From: Ingo Molnar <mingo@kernel.org>
To: Oleg Nesterov <oleg@redhat.com>
Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org,
Andy Lutomirski <luto@amacapital.net>,
Andrew Morton <akpm@linux-foundation.org>,
Denys Vlasenko <dvlasenk@redhat.com>,
Brian Gerst <brgerst@gmail.com>,
Peter Zijlstra <peterz@infradead.org>,
Borislav Petkov <bp@alien8.de>, "H. Peter Anvin" <hpa@zytor.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Thomas Gleixner <tglx@linutronix.de>,
Waiman Long <Waiman.Long@hp.com>
Subject: Re: why do we need vmalloc_sync_all?
Date: Sun, 14 Jun 2015 09:59:43 +0200 [thread overview]
Message-ID: <20150614075943.GA810@gmail.com> (raw)
In-Reply-To: <20150613185828.GA32376@redhat.com>
* Oleg Nesterov <oleg@redhat.com> wrote:
> I didn't read v2 yet, but I'd like to ask a question.
>
> Why do we need vmalloc_sync_all()?
>
> It has a single caller, register_die_notifier() which calls it without
> any explanation. IMO, this needs a comment at least.
Yes, it's used to work around crashes in modular callbacks: if the callbacks
happens to be called from within the page fault path, before the vmalloc page
fault handler runs, then we have a catch-22 problem.
It's rare but not entirely impossible.
> I am not sure I understand the changelog in 101f12af correctly, but at first
> glance vmalloc_sync_all() is no longer needed at least on x86, do_page_fault()
> no longer does notify_die(DIE_PAGE_FAULT). And btw DIE_PAGE_FAULT has no users.
> DIE_MNI too...
>
> Perhaps we can simply kill it on x86?
So in theory we could still have it run from DIE_OOPS, and that could turn a
survivable kernel crash into a non-survivable one.
Note that all of this will go away if we also do the vmalloc fault handling
simplification that I discussed with Andy:
- this series already makes the set of kernel PGDs strictly monotonically
increasing during the lifetime of the x86 kernel
- if in a subsequent patch we can synchronize new PGDs right after the vmalloc
code creates it, before the area is used - so we can remove vmalloc_fault()
altogether [or rather, turn it into a debug warning initially].
vmalloc_fault() is a clever but somewhat fragile complication.
- after that we can simply remove vmalloc_sync_all() from x86, because all active
vmalloc areas will be fully instantiated, all the time, on x86.
Thanks,
Ingo
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
WARNING: multiple messages have this Message-ID (diff)
From: Ingo Molnar <mingo@kernel.org>
To: Oleg Nesterov <oleg@redhat.com>
Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org,
Andy Lutomirski <luto@amacapital.net>,
Andrew Morton <akpm@linux-foundation.org>,
Denys Vlasenko <dvlasenk@redhat.com>,
Brian Gerst <brgerst@gmail.com>,
Peter Zijlstra <peterz@infradead.org>,
Borislav Petkov <bp@alien8.de>, "H. Peter Anvin" <hpa@zytor.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Thomas Gleixner <tglx@linutronix.de>,
Waiman Long <Waiman.Long@hp.com>
Subject: Re: why do we need vmalloc_sync_all?
Date: Sun, 14 Jun 2015 09:59:43 +0200 [thread overview]
Message-ID: <20150614075943.GA810@gmail.com> (raw)
In-Reply-To: <20150613185828.GA32376@redhat.com>
* Oleg Nesterov <oleg@redhat.com> wrote:
> I didn't read v2 yet, but I'd like to ask a question.
>
> Why do we need vmalloc_sync_all()?
>
> It has a single caller, register_die_notifier() which calls it without
> any explanation. IMO, this needs a comment at least.
Yes, it's used to work around crashes in modular callbacks: if the callbacks
happens to be called from within the page fault path, before the vmalloc page
fault handler runs, then we have a catch-22 problem.
It's rare but not entirely impossible.
> I am not sure I understand the changelog in 101f12af correctly, but at first
> glance vmalloc_sync_all() is no longer needed at least on x86, do_page_fault()
> no longer does notify_die(DIE_PAGE_FAULT). And btw DIE_PAGE_FAULT has no users.
> DIE_MNI too...
>
> Perhaps we can simply kill it on x86?
So in theory we could still have it run from DIE_OOPS, and that could turn a
survivable kernel crash into a non-survivable one.
Note that all of this will go away if we also do the vmalloc fault handling
simplification that I discussed with Andy:
- this series already makes the set of kernel PGDs strictly monotonically
increasing during the lifetime of the x86 kernel
- if in a subsequent patch we can synchronize new PGDs right after the vmalloc
code creates it, before the area is used - so we can remove vmalloc_fault()
altogether [or rather, turn it into a debug warning initially].
vmalloc_fault() is a clever but somewhat fragile complication.
- after that we can simply remove vmalloc_sync_all() from x86, because all active
vmalloc areas will be fully instantiated, all the time, on x86.
