From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id E66C5C3DA64 for ; Wed, 31 Jul 2024 03:15:23 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 7746E6B0085; Tue, 30 Jul 2024 23:15:23 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 7244A6B0088; Tue, 30 Jul 2024 23:15:23 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 5EBC26B0089; Tue, 30 Jul 2024 23:15:23 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 3B96E6B0085 for ; Tue, 30 Jul 2024 23:15:23 -0400 (EDT) Received: from smtpin20.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id EAAE71A0150 for ; Wed, 31 Jul 2024 03:15:22 +0000 (UTC) X-FDA: 82398582084.20.8A3B279 Received: from mail-vs1-f46.google.com (mail-vs1-f46.google.com [209.85.217.46]) by imf15.hostedemail.com (Postfix) with ESMTP id 38A39A0003 for ; Wed, 31 Jul 2024 03:15:21 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=BWP1VvxQ; spf=pass (imf15.hostedemail.com: domain of 21cnbao@gmail.com designates 209.85.217.46 as permitted sender) smtp.mailfrom=21cnbao@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1722395647; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=ggbJOz4fatqxCDnDaH2v6qBI6yak8UftyOVEx66FRBM=; b=N4SijaLz1XSukw1S0MxEl4MtOu9NfJUsObyGGdbsA3IFl+wlxBsxwv3vfiZa9UKe3hcH12 ZJDTj1j2LEfYD8SqIzynjEsKyADbqu3K4JSwdJbn5FGlRWh/hXnI2r0phOX5vIBqcKs63G OVWK+Ds2xyMif3ZSOi6KMf8i+RLLDO0= ARC-Authentication-Results: i=1; imf15.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=BWP1VvxQ; spf=pass (imf15.hostedemail.com: domain of 21cnbao@gmail.com designates 209.85.217.46 as permitted sender) smtp.mailfrom=21cnbao@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1722395647; a=rsa-sha256; cv=none; b=ABb43FkIPDYN1CgWpJPQ66zd8AN1Ll04Grs/Mt+ROr+07fJDXRNcnSohyfMQhshqpOlkib nndg4hljIMWfwO6Md5ev+QHVSwFtCrCcNoexwN5q04GI5V90mKukfZOFLT88+czHYlRX1k Bh4yn8Fp7uRfwLppof00t1ihl9p3XTg= Received: by mail-vs1-f46.google.com with SMTP id ada2fe7eead31-49297fca3c2so1303013137.1 for ; Tue, 30 Jul 2024 20:15:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722395720; x=1723000520; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=ggbJOz4fatqxCDnDaH2v6qBI6yak8UftyOVEx66FRBM=; b=BWP1VvxQlllPco97ZyBIYWF58AJaItI8YAUuIMxh7tDi02GgOlgW67XoaqqVeS0Ooo 2+sjv8eX90I9xxV4C6b/7+QG3rqMdBoxRpUFpmRwR3Zw1Lbx7gNkc61z3U2EdZmvGNko v3YfkkFjbhzYPS+X9fDoDj3aKzV5t1WxY3n4/IhMgoXfSIpbyITF0cmlVF56sYXOq0hv e0MsJN2+dcsrkdhP5ik9XzOihE2GtFGxBrk9pTgdc07VK96xgiKl0pgx308n8RBUqeLh Ns8x26Dd/2YSt0PA65dHtJ/LdT5ph6t4P+HGlgtfN2pX543VmUvRB3OsRrUqsZiQJRIH ea3A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722395720; x=1723000520; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ggbJOz4fatqxCDnDaH2v6qBI6yak8UftyOVEx66FRBM=; b=gXeGrjOzsHar0IiKPXa8FtRimkt5g9L6SpAB51Zi3I7vmmWlRACL7fqHCHmtQED32k oj5Pp/LiE1zZt7UB2I5PA+xthIVz/MSif/5h/X/8pPSBubuhZVrjENbjUM/s1qRBuaUg joCqToUTehyhDTXf1nOorhcYHzJ+bxJk6tj1uMJH1pVfHmqW6cfKRVYXOfjd5EBkya97 RDo7jVdSD+lFH2UOFp6a18hj+YsCeJNFIZLTdfXCdcd0v54Fc1f65ZI4Dl89lNu/tkXH OLypmMksBh8bPKn1NlcdSjxSEhsC8HbHJQusqQGIlH97r6jk0I8+S5oj33CQhoz1eEEX h+zg== X-Forwarded-Encrypted: i=1; AJvYcCX3B0G0XLef4hAoTPH8KDDUW3owR0VDUAEjH1v47R/3zav6faYNyZUewy918suHuYpo0lZ3Uvy2G12xs4sDrN7Je3M= X-Gm-Message-State: