From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: Dave Hansen <dave.hansen@intel.com>
Cc: linux-sgx@vger.kernel.org,
Haitao Huang <haitao.huang@linux.intel.com>,
Matthew Wilcox <willy@infradead.org>,
Sean Christopherson <sean.j.christopherson@intel.com>,
Jethro Beekman <jethro@fortanix.com>,
Dave Hansen <dave.hansen@linux.intel.com>
Subject: Re: [PATCH v3] x86/sgx: Fix sgx_encl_may_map locking
Date: Mon, 5 Oct 2020 20:36:21 +0300 [thread overview]
Message-ID: <20201005173621.GA13055@linux.intel.com> (raw)
In-Reply-To: <9f1b6d7e-1990-925b-c124-adfef7f2ddfc@intel.com>
On Mon, Oct 05, 2020 at 07:28:38AM -0700, Dave Hansen wrote:
> On 10/5/20 7:11 AM, Jarkko Sakkinen wrote:
> > + unsigned long count = 0;
> ...
> > + xas_lock(&xas);
> > + xas_for_each(&xas, page, idx_end) {
> > + if (++count % XA_CHECK_SCHED)
> > + continue;
>
> Let's slow down and think through the loop, please.
>
> First time through the loop, count=0, XA_CHECK_SCHED=4096, it will do a
> ++count, and now count=1. (count % XA_CHECK_SCHED) == 1. It will
> continue. It skips the page->vm_max_prot_bits checks.
>
> Next time through the loop, count=1, XA_CHECK_SCHED=4096, it will do a
> ++count, and now count=2. (count % XA_CHECK_SCHED) == 2. It will
> continue. It skips the page->vm_max_prot_bits checks.
>
> ...
>
> It will do this until it hits count=4095 where it will actually fall
> into the rest of the loop, doing the page->vm_max_prot_bits checks.
Uh oh, how stupid of me.
> So, in the end the loop only does what it's supposed to be doing 1/4096
> times. Not great. Don't we have tests that will notice breakage like this?
It would not be hard to have two counts and WARN_ON in the end to
compare for mismatch.
> The XA_CHECK_SCHED needs to be stuck near the *end* of the loop, just
> before the lock dropping and resched stuff.
Referring to Matthew's suggestion:
https://lore.kernel.org/linux-sgx/20201005111139.GK20115@casper.infradead.org/
I think that the order is just right.
It takes the page, does the processing, and in the tail does check
before rescheduling.
The only thing I'd do for clarity would be to change the tail in
that like this:
/* Move to the next iteration. */
count++;
/* Surpassed the modulus, reschedule. */
if (!(count % XA_CHECK_SCHED)) {
xas_pause(&xas);
xas_unlock(&xas);
cond_resched();
xas_lock(&xas);
}
}
xas_unlock(&xas);
I think this is just a bit more readable way to express the same
thing. Matthew, can you agree with this small twist?
/Jarkko
next prev parent reply other threads:[~2020-10-05 19:11 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-05 14:11 [PATCH v3] x86/sgx: Fix sgx_encl_may_map locking Jarkko Sakkinen
2020-10-05 14:12 ` Matthew Wilcox
2020-10-05 17:25 ` Jarkko Sakkinen
2020-10-05 17:28 ` Jarkko Sakkinen
2020-10-05 14:28 ` Dave Hansen
2020-10-05 17:36 ` Jarkko Sakkinen [this message]
2020-10-05 15:55 ` Sean Christopherson
2020-10-05 17:41 ` Jarkko Sakkinen
2020-10-05 17:43 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201005173621.GA13055@linux.intel.com \
--to=jarkko.sakkinen@linux.intel.com \
--cc=dave.hansen@intel.com \
--cc=dave.hansen@linux.intel.com \
--cc=haitao.huang@linux.intel.com \
--cc=jethro@fortanix.com \
--cc=linux-sgx@vger.kernel.org \
--cc=sean.j.christopherson@intel.com \
--cc=willy@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox