Re: [PATCH bpf v4 2/3] bpf: Avoid faultable build ID reads under mm locks

The Linux Kernel Mailing List
 help / color / mirror / Atom feed

From: Ihor Solodrai <ihor.solodrai@linux.dev>
To: Shakeel Butt <shakeel.butt@linux.dev>
Cc: Puranjay Mohan <puranjay@kernel.org>,
	Alexei Starovoitov <ast@kernel.org>,
	Andrii Nakryiko <andrii@kernel.org>,
	Daniel Borkmann <daniel@iogearbox.net>,
	Eduard Zingerman <eddyz87@gmail.com>,
	Kumar Kartikeya Dwivedi <memxor@gmail.com>,
	Mykyta Yatsenko <mykyta.yatsenko5@gmail.com>,
	bpf@vger.kernel.org, linux-kernel@vger.kernel.org,
	kernel-team@meta.com
Subject: Re: [PATCH bpf v4 2/3] bpf: Avoid faultable build ID reads under mm locks
Date: Thu, 14 May 2026 15:49:27 -0700	[thread overview]
Message-ID: <2895ecd8-df1e-4cc0-b9f9-aef893dc2360@linux.dev> (raw)
In-Reply-To: <agZG6XF41paiPjgm@linux.dev>

On 5/14/26 3:14 PM, Shakeel Butt wrote:
> On Thu, May 14, 2026 at 02:31:58PM -0700, Ihor Solodrai wrote:
>> On 5/14/26 1:47 PM, Shakeel Butt wrote:
>>> On Thu, May 14, 2026 at 11:47:26AM -0700, Ihor Solodrai wrote:
>>>> Sleepable build ID parsing can block in __kernel_read() [1], so the
>>>> stackmap sleepable path must not call it while holding mmap_lock or a
>>>> per-VMA read lock.
>>>>
>>>> The issue and the fix are conceptually similar to a recent procfs
>>>> patch [2].
>>>>
>>>> Resolve each covered VMA with a stable read-side reference, preferring
>>>> lock_vma_under_rcu() and falling back to mmap_read_trylock()
>>>
>>> Why trylock()? Why not just reuse the mechanism introduced in [2]? That is
>>> abstract out the mechanism introduced in [2] in mm core and reuse it.
>>
>> v1 used mmap_read_lock() as the fallback, but Puranjay pointed out [1]
>> that stackmap can be called when the caller already holds
>> mmap_lock. 
> 
> Can you exapnd on the scenario where caller already holds mmap_lock? Is this
> code path can be taken from bpf programs and bpf programs can be attached at
> functions/code-paths already holding the mmap_lock?

Exactly. For example, tracing BPF programs may attach to mm internals, and
there are also BPF iterators over VMAs (i.e. SEC("iter/task_vma")). And
probably other use-cases.

Bottom line is we can't assume it's safe to take mmap_lock in a code path
reachable from a BPF program.

> 
>> So I changed to trylock since v2, similar to non-sleepable
>> path.
>>
>> AFAIU this means that the common mechanism needs to support trylock
>> behavior as in stack_map_lock_vma() in this patch.
>>
>> Do you think this is worth factoring out of stackmap.c?
> 
> Do you think we will need similar handling at more places in future
> (particularly in bpf world) then it makes sense to factoring out now? Otherwise
> we can wait until we are sure.

Honestly, I don't know. IMO we shouldn't prematurely generalize a piece of
code with a single user. But I just may be unaware of the others.

> 
>>
>> [1] https://lore.kernel.org/bpf/m25x611s17.fsf@kernel.org/
>>
> 
> 
>

next prev parent reply	other threads:[~2026-05-14 22:50 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-05-14 18:47 [PATCH bpf v4 0/3] bpf: Implement stack_map_get_build_id_offset_sleepable() Ihor Solodrai
2026-05-14 18:47 ` [PATCH bpf v4 1/3] bpf: Factor out stack_map_build_id_set_ip() in stackmap.c Ihor Solodrai
2026-05-14 18:47 ` [PATCH bpf v4 2/3] bpf: Avoid faultable build ID reads under mm locks Ihor Solodrai
2026-05-14 19:37   ` bot+bpf-ci
2026-05-14 20:37     ` Ihor Solodrai
2026-05-14 20:47   ` Shakeel Butt
2026-05-14 21:31     ` Ihor Solodrai
2026-05-14 22:14       ` Shakeel Butt
2026-05-14 22:49         ` Ihor Solodrai [this message]
2026-05-14 23:02           ` Shakeel Butt
2026-05-14 18:47 ` [PATCH bpf v4 3/3] bpf: Cache build IDs in sleepable stackmap path Ihor Solodrai
2026-05-14 19:37   ` bot+bpf-ci
2026-05-15  0:24   ` Alexei Starovoitov
2026-05-15  0:27     ` Ihor Solodrai

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2895ecd8-df1e-4cc0-b9f9-aef893dc2360@linux.dev \
    --to=ihor.solodrai@linux.dev \
    --cc=andrii@kernel.org \
    --cc=ast@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=daniel@iogearbox.net \
    --cc=eddyz87@gmail.com \
    --cc=kernel-team@meta.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=memxor@gmail.com \
    --cc=mykyta.yatsenko5@gmail.com \
    --cc=puranjay@kernel.org \
    --cc=shakeel.butt@linux.dev \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox