From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=mjnn=CL=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-9.8 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,
	HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY,
	SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 440FDC433E7
	for <linux-mm@archiver.kernel.org>; Wed,  2 Sep 2020 09:48:57 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id EA72A204FD
	for <linux-mm@archiver.kernel.org>; Wed,  2 Sep 2020 09:48:56 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="QLpYc9FB"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org EA72A204FD
Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmail.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id 6D0F86B0003; Wed,  2 Sep 2020 05:48:56 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 65A286B0037; Wed,  2 Sep 2020 05:48:56 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 5223D6B0055; Wed,  2 Sep 2020 05:48:56 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0018.hostedemail.com [216.40.44.18])
	by kanga.kvack.org (Postfix) with ESMTP id 387336B0003
	for <linux-mm@kvack.org>; Wed,  2 Sep 2020 05:48:56 -0400 (EDT)
Received: from smtpin29.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay04.hostedemail.com (Postfix) with ESMTP id 017D3F043
	for <linux-mm@kvack.org>; Wed,  2 Sep 2020 09:48:56 +0000 (UTC)
X-FDA: 77217647472.29.spark21_1814707270a0
Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251])
	by smtpin29.hostedemail.com (Postfix) with ESMTP id C81DC180868E6
	for <linux-mm@kvack.org>; Wed,  2 Sep 2020 09:48:55 +0000 (UTC)
X-HE-Tag: spark21_1814707270a0
X-Filterd-Recvd-Size: 6887
Received: from mail-pg1-f195.google.com (mail-pg1-f195.google.com [209.85.215.195])
	by imf14.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Wed,  2 Sep 2020 09:48:55 +0000 (UTC)
Received: by mail-pg1-f195.google.com with SMTP id u13so1348029pgh.1
        for <linux-mm@kvack.org>; Wed, 02 Sep 2020 02:48:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=date:from:subject:to:cc:references:in-reply-to:mime-version
         :message-id:content-transfer-encoding;
        bh=ux3HYVB/twlQxBcSTqnhWPU2AHJs+FvCx+/z5WDVFJA=;
        b=QLpYc9FBvtf6jo9nK102wCzMR9/mge0/dioBMTh/v1a4B+JEU/RenX7oalAr56yIZn
         Vw2hcZQ5uRDbXZFueRaM8oVZPG0YRCw31NJIVVC4EIoPjBwdHPXQoxAirsz12JdleEpZ
         c/LNuVRZKxnX+Ok5jSv8Dcx6PdpAzitK30c4CJKUg1abwFyWXck4hjp03VMhAKbrEOO0
         sskujutTj9SZak6W74eCKFWdUgCPpAq3ZYu69/1UgqYEdSjJQwo/yto74hobN8h2uuqY
         iJvsu8wROTb6Do/xdyM4sruaXLKl48VhMRHt69NLg1fHzE/D/k1rMJ6pMfQNXYwaCPRF
         VQKA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:subject:to:cc:references:in-reply-to
         :mime-version:message-id:content-transfer-encoding;
        bh=ux3HYVB/twlQxBcSTqnhWPU2AHJs+FvCx+/z5WDVFJA=;
        b=aHAu5zdKnFqMLIyDKS3A50Y0xWMOyT+SeR4JV5EQA+ef/JN5fanC+u86q9C62pVZAr
         mIlAiJLhWQFk3RZrDOpf/l3YeIIkK1aIHhTWW6N0T2dnN24NX85LDCqfLlGL1/470j+J
         JneNvPXpnMXPu8ooM2uXAEzzzXG/sm4JUYrV+7eikiZxR++MwhKVaYOq4AXiU2zU9fNC
         IExaTnbjYNY4jgtAycoPI0m4AS/Rcfz8Iz+NUTgacDnY9P4oCN7FiHL8fo7e1AoyRr4T
         PKSJVfvHpKiP3AiYzf9Swxght+TJHO/a5mWHa/3LloNtOyuGzkCXqh2XAdHRrut0oABT
         NUrA==
X-Gm-Message-State: AOAM531byyxLvWLGRVnFlHO5Iam+lrvLHVwvpwbQyJ2gG2GvFQxeNw/8
	iaMUICxt6/yCHHsJOFFk25A05dUjlmg=
X-Google-Smtp-Source: ABdhPJw2Gdu85lsEOOBHC+PCTNvx970ucNEWXKOugZTaqo6EkmkDIuAOpg0ck/tyA4uRQCobvrmPXg==
X-Received: by 2002:a63:a08:: with SMTP id 8mr1218714pgk.300.1599040134303;
        Wed, 02 Sep 2020 02:48:54 -0700 (PDT)
Received: from localhost ([203.185.249.227])
        by smtp.gmail.com with ESMTPSA id q201sm4899665pfq.80.2020.09.02.02.48.53
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 02 Sep 2020 02:48:53 -0700 (PDT)
Date: Wed, 02 Sep 2020 19:48:48 +1000
From: Nicholas Piggin <npiggin@gmail.com>
Subject: Re: [PATCH 4/4] powerpc/64s/radix: Fix mm_cpumask trimming race vs
 kthread_use_mm
To: linux-mm@kvack.org, Michael Ellerman <mpe@ellerman.id.au>
Cc: Andrew Morton <akpm@linux-foundation.org>, "Aneesh Kumar K.V"
	<aneesh.kumar@linux.ibm.com>, Jens Axboe <axboe@kernel.dk>, "David S. Miller"
	<davem@davemloft.net>, linux-arch@vger.kernel.org,
	linux-kernel@vger.kernel.org, linuxppc-dev@lists.ozlabs.org, Peter Zijlstra
	<peterz@infradead.org>
References: <20200828100022.1099682-1-npiggin@gmail.com>
	<20200828100022.1099682-5-npiggin@gmail.com>
	<87pn751zcb.fsf@mpe.ellerman.id.au>
In-Reply-To: <87pn751zcb.fsf@mpe.ellerman.id.au>
MIME-Version: 1.0
Message-Id: <1599040088.z7acx6fvvf.astroid@bobo.none>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Rspamd-Queue-Id: C81DC180868E6
X-Spamd-Result: default: False [0.00 / 100.00]
X-Rspamd-Server: rspam01
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

