| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250501134126.GT4439@noisy.programming.kicks-ass.net>
Date: Thu, 1 May 2025 15:41:26 +0200
From: Peter Zijlstra <peterz@...radead.org>
To: Marc Zyngier <maz@...nel.org>
Cc: Maxim Levitsky <mlevitsk@...hat.com>, kvm@...r.kernel.org,
linux-riscv@...ts.infradead.org,
Kunkun Jiang <jiangkunkun@...wei.com>,
Waiman Long <longman@...hat.com>, linux-kernel@...r.kernel.org,
linux-arm-kernel@...ts.infradead.org,
Catalin Marinas <catalin.marinas@....com>,
Bjorn Helgaas <bhelgaas@...gle.com>,
Boqun Feng <boqun.feng@...il.com>, Borislav Petkov <bp@...en8.de>,
Albert Ou <aou@...s.berkeley.edu>, Anup Patel <anup@...infault.org>,
Paul Walmsley <paul.walmsley@...ive.com>,
Suzuki K Poulose <suzuki.poulose@....com>,
Palmer Dabbelt <palmer@...belt.com>,
Alexandre Ghiti <alex@...ti.fr>,
Alexander Potapenko <glider@...gle.com>,
Oliver Upton <oliver.upton@...ux.dev>,
Andre Przywara <andre.przywara@....com>, x86@...nel.org,
Joey Gouly <joey.gouly@....com>,
Thomas Gleixner <tglx@...utronix.de>, kvm-riscv@...ts.infradead.org,
Atish Patra <atishp@...shpatra.org>, Ingo Molnar <mingo@...hat.com>,
Jing Zhang <jingzhangos@...gle.com>,
"H. Peter Anvin" <hpa@...or.com>,
Dave Hansen <dave.hansen@...ux.intel.com>, kvmarm@...ts.linux.dev,
Will Deacon <will@...nel.org>,
Keisuke Nishimura <keisuke.nishimura@...ia.fr>,
Sebastian Ott <sebott@...hat.com>, Shusen Li <lishusen2@...wei.com>,
Paolo Bonzini <pbonzini@...hat.com>,
Randy Dunlap <rdunlap@...radead.org>,
Sean Christopherson <seanjc@...gle.com>,
Zenghui Yu <yuzenghui@...wei.com>
Subject: Re: [PATCH v4 2/5] arm64: KVM: use mutex_trylock_nest_lock when
locking all vCPUs
On Thu, May 01, 2025 at 01:44:28PM +0100, Marc Zyngier wrote:
> On Thu, 01 May 2025 12:15:52 +0100,
> Peter Zijlstra <peterz@...radead.org> wrote:
> >
> > > > + */
> > > > +int kvm_trylock_all_vcpus(struct kvm *kvm)
> > > > +{
> > > > + struct kvm_vcpu *vcpu;
> > > > + unsigned long i, j;
> > > > +
> > > > + kvm_for_each_vcpu(i, vcpu, kvm)
> > > > + if (!mutex_trylock_nest_lock(&vcpu->mutex, &kvm->lock))
> >
> > This one includes an assertion that kvm->lock is actually held.
>
> Ah, cunning. Thanks.
>
> > That said, I'm not at all sure what the purpose of all this trylock
> > stuff is here.
> >
> > Can someone explain? Last time I asked someone said something about
> > multiple VMs, but I don't know enough about kvm to know what that means.
>
> Multiple VMs? That'd be real fun. Not.
>
> > Are those vcpu->mutex another class for other VMs? Or what gives?
>
> Nah. This is firmly single VM.
>
> The purpose of this contraption is that there are some rare cases
> where we need to make sure that if we update some global state, all
> the vcpus of a VM need to see, or none of them.
>
> For these cases, the guarantee comes from luserspace, and it gives the
> pinky promise that none of the vcpus are running at that point. But
> being of a suspicious nature, we assert that this is true by trying to
> take all the vcpu mutexes in one go. This will fail if a vcpu is
> running, as KVM itself takes the vcpu mutex before doing anything.
>
> Similar requirement exists if we need to synthesise some state for
> userspace from all the individual vcpu states.
Ah, okay. Because x86 is simply doing mutex_lock() instead of
mutex_trylock() -- which would end up waiting for this activity to
subside I suppose.
Hence the use of the killable variant I suppose, for when they get tired
of waiting.
If all the architectures are basically doing the same thing, it might
make sense to unify this particular behaviour. But what do I know.
Powered by blists - more mailing lists