From: Catalin Marinas <catalin.marinas@arm.com>
To: "Christoph Lameter (Ampere)" <cl@gentwo.org>
Cc: Yang Shi <yang@os.amperecomputing.com>,
will@kernel.org, anshuman.khandual@arm.com, david@redhat.com,
scott@os.amperecomputing.com,
linux-arm-kernel@lists.infradead.org,
linux-kernel@vger.kernel.org
Subject: Re: [v5 PATCH] arm64: mm: force write fault for atomic RMW instructions
Date: Sat, 6 Jul 2024 10:47:17 +0100 [thread overview]
Message-ID: <ZokSpUr16xmfY8Z6@arm.com> (raw)
In-Reply-To: <b1b52185-595a-b4e7-cc96-90faf34c8077@gentwo.org>
On Fri, Jul 05, 2024 at 11:51:33AM -0700, Christoph Lameter (Ampere) wrote:
> On Fri, 5 Jul 2024, Catalin Marinas wrote:
> > People will be happy until one enables execute-only ELF text sections in
> > a distro and all that opcode parsing will add considerable overhead for
> > many read faults (those with a writeable vma).
>
> The opcode is in the l1 cache since we just faulted on it. There is no
> "considerable" overhead.
This has nothing to do with caches (and many Arm implementations still
have separate I and D caches). With the right linker flags (e.g.
--execute-only for lld), one can generate a PROT_EXEC only (no
PROT_READ) ELF text section. On newer Arm CPUs with FEAT_EPAN, the
kernel no longer forces PROT_READ on PROT_EXEC only mappings. The
get_user() in this patch to read the opcode will fault. So instead of
two faults you get now for an atomic instruction, you'd get three (the
additional one for opcode reading). What's worse, it affects standard
loads as well in the same way.
Yang Shi did test this scenario but for correctness only, not
performance. It would be good to recompile the benchmark with
--execute-only (or --rosegment I think for gnu ld) and see post the
results.
> > Just to be clear, there are still potential issues to address (or
> > understand the impact of) in this patch with exec-only mappings and
> > the performance gain _after_ the THP behaviour changed in the mm code.
> > We can make a call once we have more data but, TBH, my inclination is
> > towards 'no' given that OpenJDK already support madvise() and it's not
> > arm64 specific.
>
> It is arm64 specific. Other Linux architectures have optimizations for
> similar issues in their arch code as mentioned in the patch or the
> processors will not double fault.
>
> Is there a particular reason for ARM as processor manufacturer to oppose
> this patch? We have mostly hand waving and speculations coming from you
> here.
Arm Ltd has no involvement at all in this decision (and probably if you
ask the architects, they wouldn't see any problem). Even though I have
an arm.com email address, my opinions on the list are purely from a
kernel maintainer perspective.
There's no speculation but some real concerns here. Please see above.
> What the patch does is clearly beneficial and it is an established way of
> implementing read->write fault handling.
It is clearly beneficial for this specific case but, as I said, we still
need to address the execute-only mappings causing an additional fault on
the opcode reading. You may not find many such binaries now in the field
but there's a strong push from security people to enable it (it's a
user-space decisions, the kernel simply provides PROT_EXEC only
mappings).
In addition, there's a 24% performance overhead in one of Yang Shi's
results. This has not been explained.
--
Catalin
next prev parent reply other threads:[~2024-07-06 9:47 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-26 19:18 [v5 PATCH] arm64: mm: force write fault for atomic RMW instructions Yang Shi
2024-06-28 16:54 ` Catalin Marinas
2024-06-28 16:57 ` Christoph Lameter (Ampere)
2024-06-28 17:24 ` Catalin Marinas
2024-06-28 18:20 ` Yang Shi
2024-07-01 19:43 ` Catalin Marinas
2024-07-02 10:26 ` Ryan Roberts
2024-07-02 11:22 ` David Hildenbrand
2024-07-02 12:36 ` Ryan Roberts
2024-07-02 12:58 ` David Hildenbrand
2024-07-02 13:26 ` Ryan Roberts
2024-07-02 13:50 ` David Hildenbrand
2024-07-02 14:51 ` Ryan Roberts
2024-07-15 13:09 ` Ryan Roberts
2024-07-02 22:21 ` Yang Shi
2024-07-04 10:03 ` Catalin Marinas
2024-07-05 17:05 ` Christoph Lameter (Ampere)
2024-07-05 18:24 ` Catalin Marinas
2024-07-05 18:51 ` Christoph Lameter (Ampere)
2024-07-06 9:47 ` Catalin Marinas [this message]
2024-07-09 17:56 ` Yang Shi
2024-07-09 18:35 ` Catalin Marinas
2024-07-09 22:29 ` Yang Shi
2024-07-10 9:22 ` Catalin Marinas
2024-07-10 18:43 ` Yang Shi
2024-07-11 17:43 ` Catalin Marinas
2024-07-11 18:17 ` Yang Shi
2024-08-13 17:09 ` Yang Shi
2024-08-21 10:18 ` Catalin Marinas
2024-08-21 11:32 ` Dev Jain
2024-08-23 9:59 ` Will Deacon
2024-06-28 18:26 ` Christoph Lameter (Ampere)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZokSpUr16xmfY8Z6@arm.com \
--to=catalin.marinas@arm.com \
--cc=anshuman.khandual@arm.com \
--cc=cl@gentwo.org \
--cc=david@redhat.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=scott@os.amperecomputing.com \
--cc=will@kernel.org \
--cc=yang@os.amperecomputing.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).