diff mbox series

eal: fix thread race in control thread creation

Message ID	1677518230-1194-1-git-send-email-roretzla@linux.microsoft.com (mailing list archive)
State	Superseded, archived
Delegated to:	Thomas Monjalon
Headers	From: Tyler Retzlaff <roretzla@linux.microsoft.com> To: dev@dpdk.org, david.marchand@redhat.com Cc: thomas@monjalon.net, Tyler Retzlaff <roretzla@linux.microsoft.com> Subject: [PATCH] eal: fix thread race in control thread creation Date: Mon, 27 Feb 2023 09:17:10 -0800 Message-Id: <1677518230-1194-1-git-send-email-roretzla@linux.microsoft.com> Precedence: list Errors-To: dev-bounces@dpdk.org
Series	eal: fix thread race in control thread creation \| eal: fix thread race in control thread creation

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/Intel-compilation	success	Compilation OK
ci/iol-broadcom-Performance	success	Performance Testing PASS
ci/iol-mellanox-Performance	success	Performance Testing PASS
ci/intel-Testing	success	Testing PASS
ci/iol-broadcom-Functional	success	Functional Testing PASS
ci/intel-Performance	success	Performance Testing PASS
ci/iol-intel-Functional	success	Functional Testing PASS
ci/iol-intel-Performance	success	Performance Testing PASS
ci/github-robot: build	success	github build: passed
ci/iol-aarch64-unit-testing	success	Testing PASS
ci/iol-abi-testing	success	Testing PASS
ci/iol-testing	success	Testing PASS
ci/iol-x86_64-unit-testing	success	Testing PASS
ci/iol-aarch64-compile-testing	success	Testing PASS
ci/iol-x86_64-compile-testing	success	Testing PASS
ci/intel-Functional	success	Functional PASS
ci/loongarch-compilation	success	Compilation OK
ci/loongarch-unit-testing	success	Unit Testing PASS

Commit Message

Tyler Retzlaff Feb. 27, 2023, 5:17 p.m. UTC

  When ctrl_thread_init transitions params->ctrl_thread_status from
CTRL_THREAD_LAUNCHING the creating thread and new thread may run
concurrently leading to unsynchronized access to params.

This permits races for both the failure and success paths after
ctrl_thread_status is stored.
  * params->ret may be loaded in ctrl_thread_init failure path
  * params->arg may be loaded in ctrl_thread_start or
    control_thread_start when calling start_routine.

for ctrl_thread_init remove the params->ret load and just return 1 since
it is only interpreted as a indicator of success / failure of
ctrl_thread_init.

for {ctrl,control}_thread_start store param->arg in stack allocated
storage prior to calling ctrl_thread_init and use the copy when calling
start_routine.

for control_thread_start if ctrl_thread_init fails just return 0 instead
of loading params->ret, since the value returned is unused when
ctrl_thread_status is set to CTRL_THREAD_ERROR when ctrl_thread_init
fails.

Fixes: 878b7468eacb ("eal: add platform agnostic control thread API")

Signed-off-by: Tyler Retzlaff <roretzla@linux.microsoft.com>
---
 lib/eal/common/eal_common_thread.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

Comments

David Marchand March 1, 2023, 8:19 a.m. UTC | #1

On Mon, Feb 27, 2023 at 6:17 PM Tyler Retzlaff
<roretzla@linux.microsoft.com> wrote:
>
> When ctrl_thread_init transitions params->ctrl_thread_status from
> CTRL_THREAD_LAUNCHING the creating thread and new thread may run
> concurrently leading to unsynchronized access to params.
>
> This permits races for both the failure and success paths after
> ctrl_thread_status is stored.
>   * params->ret may be loaded in ctrl_thread_init failure path
>   * params->arg may be loaded in ctrl_thread_start or
>     control_thread_start when calling start_routine.
>
> for ctrl_thread_init remove the params->ret load and just return 1 since

For*

> it is only interpreted as a indicator of success / failure of
> ctrl_thread_init.
>
> for {ctrl,control}_thread_start store param->arg in stack allocated

For*

> storage prior to calling ctrl_thread_init and use the copy when calling
> start_routine.
>
> for control_thread_start if ctrl_thread_init fails just return 0 instead

For*



> of loading params->ret, since the value returned is unused when
> ctrl_thread_status is set to CTRL_THREAD_ERROR when ctrl_thread_init
> fails.
>
> Fixes: 878b7468eacb ("eal: add platform agnostic control thread API")
>
> Signed-off-by: Tyler Retzlaff <roretzla@linux.microsoft.com>

Reviewed-by: David Marchand <david.marchand@redhat.com>

Thanks Tyler.

diff mbox series

Patch

diff --git a/lib/eal/common/eal_common_thread.c b/lib/eal/common/eal_common_thread.c
index edb9d4e..079a385 100644
--- a/lib/eal/common/eal_common_thread.c
+++ b/lib/eal/common/eal_common_thread.c
@@ -256,7 +256,7 @@  static int ctrl_thread_init(void *arg)
 	if (params->ret != 0) {
 		__atomic_store_n(&params->ctrl_thread_status,
 			CTRL_THREAD_ERROR, __ATOMIC_RELEASE);
-		return params->ret;
+		return 1;
 	}
 
 	__atomic_store_n(&params->ctrl_thread_status,
@@ -268,23 +268,25 @@  static int ctrl_thread_init(void *arg)
 static void *ctrl_thread_start(void *arg)
 {
 	struct rte_thread_ctrl_params *params = arg;
+	void *start_arg = params->arg;
 	void *(*start_routine)(void *) = params->u.ctrl_start_routine;
 
 	if (ctrl_thread_init(arg) != 0)
 		return NULL;
 
-	return start_routine(params->arg);
+	return start_routine(start_arg);
 }
 
 static uint32_t control_thread_start(void *arg)
 {
 	struct rte_thread_ctrl_params *params = arg;
+	void *start_arg = params->arg;
 	rte_thread_func start_routine = params->u.control_start_routine;
 
 	if (ctrl_thread_init(arg) != 0)
-		return params->ret;
+		return 0;
 
-	return start_routine(params->arg);
+	return start_routine(start_arg);
 }
 
 int