From patchwork Thu Feb 6 10:38:33 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Julien Grall X-Patchwork-Id: 11368047 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3797192A for ; Thu, 6 Feb 2020 10:40:04 +0000 (UTC) Received: from lists.xenproject.org (lists.xenproject.org [192.237.175.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id 1DD6320730 for ; Thu, 6 Feb 2020 10:40:03 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 1DD6320730 Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=xen.org Authentication-Results: mail.kernel.org; spf=none smtp.mailfrom=xen-devel-bounces@lists.xenproject.org Received: from localhost ([127.0.0.1] helo=lists.xenproject.org) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1izeYP-00049y-EI; Thu, 06 Feb 2020 10:38:37 +0000 Received: from us1-rack-iad1.inumbo.com ([172.99.69.81]) by lists.xenproject.org with esmtp (Exim 4.89) (envelope-from ) id 1izeYO-00049t-U7 for xen-devel@lists.xenproject.org; Thu, 06 Feb 2020 10:38:36 +0000 X-Inumbo-ID: d419a0a2-48cc-11ea-8952-bc764e2007e4 Received: from mail-wm1-f65.google.com (unknown [209.85.128.65]) by us1-rack-iad1.inumbo.com (Halon) with ESMTPS id d419a0a2-48cc-11ea-8952-bc764e2007e4; Thu, 06 Feb 2020 10:38:36 +0000 (UTC) Received: by mail-wm1-f65.google.com with SMTP id b17so6416452wmb.0 for ; Thu, 06 Feb 2020 02:38:36 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=e7qnaz6GkiY6pKmtiP2RmOD3xGUmtWPxz/kMf2Nt2rY=; b=F68MrAOTpDdNrfl4ln3JPGc1rlBel3GsfZCgmk/sG7qwNN8XAbzvVp5dIEUiN0KzoB 1UKoJ6TzS1Xr8BX1wEWGPdBDgqQOe5kcSE1UiUsqmJE9PdrGBVaSxhgsHNQLw11FF5DU ZseiRzRPPi8ZZjWPUW2iZEGcY5QBK8h4OIGs5B30dL1la7BEd/oumLnElCa9oAOPHyQQ AO2wwZrU7O1IBQJdYpSjo3rFL9X49w1Vd4wjxnfeazZGKs1XTxU1vf4j/4sGifmJTl3k Dq6hWfRdKUMD9ruBHoyUIIraeo6AeO3KSbPLEwf87MwzYrF51/4BEsNE8nHcpbp4unpu A6cQ== X-Gm-Message-State: APjAAAXitnKk3aim90o4nOCySEIbd4qVsFopSn2FCBGocRiD6mrkhnit +7EcQnjBuRAhB1i2DHAREEH9SYWz X-Google-Smtp-Source: APXvYqzMT+SVjc8loVg+B4bOqgDZnfLuy/9QJn6+pELS2JYeaAAkLIj+FA4bnQ35NgUFli4PrxvQ2g== X-Received: by 2002:a1c:a584:: with SMTP id o126mr3642558wme.163.1580985515179; Thu, 06 Feb 2020 02:38:35 -0800 (PST) Received: from ufe34d9ed68d054.ant.amazon.com (54-240-197-235.amazon.com. [54.240.197.235]) by smtp.gmail.com with ESMTPSA id i3sm331904wrc.6.2020.02.06.02.38.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 06 Feb 2020 02:38:34 -0800 (PST) From: Julien Grall To: xen-devel@lists.xenproject.org Date: Thu, 6 Feb 2020 10:38:33 +0000 Message-Id: <20200206103833.15355-1-julien@xen.org> X-Mailer: git-send-email 2.17.1 Subject: [Xen-devel] [PATCH v2] xen/mm: Avoid assuming the page is inuse in assign_pages() X-BeenThere: xen-devel@lists.xenproject.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Xen developer discussion List-Unsubscribe: , List-Post: List-Help: List-Subscribe: , Cc: pdurrant@amazon.com, julien@xen.org, Julien Grall MIME-Version: 1.0 Errors-To: xen-devel-bounces@lists.xenproject.org Sender: "Xen-devel" From: Julien Grall At the moment, assign_pages() on the page to be inuse (PGC_state_inuse) and the state value to be 0. However, the code may race with the page offlining code (see offline_page()). Depending on the ordering, the page may be in offlining state (PGC_state_offlining) before it is assigned to a domain. On debug build, this may result to hit the assert or just clobber the state. On non-debug build, the state will get clobbered. Incidentally the flag PGC_broken will get clobbered as well. Grab the heap_lock to prevent a race with offline_page() and keep the state and broken flag around. Signed-off-by: Julien Grall --- Changes in v2: - Superseed <20200204133357.32101-1-julien@xen.org> - Fix the race with offline_page() --- xen/common/page_alloc.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/xen/common/page_alloc.c b/xen/common/page_alloc.c index 97902d42c1..a684dbf37c 100644 --- a/xen/common/page_alloc.c +++ b/xen/common/page_alloc.c @@ -2283,15 +2283,27 @@ int assign_pages( get_knownalive_domain(d); } + spin_lock(&heap_lock); for ( i = 0; i < (1 << order); i++ ) { + /* + * We should only be here if the page is inuse or offlining. + * The latter happen if we race with mark_page_offline() as we + * don't hold the heap_lock. + */ + ASSERT(page_state_is(&pg[i], inuse) || + page_state_is(&pg[i], offlining)); + ASSERT(!(pg[i].count_info & ~(PGC_state | PGC_broken))); ASSERT(page_get_owner(&pg[i]) == NULL); - ASSERT(!pg[i].count_info); page_set_owner(&pg[i], d); smp_wmb(); /* Domain pointer must be visible before updating refcnt. */ - pg[i].count_info = PGC_allocated | 1; + + pg[i].count_info &= PGC_state | PGC_broken; + pg[i].count_info |= PGC_allocated | 1; + page_list_add_tail(&pg[i], &d->page_list); } + spin_unlock(&heap_lock); out: spin_unlock(&d->page_alloc_lock);