Thanks,
Ingo
next prev parent reply other threads:[~2015-06-14 7:59 UTC|newest]
Thread overview: 72+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-06-13 9:49 [PATCH 00/12, v2] x86/mm: Implement lockless pgd_alloc()/pgd_free() Ingo Molnar
2015-06-13 9:49 ` Ingo Molnar
2015-06-13 9:49 ` [PATCH 01/12] x86/mm/pat: Don't free PGD entries on memory unmap Ingo Molnar
2015-06-13 9:49 ` Ingo Molnar
2015-06-13 9:49 ` [PATCH 02/12] x86/mm/hotplug: Remove pgd_list use from the memory hotplug code Ingo Molnar
2015-06-13 9:49 ` Ingo Molnar
2015-06-13 19:24 ` Oleg Nesterov
2015-06-13 19:24 ` Oleg Nesterov
2015-06-14 7:36 ` Ingo Molnar
2015-06-14 7:36 ` Ingo Molnar
2015-06-14 19:24 ` Oleg Nesterov
2015-06-14 19:24 ` Oleg Nesterov
2015-06-14 19:38 ` Oleg Nesterov
2015-06-14 19:38 ` Oleg Nesterov
2015-06-15 0:40 ` Paul E. McKenney
2015-06-15 0:40 ` Paul E. McKenney
2015-06-15 20:33 ` Ingo Molnar
2015-06-15 20:33 ` Ingo Molnar
2015-06-13 9:49 ` [PATCH 03/12] x86/mm/hotplug: Don't remove PGD entries in remove_pagetable() Ingo Molnar
2015-06-13 9:49 ` Ingo Molnar
2015-06-13 9:49 ` [PATCH 04/12] x86/mm/hotplug: Simplify sync_global_pgds() Ingo Molnar
2015-06-13 9:49 ` Ingo Molnar
2015-06-13 9:49 ` [PATCH 05/12] mm: Introduce arch_pgd_init_late() Ingo Molnar
2015-06-13 9:49 ` Ingo Molnar
2015-06-13 9:49 ` [PATCH 06/12] x86/mm: Enable and use the arch_pgd_init_late() method Ingo Molnar
2015-06-13 9:49 ` Ingo Molnar
2015-06-13 9:49 ` [PATCH 07/12] x86/virt/guest/xen: Remove use of pgd_list from the Xen guest code Ingo Molnar
2015-06-13 9:49 ` Ingo Molnar
2015-06-14 8:26 ` Ingo Molnar
2015-06-14 8:26 ` Ingo Molnar
2015-06-15 9:05 ` Ian Campbell
2015-06-15 9:05 ` Ian Campbell
2015-06-15 9:05 ` Ian Campbell
2015-06-15 10:30 ` David Vrabel
2015-06-15 10:30 ` David Vrabel
2015-06-15 20:35 ` Ingo Molnar
2015-06-15 20:35 ` Ingo Molnar
2015-06-15 20:35 ` Ingo Molnar
2015-06-16 14:15 ` David Vrabel
2015-06-16 14:15 ` David Vrabel
2015-06-16 14:19 ` Boris Ostrovsky
2015-06-16 14:19 ` Boris Ostrovsky
2015-06-16 14:27 ` David Vrabel
2015-06-16 14:27 ` David Vrabel
2015-06-16 14:27 ` David Vrabel
2015-06-16 14:19 ` Boris Ostrovsky
2015-06-16 14:15 ` David Vrabel
2015-06-15 10:30 ` David Vrabel
2015-06-13 9:49 ` [PATCH 08/12] x86/mm: Remove pgd_list use from vmalloc_sync_all() Ingo Molnar
2015-06-13 9:49 ` Ingo Molnar
2015-06-13 9:49 ` [PATCH 09/12] x86/mm/pat/32: Remove pgd_list use from the PAT code Ingo Molnar
2015-06-13 9:49 ` Ingo Molnar
2015-06-13 9:49 ` [PATCH 10/12] x86/mm: Make pgd_alloc()/pgd_free() lockless Ingo Molnar
2015-06-13 9:49 ` Ingo Molnar
2015-06-13 9:49 ` [PATCH 11/12] x86/mm: Remove pgd_list leftovers Ingo Molnar
2015-06-13 9:49 ` Ingo Molnar
2015-06-13 9:49 ` [PATCH 12/12] x86/mm: Simplify pgd_alloc() Ingo Molnar
2015-06-13 9:49 ` Ingo Molnar
2015-06-13 18:58 ` why do we need vmalloc_sync_all? Oleg Nesterov
2015-06-13 18:58 ` Oleg Nesterov
2015-06-14 7:59 ` Ingo Molnar [this message]
2015-06-14 7:59 ` Ingo Molnar
2015-06-14 20:06 ` Oleg Nesterov
2015-06-14 20:06 ` Oleg Nesterov
2015-06-15 2:47 ` Andi Kleen
2015-06-15 2:47 ` Andi Kleen
2015-06-15 2:57 ` Andy Lutomirski
2015-06-15 2:57 ` Andy Lutomirski
2015-06-15 20:28 ` Ingo Molnar
2015-06-15 20:28 ` Ingo Molnar
2015-06-15 20:48 ` Andy Lutomirski
2015-06-15 20:48 ` Andy Lutomirski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150614075943.GA810@gmail.com \
--to=mingo@kernel.org \
--cc=Waiman.Long@hp.com \
--cc=akpm@linux-foundation.org \
--cc=bp@alien8.de \
--cc=brgerst@gmail.com \
--cc=dvlasenk@redhat.com \
--cc=hpa@zytor.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=luto@amacapital.net \
--cc=oleg@redhat.com \
--cc=peterz@infradead.org \
--cc=tglx@linutronix.de \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.