From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 90ED1C0219B for ; Tue, 11 Feb 2025 13:36:27 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id DEB556B008A; Tue, 11 Feb 2025 08:36:26 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id D99C06B008C; Tue, 11 Feb 2025 08:36:26 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C13646B0092; Tue, 11 Feb 2025 08:36:26 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id A35316B008A for ; Tue, 11 Feb 2025 08:36:26 -0500 (EST) Received: from smtpin13.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 50199C1970 for ; Tue, 11 Feb 2025 13:34:03 +0000 (UTC) X-FDA: 83107757166.13.4A1DB94 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by imf25.hostedemail.com (Postfix) with ESMTP id 86C49A000D for ; Tue, 11 Feb 2025 13:33:59 +0000 (UTC) Authentication-Results: imf25.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=GYQeNyL4; spf=pass (imf25.hostedemail.com: domain of vschneid@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=vschneid@redhat.com; dmarc=pass (policy=none) header.from=redhat.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1739280841; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=kiPSr3n7+xyd4jM/lLYprUxePjslA+jL9wOlKC/+QfI=; b=KFbvcH8x937XSKh+TAqg5LQpLyYqjlecfirFcL+MjmnYLly6Dbc3Kx4HZU+ftZIZ+/gGqv WLnB3D9KCZUeE5g7oYFYH0F/FMME0PDBTAzmquyFIw50jsp7sIzEwNXY6Vu3oUuxz6Ue/b oYD6Wyq2k02Y8rT2iiyq8in8otii4fY= ARC-Authentication-Results: i=1; imf25.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=GYQeNyL4; spf=pass (imf25.hostedemail.com: domain of vschneid@redhat.com designates 170.10.129.124 as permitted sender) smtp.mailfrom=vschneid@redhat.com; dmarc=pass (policy=none) header.from=redhat.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1739280841; a=rsa-sha256; cv=none; b=Qa0rjuPUDzxwnhRZLsEQeCaSHItWpya8n9VvpCtpzZEkmSPy19ybG8bKqbdOHJWdExz5WD ZzMccG5sAME4ELmE1B+AzmFRuzxVTPuKKwcsxst7aGVkM9xdSQL+bpEs8wVSI4UN/ANnuF 1xk4RClQac7lstmYlx7Fe8C+AIaUiZY= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1739280839; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=kiPSr3n7+xyd4jM/lLYprUxePjslA+jL9wOlKC/+QfI=; b=GYQeNyL4znWp0r3z23ns2fzNmk/53xyuAy//AC3+DtFJhkDv/vwVQWBWshe9YWKjt6MUgf Qa+SPxW+QVqBhbCCLaFpdFopdfAgifzHy8rFmTEIiEe33qv3BEuLEaXzyPP52BBYFby5nT 6UGo0yTixeaOqNeckMgsGB6UbCt6gvE= Received: from mail-wm1-f72.google.com (mail-wm1-f72.google.com [209.85.128.72]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-83-Pv1EPhpeM8afb8K203gl7w-1; Tue, 11 Feb 2025 08:33:57 -0500 X-MC-Unique: Pv1EPhpeM8afb8K203gl7w-1 X-Mimecast-MFC-AGG-ID: Pv1EPhpeM8afb8K203gl7w Received: by mail-wm1-f72.google.com with SMTP id 5b1f17b1804b1-4394b2c19ccso11910795e9.1 