From: Heiko Carstens <hca@linux.ibm.com>
To: Janosch Frank <frankja@linux.ibm.com>
Cc: kvm@vger.kernel.org, linux-s390@vger.kernel.org,
imbrenda@linux.ibm.com, borntraeger@linux.ibm.com,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2] s390/mm: add missing secure storage access fixups for donated memory
Date: Wed, 11 Mar 2026 15:36:24 +0100 [thread overview]
Message-ID: <20260311143624.9469B65-hca@linux.ibm.com> (raw)
In-Reply-To: <799ed972-6527-4cc3-8c37-30c07d30adaa@linux.ibm.com>
On Wed, Mar 11, 2026 at 03:17:22PM +0100, Janosch Frank wrote:
> > > - rc = arch_make_folio_accessible(folio);
> > > + rc = uv_convert_from_secure(folio_to_phys(folio));
> > > + if (!rc)
> > > + clear_bit(PG_arch_1, &folio->flags.f);
> > > folio_put(folio);
> >
> > Isn't the clear_bit() racy? That is: another CPU could make the page secure
> > again, set (the still set) PG_arch_1, and then clear_bit() removes the bit,
> > and we end up with a secure page where PG_arch_1 is not set?
> > Which in turn would arch_make_folio_accessible() al
> >
> > Or is that not possible?
> >
> > Just wondering, since __make_folio_secure() requires the folio to be locked
> > when setting PG_arch_1, while clearing happens unlocked. But chances are high
> > that I don't understand the code.
> >
>
> __make_folio_secure() checks the refcount and if the comments hold true, it
> should protect us from a flag being set as long as we have the extra
> reference which we should have gotten via folio_try_get().
>
> It does not protect us from a double clear.
Ok, then it should work. Thanks for explaining!
prev parent reply other threads:[~2026-03-11 14:36 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-10 15:02 [PATCH v2] s390/mm: add missing secure storage access fixups for donated memory Janosch Frank
2026-03-10 16:36 ` Christian Borntraeger
2026-03-10 18:50 ` Claudio Imbrenda
2026-03-11 7:00 ` Heiko Carstens
2026-03-11 14:17 ` Janosch Frank
2026-03-11 14:36 ` Heiko Carstens [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260311143624.9469B65-hca@linux.ibm.com \
--to=hca@linux.ibm.com \
--cc=borntraeger@linux.ibm.com \
--cc=frankja@linux.ibm.com \
--cc=imbrenda@linux.ibm.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.