On 29/09/2023 12:36, David Woodhouse wrote:
From: David Woodhouse <dwmw@xxxxxxxxxxxx> Most of the time there's no need to kick the vCPU and deliver the timer event through kvm_xen_inject_timer_irqs(). Use kvm_xen_set_evtchn_fast() directly from the timer callback, and only fall back to the slow path when it's necessary to do so. This gives a significant improvement in timer latency testing (using nanosleep() for various periods and then measuring the actual time elapsed). However, there was a reason¹ the fast path was dropped when this support was first added. The current code holds vcpu->mutex for all operations on the kvm->arch.timer_expires field, and the fast path introduces potential race conditions. So... ensure the hrtimer is *cancelled* before making changes in kvm_xen_start_timer(), and also when reading the values out for KVM_XEN_VCPU_ATTR_TYPE_TIMER. Add some sanity checks to ensure the truth of the claim that all the other code paths are run with the vcpu loaded. And use hrtimer_cancel() directly from kvm_xen_destroy_vcpu() to avoid a false positive from the check in kvm_xen_stop_timer(). ¹ https://lore.kernel.org/kvm/846caa99-2e42-4443-1070-84e49d2f11d2@xxxxxxxxxx/ Signed-off-by: David Woodhouse <dwmw@xxxxxxxxxxxx> --- • v2: Remember, and deal with, those races. arch/x86/kvm/xen.c | 64 +++++++++++++++++++++++++++++++++++++++++----- 1 file changed, 58 insertions(+), 6 deletions(-)
Reviewed-by: Paul Durrant <paul@xxxxxxx>
