From: Qi Zheng <zhengqi.arch@bytedance.com>
To: peterz@infradead.org, tglx@linutronix.de, david@redhat.com,
jannh@google.com, hughd@google.com, yuzhao@google.com,
willy@infradead.org, muchun.song@linux.dev, vbabka@kernel.org,
lorenzo.stoakes@oracle.com, akpm@linux-foundation.org,
rientjes@google.com, vishal.moola@gmail.com
Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org,
Qi Zheng <zhengqi.arch@bytedance.com>
Subject: [PATCH v2 00/15] move pagetable_*_dtor() to __tlb_remove_table()
Date: Wed, 18 Dec 2024 21:04:36 +0800 [thread overview]
Message-ID: <cover.1734526570.git.zhengqi.arch@bytedance.com> (raw)
Changes in v2:
- add [PATCH v2 13|14|15/15] (suggested by Peter Zijlstra)
- add Originally-bys and Suggested-bys
- rebase onto the next-20241218
Hi all,
As proposed [1] by Peter Zijlstra below, this patch series aims to move
pagetable_*_dtor() into __tlb_remove_table(). This will cleanup pagetable_*_dtor()
a bit and more gracefully fix the UAF issue [2] reported by syzbot.
```
Notably:
- s390 pud isn't calling the existing pagetable_pud_[cd]tor()
- none of the p4d things have pagetable_p4d_[cd]tor() (x86,arm64,s390,riscv)
and they have inconsistent accounting
- while much of the _ctor calls are in generic code, many of the _dtor
calls are in arch code for hysterial raisins, this could easily be
fixed
- if we fix ptlock_free() to handle NULL, then all the _dtor()
functions can use it, and we can observe they're all identical
and can be folded
after all that cleanup, you can move the _dtor from *_free_tlb() into
tlb_remove_table() -- which for the above case, would then have it
called from __tlb_remove_table_free().
```
And hi Andrew, I developed the code based on the latest linux-next, so I reverted
the "mm: pgtable: make ptlock be freed by RCU" first. Once the review of this
patch series is completed, the "mm: pgtable: make ptlock be freed by RCU" can be
dropped directly from mm tree, and this revert patch will not be needed.
This series is based on next-20241218. And I tested this patch series on x86 and
only cross-compiled it on arm[|64], powerpc, riscv, s390 and sparc.
Comments and suggestions are welcome!
Thanks,
Qi
[1]. https://lore.kernel.org/all/20241211133433.GC12500@noisy.programming.kicks-ass.net/
[2]. https://lore.kernel.org/all/67548279.050a0220.a30f1.015b.GAE@google.com/
Qi Zheng (15):
Revert "mm: pgtable: make ptlock be freed by RCU"
mm: pgtable: introduce generic p4d_alloc_one() and p4d_free()
arm64: pgtable: use mmu gather to free p4d level page table
s390: pgtable: add statistics for PUD and P4D level page table
mm: pgtable: introduce pagetable_dtor()
arm: pgtable: move pagetable_dtor() to __tlb_remove_table()
arm64: pgtable: move pagetable_dtor() to __tlb_remove_table()
riscv: pgtable: move pagetable_dtor() to __tlb_remove_table()
x86: pgtable: move pagetable_dtor() to __tlb_remove_table()
s390: pgtable: also move pagetable_dtor() of PxD to
__tlb_remove_table()
mm: pgtable: introduce generic __tlb_remove_table()
mm: pgtable: move __tlb_remove_table_one() in x86 to generic file
mm: pgtable: remove tlb_remove_page_ptdesc()
mm: pgtable: remove tlb_remove_ptdesc()
mm: pgtable: introduce generic pagetable_dtor_free()
Documentation/mm/split_page_table_lock.rst | 4 +-
arch/arm/include/asm/tlb.h | 18 +-----
arch/arm64/include/asm/pgalloc.h | 17 +++---
arch/arm64/include/asm/tlb.h | 31 +++++-----
arch/csky/include/asm/pgalloc.h | 4 +-
arch/hexagon/include/asm/pgalloc.h | 4 +-
arch/loongarch/include/asm/pgalloc.h | 4 +-
arch/m68k/include/asm/mcf_pgalloc.h | 4 +-
arch/m68k/include/asm/sun3_pgalloc.h | 4 +-
