From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id EB419C4332F for ; Fri, 16 Dec 2022 08:46:00 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 5E1EA8E0003; Fri, 16 Dec 2022 03:46:00 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 58FC98E0002; Fri, 16 Dec 2022 03:46:00 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 431038E0003; Fri, 16 Dec 2022 03:46:00 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 2FC048E0002 for ; Fri, 16 Dec 2022 03:46:00 -0500 (EST) Received: from smtpin14.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id CF6FA1C69A1 for ; Fri, 16 Dec 2022 08:45:59 +0000 (UTC) X-FDA: 80247536838.14.13B73E0 Received: from mail-vk1-f170.google.com (mail-vk1-f170.google.com [209.85.221.170]) by imf08.hostedemail.com (Postfix) with ESMTP id 4867E160004 for ; Fri, 16 Dec 2022 08:45:58 +0000 (UTC) Authentication-Results: imf08.hostedemail.com; dkim=pass header.d=linaro.org header.s=google header.b=JIugqa6X; spf=pass (imf08.hostedemail.com: domain of sumit.garg@linaro.org designates 209.85.221.170 as permitted sender) smtp.mailfrom=sumit.garg@linaro.org; dmarc=pass (policy=none) header.from=linaro.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1671180358; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=LXiz7+aJfYZS7u+pOOJ8JqBinUQiC6SAWSdlj1RRZuE=; b=aEdyfIAViCddxzonKAKdrF2HCKp2nMvBnGuOS1WWymgQSiD6jwor99X7IKG4WNjaTBkJoV EOF6a8djcnGg2T807DOchvWTnpcx6fG7VriS3n248OHBYAVZ4cl1OmVbgCwsmHC+BSPzfx 6kJtvRynwSZJtZchlGXys++ieU+Qd4E= ARC-Authentication-Results: i=1; imf08.hostedemail.com; dkim=pass header.d=linaro.org header.s=google header.b=JIugqa6X; spf=pass (imf08.hostedemail.com: domain of sumit.garg@linaro.org designates 209.85.221.170 as permitted sender) smtp.mailfrom=sumit.garg@linaro.org; dmarc=pass (policy=none) header.from=linaro.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1671180358; a=rsa-sha256; cv=none; b=gWNfuD3Et4Vx5IEAlz6UCOufu6OGtbsIPfQOuwybTVYOJwqxN6JgHQ00BjdGiQjtPXOypW QDpBO7tDQu5HOhTPc3ggszZ1irBaoxfws53NAc3HMH8hMvvKxNNF6+/QMmZ/HMbDls0PhX VKEOF9Vf2Aus6pnikIRD2kR8ypuMkGU= Received: by mail-vk1-f170.google.com with SMTP id q7so820468vka.7 for ; Fri, 16 Dec 2022 00:45:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=LXiz7+aJfYZS7u+pOOJ8JqBinUQiC6SAWSdlj1RRZuE=; b=JIugqa6XxkJKeqH32MnakZAhQ4dh/k52EGTYP2TjdXA3wd1SLmkkCnOUK+b1fDbe/H pPIn1XDPZtmv0pqcQKtmeMmFpaWg4rBZ7C5bWj3kjA1E9xb2bG2qSIMXlXyUXVV9WHIl lCdjuFbhVc3vEC9GF6SptQnyTlTNwKdviiaaJAJkHUR+cPy7kwuStz+UuWpJ7xx8EG3q K2iLIgfCktRjVN4HmTgEWgQFEAlM/1dPXt9OGuJU/HJXPiEmTztLwdDUXI60jDFuP+s/ AH2UqVy3EkeH+u5GK0Ek5fFij2VgPNJWzU80cT7KNC47mUX6h4iaU+l8hsDTp8WieJ1s t8WA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=LXiz7+aJfYZS7u+pOOJ8JqBinUQiC6SAWSdlj1RRZuE=; b=mndp+Oo5g/EiLXGmy4NY5NpYLdkPgiQw4za3R8bYebVVQubWJeO+pDrksy3YJs+7G6 3wQOKw83Xb4DfduRj7BsH77b1VPdXHLrAbtPMYqXpGXnivYn1CJLSt9Qm+wCjxZWvOGS MCEMj1/58BsZlsRWB4gRswEZKnQOQpdaF7wZy2rsFT6/1mGU9/tfkbBChFZg/dK4EhE/ fofs9HeHnU3bhaCznrillxEbAKejf8thxSRDLA8nE2b0mA6okEbVrrZpO1XkP+u9Lro8 QYGYtkNxl6AKr7OHson/4MzrtByZq9EeupbFqEPCcYbd5W68zOpI8iMu5kI0zKWjEjJD KR9Q== X-Gm-Message-State: AFqh2kquqvD+uPoRGLpaUlNuXqESh8dwOC4DT7rCxUcI+X5FKdo2zogc fQcivWe9Nj/zfiTSYyoVehuYWIK8BAXKdM3DAgQzSQ== X-Google-Smtp-Source: AMrXdXvXRG0WtWKEqOkNIeAdQuMlqwOlWChhTsxJ2eQNXxur6M4+QnXNtgAclXizRuX0Lkwq0LTJPRNV+KVcjNgVKHU= X-Received: by 2002:a1f:4841:0:b0:3c5:a3c6:786a with SMTP id v62-20020a1f4841000000b003c5a3c6786amr1022458vka.4.1671180357305; Fri, 16 Dec 2022 00:45:57 -0800 (PST) MIME-Version: 1.0 References: <20221002002326.946620-1-ira.weiny@intel.com> <20221002002326.946620-3-ira.weiny@intel.com> In-Reply-To: From: Sumit Garg Date: Fri, 16 Dec 2022 14:15:46 +0530 Message-ID: Subject: Re: [PATCH 2/4] tee: Remove vmalloc page support To: Ira Weiny Cc: Jens Wiklander , Linus Torvalds , =?UTF-8?B?UGhpbCBDaGFuZyAo5by15LiW5YuzKQ==?= , Andrew Morton , Al Viro , "Fabio M. De Francesco" , Christoph Hellwig , "op-tee@lists.trustedfirmware.org" , "linux-kernel@vger.kernel.org" , "linux-mm@kvack.org" Content-Type: text/plain; charset="UTF-8" X-Rspam-User: X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: 4867E160004 X-Stat-Signature: sy4ikc9n8y4s8qksza68c9ca8pfqk61z X-HE-Tag: 1671180358-539657 X-HE-Meta: U2FsdGVkX19bAOgUTsEPUUB18FTZUdwzCWfTi0rN5zWR7oBLlB5nS1L4IMkZKTg/0imA5Ou9V8+A9F1jLEMctdlCSAVjeteN+kRaQzfM8ktEFhDmUtqxDJnVBly8C6unsKZT84g6PK2/b9hJ+LirnocGKn4kjPYJ+YdSV8OM+znWFqZRkpJ+F+vQTX16ZzaTFF74aOpr08GUEhLxptq5wUiU5TN/M6M3fwquPvABtbGtzQLGe7Ucu/4nYuMU3FXXVHg5UBmPw5T/yS8nB0i1V7lLma9aN4Xhvu/z7ysnfl3y9pYyezARNKPZyYHu2hLEGvsEZWD1XYBS+0Bx+Q0Arv8B9hbZPV/oQX87bbeuQQEa02ossws1vmcjOQi8UG4KdjKKLbju2vCuGL4oXimcaI7JAUji36gM5Vaijhs3tZtIyTSeFUKIa67IPjR8vdvbSAPlianLwzdkKNvx1VEM261C7dboMnc/K2VLWKOrZEdg+ZNiXfAOItr44ddzX9C3F8/MHMeWOWpvdpeJcyfuF8svyPK8G+Mhi9IGE25HFYKBeTSgZrsd3ztTaKtjT4Zriji7QtbiA8NnW+2ryVUC7Socm6t3NbKvEdeX0+pVso/9QeLZb6/OTN44pEfM2rC/eqj4LC1GGTE1OEVcKceluo5GPWdmDLRA5/ueWyI8aXBQ32xRNyOhBD/j+3Do/SycUuxnxoSaCHkTOFgQy37atUKmZqGKEz2U4g4ZUlU6dVKQGm4Z+BRn6l3PF+UsrsaRuZ2CopOlDnkCbrHbuKrDlXZInaT2lPvdr+d0bIDNedhSMrY93szDlNMNWiElwdy1JzEGnsXCOsYCHg/6/EVu3L5GwYB/9P6R8ODqrzCrAUt0rwgk6wqKLGEw+yvBbZOfAPsey5fX8/OtQK+QFVF8GOVeBzfFu6XqZLbqEIH5Q7kj4fK4DhHGtx/s6mWFZs8CPmKnOgFOAvZGwY7Anhq 0I8TO1wB zv6V4M3qkNbX9bM3Mz07doneciX/NdM60NKurqId0FEo0WHA= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Fri, 16 Dec 2022 at 10:39, Sumit Garg wrote: > > On Fri, 16 Dec 2022 at 06:11, Ira Weiny wrote: > > > > On Fri, Oct 07, 2022 at 10:12:57AM +0200, Jens Wiklander wrote: > > > On Thu, Oct 6, 2022 at 8:20 PM Linus Torvalds > > > wrote: > > > > > > > > On Wed, Oct 5, 2022 at 11:24 PM Sumit Garg wrote: > > > > > > > > > > Sorry but you need to get your driver mainline in order to support > > > > > vmalloc interface. > > > > > > > > Actually, I think even then we shouldn't support vmalloc - and > > > > register_shm_helper() just needs to be changed to pass in an array of > > > > actual page pointers instead. > > > > > > register_shm_helper() is an internal function, I suppose it's what's > > > passed to tee_shm_register_user_buf() and especially > > > tee_shm_register_kernel_buf() in this case. > > > > > > So the gain is that in the kernel it becomes the caller's > > > responsibility to provide the array of page pointers and the TEE > > > subsystem doesn't need to care about what kind of kernel memory it is > > > any longer. Yes, that should avoid eventual complexities with > > > vmalloc() etc. > > > > I finally spent some time digging into this again. > > > > Overall I'm not opposed to trying to clean up the code more but I feel like the > > removal of TEE_SHM_USER_MAPPED is too complex for the main goal; to remove a > > caller of kmap_to_page(). > > > > Not only is that flag used in release_registered_pages() but it is also used in > > tee_shm_fop_mmap(). I'm not following exactly why. I think this is to allow > > mmap of the tee_shm's allocated by kernel users? > > No, its rather to allow mmap of tee_shm allocated via > tee_shm_alloc_user_buf(). Have a look at its user-space usage here > [1]. So overall I agree here that we can't get rid of > TEE_SHM_USER_MAPPED completely as it has a valid mmap use-case. > > [1] https://github.com/OP-TEE/optee_client/blob/master/libteec/src/tee_client_api.c#L907 > > > Which I _think_ is > > orthogonal to the callers of tee_shm_register_kernel_buf()? > > > > > > > > > > > > > At that point TEE_SHM_USER_MAPPED should also go away, because then > > > > it's the caller that should just do either the user space page > > > > pinning, or pass in the kernel page pointer. > > > > > > > > JensW, is there some reason that wouldn't work? > > > > > > We still need to know if it's kernel or user pages in > > > release_registered_pages(). > > > > Yes. > > > > As I dug into this it seemed ok to define a tee_shm_kernel_free(). Pull out > > the allocation of the page array from register_shm_helper() such that it could > > be handled by tee_shm_register_kernel_buf() and this new tee_shm_kernel_free(). > > > > +1 > > > This seems reasonable because the only callers of tee_shm_register_kernel_buf() > > are in trusted_tee.c and they all call tee_shm_free() on the registered memory > > prior to returning. > > > > Other callers[*] of tee_shm_free() obtained tee_shm from > > tee_shm_alloc_kernel_buf() which AFAICT avoids all this nonsense. > > > > [*] such as .../drivers/firmware/broadcom/tee_bnxt_fw.c. > > > > > > > > The struct tee_shm:s acquired with syscalls from user space are > > > reference counted. As are the kernel tee_shm:s, but I believe we could > > > separate them to avoid reference counting tee_shm:s used by kernel > > > clients if needed. I'll need to look closer at this if we're going to > > > use that approach. > > > > > > Without reference counting the caller of tee_shm_free() can be certain > > > that the secure world is done with the memory so we could delegate the > > > kernel pages part of release_registered_pages() to the caller instead. > > > > > > > I'm not sure I follow you here. Would this be along the lines of creating a > > tee_shm_free_kernel() to be used in trusted_tee.c for those specific kernel > > data? > > I can't find a reason/use-case for the TEE subsystem to keep a > refcount of memory registered by other kernel drivers like > trusted_tee.c. So yes I think it should be safe to directly free that > shm via tee_shm_free_kernel(). Also with that we can simplify shm > registration by kernel clients via directly passing page pointers to > tee_shm_register_kernel_buf() (I would rather rename this API as > tee_shm_register_kernel_pages()). Okay, so I will take up this work and get rid of kmap_to_page invocation from the TEE subsystem. Ira, You can then rebase your patchset over my work. -Sumit > > > > > Overall I feel like submitting this series again with Christoph and Al's > > comments addressed is the best way forward to get rid of kmap_to_page(). I > > would really like to get moving on that to avoid any further issues with the > > kmap conversions. > > > > But if folks feel strongly enough about removing that flag I can certainly try > > to do so. > > > > Ira > > > > > Cheers, > > > Jens > > > > > > > > > > > Linus