From: Ralf Baechle <ralf@linux-mips.org>
To: Lars Persson <lars.persson@axis.com>
Cc: Leonid Yegoshin <Leonid.Yegoshin@imgtec.com>,
"linux-mips@linux-mips.org" <linux-mips@linux-mips.org>,
"james.hogan@imgtec.com" <james.hogan@imgtec.com>,
"keescook@chromium.org" <keescook@chromium.org>,
"paul.burton@imgtec.com" <paul.burton@imgtec.com>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"manuel.lauss@gmail.com" <manuel.lauss@gmail.com>,
"pbonzini@redhat.com" <pbonzini@redhat.com>,
"akpm@linux-foundation.org" <akpm@linux-foundation.org>,
"blogic@openwrt.org" <blogic@openwrt.org>,
"markos.chandras@imgtec.com" <markos.chandras@imgtec.com>
Subject: Re: [PATCH] Revert "MIPS: Remove race window in page fault handling"
Date: Wed, 3 Dec 2014 14:24:11 +0100 [thread overview]
Message-ID: <20141203132411.GA16063@linux-mips.org> (raw)
In-Reply-To: <1417599104.10996.16.camel@lnxlarper.se.axis.com>
On Wed, Dec 03, 2014 at 10:31:44AM +0100, Lars Persson wrote:
> Hi Leonid
>
> First let me describe the mechanism of this race condition, which was a
> fault in the kernel's MIPS architecture code. Specifically in its
> implementation of lazy dcache flushing. AFAIK, it would only hit on
> systems where the pagein code path writes to the page from the CPU.
>
> The order of calls is:
> flush_dcache_page() (from the FS's readpage)
> set_pte_at()
> update_mmu_cache()
>
> The thread number one has executed the set_pte_at() when thread number
> two hits the same page. It finds a valid PTE and proceeds to execute
> code from a page that is not yet flushed to the point of I/D coherency.
> That flush would happen in update_mmu_cache().
>
> My patch does increase number of cache flushes for CoW yes and there
> could be an optimization opportunity by playing tricks with the pte_t to
> include information about executability of the mapping.
>
> Reverting the patch is a big no-no, then we go back to a state of
> undefined CPU behavior.
The performance issues of this patch were fairly obvious when I applied
the patch. At that time I choose correctness over performance. But it
needs proper sorting. Too massive performance impact also is a bug and
Leonid's sledgehammer approach to revoke the patch outright without
anything better to replace it is not the right way either!
Ralf
next prev parent reply other threads:[~2014-12-03 13:24 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-12-03 3:25 [PATCH] Revert "MIPS: Remove race window in page fault handling" Leonid Yegoshin
2014-12-03 9:31 ` Lars Persson
2014-12-03 13:24 ` Ralf Baechle [this message]
2014-12-03 13:42 ` Ralf Baechle
2014-12-03 14:03 ` Lars Persson
2014-12-03 19:28 ` Leonid Yegoshin
2014-12-05 2:16 ` Leonid Yegoshin
2014-12-05 9:32 ` Lars Persson
2014-12-05 21:41 ` Leonid Yegoshin
2014-12-08 9:18 ` Lars Persson
2014-12-03 14:20 ` Lars Persson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20141203132411.GA16063@linux-mips.org \
--to=ralf@linux-mips.org \
--cc=Leonid.Yegoshin@imgtec.com \
--cc=akpm@linux-foundation.org \
--cc=blogic@openwrt.org \
--cc=james.hogan@imgtec.com \
--cc=keescook@chromium.org \
--cc=lars.persson@axis.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mips@linux-mips.org \
--cc=manuel.lauss@gmail.com \
--cc=markos.chandras@imgtec.com \
--cc=paul.burton@imgtec.com \
--cc=pbonzini@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox