From: Jason Gunthorpe <jgg@ziepe.ca>
To: Daniel Vetter <daniel.vetter@ffwll.ch>
Cc: "DRI Development" <dri-devel@lists.freedesktop.org>,
"Intel Graphics Development" <intel-gfx@lists.freedesktop.org>,
"Christian König" <christian.koenig@amd.com>,
"Thomas Zimmermann" <tzimmermann@suse.de>,
"Suren Baghdasaryan" <surenb@google.com>,
"Matthew Wilcox" <willy@infradead.org>,
"John Stultz" <john.stultz@linaro.org>,
"Daniel Vetter" <daniel.vetter@intel.com>,
"Sumit Semwal" <sumit.semwal@linaro.org>,
linux-media@vger.kernel.org, linaro-mm-sig@lists.linaro.org
Subject: Re: [PATCH] dma-buf: Require VM_PFNMAP vma for mmap
Date: Tue, 22 Nov 2022 14:50:09 -0400 [thread overview]
Message-ID: <Y30Z4VxT7Wdoc1Lc@ziepe.ca> (raw)
In-Reply-To: <CAKMK7uEccwYTNwDYQazmZvTfBFQOikZt5A6BmegweyO-inKYbQ@mail.gmail.com>
On Tue, Nov 22, 2022 at 07:08:25PM +0100, Daniel Vetter wrote:
> On Tue, 22 Nov 2022 at 19:04, Jason Gunthorpe <jgg@ziepe.ca> wrote:
> >
> > On Tue, Nov 22, 2022 at 06:08:00PM +0100, Daniel Vetter wrote:
> > > tldr; DMA buffers aren't normal memory, expecting that you can use
> > > them like that (like calling get_user_pages works, or that they're
> > > accounting like any other normal memory) cannot be guaranteed.
> > >
> > > Since some userspace only runs on integrated devices, where all
> > > buffers are actually all resident system memory, there's a huge
> > > temptation to assume that a struct page is always present and useable
> > > like for any more pagecache backed mmap. This has the potential to
> > > result in a uapi nightmare.
> > >
> > > To stop this gap require that DMA buffer mmaps are VM_PFNMAP, which
> > > blocks get_user_pages and all the other struct page based
> > > infrastructure for everyone. In spirit this is the uapi counterpart to
> > > the kernel-internal CONFIG_DMABUF_DEBUG.
> > >
> > > Motivated by a recent patch which wanted to swich the system dma-buf
> > > heap to vm_insert_page instead of vm_insert_pfn.
> > >
> > > v2:
> > >
> > > Jason brought up that we also want to guarantee that all ptes have the
> > > pte_special flag set, to catch fast get_user_pages (on architectures
> > > that support this). Allowing VM_MIXEDMAP (like VM_SPECIAL does) would
> > > still allow vm_insert_page, but limiting to VM_PFNMAP will catch that.
> > >
> > > From auditing the various functions to insert pfn pte entires
> > > (vm_insert_pfn_prot, remap_pfn_range and all it's callers like
> > > dma_mmap_wc) it looks like VM_PFNMAP is already required anyway, so
> > > this should be the correct flag to check for.
> >
> > I didn't look at how this actually gets used, but it is a bit of a
> > pain to insert a lifetime controlled object like a struct page as a
> > special PTE/VM_PFNMAP
> >
> > How is the lifetime model implemented here? How do you know when
> > userspace has finally unmapped the page?
>
> The vma has a filp which is the refcounted dma_buf. With dma_buf you
> never get an individual page it's always the entire object. And it's
> up to the allocator how exactly it wants to use or not use the page's
> refcount. So if gup goes in and elevates the refcount, you can break
> stuff, which is why I'm doing this.
But how does move work?
Jason
next prev parent reply other threads:[~2022-11-22 18:50 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-22 17:08 [PATCH] dma-buf: Require VM_PFNMAP vma for mmap Daniel Vetter
2022-11-22 18:03 ` Jason Gunthorpe
2022-11-22 18:08 ` Daniel Vetter
2022-11-22 18:50 ` Jason Gunthorpe [this message]
2022-11-22 19:29 ` Daniel Vetter
2022-11-22 19:34 ` Jason Gunthorpe
2022-11-22 19:50 ` Daniel Vetter
2022-11-23 9:06 ` Christian König
2022-11-23 9:30 ` Daniel Vetter
2022-11-23 9:39 ` [Linaro-mm-sig] " Christian König
2022-11-23 10:06 ` Daniel Vetter
2022-11-23 12:46 ` Jason Gunthorpe
2022-11-23 12:49 ` Christian König
2022-11-23 12:53 ` Jason Gunthorpe
2022-11-23 13:12 ` Christian König
2022-11-23 13:28 ` Jason Gunthorpe
2022-11-23 14:28 ` Daniel Vetter
2022-11-23 15:04 ` Jason Gunthorpe
2022-11-23 16:22 ` Daniel Vetter
2022-11-23 14:34 ` Daniel Vetter
2022-11-23 15:08 ` Jason Gunthorpe
2022-11-23 15:15 ` Christian König
2022-11-23 16:26 ` Daniel Vetter
2022-11-23 16:26 ` Jason Gunthorpe
2022-11-23 8:07 ` Thomas Zimmermann
2022-11-23 9:33 ` Daniel Vetter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y30Z4VxT7Wdoc1Lc@ziepe.ca \
--to=jgg@ziepe.ca \
--cc=christian.koenig@amd.com \
--cc=daniel.vetter@ffwll.ch \
--cc=daniel.vetter@intel.com \
--cc=dri-devel@lists.freedesktop.org \
--cc=intel-gfx@lists.freedesktop.org \
--cc=john.stultz@linaro.org \
--cc=linaro-mm-sig@lists.linaro.org \
--cc=linux-media@vger.kernel.org \
--cc=sumit.semwal@linaro.org \
--cc=surenb@google.com \
--cc=tzimmermann@suse.de \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox