From patchwork Tue Oct 16 17:56:24 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Marcelo Tosatti X-Patchwork-Id: 1602041 Return-Path: X-Original-To: patchwork-kvm@patchwork.kernel.org Delivered-To: patchwork-process-083081@patchwork1.kernel.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by patchwork1.kernel.org (Postfix) with ESMTP id A79CB40AEC for ; Tue, 16 Oct 2012 18:00:03 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755614Ab2JPR7y (ORCPT ); Tue, 16 Oct 2012 13:59:54 -0400 Received: from mx1.redhat.com ([209.132.183.28]:49217 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755476Ab2JPR7x (ORCPT ); Tue, 16 Oct 2012 13:59:53 -0400 Received: from int-mx12.intmail.prod.int.phx2.redhat.com (int-mx12.intmail.prod.int.phx2.redhat.com [10.5.11.25]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id q9GHxn4l001325 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Tue, 16 Oct 2012 13:59:49 -0400 Received: from amt.cnet (vpn-200-116.tlv.redhat.com [10.35.200.116]) by int-mx12.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id q9GHxjG2030237; Tue, 16 Oct 2012 13:59:48 -0400 Received: from amt.cnet (amt.cnet [127.0.0.1]) by amt.cnet (Postfix) with ESMTP id D00D168A2E6; Tue, 16 Oct 2012 14:58:59 -0300 (BRT) Received: (from marcelo@localhost) by amt.cnet (8.14.5/8.14.5/Submit) id q9GHwuf3008549; Tue, 16 Oct 2012 14:58:56 -0300 Message-Id: <20121016180137.513855326@redhat.com> User-Agent: quilt/0.47-1 Date: Tue, 16 Oct 2012 14:56:24 -0300 From: Marcelo Tosatti To: kvm@vger.kernel.org Cc: johnstul@us.ibm.com, jeremy@goop.org, Marcelo Tosatti Subject: [patch 05/15] x86: pvclock: fix flags usage race References: <20121016175619.194848607@redhat.com> Content-Disposition: inline; filename=04-pvclock-read-cycles-return-flags X-Scanned-By: MIMEDefang 2.68 on 10.5.11.25 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org Validity of values returned by pvclock (including flags) is guaranteed by version checks. That is, read of src->flags outside version check protection can refer to a different paravirt clock update by the hypervisor. Signed-off-by: Marcelo Tosatti --- To unsubscribe from this list: send the line "unsubscribe kvm" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Index: vsyscall/arch/x86/include/asm/pvclock.h =================================================================== --- vsyscall.orig/arch/x86/include/asm/pvclock.h +++ vsyscall/arch/x86/include/asm/pvclock.h @@ -66,18 +66,21 @@ u64 pvclock_get_nsec_offset(const struct static __always_inline unsigned __pvclock_read_cycles(const struct pvclock_vcpu_time_info *src, - cycle_t *cycles) + cycle_t *cycles, u8 *flags) { unsigned version; cycle_t ret, offset; + u8 ret_flags; version = src->version; rdtsc_barrier(); offset = pvclock_get_nsec_offset(src); ret = src->system_time + offset; + ret_flags = src->flags; rdtsc_barrier(); *cycles = ret; + *flags = ret_flags; return version; } Index: vsyscall/arch/x86/kernel/pvclock.c =================================================================== --- vsyscall.orig/arch/x86/kernel/pvclock.c +++ vsyscall/arch/x86/kernel/pvclock.c @@ -50,13 +50,14 @@ cycle_t pvclock_clocksource_read(struct unsigned version; cycle_t ret; u64 last; + u8 flags; do { - version = __pvclock_read_cycles(src, &ret); + version = __pvclock_read_cycles(src, &ret, &flags); } while ((src->version & 1) || version != src->version); if ((valid_flags & PVCLOCK_TSC_STABLE_BIT) && - (src->flags & PVCLOCK_TSC_STABLE_BIT)) + (flags & PVCLOCK_TSC_STABLE_BIT)) return ret; /*