lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 18 Aug 2020 09:58:18 +0800 From: Chinwen Chang <chinwen.chang@...iatek.com> To: Matthias Brugger <matthias.bgg@...il.com>, Michel Lespinasse <walken@...gle.com>, Andrew Morton <akpm@...ux-foundation.org>, "Vlastimil Babka" <vbabka@...e.cz>, Daniel Jordan <daniel.m.jordan@...cle.com>, "Davidlohr Bueso" <dbueso@...e.de>, Chinwen Chang <chinwen.chang@...iatek.com>, "Alexey Dobriyan" <adobriyan@...il.com>, "Matthew Wilcox (Oracle)" <willy@...radead.org>, Jason Gunthorpe <jgg@...pe.ca>, Steven Price <steven.price@....com>, Song Liu <songliubraving@...com>, Jimmy Assarsson <jimmyassarsson@...il.com>, Huang Ying <ying.huang@...el.com>, Daniel Kiss <daniel.kiss@....com>, Laurent Dufour <ldufour@...ux.ibm.com> CC: <linux-kernel@...r.kernel.org>, <linux-arm-kernel@...ts.infradead.org>, <linux-mediatek@...ts.infradead.org>, <linux-fsdevel@...r.kernel.org>, <wsd_upstream@...iatek.com> Subject: [PATCH v4 3/3] mm: proc: smaps_rollup: do not stall write attempts on mmap_lock smaps_rollup will try to grab mmap_lock and go through the whole vma list until it finishes the iterating. When encountering large processes, the mmap_lock will be held for a longer time, which may block other write requests like mmap and munmap from progressing smoothly. There are upcoming mmap_lock optimizations like range-based locks, but the lock applied to smaps_rollup would be the coarse type, which doesn't avoid the occurrence of unpleasant contention. To solve aforementioned issue, we add a check which detects whether anyone wants to grab mmap_lock for write attempts. Change since v1: - If current VMA is freed after dropping the lock, it will return - incomplete result. To fix this issue, refine the code flow as - suggested by Steve. [1] Change since v2: - When getting back the mmap lock, the address where you stopped last - time could now be in the middle of a vma. Add one more check to handle - this case as suggested by Michel. [2] Change since v3: - last_stopped is easily confused with last_vma_end. Replace it with - a direct call to smap_gather_stats(vma, &mss, last_vma_end) as - suggested by Steve. [3] [1] https://lore.kernel.org/lkml/bf40676e-b14b-44cd-75ce-419c70194783@arm.com/ [2] https://lore.kernel.org/lkml/CANN689FtCsC71cjAjs0GPspOhgo_HRj+diWsoU1wr98YPktgWg@mail.gmail.com/ [3] https://lore.kernel.org/lkml/db0d40e2-72f3-09d5-c162-9c49218f128f@arm.com/ Signed-off-by: Chinwen Chang <chinwen.chang@...iatek.com> CC: Steven Price <steven.price@....com> CC: Michel Lespinasse <walken@...gle.com> --- fs/proc/task_mmu.c | 66 +++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 65 insertions(+), 1 deletion(-) diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c index 76e623a..1a80624 100644 --- a/fs/proc/task_mmu.c +++ b/fs/proc/task_mmu.c @@ -867,9 +867,73 @@ static int show_smaps_rollup(struct seq_file *m, void *v) hold_task_mempolicy(priv); - for (vma = priv->mm->mmap; vma; vma = vma->vm_next) { + for (vma = priv->mm->mmap; vma;) { smap_gather_stats(vma, &mss, 0); last_vma_end = vma->vm_end; + + /* + * Release mmap_lock temporarily if someone wants to + * access it for write request. + */ + if (mmap_lock_is_contended(mm)) { + mmap_read_unlock(mm); + ret = mmap_read_lock_killable(mm); + if (ret) { + release_task_mempolicy(priv); + goto out_put_mm; + } + + /* + * After dropping the lock, there are four cases to + * consider. See the following example for explanation. + * + * +------+------+-----------+ + * | VMA1 | VMA2 | VMA3 | + * +------+------+-----------+ + * | | | | + * 4k 8k 16k 400k + * + * Suppose we drop the lock after reading VMA2 due to + * contention, then we get: + * + * last_vma_end = 16k + * + * 1) VMA2 is freed, but VMA3 exists: + * + * find_vma(mm, 16k - 1) will return VMA3. + * In this case, just continue from VMA3. + * + * 2) VMA2 still exists: + * + * find_vma(mm, 16k - 1) will return VMA2. + * Iterate the loop like the original one. + * + * 3) No more VMAs can be found: + * + * find_vma(mm, 16k - 1) will return NULL. + * No more things to do, just break. + * + * 4) (last_vma_end - 1) is the middle of a vma (VMA'): + * + * find_vma(mm, 16k - 1) will return VMA' whose range + * contains last_vma_end. + * Iterate VMA' from last_vma_end. + */ + vma = find_vma(mm, last_vma_end - 1); + /* Case 3 above */ + if (!vma) + break; + + /* Case 1 above */ + if (vma->vm_start >= last_vma_end) + continue; + + /* Case 4 above */ + if (vma->vm_end > last_vma_end) + smap_gather_stats(vma, &mss, last_vma_end); + } + /* Case 2 above */ + vma = vma->vm_next; } show_vma_header_prefix(m, priv->mm->mmap->vm_start, -- 1.9.1
Powered by blists - more mailing lists