Received: by 10.192.165.148 with SMTP id m20csp4763456imm; Tue, 24 Apr 2018 08:03:40 -0700 (PDT) X-Google-Smtp-Source: AIpwx4+KmVl1ZAmiwH4LEwOLcQhygfgFOChUFSnWDIS1ue1+jzM/jeSNyaXK4uRPeYW2X5jIngY0 X-Received: by 2002:a17:902:d807:: with SMTP id a7-v6mr26092636plz.314.1524582220597; Tue, 24 Apr 2018 08:03:40 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1524582220; cv=none; d=google.com; s=arc-20160816; b=lJYxFOeYEJE8T98Rj4wwYwW6tGWyz9zwXSsbhOP4mlmS+1Viaa1ZajAmZOBnDr+p0C jKZPFLh6IpV8rlp4oEp6xXYzrfndGBj50LPFwQlgV8KPlWW4jazQ8utjGWHkAlWcy27M oGJF3cTmKem+UAlWM9DMRgTJYV7XqzPW3xszPm4k/L6CEOOf0q1fwCsurYUxFJ8H3dMO pTFEtbqHfsOvoCWW1pBYU9KPHQ6yr9dFs3BGPSaHirqBBYHZwxD1xqL7xNe5LsFuGw0W HESr51HHR4bjZnqCSTIzTrdO12KALi0n7Vcou7DehpWgeZmA6VOrmDab1dVi2nOlai3z 6u2A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-language :content-transfer-encoding:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:dkim-signature :arc-authentication-results; bh=AkkVh4xYV8v+jmk6JNePt3FG1XCfpl9hOdXCU2Hx9fo=; b=CbQb1iFmBJ3vBqdhzygzRbIxc64kOpG4IXXZag/vIPZzDMvceyC4wf2N9HU6xwU39z JkbaT5Bi3q2Vnd1wRhjlHDxfs8GTwoFmKl0BL8WL9Yckm2PB4l8sHiTxyZKF6xfzZ26I iq4lWoBuLJBRe9UR/2PU/NTaxvdcJ7Zd4vAlKxyH/5q5kJo6fp/uSTEhA+YmdQEwNL/o pLdkZPhPuIG9G1io8BOGWFtzVnFkTzOfRihET4iMoIuVBDb56STvPpT6zddDG6eB/KG9 ASLXehIoZIdeQF0u9i9XDDx0+Gv4zpZsLXe6M26bvavDNMjtQZxQl69fHYFQFMkNYbhw N1Tw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=ttZmCW/t; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id q26si11250205pgv.585.2018.04.24.08.03.15; Tue, 24 Apr 2018 08:03:40 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=ttZmCW/t; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751165AbeDXO6s (ORCPT + 99 others); Tue, 24 Apr 2018 10:58:48 -0400 Received: from mail-lf0-f67.google.com ([209.85.215.67]:43258 "EHLO mail-lf0-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750739AbeDXO6r (ORCPT ); Tue, 24 Apr 2018 10:58:47 -0400 Received: by mail-lf0-f67.google.com with SMTP id g12-v6so4689814lfb.10 for ; Tue, 24 Apr 2018 07:58:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:cc:references:from:message-id:date:user-agent :mime-version:in-reply-to:content-transfer-encoding:content-language; bh=AkkVh4xYV8v+jmk6JNePt3FG1XCfpl9hOdXCU2Hx9fo=; b=ttZmCW/tPQ9pKZvmKtY/vfeCEPKqAwkJI4Pk0WL0l2Te34GBXY/A+6bQJfl2oZ3xr1 2HDpozxTLbk4u25gBHdarRfGVryKG1jgGm/dMNnDDxqHP35R2HlOvlvgY+nYTbBniL/H 7Z8dNE45WuVDyupxlrgunhGhCrGQyX2B9x7dTRJ+eFsdD95m/LjBkdKEP6Ihkdza+mD6 H/FgwAyZwQ+z6o4zsynZ9ZwAv8hs1U6IMuXmX4adumzqDOtcTD2d3J/QlO6XnJnSBzFJ C7n2uH7UrpBlur5Ye1QJsDV4YphO701KUhrjGBH6wJCntsr2TarjpCh/5XSys8rdVx+6 hjGQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=AkkVh4xYV8v+jmk6JNePt3FG1XCfpl9hOdXCU2Hx9fo=; b=Cr0+M6vCSHnuRNZjfRLHbblLO2nRsy9UrdI7rhabOVwjxrmnVkTUvZQwfR/zJ5EI0q fg/zbsutYKal8q2JS6TTXUiBBVjaMMkM9zr5gFcubDU/lTRSMcuxoPxbjEYbAiusYISF CMsWahB/iRNpGShmBQYW+3WzKirRIrZOn++e3h6EE75k9YTu/812/rZgct39j0KzgGnY RDdBHEjD0iTONlXCf2z4w6XDkAcaMae5MZbk3kSd0uoDt2+VhHfyP93jhmKL2zSJC8wM P7UE2WU1NTK/VKsUdjZWBNkPUFjBSLqitBg+6KCG9YZPS3y5UI7su1J3PXlILDBkVHoT yQPw== X-Gm-Message-State: ALQs6tB4VYEcLMpP75IKCqPnKoIOwyBFITvkNYRC9J0ino4uQDLAl9lU +hqquyPbSGF2JYRJqiuhyjU= X-Received: by 2002:a19:5491:: with SMTP id b17-v6mr12314795lfl.33.1524581925630; Tue, 24 Apr 2018 07:58:45 -0700 (PDT) Received: from [10.17.182.9] (ll-52.209.223.85.sovam.net.ua. [85.223.209.52]) by smtp.gmail.com with ESMTPSA id u19sm2885456ljj.51.2018.04.24.07.58.44 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 24 Apr 2018 07:58:44 -0700 (PDT) Subject: Re: [PATCH v2 3/5] ALSA: xen-front: Implement Xen event channel handling To: Takashi Iwai Cc: alsa-devel@alsa-project.org, xen-devel@lists.xenproject.org, boris.ostrovsky@oracle.com, konrad.wilk@oracle.com, perex@perex.cz, Juergen Gross , linux-kernel@vger.kernel.org, Oleksandr Andrushchenko References: <20180416062453.24743-1-andr2000@gmail.com> <20180416062453.24743-4-andr2000@gmail.com> From: Oleksandr Andrushchenko Message-ID: Date: Tue, 24 Apr 2018 17:58:43 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: en-US Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 04/24/2018 05:35 PM, Takashi Iwai wrote: > On Tue, 24 Apr 2018 16:29:15 +0200, > Oleksandr Andrushchenko wrote: >> On 04/24/2018 05:20 PM, Takashi Iwai wrote: >>> On Mon, 16 Apr 2018 08:24:51 +0200, >>> Oleksandr Andrushchenko wrote: >>>> +static irqreturn_t evtchnl_interrupt_req(int irq, void *dev_id) >>>> +{ >>>> + struct xen_snd_front_evtchnl *channel = dev_id; >>>> + struct xen_snd_front_info *front_info = channel->front_info; >>>> + struct xensnd_resp *resp; >>>> + RING_IDX i, rp; >>>> + unsigned long flags; >>>> + >>>> + if (unlikely(channel->state != EVTCHNL_STATE_CONNECTED)) >>>> + return IRQ_HANDLED; >>>> + >>>> + spin_lock_irqsave(&front_info->io_lock, flags); >>>> + >>>> +again: >>>> + rp = channel->u.req.ring.sring->rsp_prod; >>>> + /* ensure we see queued responses up to rp */ >>>> + rmb(); >>>> + >>>> + for (i = channel->u.req.ring.rsp_cons; i != rp; i++) { >>> I'm not familiar with Xen stuff in general, but through a quick >>> glance, this kind of code worries me a bit. >>> >>> If channel->u.req.ring.rsp_cons has a bogus number, this may lead to a >>> very long loop, no? Better to have a sanity check of the ring buffer >>> size. >> In this loop I have: >> resp = RING_GET_RESPONSE(&channel->u.req.ring, i); >> and the RING_GET_RESPONSE macro is designed in the way that >> it wraps around when *i* in the question gets bigger than >> the ring size: >> >> #define RING_GET_REQUEST(_r, _idx)                    \ >>     (&((_r)->sring->ring[((_idx) & (RING_SIZE(_r) - 1))].req)) >> >> So, even if the counter has a bogus number it will not last long > Hm, this prevents from accessing outside the ring buffer, but does it > change the loop behavior? no, it doesn't > Suppose channel->u.req.ring_rsp_cons = 1, and rp = 0, the loop below > would still consume the whole 32bit counts, no? > > for (i = channel->u.req.ring.rsp_cons; i != rp; i++) { > resp = RING_GET_RESPONSE(&channel->u.req.ring, i); > ... > } You are right here and the comment is totally valid. I'll put an additional check like here [1] and here [2] Will this address your comment? > > Takashi Thank you, Oleksandr [1] https://elixir.bootlin.com/linux/v4.17-rc2/source/drivers/block/xen-blkback/blkback.c#L1127 [2] https://elixir.bootlin.com/linux/v4.17-rc2/source/drivers/block/xen-blkback/blkback.c#L1135