From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from out-188.mta1.migadu.com (out-188.mta1.migadu.com [95.215.58.188]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E3974388E5A for ; Thu, 4 Jun 2026 03:11:44 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=95.215.58.188 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780542706; cv=none; b=JLbhM4Fsl5CNwEPtw3vT/Em5eOhIv/jgXTF5RV7aFItYRQynXPYBXGhFKHeDi2yocJyiYk9XjLDjE0Ni+hAKQeR9Unm+60rpfOMiifWN4KftX2OISXqEfaXlhg3eGvnzxhCI3V+XsYiAAn4S+X05uu1R2yT6Nytp2ZBSGaIbTy8= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1780542706; c=relaxed/simple; bh=+5YoiTbbqkCGoLy9KCC5E1wTAC9Ln6rUINZ6zQ2CoVw=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version:Content-Type; b=BdGdI0gzA7iGzP1WmLZ5wgxICIwnm17iTIXgu+PYyrvqy5FfDUM/3vo+EVtbOz249NrznDLm4hxTyqo2ubMqa2y7t2GAE3JR0MviXPGE93fAyUeax0hMGW82pMgI0V0AL+f6pROQfFeEwUnpVIzhwpuF8KkiErWaEyNAfCYJiOc= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev; spf=pass smtp.mailfrom=linux.dev; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b=HHBkq2lL; arc=none smtp.client-ip=95.215.58.188 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=linux.dev Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=linux.dev Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=linux.dev header.i=@linux.dev header.b="HHBkq2lL" X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.dev; s=key1; t=1780542703; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=RjS2UMpdjJpN67amMvH9W0cc0n1WNzw8Vr2I72B9eXA=; b=HHBkq2lL+VAqKbUNameR6ChCjVLaEhwhG4hqFd6giuE3VskVYq9oX+q25N7PfgVOgwq3Wo 4VEWhcrapraRcfQxjiScywn1mMBQiFQF+1ow3aWi/uHUdnqEbghCWrU2JlILK0b5x/UYx7 lqkdWeGEUDbOwMCSQ3ZcF2tC6uYEnpk= From: Lance Yang To: david@kernel.org, rppt@kernel.org Cc: lance.yang@linux.dev, akpm@linux-foundation.org, tglx@kernel.org, mingo@redhat.com, bp@alien8.de, dave.hansen@linux.intel.com, x86@kernel.org, hpa@zytor.com, luto@kernel.org, peterz@infradead.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, xueyuan.chen21@gmail.com, ioworker0@gmail.com Subject: Re: [RFC PATCH 1/2] mm/secretmem: try to restore large page mappings in direct map Date: Thu, 4 Jun 2026 11:11:33 +0800 Message-Id: <20260604031133.56010-1-lance.yang@linux.dev> In-Reply-To: References: Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Migadu-Flow: FLOW_OUT On Wed, Jun 03, 2026 at 05:48:56PM +0200, David Hildenbrand (Arm) wrote: >On 6/3/26 15:09, Lance Yang wrote: >> >> >> On 2026/6/3 20:35, Mike Rapoport wrote: >>> On Wed, Jun 03, 2026 at 07:41:34PM +0800, Lance Yang wrote: >>>> >>>> Good point, I kept it separate on purpose :) >>>> >>>> Putting collapse into set_direct_map_default_noflush() would change the >>>> semantics of that helper a bit, IMHO. >>> >>> For x86 default means present + rw + PSE, so yuu can look at it as actually >>> better enforcing the semantics :) >> >> Yep. One x86 detail though, default seems to miss _PAGE_GLOBAL today. Not >> sure if that is intentional or just historical. See patch #02. >> >>>> I would expect arch_try_collapse_direct_map() to also be useful for cases >>>> where a direct-map permission change could split a large maping first, >>>> and the user wants to try restoring the large mapping after changing it >>>> back. One example[1] is making a direct-map range read-only for security, >>>> which I am also working on :) >>> >>> I don't think users should care. The users care for particular permissions >>> of a range in the direct map. It should be up to the architecture to select >>> most suitable mapping size. The splits are implicit, I don't see why >>> collapses can't be implicit as well. >> >> And agreed, users should not care about the final mapping size, that is >> up to the arch. >> >> TBH, my concern is making the collapse cost implicit for every >> set_direct_map_default_noflush() caller. I still lean toward keeping >> it opt-in, but happy to hear what folks prefer :) > >If we could easily do that automatically, that would likely be preferable. > >Especially given that we are getting other users of direct-map removal soon that >would face similar problems (e.g., guest_memfd). Yeah. Makes sense to me ;) > >What the performance impact of trying to collapse after every directmap update? >Imagine we have a full PMD range with directmap-removed PTEs? Collapse can turn 512 PTEs into one PMD, and, if the large range is compatible, 512 PMDs into one PUD. Eeah try walks the page tables, takes pgd_lock, and scans entries until it hits a non-present entry, mismatched flags, or non-contiguous PFN. The same kind of check is done for PMD entries before a PUD collapse. If nothing collapses, it balis out without flush_tlb_all(). If at least one collapse succeeds, flush_tlb_all() is called once before freeing the old page tables, and that is probably the expensive part :) So failed tries are cheaper that a real collapse, but not free. Not sure how often the remove/restore cycles happens, whether automatic collapse is worth it depends on that. Keeping it explicit lets callers take that cost only when they know the collapse is really useful ... Thanks, Lance