From: Will Deacon <will.deacon@arm.com>
To: Vlastimil Babka <vbabka@suse.cz>
Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org,
mark.rutland@arm.com, akpm@linux-foundation.org,
kirill.shutemov@linux.intel.com, Punit.Agrawal@arm.com,
mgorman@suse.de, steve.capper@arm.com
Subject: Re: [PATCH 2/3] mm/page_ref: Ensure page_ref_unfreeze is ordered against prior accesses
Date: Thu, 8 Jun 2017 11:34:02 +0100 [thread overview]
Message-ID: <20170608103402.GF6071@arm.com> (raw)
In-Reply-To: <b6677057-54d6-4336-93a0-5d0770434aa7@suse.cz>
On Thu, Jun 08, 2017 at 11:38:21AM +0200, Vlastimil Babka wrote:
> On 06/06/2017 07:58 PM, Will Deacon wrote:
> > page_ref_freeze and page_ref_unfreeze are designed to be used as a pair,
> > wrapping a critical section where struct pages can be modified without
> > having to worry about consistency for a concurrent fast-GUP.
> >
> > Whilst page_ref_freeze has full barrier semantics due to its use of
> > atomic_cmpxchg, page_ref_unfreeze is implemented using atomic_set, which
> > doesn't provide any barrier semantics and allows the operation to be
> > reordered with respect to page modifications in the critical section.
> >
> > This patch ensures that page_ref_unfreeze is ordered after any critical
> > section updates, by invoking smp_mb__before_atomic() prior to the
> > atomic_set.
> >
> > Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
> > Acked-by: Steve Capper <steve.capper@arm.com>
> > Signed-off-by: Will Deacon <will.deacon@arm.com>
>
> Undecided if it's really needed. This is IMHO not the classical case
> from Documentation/core-api/atomic_ops.rst where we have to make
> modifications visible before we let others see them? Here the one who is
> freezing is doing it so others can't get their page pin and interfere
> with the freezer's work. But maybe there are some (documented or not)
> consistency guarantees to expect once you obtain the pin, that can be
> violated, or they might be added later, so it would be safer to add the
> barrier?
The problem comes if the unfreeze is reordered so that it happens before the
freezer has performed its work. For example, in
migrate_huge_page_move_mapping:
if (!page_ref_freeze(page, expected_count)) {
spin_unlock_irq(&mapping->tree_lock);
return -EAGAIN;
}
newpage->index = page->index;
newpage->mapping = page->mapping;
get_page(newpage);
radix_tree_replace_slot(&mapping->page_tree, pslot, newpage);
page_ref_unfreeze(page, expected_count - 1);
then there's nothing stopping the CPU (and potentially the compiler) from
reordering the unfreeze call so that it effectively becomes:
if (!page_ref_freeze(page, expected_count)) {
spin_unlock_irq(&mapping->tree_lock);
return -EAGAIN;
}
page_ref_unfreeze(page, expected_count - 1);
newpage->index = page->index;
newpage->mapping = page->mapping;
get_page(newpage);
radix_tree_replace_slot(&mapping->page_tree, pslot, newpage);
which then means that the freezer's work is carried out without the page
being frozen.
Will
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
WARNING: multiple messages have this Message-ID (diff)
From: Will Deacon <will.deacon@arm.com>
To: Vlastimil Babka <vbabka@suse.cz>
Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org,
mark.rutland@arm.com, akpm@linux-foundation.org,
kirill.shutemov@linux.intel.com, Punit.Agrawal@arm.com,
mgorman@suse.de, steve.capper@arm.com
Subject: Re: [PATCH 2/3] mm/page_ref: Ensure page_ref_unfreeze is ordered against prior accesses
Date: Thu, 8 Jun 2017 11:34:02 +0100 [thread overview]
Message-ID: <20170608103402.GF6071@arm.com> (raw)
In-Reply-To: <b6677057-54d6-4336-93a0-5d0770434aa7@suse.cz>
On Thu, Jun 08, 2017 at 11:38:21AM +0200, Vlastimil Babka wrote:
> On 06/06/2017 07:58 PM, Will Deacon wrote:
> > page_ref_freeze and page_ref_unfreeze are designed to be used as a pair,
> > wrapping a critical section where struct pages can be modified without
> > having to worry about consistency for a concurrent fast-GUP.
> >
> > Whilst page_ref_freeze has full barrier semantics due to its use of
> > atomic_cmpxchg, page_ref_unfreeze is implemented using atomic_set, which
> > doesn't provide any barrier semantics and allows the operation to be
> > reordered with respect to page modifications in the critical section.
> >
> > This patch ensures that page_ref_unfreeze is ordered after any critical
> > section updates, by invoking smp_mb__before_atomic() prior to the
> > atomic_set.
> >
> > Cc: "Kirill A. Shutemov" <kirill.shutemov@linux.intel.com>
> > Acked-by: Steve Capper <steve.capper@arm.com>
> > Signed-off-by: Will Deacon <will.deacon@arm.com>
>
> Undecided if it's really needed. This is IMHO not the classical case
> from Documentation/core-api/atomic_ops.rst where we have to make
> modifications visible before we let others see them? Here the one who is
> freezing is doing it so others can't get their page pin and interfere
> with the freezer's work. But maybe there are some (documented or not)
> consistency guarantees to expect once you obtain the pin, that can be
> violated, or they might be added later, so it would be safer to add the
> barrier?
The problem comes if the unfreeze is reordered so that it happens before the
freezer has performed its work. For example, in
migrate_huge_page_move_mapping:
if (!page_ref_freeze(page, expected_count)) {
spin_unlock_irq(&mapping->tree_lock);
return -EAGAIN;
}
newpage->index = page->index;
newpage->mapping = page->mapping;
get_page(newpage);
radix_tree_replace_slot(&mapping->page_tree, pslot, newpage);
page_ref_unfreeze(page, expected_count - 1);
then there's nothing stopping the CPU (and potentially the compiler) from
reordering the unfreeze call so that it effectively becomes:
if (!page_ref_freeze(page, expected_count)) {
spin_unlock_irq(&mapping->tree_lock);
return -EAGAIN;
}
page_ref_unfreeze(page, expected_count - 1);
newpage->index = page->index;
newpage->mapping = page->mapping;
get_page(newpage);
radix_tree_replace_slot(&mapping->page_tree, pslot, newpage);
which then means that the freezer's work is carried out without the page
being frozen.
Will
next prev parent reply other threads:[~2017-06-08 10:33 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-06-06 17:58 [PATCH 0/3] mm: huge pages: Misc fixes for issues found during fuzzing Will Deacon
2017-06-06 17:58 ` Will Deacon
2017-06-06 17:58 ` [PATCH 1/3] mm: numa: avoid waiting on freed migrated pages Will Deacon
2017-06-06 17:58 ` Will Deacon
2017-06-08 9:04 ` Vlastimil Babka
2017-06-08 9:04 ` Vlastimil Babka
2017-06-08 10:31 ` Mark Rutland
2017-06-08 10:31 ` Mark Rutland
2017-06-08 10:27 ` Kirill A. Shutemov
2017-06-08 10:27 ` Kirill A. Shutemov
2017-06-06 17:58 ` [PATCH 2/3] mm/page_ref: Ensure page_ref_unfreeze is ordered against prior accesses Will Deacon
2017-06-06 17:58 ` Will Deacon
2017-06-08 9:38 ` Vlastimil Babka
2017-06-08 9:38 ` Vlastimil Babka
2017-06-08 10:34 ` Will Deacon [this message]
2017-06-08 10:34 ` Will Deacon
2017-06-08 11:02 ` Vlastimil Babka
2017-06-08 11:02 ` Vlastimil Babka
2017-06-08 10:40 ` Kirill A. Shutemov
2017-06-08 10:40 ` Kirill A. Shutemov
2017-06-08 11:07 ` Vlastimil Babka
2017-06-08 11:07 ` Vlastimil Babka
2017-06-08 11:24 ` Will Deacon
2017-06-08 11:24 ` Will Deacon
2017-06-08 12:16 ` Peter Zijlstra
2017-06-08 12:16 ` Peter Zijlstra
2017-06-08 12:19 ` Peter Zijlstra
2017-06-08 12:19 ` Peter Zijlstra
2017-06-08 12:50 ` Peter Zijlstra
2017-06-08 12:50 ` Peter Zijlstra
2017-06-09 10:05 ` Will Deacon
2017-06-09 10:05 ` Will Deacon
2017-06-06 17:58 ` [PATCH 3/3] mm: migrate: Stabilise page count when migrating transparent hugepages Will Deacon
2017-06-06 17:58 ` Will Deacon
2017-06-08 10:47 ` Kirill A. Shutemov
2017-06-08 10:47 ` Kirill A. Shutemov
2017-06-08 10:52 ` Vlastimil Babka
2017-06-08 10:52 ` Vlastimil Babka
2017-06-08 12:07 ` Will Deacon
2017-06-08 12:07 ` Will Deacon
2017-06-09 8:25 ` zhong jiang
2017-06-09 8:25 ` zhong jiang
2017-06-09 9:16 ` zhong jiang
2017-06-09 9:16 ` zhong jiang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170608103402.GF6071@arm.com \
--to=will.deacon@arm.com \
--cc=Punit.Agrawal@arm.com \
--cc=akpm@linux-foundation.org \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mark.rutland@arm.com \
--cc=mgorman@suse.de \
--cc=steve.capper@arm.com \
--cc=vbabka@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.