arch/m68k/mm/motorola.c | 2 +-
arch/mips/include/asm/pgalloc.h | 4 +-
arch/nios2/include/asm/pgalloc.h | 4 +-
arch/openrisc/include/asm/pgalloc.h | 4 +-
arch/powerpc/include/asm/tlb.h | 1 +
arch/powerpc/mm/book3s64/mmu_context.c | 2 +-
arch/powerpc/mm/book3s64/pgtable.c | 2 +-
arch/powerpc/mm/pgtable-frag.c | 4 +-
arch/riscv/include/asm/pgalloc.h | 57 ++++++++----------
arch/riscv/include/asm/tlb.h | 18 ------
arch/riscv/mm/init.c | 4 +-
arch/s390/include/asm/pgalloc.h | 31 +++++++---
arch/s390/include/asm/tlb.h | 43 +++++++-------
arch/s390/mm/pgalloc.c | 31 ++--------
arch/sh/include/asm/pgalloc.h | 4 +-
arch/sparc/include/asm/tlb_32.h | 1 +
arch/sparc/include/asm/tlb_64.h | 1 +
arch/sparc/mm/init_64.c | 2 +-
arch/sparc/mm/srmmu.c | 2 +-
arch/um/include/asm/pgalloc.h | 12 ++--
arch/x86/include/asm/pgalloc.h | 16 +++--
arch/x86/include/asm/tlb.h | 33 -----------
arch/x86/kernel/paravirt.c | 1 +
arch/x86/mm/pgtable.c | 13 ++---
include/asm-generic/pgalloc.h | 68 +++++++++++++++++-----
include/asm-generic/tlb.h | 23 ++++----
include/linux/mm.h | 52 +++++++----------
include/linux/mm_types.h | 9 +--
mm/memory.c | 23 +++-----
mm/mmu_gather.c | 19 +++++-
39 files changed, 255 insertions(+), 321 deletions(-)
--
2.20.1
next reply other threads:[~2024-12-18 13:05 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-18 13:04 Qi Zheng [this message]
2024-12-18 13:04 ` [PATCH v2 01/15] Revert "mm: pgtable: make ptlock be freed by RCU" Qi Zheng
2024-12-18 13:04 ` [PATCH v2 02/15] mm: pgtable: introduce generic p4d_alloc_one() and p4d_free() Qi Zheng
2024-12-18 14:53 ` [PATCH v2 02/15 fix] fix: " Qi Zheng
2024-12-19 16:32 ` [PATCH v2 02/15] " Alexander Gordeev
2024-12-20 3:19 ` Qi Zheng
2024-12-18 13:04 ` [PATCH v2 03/15] arm64: pgtable: use mmu gather to free p4d level page table Qi Zheng
2024-12-18 13:04 ` [PATCH v2 04/15] s390: pgtable: add statistics for PUD and P4D " Qi Zheng
2024-12-18 13:04 ` [PATCH v2 05/15] mm: pgtable: introduce pagetable_dtor() Qi Zheng
2024-12-18 13:04 ` [PATCH v2 06/15] arm: pgtable: move pagetable_dtor() to __tlb_remove_table() Qi Zheng
2024-12-18 13:04 ` [PATCH v2 07/15] arm64: " Qi Zheng
2024-12-18 13:04 ` [PATCH v2 08/15] riscv: " Qi Zheng
2024-12-18 13:04 ` [PATCH v2 09/15] x86: " Qi Zheng
2024-12-18 13:04 ` [PATCH v2 10/15] s390: pgtable: also move pagetable_dtor() of PxD " Qi Zheng
2024-12-20 8:42 ` Alexander Gordeev
2024-12-20 8:55 ` Qi Zheng
2024-12-18 13:04 ` [PATCH v2 11/15] mm: pgtable: introduce generic __tlb_remove_table() Qi Zheng
2024-12-18 16:39 ` Peter Zijlstra
2024-12-20 11:18 ` Alexander Gordeev
2024-12-20 11:28 ` Qi Zheng
2024-12-18 13:04 ` [PATCH v2 12/15] mm: pgtable: move __tlb_remove_table_one() in x86 to generic file Qi Zheng
2024-12-18 13:04 ` [PATCH v2 13/15] mm: pgtable: remove tlb_remove_page_ptdesc() Qi Zheng
2024-12-18 13:04 ` [PATCH v2 14/15] mm: pgtable: remove tlb_remove_ptdesc() Qi Zheng
2024-12-18 16:45 ` Peter Zijlstra
2024-12-19 2:16 ` Qi Zheng
2024-12-18 13:04 ` [PATCH v2 15/15] mm: pgtable: introduce generic pagetable_dtor_free() Qi Zheng
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1734526570.git.zhengqi.arch@bytedance.com \
--to=zhengqi.arch@bytedance.com \
--cc=akpm@linux-foundation.org \
--cc=david@redhat.com \
--cc=hughd@google.com \
--cc=jannh@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lorenzo.stoakes@oracle.com \
--cc=muchun.song@linux.dev \
--cc=peterz@infradead.org \
--cc=rientjes@google.com \
--cc=tglx@linutronix.de \
--cc=vbabka@kernel.org \
--cc=vishal.moola@gmail.com \
--cc=willy@infradead.org \
--cc=yuzhao@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox