Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp14492112pxu; Tue, 5 Jan 2021 03:06:28 -0800 (PST) X-Google-Smtp-Source: ABdhPJyD0RSZhncppntXAqcMuxWRHFrPN2jmBbz5IlJE25IlivwEsCfDE1gAHVAtqL4pwgEkSi4j X-Received: by 2002:a50:a6c2:: with SMTP id f2mr75253362edc.7.1609844788301; Tue, 05 Jan 2021 03:06:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1609844788; cv=none; d=google.com; s=arc-20160816; b=fxF5KrQmBtVUstP3KdxLZBlGRrY3v3CJsadzoKatdqFlR3wOz7jODeaPRBLnRSu9lz m5q53Ck+gZFLpCk7aswxlXEDjS4gs+PD4HB6TGs8kKcqLMpbvg2Ojur/c64Zoh1GG+vh vHtt5pBdgd6ekerQVDCE05lNyzH8icBEjoiHx3NP1q28aq8VLpImALeU7Jt4q0QMm1fD mCO5JQZMDiP82hfUloVzTGE+rSOVtIY/POBBnSscves2/K7v6HvbyhKiGs0cyMJRJ3J5 1K88R2u6ioLhEBoYjfgTyLZrf67SLWPqUkyd+sUJPn9qVxyt8e0G6QwmTlawG6A+sCZW sgMA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:references:in-reply-to:message-id :date:subject:cc:to:from:dkim-signature; bh=rDSWw9DpTymjT0DU6I+lktIy3laoqLV0oAeVdRm7WEc=; b=vZQQBLCHY4jdxaYHECObyfbvy1Z5s2XGX/OtSeLLn22aS3OYXZ9DAYXmdzBD0z1Wkn OMZg5W1sksycfTfa6JvkFAGL1MYECpMGXL9TufnmpMsTdP8k9d4hynFewrhxRQz8Ms6F INEfL0MhJWz2efJrdtK3jwPfQJwkdL/2D/SS6QpXtKI1A3FZa6MQtrmMpLL60ce0NTKY kj+m9KYwxDHK35CPuk/WwZGXVQZ1xj/dceA4JqnMAlAWqQB0yFZ7/NXNzrZHLRnmh+e9 1Y0YaUU72HhVRjqyBORuFlhUoghDmbE+9OvHERdXn62j7Sz88Gde9dGRr0LMw2G1IZwU 0A/A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amazon.com header.s=amazon201209 header.b=aS0Nfci6; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id k8si29733535ejg.191.2021.01.05.03.06.05; Tue, 05 Jan 2021 03:06:28 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@amazon.com header.s=amazon201209 header.b=aS0Nfci6; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=amazon.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1729491AbhAELDh (ORCPT + 99 others); Tue, 5 Jan 2021 06:03:37 -0500 Received: from smtp-fw-9101.amazon.com ([207.171.184.25]:14777 "EHLO smtp-fw-9101.amazon.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729102AbhAELDg (ORCPT ); Tue, 5 Jan 2021 06:03:36 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amazon.com; i=@amazon.com; q=dns/txt; s=amazon201209; t=1609844617; x=1641380617; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version; bh=rDSWw9DpTymjT0DU6I+lktIy3laoqLV0oAeVdRm7WEc=; b=aS0Nfci6CxzDgWr6Pw1SUfjzUnBA7Yme8+0l2pUO9nrJ9vkj2ZnQBjnk 1F28dr0Um9N0X1AngoXDyFAx4C7MP5I/MSTCd+lGnf+PVglzOcssUUAnF 5s21YkUs/u9u2OBojqjcYOlrAgBWGq+MDJjE41EG7MjS1JWRNjbmOwwvJ A=; X-IronPort-AV: E=Sophos;i="5.78,476,1599523200"; d="scan'208";a="101273380" Received: from sea32-co-svc-lb4-vlan3.sea.corp.amazon.com (HELO email-inbound-relay-2a-1c1b5cdd.us-west-2.amazon.com) ([10.47.23.38]) by smtp-border-fw-out-9101.sea19.amazon.com with ESMTP; 05 Jan 2021 11:03:06 +0000 Received: from EX13D31EUA001.ant.amazon.com (pdx1-ws-svc-p6-lb9-vlan2.pdx.amazon.com [10.236.137.194]) by email-inbound-relay-2a-1c1b5cdd.us-west-2.amazon.com (Postfix) with ESMTPS id 84D31A1E99; Tue, 5 Jan 2021 11:03:05 +0000 (UTC) Received: from u3f2cd687b01c55.ant.amazon.com (10.43.162.125) by EX13D31EUA001.ant.amazon.com (10.43.165.15) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Tue, 5 Jan 2021 11:03:00 +0000 From: SeongJae Park To: CC: SeongJae Park , , , , , , , Subject: [PATCH 5/5] xenbus/xenbus_backend: Disallow pending watch messages Date: Tue, 5 Jan 2021 12:02:45 +0100 Message-ID: <20210105110245.1969-1-sjpark@amazon.com> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20210105110142.1810-1-sjpark@amazon.com> References: <20210105110142.1810-1-sjpark@amazon.com> MIME-Version: 1.0 Content-Type: text/plain X-Originating-IP: [10.43.162.125] X-ClientProxiedBy: EX13D29UWA001.ant.amazon.com (10.43.160.187) To EX13D31EUA001.ant.amazon.com (10.43.165.15) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: SeongJae Park 'xenbus_backend' watches 'state' of devices, which is writable by guests. Hence, if guests intensively updates it, dom0 will have lots of pending events that exhausting memory of dom0. In other words, guests can trigger dom0 memory pressure. This is known as XSA-349. However, the watch callback of it, 'frontend_changed()', reads only 'state', so doesn't need to have the pending events. To avoid the problem, this commit disallows pending watch messages for 'xenbus_backend' using the 'will_handle()' watch callback. This is part of XSA-349 This is upstream commit 9996bd494794a2fe393e97e7a982388c6249aa76 Cc: stable@vger.kernel.org Signed-off-by: SeongJae Park Reported-by: Michael Kurth Reported-by: Pawel Wieczorkiewicz Reviewed-by: Juergen Gross Signed-off-by: Juergen Gross --- drivers/xen/xenbus/xenbus_probe_backend.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/drivers/xen/xenbus/xenbus_probe_backend.c b/drivers/xen/xenbus/xenbus_probe_backend.c index 04f7f85a5edf..597c0b038454 100644 --- a/drivers/xen/xenbus/xenbus_probe_backend.c +++ b/drivers/xen/xenbus/xenbus_probe_backend.c @@ -181,6 +181,12 @@ static int xenbus_probe_backend(struct xen_bus_type *bus, const char *type, return err; } +static bool frontend_will_handle(struct xenbus_watch *watch, + const char **vec, unsigned int len) +{ + return watch->nr_pending == 0; +} + static void frontend_changed(struct xenbus_watch *watch, const char **vec, unsigned int len) { @@ -192,6 +198,7 @@ static struct xen_bus_type xenbus_backend = { .levels = 3, /* backend/type// */ .get_bus_id = backend_bus_id, .probe = xenbus_probe_backend, + .otherend_will_handle = frontend_will_handle, .otherend_changed = frontend_changed, .bus = { .name = "xen-backend", -- 2.17.1