lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <04b2c33d-f080-83d0-229c-77bb70eced4a@redhat.com>
Date:   Tue, 5 Dec 2017 09:06:46 +0100
From:   Laurent Vivier <lvivier@...hat.com>
To:     Paul Mackerras <paulus@...abs.org>,
        Benjamin Herrenschmidt <benh@...nel.crashing.org>
Cc:     linux-kernel@...r.kernel.org, linuxppc-dev@...ts.ozlabs.org,
        kvm-ppc@...r.kernel.org, Paolo Bonzini <pbonzini@...hat.com>,
        Thomas Huth <thuth@...hat.com>,
        Sam Bobroff <sbobroff@...hat.com>
Subject: Re: [PATCH] powerpc/xive: store server for masked interrupt in
 kvmppc_xive_set_xive()

On 05/12/2017 04:05, Paul Mackerras wrote:
> On Fri, Nov 24, 2017 at 07:38:13AM +1100, Benjamin Herrenschmidt wrote:
>> On Thu, 2017-11-23 at 10:06 +0100, Laurent Vivier wrote:
>>> This is needed to map kvmppc_xive_set_xive() behavior
>>> to kvmppc_xics_set_xive().
>>>
>>> As we store the server, kvmppc_xive_get_xive() can return
>>> the good value and we can also allow kvmppc_xive_int_on().
>>>
>>> Signed-off-by: Laurent Vivier <lvivier@...hat.com>
>>> ---
>>>  arch/powerpc/kvm/book3s_xive.c | 20 ++++++++------------
>>>  1 file changed, 8 insertions(+), 12 deletions(-)
>>>
>>> diff --git a/arch/powerpc/kvm/book3s_xive.c b/arch/powerpc/kvm/book3s_xive.c
>>> index bf457843e032..2781b8733038 100644
>>> --- a/arch/powerpc/kvm/book3s_xive.c
>>> +++ b/arch/powerpc/kvm/book3s_xive.c
>>> @@ -584,10 +584,14 @@ int kvmppc_xive_set_xive(struct kvm *kvm, u32 irq, u32 server,
>>>  	 *       we could initialize interrupts with valid default
>>>  	 */
>>>  
>>> -	if (new_act_prio != MASKED &&
>>> -	    (state->act_server != server ||
>>> -	     state->act_priority != new_act_prio))
>>> -		rc = xive_target_interrupt(kvm, state, server, new_act_prio);
>>> +	if (state->act_server != server ||
>>> +	    state->act_priority != new_act_prio) {
>>> +		if (new_act_prio != MASKED)
>>> +			rc = xive_target_interrupt(kvm, state, server,
>>> +						   new_act_prio);
>>> +		if (!rc)
>>> +			state->act_server = server;
>>> +	}
>>
>> That leads to another problem with this code. My current implementation
>> is such that is a target queue is full, it will pick another target.
>> But here, we still update act_server to the passed-in server and
>> not the actual target...
> 
> So does that amount to a NAK?
> 
>>>  	/*
>>>  	 * Perform the final unmasking of the interrupt source
>>> @@ -646,14 +650,6 @@ int kvmppc_xive_int_on(struct kvm *kvm, u32 irq)
>>>  
>>>  	pr_devel("int_on(irq=0x%x)\n", irq);
>>>  
>>> -	/*
>>> -	 * Check if interrupt was not targetted
>>> -	 */
>>> -	if (state->act_priority == MASKED) {
>>> -		pr_devel("int_on on untargetted interrupt\n");
>>> -		return -EINVAL;
>>> -	}
>>> -
>>
>> So my thinking here was that act_priority was never going to be MASKED
>> except if the interrupt had never been targetted anywhere at machine
>> startup time. Thus if act_priority is masked, the act_server field
>> cannot be trusted.
>>
>>>  	/* If saved_priority is 0xff, do nothing */
>>>  	if (state->saved_priority == MASKED)
>>>  		return 0;
> 
> How do you think this should be fixed?
> 
> Laurent, are you reworking the patch at the moment?

Not for the moment.

The easy way is to forbid to set interrupt value to the MASKED one with
xive_set_xive. I think it's allowed by the specs.

I've got another bug in the XICS emulation: when we migrate a guest
under stress, the pending interrupt is lost and the guest hangs on the
destination side. I'm trying to understand why.

Thanks,
Laurent

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