From: Jason Gunthorpe <jgg@ziepe.ca>
To: Christoph Hellwig <hch@infradead.org>
Cc: Jerome Glisse <jglisse@redhat.com>,
Ralph Campbell <rcampbell@nvidia.com>,
John Hubbard <jhubbard@nvidia.com>,
Felix.Kuehling@amd.com, linux-rdma@vger.kernel.org,
linux-mm@kvack.org, Andrea Arcangeli <aarcange@redhat.com>,
dri-devel@lists.freedesktop.org, amd-gfx@lists.freedesktop.org
Subject: Re: [PATCH v2 hmm 01/11] mm/hmm: fix use after free with struct hmm in the mmu notifiers
Date: Sat, 8 Jun 2019 08:33:05 -0300 [thread overview]
Message-ID: <20190608113305.GA12419@ziepe.ca> (raw)
In-Reply-To: <20190608084948.GA32185@infradead.org>
On Sat, Jun 08, 2019 at 01:49:48AM -0700, Christoph Hellwig wrote:
> I still think sruct hmm should die. We already have a structure used
> for additional information for drivers having crazly tight integration
> into the VM, and it is called struct mmu_notifier_mm. We really need
> to reuse that intead of duplicating it badly.
Probably. But at least in ODP we needed something very similar to
'struct hmm' to make our mmu notifier implementation work.
The mmu notifier api really lends itself to having a per-mm structure
in the driver to hold the 'struct mmu_notifier'..
I think I see other drivers are doing things like assuming that there
is only one mm in their world (despite being FD based, so this is not
really guarenteed)
So, my first attempt would be an api something like:
priv = mmu_notififer_attach_mm(ops, current->mm, sizeof(my_priv))
mmu_notifier_detach_mm(priv);
ops->invalidate_start(struct mmu_notififer *mn):
struct p *priv = mmu_notifier_priv(mn);
Such that
- There is only one priv per mm
- All the srcu stuff is handled inside mmu notifier
- It is reference counted, so ops can be attached multiple times to
the same mm
Then odp's per_mm, and struct hmm (if we keep it at all) is simply a
'priv' in the above.
I was thinking of looking at this stuff next, once this series is
done.
Jason
next prev parent reply other threads:[~2019-06-08 11:33 UTC|newest]
Thread overview: 79+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-06 18:44 [PATCH v2 hmm 00/11] Various revisions from a locking/code review Jason Gunthorpe
2019-06-06 18:44 ` [PATCH v2 hmm 01/11] mm/hmm: fix use after free with struct hmm in the mmu notifiers Jason Gunthorpe
2019-06-07 2:29 ` John Hubbard
2019-06-07 12:34 ` Jason Gunthorpe
2019-06-07 13:42 ` Jason Gunthorpe
2019-06-08 1:13 ` John Hubbard
2019-06-08 1:37 ` John Hubbard
2019-06-07 18:12 ` Ralph Campbell
2019-06-08 8:49 ` Christoph Hellwig
2019-06-08 11:33 ` Jason Gunthorpe [this message]
2019-06-06 18:44 ` [PATCH v2 hmm 02/11] mm/hmm: Use hmm_mirror not mm as an argument for hmm_range_register Jason Gunthorpe
2019-06-07 2:36 ` John Hubbard
2019-06-07 18:24 ` Ralph Campbell
2019-06-07 22:39 ` Ralph Campbell
2019-06-10 13:09 ` Jason Gunthorpe
2019-06-07 22:33 ` Ira Weiny
2019-06-08 8:54 ` Christoph Hellwig
2019-06-11 19:44 ` Jason Gunthorpe
2019-06-12 7:12 ` Christoph Hellwig
2019-06-12 11:41 ` Jason Gunthorpe
2019-06-12 12:11 ` Christoph Hellwig
2019-06-06 18:44 ` [PATCH v2 hmm 03/11] mm/hmm: Hold a mmgrab from hmm to mm Jason Gunthorpe
