hvc/xen: lock console list traversal
The currently lockless access to the xen console list in
vtermno_to_xencons() is incorrect, as additions and removals from the
list can happen anytime, and as such the traversal of the list to get
the private console data for a given termno needs to happen with the
lock held. Note users that modify the list already do so with the
lock taken.
Adjust current lock takers to use the _irq{save,restore} helpers,
since the context in which vtermno_to_xencons() is called can have
interrupts disabled. Use the _irq{save,restore} set of helpers to
switch the current callers to disable interrupts in the locked region.
I haven't checked if existing users could instead use the _irq
variant, as I think it's safer to use _irq{save,restore} upfront.
While there switch from using list_for_each_entry_safe to
list_for_each_entry: the current entry cursor won't be removed as
part of the code in the loop body, so using the _safe variant is
pointless.
Fixes: 02e19f9c7c ('hvc_xen: implement multiconsole support')
Signed-off-by: Roger Pau Monné <roger.pau@citrix.com>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
Link: https://lore.kernel.org/r/20221130163611.14686-1-roger.pau@citrix.com
Signed-off-by: Juergen Gross <jgross@suse.com>
This commit is contained in:
Roger Pau Monne
Juergen Gross
parent
37c1785609
commit
c0dccad87c
|
|
@ -52,17 +52,22 @@ static DEFINE_SPINLOCK(xencons_lock);
|
|||
|
||||
static struct xencons_info *vtermno_to_xencons(int vtermno)
|
||||
{
|
||||
struct xencons_info *entry, *n, *ret = NULL;
|
||||
struct xencons_info *entry, *ret = NULL;
|
||||
unsigned long flags;
|
||||
|
||||
if (list_empty(&xenconsoles))
|
||||
return NULL;
|
||||
spin_lock_irqsave(&xencons_lock, flags);
|
||||
if (list_empty(&xenconsoles)) {
|
||||
spin_unlock_irqrestore(&xencons_lock, flags);
|
||||
return NULL;
|
||||
}
|
||||
|
||||
list_for_each_entry_safe(entry, n, &xenconsoles, list) {
|
||||
list_for_each_entry(entry, &xenconsoles, list) {
|
||||
if (entry->vtermno == vtermno) {
|
||||
ret = entry;
|
||||
break;
|
||||
}
|
||||
}
|
||||
spin_unlock_irqrestore(&xencons_lock, flags);
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
|
@ -223,7 +228,7 @@ static int xen_hvm_console_init(void)
|
|||
{
|
||||
int r;
|
||||
uint64_t v = 0;
|
||||
unsigned long gfn;
|
||||
unsigned long gfn, flags;
|
||||
struct xencons_info *info;
|
||||
|
||||
if (!xen_hvm_domain())
|
||||
|
|
@ -258,9 +263,9 @@ static int xen_hvm_console_init(void)
|
|||
goto err;
|
||||
info->vtermno = HVC_COOKIE;
|
||||
|
||||
spin_lock(&xencons_lock);
|
||||
spin_lock_irqsave(&xencons_lock, flags);
|
||||
list_add_tail(&info->list, &xenconsoles);
|
||||
spin_unlock(&xencons_lock);
|
||||
spin_unlock_irqrestore(&xencons_lock, flags);
|
||||
|
||||
return 0;
|
||||
err:
|
||||
|
|
@ -283,6 +288,7 @@ static int xencons_info_pv_init(struct xencons_info *info, int vtermno)
|
|||
static int xen_pv_console_init(void)
|
||||
{
|
||||
struct xencons_info *info;
|
||||
unsigned long flags;
|
||||
|
||||
if (!xen_pv_domain())
|
||||
return -ENODEV;
|
||||
|
|
@ -299,9 +305,9 @@ static int xen_pv_console_init(void)
|
|||
/* already configured */
|
||||
return 0;
|
||||
}
|
||||
spin_lock(&xencons_lock);
|
||||
spin_lock_irqsave(&xencons_lock, flags);
|
||||
xencons_info_pv_init(info, HVC_COOKIE);
|
||||
spin_unlock(&xencons_lock);
|
||||
spin_unlock_irqrestore(&xencons_lock, flags);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
@ -309,6 +315,7 @@ static int xen_pv_console_init(void)
|
|||
static int xen_initial_domain_console_init(void)
|
||||
{
|
||||
struct xencons_info *info;
|
||||
unsigned long flags;
|
||||
|
||||
if (!xen_initial_domain())
|
||||
return -ENODEV;
|
||||
|
|
@ -323,9 +330,9 @@ static int xen_initial_domain_console_init(void)
|
|||
info->irq = bind_virq_to_irq(VIRQ_CONSOLE, 0, false);
|
||||
info->vtermno = HVC_COOKIE;
|
||||
|
||||
spin_lock(&xencons_lock);
|
||||
spin_lock_irqsave(&xencons_lock, flags);
|
||||
list_add_tail(&info->list, &xenconsoles);
|
||||
spin_unlock(&xencons_lock);
|
||||
spin_unlock_irqrestore(&xencons_lock, flags);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
|
@ -380,10 +387,12 @@ static void xencons_free(struct xencons_info *info)
|
|||
|
||||
static int xen_console_remove(struct xencons_info *info)
|
||||
{
|
||||
unsigned long flags;
|
||||
|
||||
xencons_disconnect_backend(info);
|
||||
spin_lock(&xencons_lock);
|
||||
spin_lock_irqsave(&xencons_lock, flags);
|
||||
list_del(&info->list);
|
||||
spin_unlock(&xencons_lock);
|
||||
spin_unlock_irqrestore(&xencons_lock, flags);
|
||||
if (info->xbdev != NULL)
|
||||
xencons_free(info);
|
||||
else {
|
||||
|
|
@ -464,6 +473,7 @@ static int xencons_probe(struct xenbus_device *dev,
|
|||
{
|
||||
int ret, devid;
|
||||
struct xencons_info *info;
|
||||
unsigned long flags;
|
||||
|
||||
devid = dev->nodename[strlen(dev->nodename) - 1] - '0';
|
||||
if (devid == 0)
|
||||
|
|
@ -482,9 +492,9 @@ static int xencons_probe(struct xenbus_device *dev,
|
|||
ret = xencons_connect_backend(dev, info);
|
||||
if (ret < 0)
|
||||
goto error;
|
||||
spin_lock(&xencons_lock);
|
||||
spin_lock_irqsave(&xencons_lock, flags);
|
||||
list_add_tail(&info->list, &xenconsoles);
|
||||
spin_unlock(&xencons_lock);
|
||||
spin_unlock_irqrestore(&xencons_lock, flags);
|
||||
|
||||
return 0;
|
||||
|
||||
|
|
@ -584,10 +594,12 @@ static int __init xen_hvc_init(void)
|
|||
|
||||
info->hvc = hvc_alloc(HVC_COOKIE, info->irq, ops, 256);
|
||||
if (IS_ERR(info->hvc)) {
|
||||
unsigned long flags;
|
||||
|
||||
r = PTR_ERR(info->hvc);
|
||||
spin_lock(&xencons_lock);
|
||||
spin_lock_irqsave(&xencons_lock, flags);
|
||||
list_del(&info->list);
|
||||
spin_unlock(&xencons_lock);
|
||||
spin_unlock_irqrestore(&xencons_lock, flags);
|
||||
if (info->irq)
|
||||
unbind_from_irqhandler(info->irq, NULL);
|
||||
kfree(info);
|
||||
|
|
|
|||
Loading…
Reference in New Issue