1. 20 7月, 2008 2 次提交
  2. 06 7月, 2008 1 次提交
    • M
      KVM: IOAPIC: Fix level-triggered irq injection hang · 35baff25
      Mark McLoughlin 提交于
      The "remote_irr" variable is used to indicate an interrupt
      which has been received by the LAPIC, but not acked.
      
      In our EOI handler, we unset remote_irr and re-inject the
      interrupt if the interrupt line is still asserted.
      
      However, we do not set remote_irr here, leading to a
      situation where if kvm_ioapic_set_irq() is called, then we go
      ahead and call ioapic_service(). This means that IRR is
      re-asserted even though the interrupt is currently in service
      (i.e. LAPIC IRR is cleared and ISR/TMR set)
      
      The issue with this is that when the currently executing
      interrupt handler finishes and writes LAPIC EOI, then TMR is
      unset and EOI sent to the IOAPIC. Since IRR is now asserted,
      but TMR is not, then when the second interrupt is handled,
      no EOI is sent and if there is any pending interrupt, it is
      not re-injected.
      
      This fixes a hang only seen while running mke2fs -j on an
      8Gb virtio disk backed by a fully sparse raw file, with
      aliguori "avoid fragmented virtio-blk transfers by copying"
      changes.
      Signed-off-by: NMark McLoughlin <markmc@redhat.com>
      Acked-by: NMarcelo Tosatti <mtosatti@redhat.com>
      Signed-off-by: NAvi Kivity <avi@qumranet.com>
      35baff25
  3. 26 6月, 2008 2 次提交
  4. 24 6月, 2008 1 次提交
    • A
      KVM: ioapic: fix lost interrupt when changing a device's irq · 4fa6b9c5
      Avi Kivity 提交于
      The ioapic acknowledge path translates interrupt vectors to irqs.  It
      currently uses a first match algorithm, stopping when it finds the first
      redirection table entry containing the vector.  That fails however if the
      guest changes the irq to a different line, leaving the old redirection table
      entry in place (though masked).  Result is interrupts not making it to the
      guest.
      
      Fix by always scanning the entire redirection table.
      Signed-off-by: NAvi Kivity <avi@qumranet.com>
      4fa6b9c5
  5. 07 6月, 2008 1 次提交
    • M
      KVM: IOAPIC: only set remote_irr if interrupt was injected · ff4b9df8
      Marcelo Tosatti 提交于
      There's a bug in the IOAPIC code for level-triggered interrupts. Its
      relatively easy to trigger by sharing (virtio-blk + usbtablet was the
      testcase, initially reported by Gerd von Egidy).
      
      The "remote_irr" variable is used to indicate accepted but not yet acked
      interrupts. Its cleared from the EOI handler.
      
      Problem is that the EOI handler clears remote_irr unconditionally, even
      if it reinjected another pending interrupt.
      
      In that case, kvm_ioapic_set_irq() proceeds to ioapic_service() which
      sets remote_irr even if it failed to inject (since the IRR was high due
      to EOI reinjection).
      
      Since the TMR bit has been cleared by the first EOI, the second one
      fails to clear remote_irr.
      
      End result is interrupt line dead.
      
      Fix it by setting remote_irr only if a new pending interrupt has been
      generated (and the TMR bit for vector in question set).
      Signed-off-by: NMarcelo Tosatti <mtosatti@redhat.com>
      Signed-off-by: NAvi Kivity <avi@qumranet.com>
      ff4b9df8
  6. 18 5月, 2008 1 次提交
    • M
      KVM: Fix kvm_vcpu_block() task state race · e5c239cf
      Marcelo Tosatti 提交于
      There's still a race in kvm_vcpu_block(), if a wake_up_interruptible()
      call happens before the task state is set to TASK_INTERRUPTIBLE:
      
      CPU0                            CPU1
      
      kvm_vcpu_block
      
      add_wait_queue
      
      kvm_cpu_has_interrupt = 0
                                      set interrupt
                                      if (waitqueue_active())
                                              wake_up_interruptible()
      
      kvm_cpu_has_pending_timer
      kvm_arch_vcpu_runnable
      signal_pending
      
      set_current_state(TASK_INTERRUPTIBLE)
      schedule()
      
      Can be fixed by using prepare_to_wait() which sets the task state before
      testing for the wait condition.
      Signed-off-by: NMarcelo Tosatti <mtosatti@redhat.com>
      Signed-off-by: NAvi Kivity <avi@qumranet.com>
      e5c239cf
  7. 04 5月, 2008 1 次提交
  8. 02 5月, 2008 1 次提交
    • A
      [PATCH] sanitize anon_inode_getfd() · 2030a42c
      Al Viro 提交于
      a) none of the callers even looks at inode or file returned by anon_inode_getfd()
      b) any caller that would try to look at those would be racy, since by the time
      it returns we might have raced with close() from another thread and that
      file would be pining for fjords.
      Signed-off-by: NAl Viro <viro@zeniv.linux.org.uk>
      2030a42c
  9. 27 4月, 2008 14 次提交
  10. 04 3月, 2008 2 次提交
  11. 09 2月, 2008 1 次提交
  12. 31 1月, 2008 5 次提交