Excerpts from Michael Ellerman's message of September 1, 2020 10:00 pm:
> Nicholas Piggin <npiggin@gmail.com> writes:
>> Commit 0cef77c7798a7 ("powerpc/64s/radix: flush remote CPUs out of
>> single-threaded mm_cpumask") added a mechanism to trim the mm_cpumask of
>> a process under certain conditions. One of the assumptions is that
>> mm_users would not be incremented via a reference outside the process
>> context with mmget_not_zero() then go on to kthread_use_mm() via that
>> reference.
>>
>> That invariant was broken by io_uring code (see previous sparc64 fix),
>> but I'll point Fixes: to the original powerpc commit because we are
>> changing that assumption going forward, so this will make backports
>> match up.
>>
>> Fix this by no longer relying on that assumption, but by having each CPU
>> check the mm is not being used, and clearing their own bit from the mask
>> if it's okay. This fix relies on commit 38cf307c1f20 ("mm: fix
>> kthread_use_mm() vs TLB invalidate") to disable irqs over the mm switch,
>> and ARCH_WANT_IRQS_OFF_ACTIVATE_MM to be enabled.
>=20
> You could use:
>=20
> Depends-on: 38cf307c1f20 ("mm: fix kthread_use_mm() vs TLB invalidate")

Good idea I wil.

>> Fixes: 0cef77c7798a7 ("powerpc/64s/radix: flush remote CPUs out of singl=
e-threaded mm_cpumask")
>> Signed-off-by: Nicholas Piggin <npiggin@gmail.com>
>> ---
>>  arch/powerpc/include/asm/tlb.h       | 13 -------------
>>  arch/powerpc/mm/book3s64/radix_tlb.c | 23 ++++++++++++++++-------
>>  2 files changed, 16 insertions(+), 20 deletions(-)
>=20
> One minor nit below if you're respinning anyway.
>=20
> You know this stuff better than me, but I still reviewed it and it seems
> good to me.
>=20
> Reviewed-by: Michael Ellerman <mpe@ellerman.id.au>

Thanks.

>=20
>> diff --git a/arch/powerpc/include/asm/tlb.h b/arch/powerpc/include/asm/t=
lb.h
>> index fbc6f3002f23..d97f061fecac 100644
>> --- a/arch/powerpc/include/asm/tlb.h
>> +++ b/arch/powerpc/include/asm/tlb.h
>> @@ -66,19 +66,6 @@ static inline int mm_is_thread_local(struct mm_struct=
 *mm)
>>  		return false;
>>  	return cpumask_test_cpu(smp_processor_id(), mm_cpumask(mm));
>>  }
>> -static inline void mm_reset_thread_local(struct mm_struct *mm)
>> -{
>> -	WARN_ON(atomic_read(&mm->context.copros) > 0);
>> -	/*
>> -	 * It's possible for mm_access to take a reference on mm_users to
>> -	 * access the remote mm from another thread, but it's not allowed
>> -	 * to set mm_cpumask, so mm_users may be > 1 here.
>> -	 */
>> -	WARN_ON(current->mm !=3D mm);
>> -	atomic_set(&mm->context.active_cpus, 1);
>> -	cpumask_clear(mm_cpumask(mm));
>> -	cpumask_set_cpu(smp_processor_id(), mm_cpumask(mm));
>> -}
>>  #else /* CONFIG_PPC_BOOK3S_64 */
>>  static inline int mm_is_thread_local(struct mm_struct *mm)
>>  {
>> diff --git a/arch/powerpc/mm/book3s64/radix_tlb.c b/arch/powerpc/mm/book=
3s64/radix_tlb.c
>> index 0d233763441f..a421a0e3f930 100644
>> --- a/arch/powerpc/mm/book3s64/radix_tlb.c
>> +++ b/arch/powerpc/mm/book3s64/radix_tlb.c
>> @@ -645,19 +645,29 @@ static void do_exit_flush_lazy_tlb(void *arg)
>>  	struct mm_struct *mm =3D arg;
>>  	unsigned long pid =3D mm->context.id;
>> =20
>> +	/*
>> +	 * A kthread could have done a mmget_not_zero() after the flushing CPU
>> +	 * checked mm_users =3D=3D 1, and be in the process of kthread_use_mm =
when
>                                 ^
>                                 in mm_is_singlethreaded()
>=20
> Adding that reference would help join the dots for a new reader I think.

Yes you're right I can change that.

Thanks,
Nick