From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: redhat.com, ip: 209.132.183.28, mailfrom: lersek@redhat.com) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by groups.io with SMTP; Tue, 03 Sep 2019 10:31:22 -0700 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 56A12307D962; Tue, 3 Sep 2019 17:31:22 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-116-140.ams2.redhat.com [10.36.116.140]) by smtp.corp.redhat.com (Postfix) with ESMTP id C03D15D6B2; Tue, 3 Sep 2019 17:31:20 +0000 (UTC) Subject: Re: [PATCH] UefiCpuPkg/PiSmmCpuDxeSmm: Race condition between APHandler's release of Busy spinlock and user-triggered SmmStartupThisAP's To: Damian Nikodem , devel@edk2.groups.io Cc: Eric Dong , Ray Ni , Benjamin You , Krzysztof Rusocki References: <20190903145732.18604-1-damian.nikodem@intel.com> From: "Laszlo Ersek" Message-ID: <17821720-0306-6336-6bca-ef44c0fe5397@redhat.com> Date: Tue, 3 Sep 2019 19:31:19 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <20190903145732.18604-1-damian.nikodem@intel.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.48]); Tue, 03 Sep 2019 17:31:22 +0000 (UTC) Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 09/03/19 16:57, Damian Nikodem wrote: > Race condition between APHandler's release of Busy spinlock and > user-triggered SmmStartupThisAP's acquisition attempt of the Busy spinlock (non-blocking mode). > > UserProc is the user's procedure to execute on an AP. > UserProcCompletion is the user procedure's completion spinlock. > All other variables are from EDK2. > > BSP AP > ===================================================================================== > APHandler () > WaitForSemaphore (Run) > > << initial state >> > > AcquireSpinLock (UserProcCompletion) > SmmStartupThisAp (Procedure) > AcquireSpinLockOrFail (Busy) > ReleaseSemaphore (Run) > UserProc () > DoStuff() DoSomeOtherStuff () > > AcquireSpinLockOrFail (UserProcCompletion) AcquireSpinLockOrFail (UserProcCompletion) > > ^^ waiting in a loop for user procedure's > completion == these fail > ReleaseSpinLock (UserProcCompletion) AcquireSpinLockOrFail (UserProcCompletion) > > ^^ this succeeds > > ReleaseSpinLock (UserProcCompletion) > > << return control to the caller and > reenter the flow >>> > > AcquireSpinLock (UserProcCompletion) > SmmStartupThisAp (Procedure) > AcquireSpinLockOrFail (Busy) > ^^ this wins the race with AP's > ReleaseSpinLock and fails; > ReleaseSpinLock (Busy) > return EFI_INVALID_PARAMETER; Sorry, I can't make any sense of this sequence diagram. It seems to have fallen apart due to formatting or other email issues. For example, if we have "AP" and "BSP" columns, I would expect every function name to show up in either. But APHandler() is to the right of *both* columns. Please clean up the commit message: - subject line should be no longer than 74 chars - continuous text paragraphs should be properly filled, and wrapped at 74 chars - the diagram can extend more widely, but it should be a diagram please. (I'm not as familiar with this code as other UefiCpuPkg reviewers, so I absolutely depend on the commit message to guide me.) Thanks Laszlo > > To remedy, if AcquireSpinLockOrFail (of the Busy spinlock) fails, perform regular AcquireSpinLock -- this eliminates the race condition. > > Signed-off-by: Damian Nikodem > Cc: Eric Dong > Cc: Ray Ni > Cc: Benjamin You > Cc: Laszlo Ersek > Cc: Krzysztof Rusocki > > diff --git a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c > index d8d2b6f444..206e196a76 100644 > --- a/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c > +++ b/UefiCpuPkg/PiSmmCpuDxeSmm/MpService.c > @@ -1239,8 +1239,16 @@ InternalSmmStartupThisAp ( > AcquireSpinLock (mSmmMpSyncData->CpuData[CpuIndex].Busy); > } else { > if (!AcquireSpinLockOrFail (mSmmMpSyncData->CpuData[CpuIndex].Busy)) { > - DEBUG((DEBUG_ERROR, "Can't acquire mSmmMpSyncData->CpuData[%d].Busy\n", CpuIndex)); > - return EFI_NOT_READY; > + DEBUG ((DEBUG_INFO, "BSP[%d] finds AP[%d] busy at proc 0x%llX (param 0x%llX), ", > + mSmmMpSyncData->BspIndex, > + CpuIndex, > + *mSmmMpSyncData->CpuData[CpuIndex].Procedure, > + (VOID*)mSmmMpSyncData->CpuData[CpuIndex].Parameter)); > + DEBUG ((DEBUG_INFO, "new proc 0x%llX (param 0x%llX). Waiting for the previous AP procedure to complete...\n", > + Procedure, > + ProcArguments)); > + > + AcquireSpinLock (mSmmMpSyncData->CpuData[CpuIndex].Busy); > } > > *Token = (MM_COMPLETION) CreateToken (); > -------------------------------------------------------------------- > > Intel Technology Poland sp. z o.o. > ul. Slowackiego 173 | 80-298 Gdansk | Sad Rejonowy Gdansk Polnoc | VII Wydzial Gospodarczy Krajowego Rejestru Sadowego - KRS 101882 | NIP 957-07-52-316 | Kapital zakladowy 200.000 PLN. > > Ta wiadomosc wraz z zalacznikami jest przeznaczona dla okreslonego adresata i moze zawierac informacje poufne. W razie przypadkowego otrzymania tej wiadomosci, prosimy o powiadomienie nadawcy oraz trwale jej usuniecie; jakiekolwiek > przegladanie lub rozpowszechnianie jest zabronione. > This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). If you are not the intended recipient, please contact the sender and delete all copies; any review or distribution by > others is strictly prohibited. >