AOJu0YzGnjJ9WSUgogidiw3hxEtMlDrcTywnBbDEn9FJeVBVrmXUw0I4 L7xpJQi0ztx05eoPbu4xAZ+xSxmtnMiXpKqd/BA7gyOlFulxN4knBsCLLWdbIsSQVGSizPHqCzo HDq13Hm2+C7NkutcAy2ZrUFHJI74= X-Google-Smtp-Source: AGHT+IFR0pUOPqmpICJoMa62JMkVa0b9TxNVpTC5kz22S3LAfVarPFVe6nXW3RQIFbx2oUayXsgys0jA2FwfTzmg6ug= X-Received: by 2002:a05:6102:3f0e:b0:493:e585:6ce3 with SMTP id ada2fe7eead31-493fadd965emr14448595137.31.1722395720249; Tue, 30 Jul 2024 20:15:20 -0700 (PDT) MIME-Version: 1.0 References: <20240731000155.109583-1-21cnbao@gmail.com> <20240731000155.109583-2-21cnbao@gmail.com> In-Reply-To: From: Barry Song <21cnbao@gmail.com> Date: Wed, 31 Jul 2024 11:15:07 +0800 Message-ID: Subject: Re: [PATCH RFT v2 1/4] vpda: try to fix the potential crash due to misusing __GFP_NOFAIL To: Jason Wang Cc: akpm@linux-foundation.org, linux-mm@kvack.org, 42.hyeyoo@gmail.com, cl@linux.com, hailong.liu@oppo.com, hch@infradead.org, iamjoonsoo.kim@lge.com, lstoakes@gmail.com, mhocko@suse.com, penberg@kernel.org, rientjes@google.com, roman.gushchin@linux.dev, torvalds@linux-foundation.org, urezki@gmail.com, v-songbaohua@oppo.com, vbabka@suse.cz, virtualization@lists.linux.dev, "Michael S. Tsirkin" , Xuan Zhuo , =?UTF-8?Q?Eugenio_P=C3=A9rez?= , Maxime Coquelin Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Server: rspam06 X-Rspamd-Queue-Id: 38A39A0003 X-Stat-Signature: f4kt4mkmp4idr998barbcqufgsb577od X-Rspam-User: X-HE-Tag: 1722395721-327192 X-HE-Meta: U2FsdGVkX1/ST0uDls0Y7KFv4Hc6m3CwLBzurT0V5qEcSVYqoPjQT2JIXQD3GPfVpPkfneJZmnlzsZ7qeHktV0cRUlpXTGa6If8HcHEjQ/677EWRlISYgKsbtg9Xiaw8sK6nvrnSCwAsnpm7Sb9p09bDz7+NjfGFfGkWcKx49tGpuWGXCSn0i7PbDw2vaFWtF9/nGlyxFke6RqMe22rJ+x8LX3O2iqSrkHfAKQHtX1UhLVFnpl3QKczHGmPF6/qe/hOtTDBdHU3cNY7vND/KKT0xruM/k+cCxrqA7jXV36jjuuTxHAc46V2FNOIkoRDDD5Qtz+sYGckSM3qyGInXRmNgtN2/JxYqwPcCjyVXJdxEZ44albYUCGrD3HdrL1rSkPCEDcqaNxENHvg6uUp/X7JkBGbAi2MqkylNrNyJUvxOW27m4HBi6dKedk56l+1RhemNjnpNXmTdqHwa1gyiBO3MBDJ+hhaUQFtCiQu18pWTZPtVbFr7STuZwY7tzBTNP0IMyxqQFHpb2U7XWrPHsujhIcP7VXqiLX+oUYx5SpcVUV08blODFmybm2sFzDJFSR+hYtvoaSOWXoCDEIeBsGlv1wTXCLRKtDAz98InTUlqJ0sHR8dufhp/mpQVN7dsPMEb7z8tA1Ep2+lfWUbHtrEAQy7br/YM7Sj4l1dcvwy+R+y0fbkek+8+n+gERBMJNPj9bbDzRmljyUK6bYuakUis5ezta44+greC104gfcOYQzFDoCDfSbaX+pWaS+5XyhaY6cYRN19GBG9iPCd29B8K6FQdi2u0JScs9v8yu5k/hCeOMN4SaxxB4Z2NCISo8YGcnOsD7tJFoBiQT1FcmdDEkxoRWkinSxjTXDSCTkfEs8jfc/APVW5tgNT8AALgTUvLOF6P5SR0tZd3z32vPmzpYpqyMW6H5KNuFiT3O1TYyQ/gUWjATbc7aihHZtb8utuQQkT9JAKGiQurOl8 jXOKWqz8 y8HCX9ZiWkQC/slNJx9V5JmDUDdkxzn/4aR4DJg400rtKkY7L1RlBl7dt60H7pbOxxwtP4qiTcMCUU0Tw3/16vq+dYQm02OfaHLjl+SsmWclqere7b7R70yhgNZRuZQitACSVtKoMed+PXOqt8oahZiS0KewCpds9tzpYJsvASolrU5bjCItDdDU1YBGRoAuBoDxV3CkKNUxmP+r81+eeeyrhfeVTRX0JfpdBTaJ0p9guqF9v1wbjfUM47XOhUFgVgPeVydtsysC50EsPc0WaM4RgZZWPZIVFs4o7IXxSpytHQvcqcNwUcFPlRQ22tdOBnLUk/VdAe0i5cy9aVM7tUIJ8t6uEUv/eCaFdchOs2LXtN6yJXeQ4AzcsSNZ5vJAKBTk2iS0B6vNSnIo3BhPywtY3iPKPpejSHj9pQKbGE8yTaivjZcE2UePDP1pI1z0WpjP9u97j85WMDKVnHupYc+P1iAMOFQ9MuTy9feLEJax+dC4dAqBL/YKE2juImW0Sij3A5uns7P+rqfDk5W0Vz3aaIipO2Ei4ca7qOcoAdaXqY5P27VOHf/NKSVqHpCZRRX2i X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Wed, Jul 31, 2024 at 11:10=E2=80=AFAM Jason Wang w= rote: > > On Wed, Jul 31, 2024 at 8:03=E2=80=AFAM Barry Song <21cnbao@gmail.com> wr= ote: > > > > From: Barry Song > > > > mm doesn't support non-blockable __GFP_NOFAIL allocation. Because > > __GFP_NOFAIL without direct reclamation may just result in a busy > > loop within non-sleepable contexts. > > > > static inline struct page * > > __alloc_pages_slowpath(gfp_t gfp_mask, unsigned int order, > > struct alloc_context *a= c) > > { > > ... > > /* > > * Make sure that __GFP_NOFAIL request doesn't leak out and mak= e sure > > * we always retry > > */ > > if (gfp_mask & __GFP_NOFAIL) { > > /* > > * All existing users of the __GFP_NOFAIL are blockable= , so warn > > * of any new users that actually require GFP_NOWAIT > > */ > > if (WARN_ON_ONCE_GFP(!can_direct_reclaim, gfp_mask)) > > goto fail; > > ... > > } > > ... > > fail: > > warn_alloc(gfp_mask, ac->nodemask, > > "page allocation failure: order:%u", order); > > got_pg: > > return page; > > } > > > > Let's move the memory allocation out of the atomic context and use > > the normal sleepable context to get pages. > > > > [RFT]: This has only been compile-tested; I'd prefer if the VDPA mainta= iners > > handles it. > > > > Cc: "Michael S. Tsirkin" > > Cc: Jason Wang > > Cc: Xuan Zhuo > > Cc: "Eugenio P=C3=A9rez" > > Cc: Maxime Coquelin > > Signed-off-by: Barry Song > > --- > > drivers/vdpa/vdpa_user/iova_domain.c | 31 +++++++++++++++++++++++----- > > drivers/vdpa/vdpa_user/iova_domain.h | 5 ++++- > > drivers/vdpa/vdpa_user/vduse_dev.c | 4 +++- > > 3 files changed, 33 insertions(+), 7 deletions(-) > > > > diff --git a/drivers/vdpa/vdpa_user/iova_domain.c b/drivers/vdpa/vdpa_u= ser/iova_domain.c > > index 791d38d6284c..9318f059a8b5 100644 > > --- a/drivers/vdpa/vdpa_user/iova_domain.c > > +++ b/drivers/vdpa/vdpa_user/iova_domain.c > > @@ -283,7 +283,23 @@ int vduse_domain_add_user_bounce_pages(struct vdus= e_iova_domain *domain, > > return ret; > > } > > > > -void vduse_domain_remove_user_bounce_pages(struct vduse_iova_domain *d= omain) > > +struct page **vduse_domain_alloc_pages_to_remove_bounce(struct vduse_i= ova_domain *domain) > > +{ > > + struct page **pages; > > + unsigned long count, i; > > + > > + if (!domain->user_bounce_pages) > > + return NULL; > > + > > + count =3D domain->bounce_size >> PAGE_SHIFT; > > + pages =3D kmalloc_array(count, sizeof(*pages), GFP_KERNEL | __G= FP_NOFAIL); > > + for (i =3D 0; i < count; i++) > > + pages[i] =3D alloc_page(GFP_KERNEL | __GFP_NOFAIL); > > + > > + return pages; > > +} > > + > > +void vduse_domain_remove_user_bounce_pages(struct vduse_iova_domain *d= omain, struct page **pages) > > { > > struct vduse_bounce_map *map; > > unsigned long i, count; > > @@ -294,15 +310,16 @@ void vduse_domain_remove_user_bounce_pages(struct= vduse_iova_domain *domain) > > > > count =3D domain->bounce_size >> PAGE_SHIFT; > > for (i =3D 0; i < count; i++) { > > - struct page *page =3D NULL; > > + struct page *page =3D pages[i]; > > > > map =3D &domain->bounce_maps[i]; > > - if (WARN_ON(!map->bounce_page)) > > + if (WARN_ON(!map->bounce_page)) { > > + put_page(page); > > continue; > > + } > > > > /* Copy user page to kernel page if it's in use */ > > if (map->orig_phys !