[33/47] rcu: Introduce force_rcu notifier

Message ID	20211215000125.378126-34-michael.roth@amd.com (mailing list archive)
State	New, archived
Headers	show Return-Path: <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org> Received-SPF: Pass (protection.outlook.com: domain of amd.com designates 165.204.84.17 as permitted sender) receiver=protection.outlook.com; client-ip=165.204.84.17; helo=SATLEXMB03.amd.com; From: Michael Roth <michael.roth@amd.com> To: <qemu-devel@nongnu.org> CC: <qemu-stable@nongnu.org>, Greg Kurz <groug@kaod.org>, Paolo Bonzini <pbonzini@redhat.com>, Richard Henderson <richard.henderson@linaro.org> Subject: [PATCH 33/47] rcu: Introduce force_rcu notifier Date: Tue, 14 Dec 2021 18:01:11 -0600 Message-ID: <20211215000125.378126-34-michael.roth@amd.com> In-Reply-To: <20211215000125.378126-1-michael.roth@amd.com> References: <20211215000125.378126-1-michael.roth@amd.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain Received-SPF: softfail client-ip=40.107.94.65; envelope-from=Michael.Roth@amd.com; helo=NAM10-MW2-obe.outbound.protection.outlook.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action Precedence: list Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org Sender: "Qemu-devel" <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>
Series	Patch Round-up for stable 6.1.1, freeze on 2021-12-21 \| expand [00/47] Patch Round-up for stable 6.1.1, freeze on 2021-12-21 [01/47] virtio-balloon: don't start free page hinting if postcopy is possible [02/47] target/arm: Don't skip M-profile reset entirely in user mode [03/47] virtio-net: fix use after unmap/free for sg [04/47] qemu-nbd: Change default cache mode to writeback [05/47] hmp: Unbreak "change vnc" [06/47] virtio-mem-pci: Fix memory leak when creating MEMORY_DEVICE_SIZE_CHANGE event [07/47] uas: add stream number sanity checks. [08/47] vhost-user: fix duplicated notifier MR init [09/47] libvhost-user: fix VHOST_USER_REM_MEM_REG skipping mmap_addr [10/47] hw/display/artist: Fix bug in coordinate extraction in artist_vram_read() and artist_vram_w… [11/47] i386/cpu: Remove AVX_VNNI feature from Cooperlake cpu model [12/47] 9pfs: fix crash in v9fs_walk() [13/47] plugins/execlog: removed unintended "s" at the end of log lines. [14/47] plugins: do not limit exported symbols if modules are active [15/47] qemu-sockets: fix unix socket path copy (again) [16/47] vhost-vsock: fix migration issue when seqpacket is supported [17/47] hw/arm/virt: Rename default_bus_bypass_iommu [18/47] hw/i386: Rename default_bus_bypass_iommu [19/47] bios-tables-test: allow changes in DSDT ACPI tables for q35 [20/47] hw/i386/acpi: fix conflicting IO address range for acpi pci hotplug in q35 [21/47] bios-tables-test: Update ACPI DSDT table golden blobs for q35 [22/47] block: introduce max_hw_iov for use in scsi-generic [23/47] pci: fix PCI resource reserve capability on BE [24/47] tests/acpi/bios-tables-test: add and allow changes to a new q35 DSDT table blob [25/47] tests/acpi/pcihp: add unit tests for hotplug on multifunction bridges for q35 [26/47] tests/acpi/bios-tables-test: update DSDT blob for multifunction bridge test [27/47] block/file-posix: Fix return value translation for AIO discards [28/47] Partially revert "build: -no-pie is no functional linker flag" [29/47] target-i386: mmu: use pg_mode instead of HF_LMA_MASK [30/47] target-i386: mmu: fix handling of noncanonical virtual addresses [31/47] hw/scsi/scsi-disk: MODE_PAGE_ALLS not allowed in MODE SELECT commands [32/47] hw: m68k: virt: Add compat machine for 6.1 [33/47] rcu: Introduce force_rcu notifier [34/47] accel/tcg: Register a force_rcu notifier [35/47] pcie: rename 'native-hotplug' to 'x-native-hotplug' [36/47] virtio: use virtio accessor to access packed descriptor flags [37/47] virtio: use virtio accessor to access packed event [38/47] vfio: Fix memory leak of hostwin [39/47] nbd/server: Don't complain on certain client disconnects [40/47] hw/nvme: fix buffer overrun in nvme_changed_nslist (CVE-2021-3947) [41/47] chardev/wctable: don't free the instance in wctablet_chr_finalize [42/47] hw/block/fdc: Extract blk_create_empty_drive() [43/47] hw/block/fdc: Kludge missing floppy drive to fix CVE-2021-20196 [44/47] tests/qtest/fdc-test: Add a regression test for CVE-2021-20196 [45/47] virtio-blk: Fix clean up of host notifiers for single MR transaction. [46/47] net: vmxnet3: validate configuration values during activate (CVE-2021-20203) [47/47] e1000: fix tx re-entrancy problem

Message ID

20211215000125.378126-34-michael.roth@amd.com (mailing list archive)

State

New, archived

Headers

Received-SPF: Pass (protection.outlook.com: domain of amd.com designates
 165.204.84.17 as permitted sender) receiver=protection.outlook.com;
 client-ip=165.204.84.17; helo=SATLEXMB03.amd.com;
From: Michael Roth <michael.roth@amd.com>
To: <qemu-devel@nongnu.org>
CC: <qemu-stable@nongnu.org>, Greg Kurz <groug@kaod.org>, Paolo Bonzini
 <pbonzini@redhat.com>, Richard Henderson <richard.henderson@linaro.org>
Subject: [PATCH 33/47] rcu: Introduce force_rcu notifier
Date: Tue, 14 Dec 2021 18:01:11 -0600
Message-ID: <20211215000125.378126-34-michael.roth@amd.com>
In-Reply-To: <20211215000125.378126-1-michael.roth@amd.com>
References: <20211215000125.378126-1-michael.roth@amd.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 15 Dec 2021 00:12:48.9971 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 36de5dc2-503a-48b7-7c62-08d9bf5fa0d6
X-MS-Exchange-CrossTenant-Id: 3dd8961f-e488-4e60-8e11-a82d994e183d
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: 
 TenantId=3dd8961f-e488-4e60-8e11-a82d994e183d; Ip=[165.204.84.17];
 Helo=[SATLEXMB03.amd.com]
X-MS-Exchange-CrossTenant-AuthSource: 
 DM6NAM11FT013.eop-nam11.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN9PR12MB5049
Received-SPF: softfail client-ip=40.107.94.65;
 envelope-from=Michael.Roth@amd.com;
 helo=NAM10-MW2-obe.outbound.protection.outlook.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_PASS=-0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <https://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
 <mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org
Sender: "Qemu-devel"
 <qemu-devel-bounces+qemu-devel=archiver.kernel.org@nongnu.org>

Series

Patch Round-up for stable 6.1.1, freeze on 2021-12-21 | expand

Commit Message

Michael Roth Dec. 15, 2021, 12:01 a.m. UTC

From: Greg Kurz <groug@kaod.org>

The drain_rcu_call() function can be blocked as long as an RCU reader
stays in a read-side critical section. This is typically what happens
when a TCG vCPU is executing a busy loop. It can deadlock the QEMU
monitor as reported in https://gitlab.com/qemu-project/qemu/-/issues/650 .

This can be avoided by allowing drain_rcu_call() to enforce an RCU grace
period. Since each reader might need to do specific actions to end a
read-side critical section, do it with notifiers.

Prepare ground for this by adding a notifier list to the RCU reader
struct and use it in wait_for_readers() if drain_rcu_call() is in
progress. An API is added for readers to register their notifiers.

This is largely based on a draft from Paolo Bonzini.

Suggested-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Greg Kurz <groug@kaod.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20211109183523.47726-2-groug@kaod.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit ef149763a8fcce70b85dfda27cc1222ecf765750)
Signed-off-by: Michael Roth <michael.roth@amd.com>
---
 include/qemu/rcu.h | 15 +++++++++++++++
 util/rcu.c         | 19 +++++++++++++++++++
 2 files changed, 34 insertions(+)

diff --git a/include/qemu/rcu.h b/include/qemu/rcu.h
index 515d327cf1..e69efbd47f 100644
--- a/include/qemu/rcu.h
+++ b/include/qemu/rcu.h
@@ -27,6 +27,7 @@ 
 #include "qemu/thread.h"
 #include "qemu/queue.h"
 #include "qemu/atomic.h"
+#include "qemu/notify.h"
 #include "qemu/sys_membarrier.h"
 
 #ifdef __cplusplus
@@ -66,6 +67,13 @@  struct rcu_reader_data {
 
     /* Data used for registry, protected by rcu_registry_lock */
     QLIST_ENTRY(rcu_reader_data) node;
+
+    /*
+     * NotifierList used to force an RCU grace period.  Accessed under
+     * rcu_registry_lock.  Note that the notifier is called _outside_
+     * the thread!
+     */
+    NotifierList force_rcu;
 };
 
 extern __thread struct rcu_reader_data rcu_reader;
@@ -180,6 +188,13 @@  G_DEFINE_AUTOPTR_CLEANUP_FUNC(RCUReadAuto, rcu_read_auto_unlock)
 #define RCU_READ_LOCK_GUARD() \
     g_autoptr(RCUReadAuto) _rcu_read_auto __attribute__((unused)) = rcu_read_auto_lock()
 
+/*
+ * Force-RCU notifiers tell readers that they should exit their
+ * read-side critical section.
+ */
+void rcu_add_force_rcu_notifier(Notifier *n);
+void rcu_remove_force_rcu_notifier(Notifier *n);
+
 #ifdef __cplusplus
 }
 #endif
diff --git a/util/rcu.c b/util/rcu.c
index 13ac0f75cb..c91da9f137 100644
--- a/util/rcu.c
+++ b/util/rcu.c
@@ -46,6 +46,7 @@ 
 unsigned long rcu_gp_ctr = RCU_GP_LOCKED;
 
 QemuEvent rcu_gp_event;
+static int in_drain_call_rcu;
 static QemuMutex rcu_registry_lock;
 static QemuMutex rcu_sync_lock;
 
@@ -107,6 +108,8 @@  static void wait_for_readers(void)
                  * get some extra futex wakeups.
                  */
                 qatomic_set(&index->waiting, false);
+            } else if (qatomic_read(&in_drain_call_rcu)) {
+                notifier_list_notify(&index->force_rcu, NULL);
             }
         }
 
@@ -339,8 +342,10 @@  void drain_call_rcu(void)
      * assumed.
      */
 
+    qatomic_inc(&in_drain_call_rcu);
     call_rcu1(&rcu_drain.rcu, drain_rcu_callback);
     qemu_event_wait(&rcu_drain.drain_complete_event);
+    qatomic_dec(&in_drain_call_rcu);
 
     if (locked) {
         qemu_mutex_lock_iothread();
@@ -363,6 +368,20 @@  void rcu_unregister_thread(void)
     qemu_mutex_unlock(&rcu_registry_lock);
 }
 
+void rcu_add_force_rcu_notifier(Notifier *n)
+{
+    qemu_mutex_lock(&rcu_registry_lock);
+    notifier_list_add(&rcu_reader.force_rcu, n);
+    qemu_mutex_unlock(&rcu_registry_lock);
+}
+
+void rcu_remove_force_rcu_notifier(Notifier *n)
+{
+    qemu_mutex_lock(&rcu_registry_lock);
+    notifier_remove(n);
+    qemu_mutex_unlock(&rcu_registry_lock);
+}
+
 static void rcu_init_complete(void)
 {
     QemuThread thread;