From: Jia He <hejianet@gmail.com>
To: Palmer Dabbelt <palmer@sifive.com>, will@kernel.org
Cc: Mark.Rutland@arm.com, Justin.He@arm.com, Kaly.Xin@arm.com,
Catalin.Marinas@arm.com, linux-kernel@vger.kernel.org,
willy@infradead.org, linux-mm@kvack.org, James.Morse@arm.com,
linux-arm-kernel@lists.infradead.org, punitagrawal@gmail.com,
maz@kernel.org, tglx@linutronix.de, nd@arm.com,
akpm@linux-foundation.org, kirill.shutemov@linux.intel.com
Subject: Re: [PATCH v10 3/3] mm: fix double page fault on arm64 if PTE_AF is cleared
Date: Sat, 19 Oct 2019 10:59:22 +0800 [thread overview]
Message-ID: <c4fa5937-eef2-8932-e8fe-0ee5d9f4de1a@gmail.com> (raw)
In-Reply-To: <mhng-265b415f-c8ff-4727-a8fa-2f3e51937ba6@palmer-si-x1c4>
Hi Palmer
On 2019/10/19 4:38, Palmer Dabbelt wrote:
> On Wed, 16 Oct 2019 16:46:08 PDT (-0700), will@kernel.org wrote:
>> Hey Palmer,
>>
>> On Wed, Oct 16, 2019 at 04:21:59PM -0700, Palmer Dabbelt wrote:
>>> On Tue, 08 Oct 2019 05:39:44 PDT (-0700), will@kernel.org wrote:
>>> > On Tue, Oct 08, 2019 at 02:19:05AM +0000, Justin He (Arm Technology
>>> China) wrote:
>>> > > > On Mon, Sep 30, 2019 at 09:57:40AM +0800, Jia He wrote:
>>> > > > > diff --git a/mm/memory.c b/mm/memory.c
>>> > > > > index b1ca51a079f2..1f56b0118ef5 100644
>>> > > > > --- a/mm/memory.c
>>> > > > > +++ b/mm/memory.c
>>> > > > > @@ -118,6 +118,13 @@ int randomize_va_space __read_mostly =
>>> > > > > 2;
>>> > > > > #endif
>>> > > > >
>>> > > > > +#ifndef arch_faults_on_old_pte
>>> > > > > +static inline bool arch_faults_on_old_pte(void)
>>> > > > > +{
>>> > > > > + return false;
>>> > > > > +}
>>> > > > > +#endif
>>> > > >
>>> > > > Kirill has acked this, so I'm happy to take the patch as-is, however
>>> isn't
>>> > > > it the case that /most/ architectures will want to return true for
>>> > > > arch_faults_on_old_pte()? In which case, wouldn't it make more sense for
>>> > > > that to be the default, and have x86 and arm64 provide an override? For
>>> > > > example, aren't most architectures still going to hit the double fault
>>> > > > scenario even with your patch applied?
>>> > >
>>> > > No, after applying my patch series, only those architectures which
>>> don't provide
>>> > > setting access flag by hardware AND don't implement their
>>> arch_faults_on_old_pte
>>> > > will hit the double page fault.
>>> > >
>>> > > The meaning of true for arch_faults_on_old_pte() is "this arch doesn't
>>> have the hardware
>>> > > setting access flag way, it might cause page fault on an old pte"
>>> > > I don't want to change other architectures' default behavior here. So
>>> by default,
>>> > > arch_faults_on_old_pte() is false.
>>> >
>>> > ...and my complaint is that this is the majority of supported architectures,
>>> > so you're fixing something for arm64 which also affects arm, powerpc,
>>> > alpha, mips, riscv, ...
>>> >
>>> > Chances are, they won't even realise they need to implement
>>> > arch_faults_on_old_pte() until somebody runs into the double fault and
>>> > wastes lots of time debugging it before they spot your patch.
>>>
>>> If I understand the semantics correctly, we should have this set to true. I
>>> don't have any context here, but we've got
>>>
>>> /*
>>> * The kernel assumes that TLBs don't cache invalid
>>> * entries, but in RISC-V, SFENCE.VMA specifies an
>>> * ordering constraint, not a cache flush; it is
>>> * necessary even after writing invalid entries.
>>> */
>>> local_flush_tlb_page(addr);
>>>
>>> in do_page_fault().
>>
>> Ok, although I think this is really about whether or not your hardware can
>> make a pte young when accessed, or whether you take a fault and do it
>> by updating the pte explicitly.
>>
>> v12 of the patches did change the default, so you should be "safe" with
>> those either way:
>>
>> http://lists.infradead.org/pipermail/linux-arm-kernel/2019-October/686030.html
>
> OK, that fence is because we allow invalid translations to be cached, which
> is a completely different issue.
>
> RISC-V implementations are allowed to have software managed accessed/dirty
> bits. For some reason I thought we were relying on the firmware to handle
> this, but I can't actually find the code so I might be crazy. Wherever it's
> done, there's no spec enforcing it so we should leave this true on RISC-V.
>
Thanks for the confirmation. So we can keep the default arch_faults_on_old_pte
(return true) on RISC-V.
Thanks.
---
Cheers,
Justin (Jia He)
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
WARNING: multiple messages have this Message-ID (diff)
From: Jia He <hejianet@gmail.com>
To: Palmer Dabbelt <palmer@sifive.com>, will@kernel.org
Cc: Justin.He@arm.com, Catalin.Marinas@arm.com, Mark.Rutland@arm.com,
James.Morse@arm.com, maz@kernel.org, willy@infradead.org,
kirill.shutemov@linux.intel.com,
linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org, linux-mm@kvack.org,
punitagrawal@gmail.com, tglx@linutronix.de,
akpm@linux-foundation.org, Kaly.Xin@arm.com, nd@arm.com
Subject: Re: [PATCH v10 3/3] mm: fix double page fault on arm64 if PTE_AF is cleared
Date: Sat, 19 Oct 2019 10:59:22 +0800 [thread overview]
Message-ID: <c4fa5937-eef2-8932-e8fe-0ee5d9f4de1a@gmail.com> (raw)
In-Reply-To: <mhng-265b415f-c8ff-4727-a8fa-2f3e51937ba6@palmer-si-x1c4>
Hi Palmer
On 2019/10/19 4:38, Palmer Dabbelt wrote:
> On Wed, 16 Oct 2019 16:46:08 PDT (-0700), will@kernel.org wrote:
>> Hey Palmer,
>>
>> On Wed, Oct 16, 2019 at 04:21:59PM -0700, Palmer Dabbelt wrote:
>>> On Tue, 08 Oct 2019 05:39:44 PDT (-0700), will@kernel.org wrote:
>>> > On Tue, Oct 08, 2019 at 02:19:05AM +0000, Justin He (Arm Technology
>>> China) wrote:
>>> > > > On Mon, Sep 30, 2019 at 09:57:40AM +0800, Jia He wrote:
>>> > > > > diff --git a/mm/memory.c b/mm/memory.c
>>> > > > > index b1ca51a079f2..1f56b0118ef5 100644
>>> > > > > --- a/mm/memory.c
>>> > > > > +++ b/mm/memory.c
>>> > > > > @@ -118,6 +118,13 @@ int randomize_va_space __read_mostly =
>>> > > > > 2;
>>> > > > > #endif
>>> > > > >
>>> > > > > +#ifndef arch_faults_on_old_pte
>>> > > > > +static inline bool arch_faults_on_old_pte(void)
>>> > > > > +{
>>> > > > > + return false;
>>> > > > > +}
>>> > > > > +#endif
>>> > > >
>>> > > > Kirill has acked this, so I'm happy to take the patch as-is, however
>>> isn't
>>> > > > it the case that /most/ architectures will want to return true for
>>> > > > arch_faults_on_old_pte()? In which case, wouldn't it make more sense for
>>> > > > that to be the default, and have x86 and arm64 provide an override? For
>>> > > > example, aren't most architectures still going to hit the double fault
>>> > > > scenario even with your patch applied?
>>> > >
>>> > > No, after applying my patch series, only those architectures which
>>> don't provide
>>> > > setting access flag by hardware AND don't implement their
>>> arch_faults_on_old_pte
>>> > > will hit the double page fault.
>>> > >
>>> > > The meaning of true for arch_faults_on_old_pte() is "this arch doesn't
>>> have the hardware
>>> > > setting access flag way, it might cause page fault on an old pte"
>>> > > I don't want to change other architectures' default behavior here. So
>>> by default,
>>> > > arch_faults_on_old_pte() is false.
>>> >
>>> > ...and my complaint is that this is the majority of supported architectures,
>>> > so you're fixing something for arm64 which also affects arm, powerpc,
>>> > alpha, mips, riscv, ...
>>> >
>>> > Chances are, they won't even realise they need to implement
>>> > arch_faults_on_old_pte() until somebody runs into the double fault and
>>> > wastes lots of time debugging it before they spot your patch.
>>>
>>> If I understand the semantics correctly, we should have this set to true. I
>>> don't have any context here, but we've got
>>>
>>> /*
>>> * The kernel assumes that TLBs don't cache invalid
>>> * entries, but in RISC-V, SFENCE.VMA specifies an
>>> * ordering constraint, not a cache flush; it is
>>> * necessary even after writing invalid entries.