for ; Tue, 11 Feb 2025 05:33:57 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1739280836; x=1739885636; h=content-transfer-encoding:mime-version:message-id:date:references :in-reply-to:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=I6rYC3Ttea935cxDKXU7eGhmr1cWrMQ3SYanZpPc/20=; b=etyeZIsptOFrdSheOWJe2sq/LjSUK4GX1HslIe2mCcqTRdtEITxp0nACHbdqEt0voU V45bbvkJmGIX6HKZj9d4cG4FJTVGAvG81vp8hFfwN9/rnXgRbkQdVQZeaTUMhvUC59Q8 QaREq9gIruvibQ1BrTzlC9go353HUkdUSY8EM52uwWDdIR+lMavvroaQVppXrkKryncd OkhgDn9OecRIs/t+1uQmpkwMnmr2SSLP6mI8XE2KG4qKC9DjsINZJbn1XHkthImM8gcK JaJmob/ypDkpe1ThQgQEnVKBb3E4yHdtquEMg2ZFGIVFXFZ/OLYKn2yG4HtHIkgh1Z/l I8jQ== X-Forwarded-Encrypted: i=1; AJvYcCUHSAVR8mtPolU991HvAxVtmNLEAuBdxy4IsrCnmgQie/LMFUUy+7wKWfVGzZSnx2OUQqii9ZMJJw==@kvack.org X-Gm-Message-State: AOJu0Yxv8gctslYSGaZ2foc0hBowQuDSURa1laLIj482sahL+hCvVApF 0IFCJ+Tl+3rkg9jPgSpxsY5WGTQsRIASs+7NX9/oalDOBA86toWLFnNL64YjiQwTpJH7xiL4PrR sBiRYs5Irf/cn+/NYFrNT5YZTr5XGpMS00XlyXgy60IM+O5Pi X-Gm-Gg: ASbGncv7f5Fuw0jjva1lU9Sy1q7Hz1gvgiYpQJzqqFfI1L+caiFqhGleDJjhGWQ0FO3 N5iBbE1FxHEUe8gzbiwH1KBVUzs3ZzCYwAOvU6vIdGCv5yo8wGs2YOB4+0LoeEEmimj9ThzdkY9 NIL5tuP8RIRmx2T8XXKymuebl1sF/FcugntwCV5jIlJQ6QVeyG0rRuW+wUDsS/M5/kRa+O7QzTW UlxKw4cQWpy+fNFkP9Ub8KcDMpRU7XrmbNZwpC1n0jm0GUjAfj+UnXukFBYlwnL7XZ3ZByeZrqZ +qPeQbVQZ1Vy2tgfPwTBtc8uk06MxRpDGXH+6wSrDd4S4ThqQe23PUHjGqbWww2K5Q== X-Received: by 2002:a05:600c:384c:b0:439:554f:f64f with SMTP id 5b1f17b1804b1-439554ffb3bmr21891975e9.0.1739280836484; Tue, 11 Feb 2025 05:33:56 -0800 (PST) X-Google-Smtp-Source: AGHT+IHLaJ199QatUt+F367q7Ky9NspQydjwYuxDlEpx56Dm3c1ApLy01ntC7qxuc1s/8cawIiMmnw== X-Received: by 2002:a05:600c:384c:b0:439:554f:f64f with SMTP id 5b1f17b1804b1-439554ffb3bmr21890805e9.0.1739280836017; Tue, 11 Feb 2025 05:33:56 -0800 (PST) Received: from vschneid-thinkpadt14sgen2i.remote.csb (213-44-141-166.abo.bbox.fr. [213.44.141.166]) by smtp.gmail.com with ESMTPSA id ffacd0b85a97d-38dcb88d5e6sm11688621f8f.1.2025.02.11.05.33.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 11 Feb 2025 05:33:55 -0800 (PST) From: Valentin Schneider To: Jann Horn Cc: linux-kernel@vger.kernel.org, x86@kernel.org, virtualization@lists.linux.dev, linux-arm-kernel@lists.infradead.org, loongarch@lists.linux.dev, linux-riscv@lists.infradead.org, linux-perf-users@vger.kernel.org, xen-devel@lists.xenproject.org, kvm@vger.kernel.org, linux-arch@vger.kernel.org, rcu@vger.kernel.org, linux-hardening@vger.kernel.org, linux-mm@kvack.org, linux-kselftest@vger.kernel.org, bpf@vger.kernel.org, bcm-kernel-feedback-list@broadcom.com, Juergen Gross , Ajay Kaher , Alexey Makhalov , Russell King , Catalin Marinas , Will Deacon , Huacai Chen , WANG Xuerui , Paul Walmsley , Palmer Dabbelt , Albert Ou , Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Peter Zijlstra , Arnaldo Carvalho de Melo , Namhyung Kim , Mark Rutland , Alexander Shishkin , Jiri Olsa , Ian Rogers , Adrian Hunter , "Liang, Kan" , Boris Ostrovsky , Josh Poimboeuf , Pawan Gupta , Sean Christopherson , Paolo Bonzini , Andy Lutomirski , Arnd Bergmann , Frederic Weisbecker , "Paul E. McKenney" , Jason Baron , Steven Rostedt , Ard Biesheuvel , Neeraj Upadhyay , Joel Fernandes , Josh Triplett , Boqun Feng , Uladzislau Rezki , Mathieu Desnoyers , Lai Jiangshan , Zqiang , Juri Lelli , Clark Williams , Yair Podemsky , Tomas Glozar , Vincent Guittot , Dietmar Eggemann , Ben Segall , Mel Gorman , Kees Cook , Andrew Morton , Christoph Hellwig , Shuah Khan , Sami Tolvanen , Miguel Ojeda , Alice Ryhl , "Mike Rapoport (Microsoft)" , Samuel Holland , Rong Xu , Nicolas Saenz Julienne , Geert Uytterhoeven , Yosry Ahmed , "Kirill A. Shutemov" , "Masami Hiramatsu (Google)" , Jinghao Jia , Luis Chamberlain , Randy Dunlap , Tiezhu Yang Subject: Re: [PATCH v4 29/30] x86/mm, mm/vmalloc: Defer flush_tlb_kernel_range() targeting NOHZ_FULL CPUs In-Reply-To: References: <20250114175143.81438-1-vschneid@redhat.com> <20250114175143.81438-30-vschneid@redhat.com> Date: Tue, 11 Feb 2025 14:33:51 +0100 Message-ID: MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: ibir3V7vaDr_l_jDwvcyInywrXlibaPSn6t-2e_to-g_1739280837 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Rspam-User: X-Stat-Signature: 7s3opfsuj4uiajfh18ncqw89smzfnfm8 X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 86C49A000D X-HE-Tag: 1739280839-193698 X-HE-Meta: U2FsdGVkX1/JJ2/Stk/rhTdvhdJ1xnLRHTLpBCQYS0t3928uDwGDCApCVp/xb1DAknIYCwjRNAS69CrUjaq3Oas+vRLjH3vC3rr1mquG6jC/5E5EAhfnPSmuM8ESm2yWzhYQvd+shAumLJa6CHayq6Pkqiei/NZB2CdsWuUfRuap024ULocqCxG0CxJDJUkOXwt06qK9RzU9wPE0cSVwslT/5qIjfeQSt97i5r3Gcv6Q1ZaqFXp4iKrWqxqDbz4fibPGSc9LX7dJ4HEvDF1f+4IOv36eP3Iq7doKpUiZ/2unjx6WLhkNEb3dfGH5LR0eAgb/3l71qildq9INT+sLRXw7wEQiFbFVlzLR/CUhQJWBHV82Lsrkw0IzfCeqR/k+Fiuko8ZzBpmyS5iIr7+S4jwvuYIw/Tjr2re5AZASk/mXFo/cpY/yxTAgW10ECZK+NpA712VZweF476nWS/gf2NMUojFjgx5VL2ARDl7FYJM2GyH6nl48d8pgP9A9SrYveoOCwbVbY6Incs+xwTmwOShHdCXmgFs9mspxCRLudauyB28J8RBd8Mc+B8u2y/6Y7m+g+mFnVSHfJCVbT6j9ww+jyF6B7xgedDaEV2qd4VbYmZyUMrVPpgOuZbpCxvBNTIP+I1TGEaELipfSxe/Ff2dVBEo1VX/S+Tzxac1cG2mZml+RMr/yS3IVaYkNSGLASNA1+HVmDp7E/rsjEG+h+SwEq87LrOWVziI5fSBrg+EXSRVsBJqj0/bEc5fB3ggKJaLJOrOL3HxRUZWNp+anQEvZ0Ha2pYEofWqpfQ2fg+tXfYbXB5UbWehuGDfkUhQjXFDzkfIeTc/ybyTXBpJ+xCQ+mwsQJYTXRtbG4xi+v2Igb7UAUsAFvbhZ9A03PBafyU6zO+WLzUA0G6e1cyoX2XsSHNP2gGOE6jtxFH1w/3IvObs9/pzGyAHRv2zuawgcBoVmwMf0RYQqd6yAzn7 L9sUT2y3 hTq+K8GP6ZfboLCRtgMwBPIx/tpUYYyixdpM2QexteJ/Fym2uw0rjnQ0/eOg6KmIFwbIsUQ26uR2+AbcXFzOAM9+IA0miMwHuTtx1WMGYOXQKPjq6RqhL6R9n/0oGziOX2eHte/G0lKOQcaus2RxA6c67pADH/223wo4tRrzGhyMuXQZq1naqion8BsmZxpbHm4ug2SBH9sUDmw2e9Q9ysCcJhqvze2m1ViwEuQKEeTgClozW764yc6JdGPrPF10zU8lWDTCA3HFvzipCOYjs27XZYehYdtH1IbuXAMu05aQawayGnD5cL6TW/G6cIUfEU4yDbVnG/0DwrQcIFyr8yDv0aczEJH7j8PlstXecbR+PCMaEZ+Bc9YWGntTJBsYkUtUgi0/RnkwknRXRM1UdGcbxxDXXK7Wx5xjzIgZMffOgshF7dzPJYeclH1aAaHUs7ZXKt72+sOBvWoeTb+aRVmSLpSUh8IPxKox5HiBUqq+cVN8SIJ0HTEPMT1+s7kOKWiJ+fDw1tfMzz5wau3u0RBHeSmXw9MyEVQHrJVoxEYc7yUE= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On 10/02/25 23:08, Jann Horn wrote: > On Mon, Feb 10, 2025 at 7:36=E2=80=AFPM Valentin Schneider wrote: >> What if isolated CPUs unconditionally did a TLBi as late as possible in >> the stack right before returning to userspace? This would mean that upon >> re-entering the kernel, an isolated CPU's TLB wouldn't contain any kerne= l >> range translation - with the exception of whatever lies between the >> last-minute flush and the actual userspace entry, which should be feasib= le >> to vet? Then AFAICT there wouldn't be any work/flush to defer, the IPI >> could be entirely silenced if it targets an isolated CPU. > > Two issues with that: > Firstly, thank you for entertaining the idea :-) > 1. I think the "Common not Private" feature Will Deacon referred to is > incompatible with this idea: > > says "When the CnP bit is set, the software promises to use the ASIDs > and VMIDs in the same way on all processors, which allows the TLB > entries that are created by one processor to be used by another" > Sorry for being obtuse - I can understand inconsistent TLB states (old vs new translations being present in separate TLBs) due to not sending the flush IPI causing an issue with that, but not "flushing early". Even if TLB entries can be shared/accessed between CPUs, a CPU should be allowed not to have a shared entry in its TLB - what am I missing? > 2. It's wrong to assume that TLB entries are only populated for > addresses you access - thanks to speculative execution, you have to > assume that the CPU might be populating random TLB entries all over > the place. Gotta love speculation. Now it is supposed to be limited to genuinely accessible data & code, right? Say theoretically we have a full TLBi as literally the last thing before doing the return-to-userspace, speculation should be limited to executing maybe bits of the return-from-userspace code? Furthermore, I would hope that once a CPU is executing in userspace, it's not going to populate the TLB with kernel address translations - AIUI the whole vulnerability mitigation debacle was about preventing this sort of thing.