[PATCH] Documentation: kvm: fix SRCU locking order docs

From: Paolo Bonzini
Date: Wed Jan 11 2023 - 13:31:46 EST

Next message: Vipin Sharma: "[Patch v2] KVM: selftests: Make reclaim_period_ms input always be positive"
Previous message: Alexander Duyck: "Re: [PATCH v2] rndis_wlan: Prevent buffer overflow in rndis_query_oid"
Next in thread: David Woodhouse: "Re: [PATCH] Documentation: kvm: fix SRCU locking order docs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

kvm->srcu is taken in KVM_RUN and several other vCPU ioctls, therefore
vcpu->mutex is susceptible to the same deadlock that is documented
for kvm->slots_lock. The same holds for kvm->lock, since kvm->lock
is held outside vcpu->mutex. Fix the documentation and rearrange it
to highlight the difference between these locks and kvm->slots_arch_lock,
and how kvm->slots_arch_lock can be useful while processing a vmexit.

Signed-off-by: Paolo Bonzini <pbonzini@xxxxxxxxxx>
---
Documentation/virt/kvm/locking.rst | 23 ++++++++++++-----------
1 file changed, 12 insertions(+), 11 deletions(-)

diff --git a/Documentation/virt/kvm/locking.rst b/Documentation/virt/kvm/locking.rst
index 897ca39b72bf..53826098183e 100644
--- a/Documentation/virt/kvm/locking.rst
+++ b/Documentation/virt/kvm/locking.rst
@@ -24,17 +24,18 @@ The acquisition orders for mutexes are as follows:

For SRCU:

-- ``synchronize_srcu(&kvm->srcu)`` is called _inside_
- the kvm->slots_lock critical section, therefore kvm->slots_lock
- cannot be taken inside a kvm->srcu read-side critical section.
- Instead, kvm->slots_arch_lock is released before the call
- to ``synchronize_srcu()`` and _can_ be taken inside a
- kvm->srcu read-side critical section.
-
-- kvm->lock is taken inside kvm->srcu, therefore
- ``synchronize_srcu(&kvm->srcu)`` cannot be called inside
- a kvm->lock critical section. If you cannot delay the
- call until after kvm->lock is released, use ``call_srcu``.
+- ``synchronize_srcu(&kvm->srcu)`` is called inside critical sections
+ for kvm->lock, vcpu->mutex and kvm->slots_lock. These locks _cannot_
+ be taken inside a kvm->srcu read-side critical section; that is, the
+ following is broken::
+
+ srcu_read_lock(&kvm->srcu);
+ mutex_lock(&kvm->slots_lock);
+
+- kvm->slots_arch_lock instead is released before the call to
+ ``synchronize_srcu()``. It _can_ therefore be taken inside a
+ kvm->srcu read-side critical section, for example while processing
+ a vmexit.

On x86:

--
2.39.0

Next message: Vipin Sharma: "[Patch v2] KVM: selftests: Make reclaim_period_ms input always be positive"
Previous message: Alexander Duyck: "Re: [PATCH v2] rndis_wlan: Prevent buffer overflow in rndis_query_oid"
Next in thread: David Woodhouse: "Re: [PATCH] Documentation: kvm: fix SRCU locking order docs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]