>>> */
>>> local_flush_tlb_page(addr);
>>>
>>> in do_page_fault().
>>
>> Ok, although I think this is really about whether or not your hardware can
>> make a pte young when accessed, or whether you take a fault and do it
>> by updating the pte explicitly.
>>
>> v12 of the patches did change the default, so you should be "safe" with
>> those either way:
>>
>> http://lists.infradead.org/pipermail/linux-arm-kernel/2019-October/686030.html
>
> OK, that fence is because we allow invalid translations to be cached, which
> is a completely different issue.
>
> RISC-V implementations are allowed to have software managed accessed/dirty
> bits. For some reason I thought we were relying on the firmware to handle
> this, but I can't actually find the code so I might be crazy. Wherever it's
> done, there's no spec enforcing it so we should leave this true on RISC-V.
>
Thanks for the confirmation. So we can keep the default arch_faults_on_old_pte
(return true) on RISC-V.
Thanks.
---
Cheers,
Justin (Jia He)
next prev parent reply other threads:[~2019-10-19 2:59 UTC|newest]
Thread overview: 46+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-30 1:57 [PATCH v10 0/3] fix double page fault on arm64 Jia He
2019-09-30 1:57 ` Jia He
2019-09-30 1:57 ` [PATCH v10 1/3] arm64: cpufeature: introduce helper cpu_has_hw_af() Jia He
2019-09-30 1:57 ` Jia He
2019-10-01 12:54 ` Will Deacon
2019-10-01 12:54 ` Will Deacon
2019-10-01 13:18 ` Marc Zyngier
2019-10-01 13:18 ` Marc Zyngier
2019-10-08 1:12 ` Justin He (Arm Technology China)
2019-10-08 1:12 ` Justin He (Arm Technology China)
2019-10-08 15:32 ` Suzuki K Poulose
2019-10-08 15:32 ` Suzuki K Poulose
2019-10-09 6:29 ` Jia He
2019-10-09 6:29 ` Jia He
2019-09-30 1:57 ` [PATCH v10 2/3] arm64: mm: implement arch_faults_on_old_pte() on arm64 Jia He
2019-09-30 1:57 ` Jia He
2019-10-01 12:50 ` Will Deacon
2019-10-01 12:50 ` Will Deacon
2019-10-01 13:32 ` Marc Zyngier
2019-10-01 13:32 ` Marc Zyngier
2019-10-08 1:55 ` Justin He (Arm Technology China)
2019-10-08 1:55 ` Justin He (Arm Technology China)
2019-10-08 2:30 ` Justin He (Arm Technology China)
2019-10-08 2:30 ` Justin He (Arm Technology China)
2019-10-08 7:46 ` Marc Zyngier
2019-10-08 7:46 ` Marc Zyngier
2019-09-30 1:57 ` [PATCH v10 3/3] mm: fix double page fault on arm64 if PTE_AF is cleared Jia He
2019-09-30 1:57 ` Jia He
2019-10-01 12:54 ` Will Deacon
2019-10-01 12:54 ` Will Deacon
2019-10-08 2:19 ` Justin He (Arm Technology China)
2019-10-08 2:19 ` Justin He (Arm Technology China)
2019-10-08 12:39 ` Will Deacon
2019-10-08 12:39 ` Will Deacon
2019-10-08 12:58 ` Justin He (Arm Technology China)
2019-10-08 12:58 ` Justin He (Arm Technology China)
2019-10-08 14:32 ` Kirill A. Shutemov
2019-10-08 14:32 ` Kirill A. Shutemov
2019-10-16 23:21 ` Palmer Dabbelt
2019-10-16 23:21 ` Palmer Dabbelt
2019-10-16 23:46 ` Will Deacon
2019-10-16 23:46 ` Will Deacon
2019-10-18 20:38 ` Palmer Dabbelt
2019-10-18 20:38 ` Palmer Dabbelt
2019-10-19 2:59 ` Jia He [this message]
2019-10-19 2:59 ` Jia He
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c4fa5937-eef2-8932-e8fe-0ee5d9f4de1a@gmail.com \
--to=hejianet@gmail.com \
--cc=Catalin.Marinas@arm.com \
--cc=James.Morse@arm.com \
--cc=Justin.He@arm.com \
--cc=Kaly.Xin@arm.com \
--cc=Mark.Rutland@arm.com \
--cc=akpm@linux-foundation.org \
--cc=kirill.shutemov@linux.intel.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=maz@kernel.org \
--cc=nd@arm.com \
--cc=palmer@sifive.com \
--cc=punitagrawal@gmail.com \
--cc=tglx@linutronix.de \
--cc=will@kernel.org \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.