=3D INVALID_PHYS_ADDR) { > > - page =3D alloc_page(GFP_ATOMIC | __GFP_NOFAIL); > > memcpy_from_page(page_address(page), > > map->bounce_page, 0, PAGE_SIZE= ); > > } > > @@ -310,6 +327,7 @@ void vduse_domain_remove_user_bounce_pages(struct v= duse_iova_domain *domain) > > map->bounce_page =3D page; > > } > > domain->user_bounce_pages =3D false; > > + kfree(pages); > > out: > > write_unlock(&domain->bounce_lock); > > } > > @@ -543,10 +561,13 @@ static int vduse_domain_mmap(struct file *file, s= truct vm_area_struct *vma) > > static int vduse_domain_release(struct inode *inode, struct file *file= ) > > { > > struct vduse_iova_domain *domain =3D file->private_data; > > + struct page **pages; > > + > > + pages =3D vduse_domain_alloc_pages_to_remove_bounce(domain); > > > > spin_lock(&domain->iotlb_lock); > > vduse_iotlb_del_range(domain, 0, ULLONG_MAX); > > - vduse_domain_remove_user_bounce_pages(domain); > > + vduse_domain_remove_user_bounce_pages(domain, pages); > > vduse_domain_free_kernel_bounce_pages(domain); > > spin_unlock(&domain->iotlb_lock); > > put_iova_domain(&domain->stream_iovad); > > diff --git a/drivers/vdpa/vdpa_user/iova_domain.h b/drivers/vdpa/vdpa_u= ser/iova_domain.h > > index f92f22a7267d..17efa5555b3f 100644 > > --- a/drivers/vdpa/vdpa_user/iova_domain.h > > +++ b/drivers/vdpa/vdpa_user/iova_domain.h > > @@ -74,7 +74,10 @@ void vduse_domain_reset_bounce_map(struct vduse_iova= _domain *domain); > > int vduse_domain_add_user_bounce_pages(struct vduse_iova_domain *domai= n, > > struct page **pages, int count); > > > > -void vduse_domain_remove_user_bounce_pages(struct vduse_iova_domain *d= omain); > > +void vduse_domain_remove_user_bounce_pages(struct vduse_iova_domain *d= omain, > > + struct page **pages); > > + > > +struct page **vduse_domain_alloc_pages_to_remove_bounce(struct vduse_i= ova_domain *domain); > > > > void vduse_domain_destroy(struct vduse_iova_domain *domain); > > > > diff --git a/drivers/vdpa/vdpa_user/vduse_dev.c b/drivers/vdpa/vdpa_use= r/vduse_dev.c > > index 7ae99691efdf..5d8d5810df57 100644 > > --- a/drivers/vdpa/vdpa_user/vduse_dev.c > > +++ b/drivers/vdpa/vdpa_user/vduse_dev.c > > @@ -1030,6 +1030,7 @@ static int vduse_dev_queue_irq_work(struct vduse_= dev *dev, > > static int vduse_dev_dereg_umem(struct vduse_dev *dev, > > u64 iova, u64 size) > > { > > + struct page **pages; > > int ret; > > > > mutex_lock(&dev->mem_lock); > > @@ -1044,7 +1045,8 @@ static int vduse_dev_dereg_umem(struct vduse_dev = *dev, > > if (dev->umem->iova !=3D iova || size !=3D dev->domain->bounce_= size) > > goto unlock; > > > > - vduse_domain_remove_user_bounce_pages(dev->domain); > > + pages =3D vduse_domain_alloc_pages_to_remove_bounce(dev->domain= ); > > + vduse_domain_remove_user_bounce_pages(dev->domain, pages); > > unpin_user_pages_dirty_lock(dev->umem->pages, > > dev->umem->npages, true); > > atomic64_sub(dev->umem->npages, &dev->umem->mm->pinned_vm); > > We miss a kfree(pages); here? no. i've moved it into vduse_domain_remove_user_bounce_pages. > > Thanks > > > -- > > 2.34.1 > > >