Date: Thu, 6 Jul 2017 16:53:40 -0700 (PDT)
From: Shivappa Vikas <vikas.shivappa@intel.com>
To: Thomas Gleixner <tglx@linutronix.de>
cc: Vikas Shivappa <vikas.shivappa@linux.intel.com>, x86@kernel.org,
        linux-kernel@vger.kernel.org, hpa@zytor.com, peterz@infradead.org,
        ravi.v.shankar@intel.com, vikas.shivappa@intel.com,
        tony.luck@intel.com, fenghua.yu@intel.com, andi.kleen@intel.com
Subject: Re: [PATCH 21/21] x86/intel_rdt/mbm: Handle counter overflow
In-Reply-To: <alpine.DEB.2.20.1707021548460.2296@nanos>
Message-ID: <alpine.DEB.2.10.1707061651540.3798@vshiva-Udesk>
References: <1498503368-20173-1-git-send-email-vikas.shivappa@linux.intel.com> <1498503368-20173-22-git-send-email-vikas.shivappa@linux.intel.com> <alpine.DEB.2.20.1707021548460.2296@nanos>
User-Agent: Alpine 2.10 (DEB 1266 2009-07-14)
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Sender: linux-kernel-owner@vger.kernel.org
Content-Length: 943
Lines: 37


On Sun, 2 Jul 2017, Thomas Gleixner wrote:

> On Mon, 26 Jun 2017, Vikas Shivappa wrote:
>> +static void mbm_update(struct rdt_domain *d, int rmid)
>> +{
>> +	struct rmid_read rr;
>> +
>> +	rr.first = false;
>> +	rr.d = d;
>> +
>> +	if (is_mbm_total_enabled()) {
>> +		rr.evtid = QOS_L3_MBM_TOTAL_EVENT_ID;
>> +		__mon_event_count(rmid, &rr);
>
> This is broken as it is not protected against a concurrent read from user
> space which comes in via a smp function call.

The read from user also has the rdtgroup_mutex.

Thanks,
Vikas

>
> This means both the internal state and __rmid_read() are unprotected.
>
> I'm not sure whether it's enough to disable interrupts around
> __mon_event_count(), but that's the minimal protection required. It's
> definitely good enough for __rmid_read(), but it might not be sufficient
> for protecting domain->mbm_[local|total]. I leave the exercise of figuring
> that out to you.
>
> Thanks,
>
> 	tglx
>