From: Nadav Amit <nadav.amit@gmail.com>
To: Dave Hansen <dave.hansen@intel.com>
Cc: Linux-MM <linux-mm@kvack.org>,
LKML <linux-kernel@vger.kernel.org>,
Andrea Arcangeli <aarcange@redhat.com>,
Andrew Cooper <andrew.cooper3@citrix.com>,
Andrew Morton <akpm@linux-foundation.org>,
Andy Lutomirski <luto@kernel.org>,
Dave Hansen <dave.hansen@linux.intel.com>,
Peter Xu <peterx@redhat.com>,
Peter Zijlstra <peterz@infradead.org>,
Thomas Gleixner <tglx@linutronix.de>,
Will Deacon <will@kernel.org>, Yu Zhao <yuzhao@google.com>,
Nick Piggin <npiggin@gmail.com>,
"x86@kernel.org" <x86@kernel.org>
Subject: Re: [PATCH v2 2/5] mm: avoid unnecessary flush on change_huge_pmd()
Date: Tue, 26 Oct 2021 12:06:40 -0700 [thread overview]
Message-ID: <8BC74789-FF33-403F-B5D7-19034CAC7EE6@gmail.com> (raw)
In-Reply-To: <435f41f2-ffd4-0278-9f26-fbe2c2c7545c@intel.com>
> On Oct 26, 2021, at 11:44 AM, Dave Hansen <dave.hansen@intel.com> wrote:
>
> On 10/26/21 10:44 AM, Nadav Amit wrote:
>>> "If software on one logical processor writes to a page while software on
>>> another logical processor concurrently clears the R/W flag in the
>>> paging-structure entry that maps the page, execution on some processors may
>>> result in the entry’s dirty flag being set (due to the write on the first
>>> logical processor) and the entry’s R/W flag being clear (due to the update
>>> to the entry on the second logical processor). This will never occur on a
>>> processor that supports control-flow enforcement technology (CET)”
>>>
>>> So I guess that this optimization can only be enabled when CET is enabled.
>>>
>>> :(
>> I still wonder whether the SDM comment applies to present bit vs dirty
>> bit atomicity as well.
>
> I think it's implicit. From "4.8 ACCESSED AND DIRTY FLAGS":
>
> "Whenever there is a write to a linear address, the processor
> sets the dirty flag (if it is not already set) in the paging-
> structure entry"
>
> There can't be a "write to a linear address" without a Present=1 PTE.
> If it were a Dirty=1,Present=1 PTE, there's no race because there might
> not be a write to the PTE at all.
>
> There's also this from the "4.10.4.3 Optional Invalidation" section:
>
> "no TLB entry or paging-structure cache entry is created with
> information from a paging-structure entry in which the P flag
> is 0."
>
> That means that we don't have to worry about the TLB doing something
> bonkers like caching a Dirty=1 bit from a Present=0 PTE.
>
> Is that what you were worried about?
Thanks Dave, but no - that is not my concern.
To make it very clear - consider the following scenario, in which
a volatile pointer p is mapped using a certain PTE, which is RW
(i.e., *p is writable):
CPU0 CPU1
---- ----
x = *p
[ PTE cached in TLB;
PTE is not dirty ]
clear_pte(PTE)
*p = x
[ needs to set dirty ]
Note that there is no TLB flush in this scenario. The question
is whether the write access to *p would succeed, setting the
dirty bit on the clear, non-present entry.
I was under the impression that the hardware AD-assist would
recheck the PTE atomically as it sets the dirty bit. But, as I
said, I am not sure anymore whether this is defined architecturally
(or at least would work in practice on all CPUs modulo the
Knights Landing thingy).
next prev parent reply other threads:[~2021-10-26 19:06 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-10-21 12:21 [PATCH v2 0/5] mm/mprotect: avoid unnecessary TLB flushes Nadav Amit
2021-10-21 12:21 ` [PATCH v2 1/5] x86: Detection of Knights Landing A/D leak Nadav Amit
2021-10-26 15:54 ` Dave Hansen
2021-10-26 15:57 ` Nadav Amit
2021-10-21 12:21 ` [PATCH v2 2/5] mm: avoid unnecessary flush on change_huge_pmd() Nadav Amit
2021-10-25 10:52 ` Peter Zijlstra
2021-10-25 16:29 ` Nadav Amit
2021-10-26 16:06 ` Dave Hansen
2021-10-26 16:47 ` Nadav Amit
2021-10-26 16:53 ` Nadav Amit
2021-10-26 17:44 ` Nadav Amit
2021-10-26 18:44 ` Dave Hansen
2021-10-26 19:06 ` Nadav Amit [this message]
2021-10-26 19:40 ` Dave Hansen
2021-10-26 20:07 ` Nadav Amit
2021-10-26 20:47 ` Dave Hansen
2021-10-21 12:21 ` [PATCH v2 3/5] x86/mm: check exec permissions on fault Nadav Amit
2021-10-25 10:59 ` Peter Zijlstra
2021-10-25 11:13 ` Andrew Cooper
2021-10-25 14:23 ` Dave Hansen
2021-10-25 14:20 ` Dave Hansen
2021-10-25 16:19 ` Nadav Amit
2021-10-25 17:45 ` Dave Hansen
2021-10-25 17:51 ` Nadav Amit
2021-10-25 18:00 ` Dave Hansen
2021-10-21 12:21 ` [PATCH v2 4/5] mm/mprotect: use mmu_gather Nadav Amit
2021-10-21 12:21 ` [PATCH v2 5/5] mm/mprotect: do not flush on permission promotion Nadav Amit
2021-10-25 11:12 ` Peter Zijlstra
2021-10-25 16:27 ` Nadav Amit
2021-10-22 3:04 ` [PATCH v2 0/5] mm/mprotect: avoid unnecessary TLB flushes Andrew Morton
2021-10-22 21:58 ` Nadav Amit
2021-10-26 16:09 ` Dave Hansen
2021-10-25 10:50 ` Peter Zijlstra
2021-10-25 16:42 ` Nadav Amit
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8BC74789-FF33-403F-B5D7-19034CAC7EE6@gmail.com \
--to=nadav.amit@gmail.com \
--cc=aarcange@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=andrew.cooper3@citrix.com \
--cc=dave.hansen@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@kernel.org \
--cc=npiggin@gmail.com \
--cc=peterx@redhat.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=will@kernel.org \
--cc=x86@kernel.org \
--cc=yuzhao@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox