From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id BBAFDC4321E
	for <linux-mm@archiver.kernel.org>; Mon, 28 Nov 2022 19:57:32 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 33ED86B0072; Mon, 28 Nov 2022 14:57:32 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 2C85E6B0073; Mon, 28 Nov 2022 14:57:32 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 191516B0075; Mon, 28 Nov 2022 14:57:32 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12])
	by kanga.kvack.org (Postfix) with ESMTP id 024086B0072
	for <linux-mm@kvack.org>; Mon, 28 Nov 2022 14:57:32 -0500 (EST)
Received: from smtpin14.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay09.hostedemail.com (Postfix) with ESMTP id B76F88056C
	for <linux-mm@kvack.org>; Mon, 28 Nov 2022 19:57:31 +0000 (UTC)
X-FDA: 80183910702.14.7A2FF2C
Received: from mail-io1-f54.google.com (mail-io1-f54.google.com [209.85.166.54])
	by imf13.hostedemail.com (Postfix) with ESMTP id 6489E20003
	for <linux-mm@kvack.org>; Mon, 28 Nov 2022 19:57:31 +0000 (UTC)
Received: by mail-io1-f54.google.com with SMTP id h206so8457537iof.10
        for <linux-mm@kvack.org>; Mon, 28 Nov 2022 11:57:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20210112;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:from:to:cc:subject:date:message-id:reply-to;
        bh=CnEA0T2qkTiQEs01sfihIXT1UyG0xIqrCPo5fAQoIbw=;
        b=me3KUbF51HGTLR1arblyz8L3dc/A91yVC3vRVU1WCj6Y6Aa3Sfn1yNZFZ1kwzV4092
         F+d1RVIPlwGEZ44KFLIu422hyZ0Edh8zep1H30licwwOPonTZ7omiunGYUrGOD5ShnxX
         NjUbjal94soLHwqFSLlFNnRv+7R/A7EFUF132I8WB5ooMmuJZdPRb6ty9iu9KcSwkIAJ
         TLrTabdccrWvpxbFmqhoCWjZCQ8SCRC7EWoO8PINWMrIqHASgeIPEOZn9zxRpbUzASzt
         vQg2d0VccsIV5L6wkwoqMxi0/A8XHk8MnjUjYVdvooaHR+6Q5mxEiWWBc1N8sCbWY6I3
         i69g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=cc:to:subject:message-id:date:from:in-reply-to:references
         :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
         :reply-to;
        bh=CnEA0T2qkTiQEs01sfihIXT1UyG0xIqrCPo5fAQoIbw=;
        b=AOhDMGbVKPPXEZto4gkJ9XdPE9YOv7Rs60wYVetXoP3ipDbvJMoSKAihVgzpcXJW5i
         ZQ2BdjO1iGSmt/eHvOE5AlmQGszziTLrpS05VQ1Pz3hJWO8MLFkO0zA4MTzDujW8bfVR
         W9cyTaRNmYra4tvp+zBVq3Y5m8ukhLoB0npEKGf0Egbo2ytgJ8mO62Bvan1TlSLshMYU
         Ia89VESAtxQh+xHJHNtpT+qpfXYEdOJCEAqp3yz0288l824TWeKFXE3DfeeBJhHRVZfZ
         l9aRHLRFx3QMk+eakYQibydWXYmmW+/qt8VBgrcuZO6d04sJ736PJtZiESnhp0l4eytZ
         LCHw==
X-Gm-Message-State: ANoB5pki2cNPDD/q/5h4H3Jyb6L0sALfMpa/djEA3CvA2VLHpNgT2awG
	3NqhtzwDWLZHp2rqB7BPYCTT2Wt96V4F6lN0Ny6Qdg==
X-Google-Smtp-Source: AA0mqf7+QHxHZ5sbPo/ZTB0shmWRx331k9d/UeBMAAsLSWnfawD7LQI0hbXS+foBaVAFeJ6iP5alri66QnHpVJ5vE0Q=
X-Received: by 2002:a02:2123:0:b0:376:91d:b104 with SMTP id
 e35-20020a022123000000b00376091db104mr17049939jaa.58.1669665450587; Mon, 28
 Nov 2022 11:57:30 -0800 (PST)
MIME-Version: 1.0
References: <20221128180252.1684965-1-jannh@google.com> <20221128180252.1684965-2-jannh@google.com>
 <CAHbLzkp7+ZrXkoYcVtqrd2mQN3FZ4Y6tyeZCd31Oubz=+esaJQ@mail.gmail.com>
In-Reply-To: <CAHbLzkp7+ZrXkoYcVtqrd2mQN3FZ4Y6tyeZCd31Oubz=+esaJQ@mail.gmail.com>
From: Jann Horn <jannh@google.com>
Date: Mon, 28 Nov 2022 20:56:54 +0100
Message-ID: <CAG48ez0iS2BZd9BAXZLBA3D0fzNePSLWoXqAbYWsTig4nN5FrQ@mail.gmail.com>
Subject: Re: [PATCH v4 2/3] mm/khugepaged: Fix GUP-fast interaction by sending IPI
To: Yang Shi <shy828301@gmail.com>
Cc: security@kernel.org, Andrew Morton <akpm@linux-foundation.org>, 
	David Hildenbrand <david@redhat.com>, Peter Xu <peterx@redhat.com>, John Hubbard <jhubbard@nvidia.com>, 
	linux-kernel@vger.kernel.org, linux-mm@kvack.org
Content-Type: text/plain; charset="UTF-8"
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1669665451; a=rsa-sha256;
	cv=none;
	b=E7gcB1PRKGbgwwnEyup0Nq26d992ed/c1w8rJE7PJde2a3mv2ET0+zOMmR4mAF4KHbuOeX
	4SSwEhBwLTxYuoC5iY+TpWmA6OhUiD2LF6L712DqIfDU01G+aUjFRCl9FphOhqYAzAyDCG
	4tQsLbMVZG67D24kUPlWyiiHSFgbUcU=
ARC-Authentication-Results: i=1;
	imf13.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=me3KUbF5;
	dmarc=pass (policy=reject) header.from=google.com;
	spf=pass (imf13.hostedemail.com: domain of jannh@google.com designates 209.85.166.54 as permitted sender) smtp.mailfrom=jannh@google.com
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1669665451;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=CnEA0T2qkTiQEs01sfihIXT1UyG0xIqrCPo5fAQoIbw=;
	b=oAX2sfO+8YExAndYDbTePKjyUE2Q3lhnCMLnJQC8UehQbuwNlAFXyTkojQhkdV9AADUJcN
	wn2D0GjgXtd1hq5xDG7CsyMIfv+aBGdBX2RFoV23EXSwuUIIyKfyV7QTTXhU/gMNa1Ws52
	/sxnyW63Tm3gEElMUDFZR/pjeSfEryk=
X-Stat-Signature: 5n44iqknpopt3be1mx9jd9tx5tfcxdio
X-Rspamd-Server: rspam10
X-Rspamd-Queue-Id: 6489E20003
Authentication-Results: imf13.hostedemail.com;
	dkim=pass header.d=google.com header.s=20210112 header.b=me3KUbF5;
	dmarc=pass (policy=reject) header.from=google.com;
	spf=pass (imf13.hostedemail.com: domain of jannh@google.com designates 209.85.166.54 as permitted sender) smtp.mailfrom=jannh@google.com
X-Rspam-User: 
X-HE-Tag: 1669665451-480338
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Mon, Nov 28, 2022 at 8:54 PM Yang Shi <shy828301@gmail.com> wrote:
>
> On Mon, Nov 28, 2022 at 10:03 AM Jann Horn <jannh@google.com> wrote:
> >
> > Since commit 70cbc3cc78a99 ("mm: gup: fix the fast GUP race against THP
> > collapse"), the lockless_pages_from_mm() fastpath rechecks the pmd_t to
> > ensure that the page table was not removed by khugepaged in between.
> >
> > However, lockless_pages_from_mm() still requires that the page table is not
> > concurrently freed or reused to store non-PTE data. Otherwise, problems
> > can occur because:
> >
> >  - deposited page tables can be freed when a THP page somewhere in the
> >    mm is removed
> >  - some architectures store non-PTE information inside deposited page
> >    tables (see radix__pgtable_trans_huge_deposit())
> >
> > Additionally, lockless_pages_from_mm() is also somewhat brittle with
> > regards to page tables being repeatedly moved back and forth, but
> > that shouldn't be an issue in practice.
> >
> > Fix it by sending IPIs (if the architecture uses
> > semi-RCU-style page table freeing) before freeing/reusing page tables.
> >
> > As noted in mm/gup.c, on configs that define CONFIG_HAVE_FAST_GUP,
> > there are two possible cases:
> >
> >  1. CONFIG_MMU_GATHER_RCU_TABLE_FREE is set, causing
> >     tlb_remove_table_sync_one() to send an IPI to synchronize with
> >     lockless_pages_from_mm().
> >  2. CONFIG_MMU_GATHER_RCU_TABLE_FREE is unset, indicating that all
> >     TLB flushes are already guaranteed to send IPIs.
> >     tlb_remove_table_sync_one() will do nothing, but we've already
> >     run pmdp_collapse_flush(), which did a TLB flush, which must have
> >     involved IPIs.
>
> I'm trying to catch up with the discussion after the holiday break. I
> understand you switched from always allocating a new page table page
> (we decided before) to sending IPIs to serialize against fast-GUP,
> this is fine to me.
>
> So the code now looks like:
>     pmdp_collapse_flush()
>     sending IPI
>
> But the missing part is how we reached "TLB flushes are already
> guaranteed to send IPIs" when CONFIG_MMU_GATHER_RCU_TABLE_FREE is
> unset? ARM64 doesn't do it IIRC. Or did I miss something?

>From arch/arm64/Kconfig:

select MMU_GATHER_RCU_TABLE_FREE

CONFIG_MMU_GATHER_RCU_TABLE_FREE is not a config option that the user
can freely toggle; it is an option selected by the architecture.