From: Qi Zheng <zhengqi.arch@bytedance.com>
To: david@redhat.com, hughd@google.com, willy@infradead.org,
mgorman@suse.de, muchun.song@linux.dev,
akpm@linux-foundation.org
Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org,
Qi Zheng <zhengqi.arch@bytedance.com>
Subject: [RFC PATCH 6/7] x86: mm: define arch_flush_tlb_before_set_huge_page
Date: Mon, 1 Jul 2024 16:46:47 +0800 [thread overview]
Message-ID: <a6cea157a2d9ba4d35f53d4d44b4d6e9ccd26aa5.1719570849.git.zhengqi.arch@bytedance.com> (raw)
In-Reply-To: <cover.1719570849.git.zhengqi.arch@bytedance.com>
When we use mmu_gather to batch flush tlb and free PTE pages, the TLB is
not flushed before pmd lock is unlocked. This may result in the following
two situations:
1) Userland can trigger page fault and fill a huge page, which will cause
the existence of small size TLB and huge TLB for the same address.
2) Userland can also trigger page fault and fill a PTE page, which will
cause the existence of two small size TLBs, but the PTE page they map
are different.
According to Intel's TLB Application note (317080), some CPUs of x86 do
not allow the 1) case, so define arch_flush_tlb_before_set_huge_page to
detect and fix this issue.
Signed-off-by: Qi Zheng <zhengqi.arch@bytedance.com>
---
arch/x86/include/asm/pgtable.h | 6 ++++++
arch/x86/mm/pgtable.c | 13 +++++++++++++
2 files changed, 19 insertions(+)
diff --git a/arch/x86/include/asm/pgtable.h b/arch/x86/include/asm/pgtable.h
index e39311a89bf4..f93d964ab6a3 100644
--- a/arch/x86/include/asm/pgtable.h
+++ b/arch/x86/include/asm/pgtable.h
@@ -1668,6 +1668,12 @@ void arch_check_zapped_pte(struct vm_area_struct *vma, pte_t pte);
#define arch_check_zapped_pmd arch_check_zapped_pmd
void arch_check_zapped_pmd(struct vm_area_struct *vma, pmd_t pmd);
+#ifdef CONFIG_PT_RECLAIM
+#define arch_flush_tlb_before_set_huge_page arch_flush_tlb_before_set_huge_page
+void arch_flush_tlb_before_set_huge_page(struct mm_struct *mm,
+ unsigned long addr);
+#endif
+
#ifdef CONFIG_XEN_PV
#define arch_has_hw_nonleaf_pmd_young arch_has_hw_nonleaf_pmd_young
static inline bool arch_has_hw_nonleaf_pmd_young(void)
diff --git a/arch/x86/mm/pgtable.c b/arch/x86/mm/pgtable.c
index cd5bf2157611..d037f7425f82 100644
--- a/arch/x86/mm/pgtable.c
+++ b/arch/x86/mm/pgtable.c
@@ -926,3 +926,16 @@ void arch_check_zapped_pmd(struct vm_area_struct *vma, pmd_t pmd)
VM_WARN_ON_ONCE(!(vma->vm_flags & VM_SHADOW_STACK) &&
pmd_shstk(pmd));
}
+
+#ifdef CONFIG_PT_RECLAIM
+void arch_flush_tlb_before_set_huge_page(struct mm_struct *mm,
+ unsigned long addr)
+{
+ if (atomic_read(&mm->tlb_flush_pending)) {
+ unsigned long start = ALIGN_DOWN(addr, PMD_SIZE);
+ unsigned long end = start + PMD_SIZE;
+
+ flush_tlb_mm_range(mm, start, end, PAGE_SHIFT, false);
+ }
+}
+#endif /* CONFIG_PT_RECLAIM */
--
2.20.1
next prev parent reply other threads:[~2024-07-01 8:48 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-01 8:46 [RFC PATCH 0/7] synchronously scan and reclaim empty user PTE pages Qi Zheng
2024-07-01 8:46 ` [RFC PATCH 1/7] mm: pgtable: make pte_offset_map_nolock() return pmdval Qi Zheng
2024-07-01 8:46 ` [RFC PATCH 2/7] mm: introduce CONFIG_PT_RECLAIM Qi Zheng
2024-07-01 8:46 ` [RFC PATCH 3/7] mm: pass address information to pmd_install() Qi Zheng
2024-07-01 8:46 ` [RFC PATCH 4/7] mm: pgtable: try to reclaim empty PTE pages in zap_page_range_single() Qi Zheng
2024-07-01 8:46 ` [RFC PATCH 5/7] x86: mm: free page table pages by RCU instead of semi RCU Qi Zheng
2024-07-01 8:46 ` Qi Zheng [this message]
2024-07-01 8:46 ` [RFC PATCH 7/7] x86: select ARCH_SUPPORTS_PT_RECLAIM if X86_64 Qi Zheng
2024-07-04 7:16 ` [RFC PATCH 0/7] synchronously scan and reclaim empty user PTE pages Qi Zheng
2024-07-07 8:26 ` David Hildenbrand
2024-07-08 2:46 ` Qi Zheng
2024-07-26 9:07 ` Vlastimil Babka (SUSE)
2024-07-29 6:46 ` Qi Zheng
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a6cea157a2d9ba4d35f53d4d44b4d6e9ccd26aa5.1719570849.git.zhengqi.arch@bytedance.com \
--to=zhengqi.arch@bytedance.com \
--cc=akpm@linux-foundation.org \
--cc=david@redhat.com \
--cc=hughd@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mgorman@suse.de \
--cc=muchun.song@linux.dev \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox