From: "Christian König" <christian.koenig@amd.com>
To: Jason Gunthorpe <jgg@ziepe.ca>, Daniel Vetter <daniel.vetter@ffwll.ch>
Cc: "Christian König" <christian.koenig@amd.com>,
"DRI Development" <dri-devel@lists.freedesktop.org>,
"Intel Graphics Development" <intel-gfx@lists.freedesktop.org>,
"Thomas Zimmermann" <tzimmermann@suse.de>,
"Suren Baghdasaryan" <surenb@google.com>,
"Matthew Wilcox" <willy@infradead.org>,
"John Stultz" <john.stultz@linaro.org>,
"Daniel Vetter" <daniel.vetter@intel.com>,
"Sumit Semwal" <sumit.semwal@linaro.org>,
linux-media@vger.kernel.org, linaro-mm-sig@lists.linaro.org
Subject: Re: [Linaro-mm-sig] Re: [PATCH] dma-buf: Require VM_PFNMAP vma for mmap
Date: Wed, 23 Nov 2022 16:15:05 +0100 [thread overview]
Message-ID: <dcb88724-c68e-6f2a-03d5-0641d2e68ec6@amd.com> (raw)
In-Reply-To: <Y343ijGoqyf73d+I@ziepe.ca>
Am 23.11.22 um 16:08 schrieb Jason Gunthorpe:
> On Wed, Nov 23, 2022 at 03:34:54PM +0100, Daniel Vetter wrote:
>>> diff --git a/virt/kvm/kvm_main.c b/virt/kvm/kvm_main.c
>>> index 1376a47fedeedb..4161241fc3228c 100644
>>> --- a/virt/kvm/kvm_main.c
>>> +++ b/virt/kvm/kvm_main.c
>>> @@ -2598,6 +2598,19 @@ static int hva_to_pfn_remapped(struct vm_area_struct *vma,
>>> return r;
>>> }
>>>
>>> + /*
>>> + * Special PTEs are never convertible into a struct page, even if the
>>> + * driver that owns them might have put a PFN with a struct page into
>>> + * the PFNMAP. If the arch doesn't support special then we cannot
>>> + * safely process these pages.
>>> + */
>>> +#ifdef CONFIG_ARCH_HAS_PTE_SPECIAL
>>> + if (pte_special(*ptep))
>>> + return -EINVAL;
>> On second thought this wont work, because it completely defeats the
>> point of why this code here exists. remap_pfn_range() (which is what
>> the various dma_mmap functions and the ioremap functions are built on
>> top of too) sets VM_PFNMAP too, so this check would even catch the
>> static mappings.
> The problem with the way this code is designed is how it allows
> returning the pfn without taking any reference based on things like
> !pfn_valid or page_reserved. This allows it to then conditionally put
> back the reference based on the same reasoning. It is impossible to
> thread pte special into that since it is a PTE flag, not a property of
> the PFN.
>
> I don't entirely understand why it needs the page reference at all,
That's exactly what I've pointed out in the previous discussion about
that code as well.
As far as I can see it this is just another case where people assumed
that grabbing a page reference somehow magically prevents the pte from
changing.
I have not the slightest idea how people got this impression, but I have
heard it so many time from so many different sources that there must be
some common cause to this. Is the maybe some book or tutorial how to
sophisticate break the kernel or something like this?
Anyway as far as I can see only correct approach would be to use an MMU
notifier or more high level hmm_range_fault()+seq number.
Regards,
Christian.
> even if it is available - so I can't guess why it is OK to ignore the
> page reference in other cases, or why it is OK to be racy..
>
> Eg hmm_range_fault() does not obtain page references and implements a
> very similar algorithm to kvm.
>
>> Plus these static mappings aren't all that static either, e.g. pci
>> access also can revoke bar mappings nowadays.
> And there are already mmu notifiers to handle that, AFAIK.
>
> Jason
next prev parent reply other threads:[~2022-11-23 15:15 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-22 17:08 [PATCH] dma-buf: Require VM_PFNMAP vma for mmap Daniel Vetter
2022-11-22 18:03 ` Jason Gunthorpe
2022-11-22 18:08 ` Daniel Vetter
2022-11-22 18:50 ` Jason Gunthorpe
2022-11-22 19:29 ` Daniel Vetter
2022-11-22 19:34 ` Jason Gunthorpe
2022-11-22 19:50 ` Daniel Vetter
2022-11-23 9:06 ` Christian König
2022-11-23 9:30 ` Daniel Vetter
2022-11-23 9:39 ` [Linaro-mm-sig] " Christian König
2022-11-23 10:06 ` Daniel Vetter
2022-11-23 12:46 ` Jason Gunthorpe
2022-11-23 12:49 ` Christian König
2022-11-23 12:53 ` Jason Gunthorpe
2022-11-23 13:12 ` Christian König
2022-11-23 13:28 ` Jason Gunthorpe
2022-11-23 14:28 ` Daniel Vetter
2022-11-23 15:04 ` Jason Gunthorpe
2022-11-23 16:22 ` Daniel Vetter
2022-11-23 14:34 ` Daniel Vetter
2022-11-23 15:08 ` Jason Gunthorpe
2022-11-23 15:15 ` Christian König [this message]
2022-11-23 16:26 ` Daniel Vetter
2022-11-23 16:26 ` Jason Gunthorpe
2022-11-23 8:07 ` Thomas Zimmermann
2022-11-23 9:33 ` Daniel Vetter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=dcb88724-c68e-6f2a-03d5-0641d2e68ec6@amd.com \
--to=christian.koenig@amd.com \
--cc=daniel.vetter@ffwll.ch \
--cc=daniel.vetter@intel.com \
--cc=dri-devel@lists.freedesktop.org \
--cc=intel-gfx@lists.freedesktop.org \
--cc=jgg@ziepe.ca \
--cc=john.stultz@linaro.org \
--cc=linaro-mm-sig@lists.linaro.org \
--cc=linux-media@vger.kernel.org \
--cc=sumit.semwal@linaro.org \
--cc=surenb@google.com \
--cc=tzimmermann@suse.de \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox