From: Darren Hart <dvhart@linux.intel.com>
To: Shawn Bohrer <sbohrer@rgmadvisors.com>
Cc: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>,
peterz@infradead.org, eric.dumazet@gmail.com,
david@rgmadvisors.com, linux-kernel@vger.kernel.org,
zvonler@rgmadvisors.com, hughd@google.com, tglx@linutronix.de,
mingo@elte.hu
Subject: Re: [PATCH RFC] futex: Fix regression with read only mappings
Date: Wed, 22 Jun 2011 13:14:37 -0700 [thread overview]
Message-ID: <4E024D2D.6070308@linux.intel.com> (raw)
In-Reply-To: <1308770340-21895-1-git-send-email-sbohrer@rgmadvisors.com>
Hi Shawn,
Thanks for taking this up. Would you share your testcases as well?
On 06/22/2011 12:19 PM, Shawn Bohrer wrote:
> commit 7485d0d3758e8e6491a5c9468114e74dc050785d (futexes: Remove rw
> parameter from get_futex_key()) in 2.6.33 introduced a user-mode
> regression in that it additionally prevented futex operations on a
> region within a read only memory mapped file. For example this breaks
> workloads that have one or more reader processes doing a FUTEX_WAIT on a
> futex within a read only shared mapping, and a writer processes that has
> a writable mapping issuing the FUTEX_WAKE.
>
> This fixes the regression for futex operations that should be valid on
> RO mappings by trying a RO get_user_pages_fast() when the RW
> get_user_pages_fast() fails so as not to slow down the common path of
> writable anonymous maps and bailing when we used the RO path on
> anonymous memory.
>
> Patch based on Peter Zijlstra's initial patch with modifications to only
> allow RO mappings for futex operations that need VERIFY_READ access.
>
> Signed-off-by: Shawn Bohrer <sbohrer@rgmadvisors.com>
> ---
>
> Interestingly this patch also allows doing a FUTEX_WAIT on a RO private
> mapping.
I don't see any harm in this.
> Where my tests on 2.6.18 show that this used to wait
> indefinitely. Performing a FUTEX_WAIT on a RW private mapping waits
> indefinitely in 2.6.18, 3.0.0, and with this patch applied. It is
> unclear to me if this is a good thing or a bug.
>
> kernel/futex.c | 38 ++++++++++++++++++++++++++------------
> 1 files changed, 26 insertions(+), 12 deletions(-)
>
> diff --git a/kernel/futex.c b/kernel/futex.c
> index fe28dc2..e8cd532 100644
> --- a/kernel/futex.c
> +++ b/kernel/futex.c
> @@ -218,6 +218,8 @@ static void drop_futex_key_refs(union futex_key *key)
> * @uaddr: virtual address of the futex
> * @fshared: 0 for a PROCESS_PRIVATE futex, 1 for PROCESS_SHARED
> * @key: address where result is stored.
> + * @rw: mapping needs to be read/write (values: VERIFY_READ,
> + * VERIFY_WRITE)
> *
I'm OK with this, but ideally I I'd prefer fshared and rw be replaced
with flags. We already have a FLAGS_SHARED, adding a FLAGS_WRITE would
be simple, and most call sites could be updated to send the bare flags
rather than a logical and with FLAGS_SHARED as they do now.
> * Returns a negative error code or 0
> * The key words are stored in *key on success.
> @@ -229,12 +231,12 @@ static void drop_futex_key_refs(union futex_key *key)
> * lock_page() might sleep, the caller should not hold a spinlock.
> */
> static int
> -get_futex_key(u32 __user *uaddr, int fshared, union futex_key *key)
> +get_futex_key(u32 __user *uaddr, int fshared, union futex_key *key, int rw)
> {
> unsigned long address = (unsigned long)uaddr;
> struct mm_struct *mm = current->mm;
> struct page *page, *page_head;
> - int err;
> + int err, ro = 0;
>
> /*
> * The futex address must be "naturally" aligned.
> @@ -262,6 +264,10 @@ get_futex_key(u32 __user *uaddr, int fshared, union futex_key *key)
>
> again:
> err = get_user_pages_fast(address, 1, 1, &page);
> + if (err == -EFAULT && rw == VERIFY_READ) {
> + err = get_user_pages_fast(address, 1, 0, &page);
I verified this is correct .... we ran into a little trouble a while
back mixing up the parameters of get_user_pages_fast. This is correct :)
> + ro = 1;
> + }
> if (err < 0)
> return err;
>
> @@ -316,6 +322,11 @@ again:
> * the object not the particular process.
> */
> if (PageAnon(page_head)) {
> + if (ro) {
> + err = -EFAULT;
> + goto out;
> + }
This if block needs a comment as to why RO anonymous pages trigger a
failure. In fact... I thought you said with this patch FUTEX_WAIT waits
indefinitely on RO private mappings? This test suggests that it
shouldn't. Are you testing this via glibc pthread_mutexes? If so, and if
I remember correctly, glibc loops forever on -EFAULT here, unfortunately.
> +
> key->both.offset |= FUT_OFF_MMSHARED; /* ref taken on mm */
> key->private.mm = mm;
> key->private.address = address;
> @@ -327,9 +338,11 @@ again:
>
> get_futex_key_refs(key);
>
> + err = 0;
Shouldn't this be 0 anyway? If it was non-zero, you would have jumped to
out: earlier, right?
<snip/>
Thanks,
--
Darren Hart
Intel Open Source Technology Center
Yocto Project - Linux Kernel
next prev parent reply other threads:[~2011-06-22 20:14 UTC|newest]
Thread overview: 89+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-06-06 14:28 Change in functionality of futex() system call David Oliver
2011-06-06 15:23 ` Eric Dumazet
2011-06-06 15:56 ` Shawn Bohrer
2011-06-06 16:11 ` Peter Zijlstra
2011-06-06 16:16 ` Peter Zijlstra
2011-06-06 16:22 ` Eric Dumazet
2011-06-06 16:29 ` Peter Zijlstra
2011-06-06 16:42 ` Eric Dumazet
2011-06-06 17:05 ` Peter Zijlstra
2011-06-06 17:11 ` Eric Dumazet
2011-06-06 17:27 ` Steven Rostedt
2011-06-06 17:56 ` Darren Hart
2011-06-06 18:23 ` Peter Zijlstra
2011-06-06 18:27 ` Eric Dumazet
2011-06-25 0:00 ` Darren Hart
2011-06-27 16:48 ` Shawn Bohrer
2011-06-06 17:53 ` Darren Hart
2011-06-06 18:11 ` Eric Dumazet
2011-06-07 3:13 ` Darren Hart
2011-06-07 3:49 ` Eric Dumazet
2011-06-07 14:44 ` Andy Lutomirski
2011-06-07 15:56 ` Darren Hart
2011-06-07 15:58 ` Eric Dumazet
2011-06-07 18:43 ` Andrew Lutomirski
2011-06-07 19:01 ` Darren Hart
2011-06-07 19:04 ` Andrew Lutomirski
2011-06-07 19:06 ` Eric Dumazet
2011-06-07 19:10 ` David Oliver
2011-06-07 19:19 ` Andrew Lutomirski
2011-06-07 19:33 ` David Oliver
2011-06-07 19:53 ` Andrew Lutomirski
2011-06-07 20:04 ` David Oliver
2011-06-07 20:12 ` Andrew Lutomirski
2011-06-07 22:26 ` Kyle Moffett
2011-06-08 15:20 ` David Oliver
2011-06-08 15:21 ` Andrew Lutomirski
2011-06-08 16:21 ` Darren Hart
2011-06-09 11:37 ` KOSAKI Motohiro
2011-06-09 12:05 ` Peter Zijlstra
2011-06-09 17:58 ` Peter Zijlstra
2011-06-10 3:30 ` KOSAKI Motohiro
2011-06-10 3:26 ` KOSAKI Motohiro
2011-06-07 18:30 ` Joel Becker
2011-06-09 12:05 ` Peter Zijlstra
2011-06-10 12:10 ` KOSAKI Motohiro
2011-06-10 17:29 ` Darren Hart
2011-06-13 2:11 ` KOSAKI Motohiro
2011-06-13 15:50 ` Darren Hart
2011-06-15 18:50 ` Shawn Bohrer
2011-06-15 18:54 ` Darren Hart
2011-06-17 13:40 ` Shawn Bohrer
2011-06-22 19:19 ` [PATCH RFC] futex: Fix regression with read only mappings Shawn Bohrer
2011-06-22 20:14 ` Darren Hart [this message]
2011-06-23 2:51 ` KOSAKI Motohiro
2011-06-23 15:26 ` Darren Hart
2011-06-23 19:49 ` Shawn Bohrer
2011-06-24 15:59 ` [PATCH v2] " Shawn Bohrer
2011-06-25 0:37 ` Darren Hart
2011-06-25 15:10 ` KOSAKI Motohiro
2011-06-27 16:40 ` Shawn Bohrer
2011-06-27 18:15 ` Peter Zijlstra
2011-06-27 20:41 ` Darren Hart
2011-06-27 21:08 ` Shawn Bohrer
2011-06-27 21:39 ` Darren Hart
2011-06-27 22:14 ` Shawn Bohrer
2011-06-27 23:17 ` Darren Hart
2011-06-27 22:22 ` [PATCH v3] " Shawn Bohrer
2011-06-28 10:54 ` Peter Zijlstra
2011-06-28 14:52 ` Darren Hart
2011-06-28 17:38 ` Shawn Bohrer
2011-06-28 20:58 ` Darren Hart
2011-06-28 23:55 ` Darren Hart
2011-06-29 14:56 ` Shawn Bohrer
2011-06-29 15:17 ` [PATCH v4] " Shawn Bohrer
2011-06-29 18:41 ` Darren Hart
2011-06-29 23:38 ` Thomas Gleixner
2011-06-30 4:19 ` Darren Hart
2011-06-30 14:02 ` David C. Oliver
2011-06-30 15:41 ` Darren Hart
2011-06-30 16:21 ` [PATCH v5] " Shawn Bohrer
2011-07-12 15:27 ` Shawn Bohrer
2011-07-25 15:20 ` Shawn Bohrer
2011-07-25 19:28 ` Thomas Gleixner
2011-07-26 19:04 ` [tip:core/urgent] " tip-bot for Shawn Bohrer
2011-06-28 10:50 ` [PATCH v2] " Peter Zijlstra
2011-06-28 14:19 ` Darren Hart
2011-06-28 14:23 ` Peter Zijlstra
2011-06-23 3:58 ` [PATCH RFC] " Shawn Bohrer
2011-06-23 3:23 ` Change in functionality of futex() system call KOSAKI Motohiro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4E024D2D.6070308@linux.intel.com \
--to=dvhart@linux.intel.com \
--cc=david@rgmadvisors.com \
--cc=eric.dumazet@gmail.com \
--cc=hughd@google.com \
--cc=kosaki.motohiro@jp.fujitsu.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=peterz@infradead.org \
--cc=sbohrer@rgmadvisors.com \
--cc=tglx@linutronix.de \
--cc=zvonler@rgmadvisors.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.