From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C481BC2BD09 for ; Fri, 12 Jul 2024 08:59:47 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 3D32C6B0098; Fri, 12 Jul 2024 04:59:47 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 383676B0099; Fri, 12 Jul 2024 04:59:47 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 24A1C6B009A; Fri, 12 Jul 2024 04:59:47 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 063416B0098 for ; Fri, 12 Jul 2024 04:59:46 -0400 (EDT) Received: from smtpin27.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id 66C3D80966 for ; Fri, 12 Jul 2024 08:59:46 +0000 (UTC) X-FDA: 82330502772.27.510B110 Received: from h3cspam02-ex.h3c.com (smtp.h3c.com [60.191.123.50]) by imf06.hostedemail.com (Postfix) with ESMTP id 57C9B180016 for ; Fri, 12 Jul 2024 08:59:42 +0000 (UTC) Authentication-Results: imf06.hostedemail.com; dkim=none; dmarc=none; spf=pass (imf06.hostedemail.com: domain of zhang.chunA@h3c.com designates 60.191.123.50 as permitted sender) smtp.mailfrom=zhang.chunA@h3c.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1720774759; a=rsa-sha256; cv=none; b=KauXhsVaMQgRYyaS0NcUmbcGmTxRdoGIfyXPXKMcUE6eovjrBIK8GTYZfAkd7RzHkfKZU1 Ee25IXosfcDwtkkO53XVzgucW9tA6NFHkLVDkyDD3ZbPRUbxsrmepU2y10BfpoCiINWVXq E6jdmnLZcwmDHr3k4stg0Bl09xk51/M= ARC-Authentication-Results: i=1; imf06.hostedemail.com; dkim=none; dmarc=none; spf=pass (imf06.hostedemail.com: domain of zhang.chunA@h3c.com designates 60.191.123.50 as permitted sender) smtp.mailfrom=zhang.chunA@h3c.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1720774759; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=U8Nqg/zvkPIaHNY0SmH9jRje8jTY3vNxaG1iFR6UoZs=; b=z4C9R6+VQnzpgLfT6x/xFTF0nglApVx4nU5HVfGb24makKlnv9sDh45CDxEHP2PwgSYA0o fN6EMI+Snv96m7EN8gdfzbu4+XcGYWD7TSVrWL9EB/6tUs3nU7+HmTYGAwY3KhLhK2vyNN iR7o7wFPXbNymxJ9f2e/JUgJ9dQZVAI= Received: from h3cspam02-ex.h3c.com (localhost [127.0.0.2] (may be forged)) by h3cspam02-ex.h3c.com with ESMTP id 46C7reLp037063 for ; Fri, 12 Jul 2024 15:53:40 +0800 (GMT-8) (envelope-from zhang.chunA@h3c.com) Received: from mail.maildlp.com ([172.25.15.154]) by h3cspam02-ex.h3c.com with ESMTP id 46C7rE2g035859; Fri, 12 Jul 2024 15:53:14 +0800 (GMT-8) (envelope-from zhang.chunA@h3c.com) Received: from DAG6EX09-BJD.srv.huawei-3com.com (unknown [10.153.34.11]) by mail.maildlp.com (Postfix) with ESMTP id 42F2B23073A3; Fri, 12 Jul 2024 15:57:33 +0800 (CST) Received: from localhost.localdomain.com (10.99.206.13) by DAG6EX09-BJD.srv.huawei-3com.com (10.153.34.11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.2.1258.27; Fri, 12 Jul 2024 15:53:16 +0800 From: zhangchun To: CC: , , , , , , Subject: [PATCH v2] =?UTF-8?q?mm:=20Give=20kmap=5Flock=20before=20call=20flus?= =?UTF-8?q?h=5Ftlb=5Fkernel=5Frang=EF=BC=8Cavoid=20kmap=5Fhigh=20deadlock.?= Date: Fri, 12 Jul 2024 15:54:41 +0800 Message-ID: <1720770881-65312-1-git-send-email-zhang.chuna@h3c.com> X-Mailer: git-send-email 1.8.3.1 In-Reply-To: <20240710103611.809895ff809df9ed411bfaa8@linux-foundation.org> References: <20240710103611.809895ff809df9ed411bfaa8@linux-foundation.org> MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit X-Originating-IP: [10.99.206.13] X-ClientProxiedBy: BJSMTP01-EX.srv.huawei-3com.com (10.63.20.132) To DAG6EX09-BJD.srv.huawei-3com.com (10.153.34.11) X-DNSRBL: X-MAIL:h3cspam02-ex.h3c.com 46C7reLp037063 X-Rspamd-Queue-Id: 57C9B180016 X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: gjierirfrwpp8fet3dn9r9pgqh9zsnox X-HE-Tag: 1720774782-828819 X-HE-Meta: U2FsdGVkX19ePpsYAb0G94q18VB0Bp5zS1MQQdStmDc6lK9YYb7JvK0/PO0CFzNV7Ow2TtlW/zQNcp0BuK9Sug6fypd3PRkMkRGPtk8gAKf+HJhjp04fc7HcvKtHyo2VC5GAnOjxM1ufowtikW8bLPuoR6xNYChzd47Is6M9PXW45VIkroXuilbcwrIIc4EdxLlwIFaF8Cx5pOMK6fsNslPzN1WW2ftJoGelYLZz7K7i6DcZ18SL2W+3U28riTFYfLKClIMc/WS4yBsGSawhJ/jbuf07eAi/iv5e3Z6viyiF3SUi57hNsbcGGkVowLZIoJ7xwfa1BJIf/2EesCxrM3XsJcDF+w/O1Ls5dlfFLCUK/AMiYYTMDyN1NmdU7wrw3ck587jGF0bbaKS91o8v3pcIBpxynuEtjY/tCVax3IWTuyEAOpNSGhJE89V222DIQSCVdqe4kU3x3EbV6usvALxMLzkiXO/SI77GKltnpAScbMM2EZpWUPJNVZvevxPglGCpOCc8blTub1kXfGcowrrRtcD/FFYzHo501f6u8MfbuVdm6HqXaKi12KEFEyTbVDJfOR/SOPs4ZxlOTSJ+dpdC+PAIG1i3x5I8WsAXcnaHBKx0r/zvCuoJmD+Hu+/7lM5+yslEZ8KtnbSWDZX/JO1sDJn3mqbGnRp1ZQ8A9j1lOsWnA7XWVb2k0gUcjqnLnPVm+qNGeEsRvb69dBbDQNIaXrQCJS/pp5HJTf522kHKaQfnQgzeNyriQV2Ya53UUH57B2xTEkWUnytqt+LhQfCeat6hs/0jJnu5tgoHuYPJh26w4JTwPwU8gtd1rHI4uQukretoWdr45ljOWlZ60KgSvt9N5g6Stl1PHvvf+cswrM6M2NRxuQEGxBNkELRT9+7RNj8H3/iQ5tgJm5kePsx/iqetaf0Ga35rhzShZxjjwIc4+gRSH4aXnhVz2DpfDZtWtN+MeWR/slRc57a 9B+1kKCX hFpmXlTkJiW9NZZS/DuUDlFeDPE1oBOjTs0mJwsjMhv3rndWog4fOO/sd+ho+BFfMJrBahA8Nv/fqfCqt06+ECFDXBxfofzKACu1tu1P180ROlXdMc8xVAGBN6mSxlTp0PWX+PmGuxzlZoA4BJTpzj6vO3WWEU3rNEMcuroNndGDHpY3ueil2uvqRm2OEvMmNQufrSosKMjnQEzT7X4xXNNmQOV+6/ZXqhbSuBq5DFCtyqBU= X-Bogosity: Ham, tests=bogofilter, spamicity=0.005763, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: >> >> --- a/mm/highmem.c >> >> +++ b/mm/highmem.c >> >> @@ -220,8 +220,11 @@ static void flush_all_zero_pkmaps(void) >> >> set_page_address(page, NULL); >> >> need_flush = 1; >> >> } >> >> - if (need_flush) >> >> + if (need_flush) { >> >> + unlock_kmap(); >> >> flush_tlb_kernel_range(PKMAP_ADDR(0), PKMAP_ADDR(LAST_PKMAP)); >> >> + lock_kmap(); >> >> + } >> >> } >> >> >Why is dropping the lock like this safe? What data is it protecting >> >and why is it OK to leave that data unprotected here? >> >> kmap_lock is used to protect pkmap_count, pkmap_page_table and last_pkmap_nr(static variable). >> When call flush_tlb_kernel_range(PKMAP_ADDR(0), >> PKMAP_ADDR(LAST_PKMAP)), flush_tlb_kernel_range will neither modify nor read these variables. Leave that data unprotected here is safe. >No, the risk here is that when the lock is dropped, other threads will modify the data. And when this thread (the one running >flush_all_zero_pkmaps()) retakes the lock, that data may now be unexpectedly altered. map_new_virtual aims to find an usable entry pkmap_count[last_pkmap_nr]. When read and modify the pkmap_count[last_pkmap_nr], the kmap_lock is not dropped. "if (!pkmap_count[last_pkmap_nr])" determine pkmap_count[last_pkmap_nr] is usable or not. If unusable, try agin. Furthermore, the value of static variable last_pkmap_nr is stored in a local variable last_pkmap_nr, when kmap_lock is acquired, this is thread-safe. In an extreme case, if Thread A and Thread B access the same last_pkmap_nr, Thread A calls function flush_tlb_kernel_range and release the kmap_lock, and Thread B then acquires the kmap_lock and modifies the variable pkmap_count[last_pkmap_nr]. After Thread A completes the execution of function flush_tlb_kernel_range, it will check the variable pkmap_count[last_pkmap_nr]. If pkmap_count[last_pkmap_nr] != 0, Thread A continue to call get_next_pkmap_nr and get next last_pkmap_nr. static inline unsigned long map_new_virtual(struct page *page) { unsigned long vaddr; int count; unsigned int last_pkmap_nr; // local variable to store static variable last_pkmap_nr unsigned int color = get_pkmap_color(page); start: ... flush_all_zero_pkmaps();// release kmap_lock, then acquire it count = get_pkmap_entries_count(color); } ... if (!pkmap_count[last_pkmap_nr]) // pkmap_count[last_pkmap_nr] is used or not break; /* Found a usable entry */ if (--count) continue; ... vaddr = PKMAP_ADDR(last_pkmap_nr); set_pte_at(&init_mm, vaddr, &(pkmap_page_table[last_pkmap_nr]), mk_pte(page, kmap_prot)); pkmap_count[last_pkmap_nr] = 1; ... return vaddr; } -- 1.8.3.1