From: Nhat Pham <nphamcs@gmail.com>
To: Yosry Ahmed <yosry.ahmed@linux.dev>
Cc: Eric Biggers <ebiggers@kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
Johannes Weiner <hannes@cmpxchg.org>,
Chengming Zhou <chengming.zhou@linux.dev>,
"David S. Miller" <davem@davemloft.net>,
Herbert Xu <herbert@gondor.apana.org.au>,
linux-mm@kvack.org, linux-crypto@vger.kernel.org,
linux-kernel@vger.kernel.org, syzkaller-bugs@googlegroups.com,
syzbot+1a517ccfcbc6a7ab0f82@syzkaller.appspotmail.com,
stable@vger.kernel.org
Subject: Re: [PATCH v2] mm: zswap: fix crypto_free_acomp() deadlock in zswap_cpu_comp_dead()
Date: Wed, 26 Feb 2025 15:47:06 -0800 [thread overview]
Message-ID: <CAKEwX=O8zQj3Vj=2G6aCjK7e2DDs+VBUhRd25AefTdcvFOT-=A@mail.gmail.com> (raw)
In-Reply-To: <Z7-GaVJHC_1ynigx@google.com>
On Wed, Feb 26, 2025 at 1:23 PM Yosry Ahmed <yosry.ahmed@linux.dev> wrote:
>
> On Wed, Feb 26, 2025 at 09:16:28PM +0000, Eric Biggers wrote:
> > On Wed, Feb 26, 2025 at 08:32:22PM +0000, Yosry Ahmed wrote:
> > > On Wed, Feb 26, 2025 at 08:00:16PM +0000, Eric Biggers wrote:
> > > > On Wed, Feb 26, 2025 at 06:56:25PM +0000, Yosry Ahmed wrote:
> > > > > Currently, zswap_cpu_comp_dead() calls crypto_free_acomp() while holding
> > > > > the per-CPU acomp_ctx mutex. crypto_free_acomp() then holds scomp_lock
> > > > > (through crypto_exit_scomp_ops_async()).
> > > > >
> > > > > On the other hand, crypto_alloc_acomp_node() holds the scomp_lock
> > > > > (through crypto_scomp_init_tfm()), and then allocates memory.
> > > > > If the allocation results in reclaim, we may attempt to hold the per-CPU
> > > > > acomp_ctx mutex.
> > > >
> > > > The bug is in acomp. crypto_free_acomp() should never have to wait for a memory
> > > > allocation. That is what needs to be fixed.
> > >
> > > crypto_free_acomp() does not explicitly wait for an allocation, but it
> > > waits for scomp_lock (in crypto_exit_scomp_ops_async()), which may be
> > > held while allocating memory from crypto_scomp_init_tfm().
> > >
> > > Are you suggesting that crypto_exit_scomp_ops_async() should not be
> > > holding scomp_lock?
> >
> > I think the solution while keeping the bounce buffer in place would be to do
> > what the patch
> > https://lore.kernel.org/linux-crypto/Z6w7Pz8jBeqhijut@gondor.apana.org.au/ does,
> > i.e. make the actual allocation and free happen outside the lock.
>
> I am fine with a solution like that if Herbert is fine with it. Although
> as I mentioned, I think this patch is nice to have anyway.
>
> >
> > > > But really the bounce buffering in acomp (which is what is causing this problem)
> > > > should not exist at all. There is really no practical use case for it; it's
> > > > just there because of the Crypto API's insistence on shoehorning everything into
> > > > scatterlists for no reason...
> > >
> > > I am assuming this about scomp_scratch logic, which is what we need to
> > > hold the scomp_lock for, resulting in this problem.
> >
> > Yes.
> >
> > > If this is something that can be done right away I am fine with dropping
> > > this patch for an alternative fix, although it may be nice to reduce the
> > > lock critical section in zswap_cpu_comp_dead() to the bare minimum
> > > anyway.
> >
> > Well, unfortunately the whole Crypto API philosophy of having a single interface
> > for software and for hardware offload doesn't really work. This is just yet
> > another example of that; it's a problem caused by shoehorning software
> > compression into an interface designed for hardware offload. zcomp really
> > should just use the compression libs directly (like most users of compression in
> > the kernel already do), and have an alternate code path specifically for
> > hardware offload (using acomp) for the few people who really want that.
>
> zcomp is for zram, zswap does not use it. If zswap is not going to use
> the crypto API we'll want something like zcomp or maybe reuse zcomp
> itself. That's a problem for another day :)
I'm actually thinking whether we should expose the zcomp API and use
it for zswap. There are a couple of parameters for zstd I wanna play
with, which zcomp/zram seems to already support, but not the crypto
API (zstd level, dictionary, etc.).
But yes, a different problem for another day :)
next prev parent reply other threads:[~2025-02-26 23:47 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-26 18:56 Yosry Ahmed
2025-02-26 20:00 ` Eric Biggers
2025-02-26 20:32 ` Yosry Ahmed
2025-02-26 21:16 ` Eric Biggers
2025-02-26 21:23 ` Yosry Ahmed
2025-02-26 23:47 ` Nhat Pham [this message]
2025-02-27 2:30 ` Chengming Zhou
2025-02-27 2:24 ` Chengming Zhou
2025-03-05 1:14 ` Nhat Pham
2025-03-06 19:02 ` Yosry Ahmed
2025-03-24 21:15 ` Nhat Pham
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAKEwX=O8zQj3Vj=2G6aCjK7e2DDs+VBUhRd25AefTdcvFOT-=A@mail.gmail.com' \
--to=nphamcs@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=chengming.zhou@linux.dev \
--cc=davem@davemloft.net \
--cc=ebiggers@kernel.org \
--cc=hannes@cmpxchg.org \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=stable@vger.kernel.org \
--cc=syzbot+1a517ccfcbc6a7ab0f82@syzkaller.appspotmail.com \
--cc=syzkaller-bugs@googlegroups.com \
--cc=yosry.ahmed@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox