> > rcu_assign_pointer(kvm->buses[bus_idx], new_bus);
> > - synchronize_srcu_expedited(&kvm->srcu);
> > - kfree(bus);
> > +
> > + call_srcu(&kvm->srcu, &bus->rcu, free_kvm_io_bus);
>
> I don't think this is safe from a functional correctness perspective, as KVM must
> guarantee all readers see the new device before KVM returns control to
> userspace.
> E.g. I'm pretty sure KVM_REGISTER_COALESCED_MMIO is used while vCPUs are
> active.
>
> However, I'm pretty sure the only readers that actually rely on SRCU are vCPUs,
> so I _think_ the synchronize_srcu_expedited() is necessary if and only if vCPUs
> have been created.
>
This patch does not change rcu_assign_pointer(), and srcu_dereference will be used when vCPU read this buses, so I think synchronize_srcu_expedited is not a must?
> That could race with concurrent vCPU creation in a few flows that don't take
> kvm->lock, but that should be ok from an ABI perspective. False
> kvm->positives (vCPU
> creation fails) are benign, and false negatives (vCPU created after the check) are
> inherently racy, i.e. userspace can't guarantee the vCPU sees any particular
> ordering.
>
> So this?
>
> if (READ_ONCE(kvm->created_vcpus)) {
> synchronize_srcu_expedited(&kvm->srcu);
> kfree(bus);
> } else {
> call_srcu(&kvm->srcu, &bus->rcu, free_kvm_io_bus);
> }
