Re: [PATCH 21/21] x86/intel_rdt/mbm: Handle counter overflow

[Shivappa Vikas]

On Sun, 2 Jul 2017, Thomas Gleixner wrote:

> On Mon, 26 Jun 2017, Vikas Shivappa wrote:
> > +static void mbm_update(struct rdt_domain *d, int rmid)
> > +{
> > +	struct rmid_read rr;
> > +
> > +	rr.first = false;
> > +	rr.d = d;
> > +
> > +	if (is_mbm_total_enabled()) {
> > +		rr.evtid = QOS_L3_MBM_TOTAL_EVENT_ID;
> > +		__mon_event_count(rmid, &rr);
>
> This is broken as it is not protected against a concurrent read from user
> space which comes in via a smp function call.

The read from user also has the rdtgroup_mutex.

Thanks,
Vikas

> This means both the internal state and __rmid_read() are unprotected.
>
> I'm not sure whether it's enough to disable interrupts around
> __mon_event_count(), but that's the minimal protection required. It's
> definitely good enough for __rmid_read(), but it might not be sufficient
> for protecting domain->mbm_[local|total]. I leave the exercise of figuring
> that out to you.
>
> Thanks,
>
> 	tglx