lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <dac18c98-55e7-ea6b-d020-0f6065e969ad@suse.cz>
Date:   Thu, 8 Jun 2017 13:07:02 +0200
From:   Vlastimil Babka <vbabka@...e.cz>
To:     "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>
Cc:     Will Deacon <will.deacon@....com>, linux-mm@...ck.org,
        linux-kernel@...r.kernel.org, mark.rutland@....com,
        akpm@...ux-foundation.org, Punit.Agrawal@....com, mgorman@...e.de,
        steve.capper@....com
Subject: Re: [PATCH 2/3] mm/page_ref: Ensure page_ref_unfreeze is ordered
 against prior accesses

On 06/08/2017 12:40 PM, Kirill A. Shutemov wrote:
> On Thu, Jun 08, 2017 at 11:38:21AM +0200, Vlastimil Babka wrote:
>> On 06/06/2017 07:58 PM, Will Deacon wrote:
>>> page_ref_freeze and page_ref_unfreeze are designed to be used as a pair,
>>> wrapping a critical section where struct pages can be modified without
>>> having to worry about consistency for a concurrent fast-GUP.
>>>
>>> Whilst page_ref_freeze has full barrier semantics due to its use of
>>> atomic_cmpxchg, page_ref_unfreeze is implemented using atomic_set, which
>>> doesn't provide any barrier semantics and allows the operation to be
>>> reordered with respect to page modifications in the critical section.
>>>
>>> This patch ensures that page_ref_unfreeze is ordered after any critical
>>> section updates, by invoking smp_mb__before_atomic() prior to the
>>> atomic_set.
>>>
>>> Cc: "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>
>>> Acked-by: Steve Capper <steve.capper@....com>
>>> Signed-off-by: Will Deacon <will.deacon@....com>
>>
>> Undecided if it's really needed. This is IMHO not the classical case
>> from Documentation/core-api/atomic_ops.rst where we have to make
>> modifications visible before we let others see them? Here the one who is
>> freezing is doing it so others can't get their page pin and interfere
>> with the freezer's work.
> 
> Hm.. I'm not sure I'm getting what you are talking about. 
> 
> What would guarantee others to see changes to page before seeing page
> unfreezed?

My point was that we do the freezing for other reasons than to guarantee
this, but it can be needed too.

>>>  include/linux/page_ref.h | 1 +
>>>  1 file changed, 1 insertion(+)
>>>
>>> diff --git a/include/linux/page_ref.h b/include/linux/page_ref.h
>>> index 610e13271918..74d32d7905cb 100644
>>> --- a/include/linux/page_ref.h
>>> +++ b/include/linux/page_ref.h
>>> @@ -174,6 +174,7 @@ static inline void page_ref_unfreeze(struct page *page, int count)
>>>  	VM_BUG_ON_PAGE(page_count(page) != 0, page);
>>>  	VM_BUG_ON(count == 0);
>>>  
>>> +	smp_mb__before_atomic();
>>>  	atomic_set(&page->_refcount, count);
> 
> I *think* it should be smp_mb(), not __before_atomic(). atomic_set() is
> not really atomic. For instance on x86 it's plain WRITE_ONCE() which CPU
> would happily reorder.

Yeah but there are compile barriers, and x86 is TSO, so that's enough?
Also I found other instances by git grep (not a proof, though :)

>>>  	if (page_ref_tracepoint_active(__tracepoint_page_ref_unfreeze))
>>>  		__page_ref_unfreeze(page, count);
>>>
>>
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