From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 45767CF9C6B for ; Tue, 24 Sep 2024 17:15:50 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 834206B009A; Tue, 24 Sep 2024 13:15:49 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 7E4A26B009B; Tue, 24 Sep 2024 13:15:49 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 6AC2F6B009E; Tue, 24 Sep 2024 13:15:49 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 4E3CC6B009A for ; Tue, 24 Sep 2024 13:15:49 -0400 (EDT) Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id E57D980107 for ; Tue, 24 Sep 2024 17:15:48 +0000 (UTC) X-FDA: 82600283976.05.BF96398 Received: from casper.infradead.org (casper.infradead.org [90.155.50.34]) by imf20.hostedemail.com (Postfix) with ESMTP id 447231C0023 for ; Tue, 24 Sep 2024 17:15:46 +0000 (UTC) Authentication-Results: imf20.hostedemail.com; dkim=pass header.d=infradead.org header.s=casper.20170209 header.b=FN6GP3SU; dmarc=none; spf=none (imf20.hostedemail.com: domain of willy@infradead.org has no SPF policy when checking 90.155.50.34) smtp.mailfrom=willy@infradead.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1727198050; a=rsa-sha256; cv=none; b=k6HFbxkATxSilN8NAE0ho7+oIOFlDAY/8h34ku1ozwNXHuhCKmW7f9gGyxdBUufwSj6J7X WWz1fPCzBIoE0qNqIEyQO6erF7kYIjcFHygc62DjHiRppBk+qEsOgNo2PZ0wt3LimxsfST b4V5rMXNPofg89svILHQln/nA3zaUjY= ARC-Authentication-Results: i=1; imf20.hostedemail.com; dkim=pass header.d=infradead.org header.s=casper.20170209 header.b=FN6GP3SU; dmarc=none; spf=none (imf20.hostedemail.com: domain of willy@infradead.org has no SPF policy when checking 90.155.50.34) smtp.mailfrom=willy@infradead.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1727198050; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=WJowBGyKSbxzXE1/4SfIgV1cnZ3niSXTshohFumyVyo=; b=1i6neHob6vxDGVvUbt1ZshdFOT6n1ngZ4urXVCDM3obtG3N+TuWqrUBnWyVJ/T1XGjxB8+ nvxEZ5pFjUFsyxmgTK3cr4BUdcj95D8KDLg5fCQg1XxQn2vhu6OXOUb3ztDmhWOLeMChRO 3KuslCl3aoqeRF4n/EdTKUbWI7Jexis= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=infradead.org; s=casper.20170209; h=In-Reply-To:Content-Type:MIME-Version: References:Message-ID:Subject:Cc:To:From:Date:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description; bh=WJowBGyKSbxzXE1/4SfIgV1cnZ3niSXTshohFumyVyo=; b=FN6GP3SU7IBOOqvdNF+Slvk/CW icGmhjkq8DxlxknZq1FtXL5hFEmEOuHet7Yc8T3Xmoc89NetMzgIjgkuIxyrKMCWJURKscgz4VWDh 01eRl3ZHrOt4DXCSKHJ23AnnZh4DRGlt12o3ma18+lZavmWoALXY6obv91jnEN7LfDxnbNdzOo8b+ 1TMMXRdTdv3baEQrq/ryN8fjj7btYQg+SBPKAxYvGxJBdwq/X9j6Wbna+dH4rShmywnqbfQ3VXaWX uxmA9xdOYlW7VuUZQtlbx8TvHaWZbbMjRoDh5vULaygl/Uf9weJ+0BADHCNR6BAH8XVA4XmjG0jJm QlTxjDUQ==; Received: from willy by casper.infradead.org with local (Exim 4.98 #2 (Red Hat Linux)) id 1st98T-0000000253H-3S3Y; Tue, 24 Sep 2024 17:15:37 +0000 Date: Tue, 24 Sep 2024 18:15:37 +0100 From: Matthew Wilcox To: Jann Horn Cc: Suren Baghdasaryan , linux-trace-kernel@vger.kernel.org, peterz@infradead.org, oleg@redhat.com, rostedt@goodmis.org, mhiramat@kernel.org, bpf@vger.kernel.org, linux-kernel@vger.kernel.org, jolsa@kernel.org, paulmck@kernel.org, akpm@linux-foundation.org, linux-mm@kvack.org, mjguzik@gmail.com, brauner@kernel.org, andrii@kernel.org Subject: Re: [PATCH v2 1/1] mm: introduce mmap_lock_speculation_{start|end} Message-ID: References: <20240912210222.186542-1-surenb@google.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: 447231C0023 X-Stat-Signature: 1sw35m6x95gezzpugyy5rhyj64q6xwop X-Rspam-User: X-HE-Tag: 1727198146-839056 X-HE-Meta: U2FsdGVkX1/uRRjLgjFOIrQxxO7AqS088AfufuBeiDcBP1eMClYsKH7zuOrbJsWeEM6lEOsjixKFzIKN8mfXMiz1NaU3RTFbqnQQLauMQx9RRaQ1BkN1FINUSpBt5LILboRpJf87lrFfVkvKi3DEd7eNcCrHjZbU4Wf0L90CNYGRjdsYRJiINeAyHQKZazg6KVLahDO7T38h0rQP7VDUlawgm0qCp0jmg2CQLpFifQTaGS9RnceqO/DihxbennAN3u/ExiAYXXfOlRhVSQXbM5pbBtZTeQ6VNjLaPg8t2uh1wEjR5UUju7WQLPEHITBTmUYgWMtrcCDPaKeA75IWQoe7EXVXK33aZXrKrQCNU4s0btQZsHYcQ/E1w0auHiMHQct3gQtqzhs5WfdYi9EQRYp5wh3HnuEyTfllDtMC59mXSHOX5aJsWx0ceBMptnSvlKaYih48465Kelw6SX7mywVL355Iva1l6Jq4LqQ6d1Lg0pDss64lytQIrf1m9TQh1f3xxy4d8Vv6RMpJFtEfprbfHDcl+JXJY68WrM7bTV2rJMbcc+k4G8uQWF8vdmUcrmyF7pt5uzSt0fLaPaWxriY5qsYY+UhyJZdGfesYxaNxetnvnYLhLCgBRdY9Uc7PI5WrAnKlgHNCuGaYGOcn81GEvqTERoAVCWSdHPjU+u/DYwkC1LmS5kqzdO84oUO+RiOXnSmk4ew5TrRnBG0NofYzQ28Y2UDhkkj7D5sA0/RQY1nKk6NG45WJ4ZyDnMedmfopsKsdIIUNG5c/7QJHfBJXi8x+jRn4Eqhs74BhDzgCGGo9SLZjwgSpOylyWkgAs390nFNAIeByx2ggcyfmtDIBMjfVIJjzqEXZvp0E74XwZsAAEUN8I2EtzVJ4FjXkTNWFtACaTaRfDUJ16BlcR+yXuZlerVPBQCmIU9Dy7Lbza8rIaSOVEddBzD7ppUUcDGAkdre7tX3y9y5KJnj 4iuVt7An 0AI4XgHVgjs0HND91A1sdpFfr5WPbNlaNXgmtc2hd97nZIsOuKD/xTShx9HoH8WyG9FPGHVzCAT+ZnTpg8b4Ayn6tu3ROU9wwIUc8Bjv28Ky4e3DyXosN18PhnYZSrQiFlGSSWn7bWT+JYXwxrD76BZmJ6o+HT67CaR1ylBDsKD+X4O2lqvWs5O52/vK1qKVuMuCET/kt8pF8CJdHfCGCGsHwf/iqUJu2Q0HWUOyCdZf1fJ7oqDxAcpntgA9JcN4UbOM3ewBST0u+5o3aiuLL0W7JflpXG21+DoKs10uLlzRM398= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: On Fri, Sep 13, 2024 at 12:52:39AM +0200, Jann Horn wrote: > FWIW, I would still feel happier if this was a 64-bit number, though I > guess at least with uprobes the attack surface is not that large even > if you can wrap that counter... 2^31 counter increments are not all > that much, especially if someone introduces a kernel path in the > future that lets you repeatedly take the mmap_lock for writing within > a single syscall without doing much work, or maybe on some machine > where syscalls are really fast. I really don't like hinging memory > safety on how fast or slow some piece of code can run, unless we can > make strong arguments about it based on how many memory writes a CPU > core is capable of doing per second or stuff like that. You could repeatedly call munmap(1, 0) which will take the mmap_write_lock, do no work and call mmap_write_unlock(). We could fix that by moving the start/len validation outside the mmap_write_lock(), but it won't increase the path length by much. How many syscalls can we do per second? https://blogs.oracle.com/linux/post/syscall-latency suggests 217ns per syscall, so we'll be close to 4.6m syscalls/second or 466 seconds (7 minutes, 46 seconds).