Re: [PATCH 21/21] x86/intel_rdt/mbm: Handle counter overflow

From: Shivappa Vikas
Date: Thu Jul 06 2017 - 19:52:59 EST

On Sun, 2 Jul 2017, Thomas Gleixner wrote:

On Mon, 26 Jun 2017, Vikas Shivappa wrote:
+static void mbm_update(struct rdt_domain *d, int rmid)
+ struct rmid_read rr;
+ rr.first = false;
+ rr.d = d;
+ if (is_mbm_total_enabled()) {
+ rr.evtid = QOS_L3_MBM_TOTAL_EVENT_ID;
+ __mon_event_count(rmid, &rr);

This is broken as it is not protected against a concurrent read from user
space which comes in via a smp function call.

The read from user also has the rdtgroup_mutex.


This means both the internal state and __rmid_read() are unprotected.

I'm not sure whether it's enough to disable interrupts around
__mon_event_count(), but that's the minimal protection required. It's
definitely good enough for __rmid_read(), but it might not be sufficient
for protecting domain->mbm_[local|total]. I leave the exercise of figuring
that out to you.