On 28.02.2020 16:27, Roger Pau Monné wrote: > On Fri, Feb 28, 2020 at 02:29:09PM +0100, Jan Beulich wrote: >> On 19.02.2020 18:43, Roger Pau Monne wrote: >>> Current implementation of hvm_asid_flush_vcpu is not safe to use >>> unless the target vCPU is either paused or the currently running one, >>> as it modifies the generation without any locking. >> >> Indeed, but the issue you're taking care of is highly theoretical: >> I don't think any sane compiler will split writes of the fields >> to multiple insns. It would be nice if this was made clear here. > > What about adding: > >>> Fix this by using atomic operations when accessing the generation >>> field, both in hvm_asid_flush_vcpu_asid and other ASID functions. This >>> allows to safely flush the current ASID generation. Note that for the >>> flush to take effect if the vCPU is currently running a vmexit is >>> required. > > "Most compilers will already do such writes and reads as a single > instruction, so the usage of atomic operations is mostly used as a > safety measure." > > Here?
Could you perhaps start with "Compilers will normally ..." I'm fine with the rest, it's just that "most compilers" still feels like an understatement. Jan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xenproject.org https://lists.xenproject.org/mailman/listinfo/xen-devel