From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 69008C3DA63 for ; Wed, 24 Jul 2024 22:51:00 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E9E536B0083; Wed, 24 Jul 2024 18:50:59 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id E4E8D6B0089; Wed, 24 Jul 2024 18:50:59 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id CEF126B008C; Wed, 24 Jul 2024 18:50:59 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0015.hostedemail.com [216.40.44.15]) by kanga.kvack.org (Postfix) with ESMTP id B0DFC6B0083 for ; Wed, 24 Jul 2024 18:50:59 -0400 (EDT) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 2F9B440C30 for ; Wed, 24 Jul 2024 22:50:59 +0000 (UTC) X-FDA: 82376143038.13.0FBF89C Received: from mail-vk1-f178.google.com (mail-vk1-f178.google.com [209.85.221.178]) by imf23.hostedemail.com (Postfix) with ESMTP id 63E7B140012 for ; Wed, 24 Jul 2024 22:50:57 +0000 (UTC) Authentication-Results: imf23.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=XKP7S1Fv; spf=pass (imf23.hostedemail.com: domain of 21cnbao@gmail.com designates 209.85.221.178 as permitted sender) smtp.mailfrom=21cnbao@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1721861408; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=dMTaZgYWcI6v49RBUgHrP21YAl60U14zeDcRc4tLOQQ=; b=sL3AJH+002EVYRz7EjlD5d7TIDfmyu8szVnEGXABxBHU68jp03bg4U0Pb3DPyAwbcbu8cM BbgIV6NEi8CMsjAFW3JjYmMUY2EqE8PnvW0LPwl/rh6Nc6VNdid8e2rtLEzi9HzUSU1TUI mLztziyRLkeBjVxe6GQeID4AU/eRer4= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1721861408; a=rsa-sha256; cv=none; b=gT5B2kedCzuDMHZC/78WIe34BZgeMh/kmLWk4SHIAP6nIqnYlQHFbz1e+mzfYwJB2fuCHb ENeK1q99sJcmYXwnQyOGYbDtGiJz1xoniv0Rsr0/x8vRXt5m00WG5e7citAImWZiPF6TcT ZCp8GbMwbeeVPU1zvukrhLRq9j5kr10= ARC-Authentication-Results: i=1; imf23.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=XKP7S1Fv; spf=pass (imf23.hostedemail.com: domain of 21cnbao@gmail.com designates 209.85.221.178 as permitted sender) smtp.mailfrom=21cnbao@gmail.com; dmarc=pass (policy=none) header.from=gmail.com Received: by mail-vk1-f178.google.com with SMTP id 71dfb90a1353d-4ef765e6dcaso121665e0c.1 for ; Wed, 24 Jul 2024 15:50:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1721861456; x=1722466256; darn=kvack.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=dMTaZgYWcI6v49RBUgHrP21YAl60U14zeDcRc4tLOQQ=; b=XKP7S1Fvqr5AjPNsiDvLcDWt6bmp6A6y98sNZGSzlG6FioxVlXhVlQN09zxtNA9nxM Gj7O+hlhdW70IbwY89rk/06NYO0rd8KsC9aXQi0W57znfVy3LXie7pcUIS5RmQzvPo6a VfXi/lGWcSFiBzDy3LP3gt0svgtvsGttWStnTSqQb+ZnvTkXcvOf3uZckaUTYu1IQE/y kLmo+lsVjYRUUL0kIaM4Kg3PartEgkbRQFQea8sAavXka64IkJH5/uUBEKPAGXAA1fwt 8xIgXK2jSEGwZNbJvQL6oVLjp0IA8NWCb/N/XWjVfWh/+SKE/PTETNYjsx49G4cwwH4m xbrQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721861456; x=1722466256; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=dMTaZgYWcI6v49RBUgHrP21YAl60U14zeDcRc4tLOQQ=; b=h47OwmyTO5omvP9s+Int+htLASrKQuo4inmLoByAGyNp/xmCtlh1LrMRVxXVSmsxKx gAx2F130JV77htlkzWU6hikcd+FTMzHTVyYyGI0DQxO6drvKyzCRb4szZe/6hxqh7cWa nQqCzfJB0X2wWJbIJa1Z1so2nGSukSwU8dkMuNv1jrDQ9OcrI6nwQPtjF+A6C+Yq6Rsj Hc9OoetmrH+z7BP3EYNgYVqpZ7e/fKsTxSU/82zXrYN3N5D7QGcoEBHoKBSOHmMRrKnu e0ctUPXcaZHFVgEgzDwXOkc6+seX9eiXWixRo8d9pxYXdWcBWzdQLr4q//zryfGaR+zc C0eg== X-Forwarded-Encrypted: i=1; AJvYcCUAu4BjZP8qJTlE1sHng3kDI1j/CXSV6VvLaupQfi1bMMLr9hNvPrjCF8mRUMHawJjJiOMhJ6z9woQqaetAZrGCZHs= X-Gm-Message-State: AOJu0YzBefuEGjglWoSdtglIvJVoqPl9FdZgpr9hYI86GsnsBdofvCXJ CB+T+Jp8hsEz6aClvYO5OznyKbIkfJcucS0BqQQApsMD5U68DJyh6DMvvWDYsMsn8m47SpUvM28 O04vaYZE7fi+KmCCL3ydQFSDmu3Y= X-Google-Smtp-Source: AGHT+IF11ECfDkrAOL26MJyjmT79+xLGDG/Ytj6Ei/EiKdAKawern86JaaIrL1JMNC/BLjFptc9iLr+X8AxXI9txLgo= X-Received: by 2002:a05:6102:801a:b0:48f:48c0:4335 with SMTP id ada2fe7eead31-493d642b0a5mr1596957137.18.1721861456179; Wed, 24 Jul 2024 15:50:56 -0700 (PDT) MIME-Version: 1.0 References: <20240724085544.299090-1-21cnbao@gmail.com> <20240724085544.299090-2-21cnbao@gmail.com> In-Reply-To: From: Barry Song <21cnbao@gmail.com> Date: Thu, 25 Jul 2024 10:50:45 +1200 Message-ID: Subject: Re: [PATCH RFC 1/5] vpda: try to fix the potential crash due to misusing __GFP_NOFAIL To: Michal Hocko Cc: akpm@linux-foundation.org, linux-mm@kvack.org, 42.hyeyoo@gmail.com, cl@linux.com, hch@infradead.org, iamjoonsoo.kim@lge.com, lstoakes@gmail.com, penberg@kernel.org, rientjes@google.com, roman.gushchin@linux.dev, urezki@gmail.com, v-songbaohua@oppo.com, vbabka@suse.cz, virtualization@lists.linux.dev, hailong.liu@oppo.com, torvalds@linux-foundation.org, "Michael S. Tsirkin" , Jason Wang , Xuan Zhuo , =?UTF-8?Q?Eugenio_P=C3=A9rez?= , Maxime Coquelin Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Stat-Signature: ixko1p8mp5bhknftazh7n7hxw4gxhy5y X-Rspamd-Queue-Id: 63E7B140012 X-Rspam-User: X-Rspamd-Server: rspam08 X-HE-Tag: 1721861457-274849 X-HE-Meta: U2FsdGVkX19rwa71s0pk79L3mGCHzSQYJaXcH9ovZYtKENS0hvzVx0ontbwpEH2DiC4PJVb99Uc2xjanzz/Rq2znkIvHbjb+esDdjHIUnNM38Y/Wjf6gclMUKuNlGMp+hIbd22TG6LTluSAuQzV0KXwb5bIS1omn+Vqz3uRmmgn6KjhM4OyPtsTwp/XZNf/2Xg7I2RfF14U0oFCw5jofjlArm9syYMPsUE+PJ4UR7xGE4Km1ip6ZfcVFWDIwjfczwInEKG1Fjst577UyaWkb+n2xXomP43B50NW8p9O621gwZ4ARc0U4Xeuuq33/K7Obj9CcB0Sp8DaLDXLLaWX2JjhijGuYC6Q+WAcgrOnH0/V6U9V5XcsZgOmRXiyqxzA/Zfm9/rOGrgP4piy2wacVA2GpuDBbO0WxGS67z1lYTCdiAKbXWjNz/+1L8KUsEeeYAfXOVUETMomy5NxRuShUUe7saIKnx0v6Wsc9eNrRyo5Bwf64z9mBRa1WDh3seD/u0QcIRjjTWyDOlDzEeap3MMYTz1NKwxBLS0c79lQt55b8/KFnLqmerVpBBTN1xAl2hd9QkCWuyZgPpJnt5K6MlAv3OFJu6J90ntxcTZ19znErwtehjF87ByO0k5yvBU0hnAqj0tK2U3TgmPsdmR67UbUOMO54kMoZoBST5hiR1TYcV8gMETORk9RVOtscMvumEx2FVnRa++37ME8fvSvp7IN9o1pBRBnIT59eVHvmjCyaDsam3X1g8HsZ1s8hKQ4TIMtMLlC2C2Ha7z5M81kqsj+amUJs+8lIGsf4OZG6kdSMELQlKgCiSfCxqC21vo1sGGcjceGHr1hasRHATKyLNQIKR4bckWUetuAdR2dxuEpsXfOIuckyDNfg5gzAhyPSYmxuozduh59b+qxqkWI+IzrWH3vvPbLF99eBEiJLuK6Of1Wb8Lhsz+hUopvmCQ1LAcACEvsC6vsS5YqkWZM jaML1TQq feHZnmY+CLql7mFU6tHf80D9MVeK+BCp6dv7SHhd1in09NFnGa1tNXmdk5DZnc9edwXyMMLAc+ozuCwzJWN7y8SpGZdCCpreG7AJ1pDtXDrREZqZFTgSRxGW7NqfYgPXaDAJtQXQTmbbeywbjCtaiKg6oYI8CBc6D5gqvGNpwkoCu0Jg5qFKBs+/0/hPkBew8fAZiLbQGW12wRYaUcTUi5e63DHt6e4JmK0Et4VO7lrRwoPbccgkvVUU5AZcvS74nGvdGM4aRki9OUeyT5hS4KtTBK5rXHH39w5eV36SsxqXWYUD8DknVBL/n0LG6t7CqQTRiwt8qx3vPiYan1MhigU0vrujzlPyUFzwwZJ/4HD+sNwiBJAE1MEWb5HPa5jg6LJZACha1AIid1tAe9yxDQrqLwOkGBJ39GE+1nTzYiC4tS7Tt2V5uBVAvF0DCQaZ1Dq22BiC9CqPKpfgWcHAOZmLhcdOKF+U04hBSBABkPL2mTPnWuGMbNNC08Z8v7oor4IZ/Tlc2iZWs1TDXEpP35a8SFHXzKhanGMDF0BjWLC/SLH58TD0puu1AAzi3+2n6CJXkPTTnSEzga/LlbgE0Ug8qAGnG0NTL+E4bH9q+KOa3kKs= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Thu, Jul 25, 2024 at 12:27=E2=80=AFAM Michal