2019-06-07 2:44 ` John Hubbard
2019-06-07 12:36 ` Jason Gunthorpe
2019-06-07 18:41 ` Ralph Campbell
2019-06-07 18:51 ` Jason Gunthorpe
2019-06-07 22:38 ` Ira Weiny
2019-06-06 18:44 ` [PATCH v2 hmm 04/11] mm/hmm: Simplify hmm_get_or_create and make it reliable Jason Gunthorpe
2019-06-07 2:54 ` John Hubbard
2019-06-07 18:52 ` Ralph Campbell
2019-06-07 22:44 ` Ira Weiny
2019-06-06 18:44 ` [PATCH v2 hmm 05/11] mm/hmm: Remove duplicate condition test before wait_event_timeout Jason Gunthorpe
2019-06-07 3:06 ` John Hubbard
2019-06-07 12:47 ` Jason Gunthorpe
2019-06-07 13:31 ` [PATCH v3 " Jason Gunthorpe
2019-06-07 22:55 ` Ira Weiny
2019-06-08 1:32 ` John Hubbard
2019-06-07 19:01 ` [PATCH v2 " Ralph Campbell
2019-06-07 19:13 ` Jason Gunthorpe
2019-06-07 20:21 ` Ralph Campbell
2019-06-07 20:44 ` Jason Gunthorpe
2019-06-07 22:13 ` Ralph Campbell
2019-06-08 1:47 ` Jason Gunthorpe
2019-06-06 18:44 ` [PATCH v2 hmm 06/11] mm/hmm: Hold on to the mmget for the lifetime of the range Jason Gunthorpe
2019-06-07 3:15 ` John Hubbard
2019-06-07 20:29 ` Ralph Campbell
2019-06-06 18:44 ` [PATCH v2 hmm 07/11] mm/hmm: Use lockdep instead of comments Jason Gunthorpe
2019-06-07 3:19 ` John Hubbard
2019-06-07 20:31 ` Ralph Campbell
2019-06-07 22:16 ` Souptick Joarder
2019-06-06 18:44 ` [PATCH v2 hmm 08/11] mm/hmm: Remove racy protection against double-unregistration Jason Gunthorpe
2019-06-07 3:29 ` John Hubbard
2019-06-07 13:57 ` Jason Gunthorpe
2019-06-07 20:33 ` Ralph Campbell
2019-06-06 18:44 ` [PATCH v2 hmm 09/11] mm/hmm: Poison hmm_range during unregister Jason Gunthorpe
2019-06-07 3:37 ` John Hubbard
2019-06-07 14:03 ` Jason Gunthorpe
2019-06-07 20:46 ` Ralph Campbell
2019-06-07 20:49 ` Jason Gunthorpe
2019-06-07 23:01 ` Ira Weiny
2019-06-06 18:44 ` [PATCH v2 hmm 10/11] mm/hmm: Do not use list*_rcu() for hmm->ranges Jason Gunthorpe
2019-06-07 3:40 ` John Hubbard
2019-06-07 20:49 ` Ralph Campbell
2019-06-07 22:11 ` Souptick Joarder
2019-06-07 23:02 ` Ira Weiny
2019-06-06 18:44 ` [PATCH v2 hmm 11/11] mm/hmm: Remove confusing comment and logic from hmm_release Jason Gunthorpe
2019-06-07 3:47 ` John Hubbard
2019-06-07 12:58 ` Jason Gunthorpe
2019-06-07 21:37 ` Ralph Campbell
2019-06-08 2:12 ` Jason Gunthorpe
2019-06-10 16:02 ` Jason Gunthorpe
2019-06-10 22:03 ` Ralph Campbell
2019-06-07 16:05 ` [PATCH v2 12/11] mm/hmm: Fix error flows in hmm_invalidate_range_start Jason Gunthorpe
2019-06-07 23:52 ` Ralph Campbell
2019-06-08 1:35 ` Jason Gunthorpe
2019-06-11 19:48 ` [PATCH v2 hmm 00/11] Various revisions from a locking/code review Jason Gunthorpe
2019-06-12 17:54 ` Kuehling, Felix
2019-06-12 21:49 ` Yang, Philip
2019-06-13 17:50 ` Jason Gunthorpe
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190608113305.GA12419@ziepe.ca \
--to=jgg@ziepe.ca \
--cc=Felix.Kuehling@amd.com \
--cc=aarcange@redhat.com \
--cc=amd-gfx@lists.freedesktop.org \
--cc=dri-devel@lists.freedesktop.org \
--cc=hch@infradead.org \
--cc=jglisse@redhat.com \
--cc=jhubbard@nvidia.com \
--cc=linux-mm@kvack.org \
--cc=linux-rdma@vger.kernel.org \
--cc=rcampbell@nvidia.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).