBKoxbS 4=; IronPort-SDR: pPQnSxj0VsfNz90SZVJTDRwlOVCq68ILWm4CH/LYTN1EBvgagdOtASESyVG5e6F4GLkGqT6HJT hqA6OuuwAkIw== X-IronPort-AV: E=Sophos;i="5.70,377,1574121600"; d="scan'208";a="14726706" Received: from iad12-co-svc-p1-lb1-vlan2.amazon.com (HELO email-inbound-relay-2b-a7fdc47a.us-west-2.amazon.com) ([10.43.8.2]) by smtp-border-fw-out-2101.iad2.amazon.com with ESMTP; 29 Jan 2020 09:28:25 +0000 Received: from EX13MTAUEA002.ant.amazon.com (pdx4-ws-svc-p6-lb7-vlan2.pdx.amazon.com [10.170.41.162]) by email-inbound-relay-2b-a7fdc47a.us-west-2.amazon.com (Postfix) with ESMTPS id 1466BC5B73; Wed, 29 Jan 2020 09:28:24 +0000 (UTC) Received: from EX13D22EUA004.ant.amazon.com (10.43.165.129) by EX13MTAUEA002.ant.amazon.com (10.43.61.77) with Microsoft SMTP Server (TLS) id 15.0.1236.3; Wed, 29 Jan 2020 09:28:24 +0000 Received: from EX13MTAUWA001.ant.amazon.com (10.43.160.58) by EX13D22EUA004.ant.amazon.com (10.43.165.129) with Microsoft SMTP Server (TLS) id 15.0.1367.3; Wed, 29 Jan 2020 09:28:22 +0000 Received: from u908889d5e8f057.ant.amazon.com (10.28.86.33) by mail-relay.amazon.com (10.43.160.118) with Microsoft SMTP Server id 15.0.1367.3 via Frontend Transport; Wed, 29 Jan 2020 09:28:19 +0000 From: Varad Gautam To: Date: Wed, 29 Jan 2020 10:28:07 +0100 Message-ID: <1580290087-20636-1-git-send-email-vrd@amazon.de> X-Mailer: git-send-email 2.7.4 MIME-Version: 1.0 Precedence: Bulk Subject: [Xen-devel] [PATCH v3] x86: irq: Do not BUG_ON multiple unbind calls for shared pirqs X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: Andrew Cooper , Varad Gautam , Julien Grall , =?utf-8?q?Roger_Pau_Monn=C3=A9?= Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" XEN_DOMCTL_destroydomain creates a continuation if domain_kill -ERESTARTS. In that scenario, it is possible to receive multiple _pirq_guest_unbind calls for the same pirq from domain_kill, if the pirq has not yet been removed from the domain's pirq_tree, as: domain_kill() -> domain_relinquish_resources() -> pci_release_devices() -> pci_clean_dpci_irq() -> pirq_guest_unbind() -> __pirq_guest_unbind() For a shared pirq (nr_guests > 1), the first call would zap the current domain from the pirq's guests[] list, but the action handler is never freed as there are other guests using this pirq. As a result, on the second call, __pirq_guest_unbind searches for the current domain which has been removed from the guests[] list, and hits a BUG_ON. Make __pirq_guest_unbind safe to be called multiple times by letting xen continue if a shared pirq has already been unbound from this guest. The PIRQ will be cleaned up from the domain's pirq_tree during the destruction in complete_domain_destroy anyways. Signed-off-by: Varad Gautam Reviewed-by: Paul Durrant CC: Jan Beulich CC: Julien Grall CC: Roger Pau Monné CC: Andrew Cooper v2: Split the check on action->nr_guests > 0 and make it an ASSERT. v3: Style fixups. --- xen/arch/x86/irq.c | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) diff --git a/xen/arch/x86/irq.c b/xen/arch/x86/irq.c index 310ac00..4b172eb 100644 --- a/xen/arch/x86/irq.c +++ b/xen/arch/x86/irq.c @@ -1681,7 +1681,20 @@ static irq_guest_action_t *__pirq_guest_unbind( for ( i = 0; (i < action->nr_guests) && (action->guest[i] != d); i++ ) continue; - BUG_ON(i == action->nr_guests); + if ( i == action->nr_guests ) + { + ASSERT(action->nr_guests > 0); + /* + * In case the pirq was shared, unbound for this domain in an earlier + * call, but still existed on the domain's pirq_tree, we still reach + * here if there are any later unbind calls on the same pirq. Return + * if such an unbind happens. + */ + if ( action->shareable ) + return NULL; + BUG(); + } + memmove(&action->guest[i], &action->guest[i+1], (action->nr_guests-i-1) * sizeof(action->guest[0])); action->nr_guests--;