Hocko wro= te: > > On Wed 24-07-24 20:55:40, Barry Song wrote: > > From: Barry Song > > > > mm doesn't support non-blockable __GFP_NOFAIL allocation. Because > > __GFP_NOFAIL without direct reclamation may just result in a busy > > loop within non-sleepable contexts. > > > > static inline struct page * > > __alloc_pages_slowpath(gfp_t gfp_mask, unsigned int order, > > struct alloc_context *a= c) > > { > > ... > > /* > > * Make sure that __GFP_NOFAIL request doesn't leak out and mak= e sure > > * we always retry > > */ > > if (gfp_mask & __GFP_NOFAIL) { > > /* > > * All existing users of the __GFP_NOFAIL are blockable= , so warn > > * of any new users that actually require GFP_NOWAIT > > */ > > if (WARN_ON_ONCE_GFP(!can_direct_reclaim, gfp_mask)) > > goto fail; > > ... > > } > > ... > > fail: > > warn_alloc(gfp_mask, ac->nodemask, > > "page allocation failure: order:%u", order); > > got_pg: > > return page; > > } > > > > Let's move the memory allocation out of the atomic context and use > > the normal sleepable context to get pages. > > > > [RFC]: This has only been compile-tested; I'd prefer if the VDPA mainta= iners > > handles it. > > > > Cc: "Michael S. Tsirkin" > > Cc: Jason Wang > > Cc: Xuan Zhuo > > Cc: "Eugenio P=C3=A9rez" > > Cc: Maxime Coquelin > > Signed-off-by: Barry Song > > --- > > drivers/vdpa/vdpa_user/iova_domain.c | 24 ++++++++++++++++++++---- > > 1 file changed, 20 insertions(+), 4 deletions(-) > > > > diff --git a/drivers/vdpa/vdpa_user/iova_domain.c b/drivers/vdpa/vdpa_u= ser/iova_domain.c > > index 791d38d6284c..eff700e5f7a2 100644 > > --- a/drivers/vdpa/vdpa_user/iova_domain.c > > +++ b/drivers/vdpa/vdpa_user/iova_domain.c > > @@ -287,28 +287,44 @@ void vduse_domain_remove_user_bounce_pages(struct= vduse_iova_domain *domain) > > { > > struct vduse_bounce_map *map; > > unsigned long i, count; > > + struct page **pages =3D NULL; > > > > write_lock(&domain->bounce_lock); > > if (!domain->user_bounce_pages) > > goto out; > > - > > count =3D domain->bounce_size >> PAGE_SHIFT; > > + write_unlock(&domain->bounce_lock); > > + > > + pages =3D kmalloc_array(count, sizeof(*pages), GFP_KERNEL | __GFP= _NOFAIL); > > + for (i =3D 0; i < count; i++) > > + pages[i] =3D alloc_page(GFP_KERNEL | __GFP_NOFAIL); > > AFAICS vduse_domain_release calls this function with > spin_lock(&domain->iotlb_lock) so dropping &domain->bounce_lock is not > sufficient. yes. this is true: static int vduse_domain_release(struct inode *inode, struct file *file) { struct vduse_iova_domain *domain =3D file->private_data; spin_lock(&domain->iotlb_lock); vduse_iotlb_del_range(domain, 0, ULLONG_MAX); vduse_domain_remove_user_bounce_pages(domain); vduse_domain_free_kernel_bounce_pages(domain); spin_unlock(&domain->iotlb_lock); put_iova_domain(&domain->stream_iovad); put_iova_domain(&domain->consistent_iovad); vhost_iotlb_free(domain->iotlb); vfree(domain->bounce_maps); kfree(domain); return 0; } This is quite a pain. I admit I don't have knowledge of this driver, and I = don't think it's safe to release two locks and then reacquire them. The situation= is rather complex. Therefore, I would prefer if the VDPA maintainers could take the lead in implementing a proper fix. > > -- > Michal Hocko > SUSE Labs Thanks Barry