lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Mon, 21 Dec 2020 12:22:07 -0800
From:   Minchan Kim <minchan@...nel.org>
To:     Vitaly Wool <vitaly.wool@...sulko.com>
Cc:     Mike Galbraith <efault@....de>,
        LKML <linux-kernel@...r.kernel.org>,
        linux-mm <linux-mm@...ck.org>,
        Barry Song <song.bao.hua@...ilicon.com>,
        Sebastian Andrzej Siewior <bigeasy@...utronix.de>,
        NitinGupta <ngupta@...are.org>,
        sergey.senozhatsky.work@...il.com,
        Andrew Morton <akpm@...ux-foundation.org>, shakeelb@...gle.com
Subject: Re: [PATCH] zsmalloc: do not use bit_spin_lock

On Mon, Dec 21, 2020 at 08:20:26PM +0100, Vitaly Wool wrote:
> On Mon, Dec 21, 2020 at 6:24 PM Minchan Kim <minchan@...nel.org> wrote:
> >
> > On Sun, Dec 20, 2020 at 02:22:28AM +0200, Vitaly Wool wrote:
> > > zsmalloc takes bit spinlock in its _map() callback and releases it
> > > only in unmap() which is unsafe and leads to zswap complaining
> > > about scheduling in atomic context.
> > >
> > > To fix that and to improve RT properties of zsmalloc, remove that
> > > bit spinlock completely and use a bit flag instead.
> >
> > I don't want to use such open code for the lock.
> >
> > I see from Mike's patch, recent zswap change introduced the lockdep
> > splat bug and you want to improve zsmalloc to fix the zswap bug and
> > introduce this patch with allowing preemption enabling.
> 
> This understanding is upside down. The code in zswap you are referring
> to is not buggy.  You may claim that it is suboptimal but there is
> nothing wrong in taking a mutex.

No, it's surely break from zswap since zpool/zsmalloc has worked like
this and now you are saying "nothing wrong" even though it breaks
the rule.

> 
> > https://lore.kernel.org/linux-mm/fae85e4440a8ef6f13192476bd33a4826416fc58.camel@gmx.de/
> >
> > zs_[un/map]_object is designed to be used in fast path(i.e.,
> > zs_map_object/4K page copy/zs_unmap_object) so the spinlock is
> > perfectly fine for API point of view. However, zswap introduced
> > using the API with mutex_lock/crypto_wait_req where allowing
> > preemption, which was wrong.
> 
> Taking a spinlock in one callback and releasing it in another is
> unsafe and error prone. What if unmap was called on completion of a
> DMA-like transfer from another context, like a threaded IRQ handler?
> In that case this spinlock might never be released.
> 
> Anyway I can come up with a zswap patch explicitly stating that
> zsmalloc is not fully compliant with zswap / zpool API to avoid
> confusion for the time being. Would that be ok with you?

It's your call since you are maintainer of zswap now and you are
breaking the rule we have kept for a long time.


> 
> Best regards,
>    Vitaly
> 
> > Furthermore, the zs_map_object already has a few more places where
> > disablepreemptions(migrate_read_lock, get_cpu_var and kmap_atomic).
> >
> > Without making those locks preemptible all at once, zswap will still
> > see the lockdep warning.
> >
> > >
> > > Signed-off-by: Vitaly Wool <vitaly.wool@...sulko.com>
> > > ---
> > >  mm/zsmalloc.c | 13 ++++++++-----
> > >  1 file changed, 8 insertions(+), 5 deletions(-)
> > >
> > > diff --git a/mm/zsmalloc.c b/mm/zsmalloc.c
> > > index 7289f502ffac..ff26546a7fed 100644
> > > --- a/mm/zsmalloc.c
> > > +++ b/mm/zsmalloc.c
> > > @@ -876,22 +876,25 @@ static unsigned long obj_to_head(struct page *page, void *obj)
> > >
> > >  static inline int testpin_tag(unsigned long handle)
> > >  {
> > > -     return bit_spin_is_locked(HANDLE_PIN_BIT, (unsigned long *)handle);
> > > +     return test_bit(HANDLE_PIN_BIT, (unsigned long *)handle);
> > >  }
> > >
> > >  static inline int trypin_tag(unsigned long handle)
> > >  {
> > > -     return bit_spin_trylock(HANDLE_PIN_BIT, (unsigned long *)handle);
> > > +     return !test_and_set_bit(HANDLE_PIN_BIT, (unsigned long *)handle);
> > >  }
> > >
> > > -static void pin_tag(unsigned long handle) __acquires(bitlock)
> > > +static void pin_tag(unsigned long handle)
> > >  {
> > > -     bit_spin_lock(HANDLE_PIN_BIT, (unsigned long *)handle);
> > > +     preempt_disable();
> > > +     while(test_and_set_bit(HANDLE_PIN_BIT, (unsigned long *)handle))
> > > +             cpu_relax();
> > > +     preempt_enable();
> > >  }
> > >
> > >  static void unpin_tag(unsigned long handle) __releases(bitlock)
> > >  {
> > > -     bit_spin_unlock(HANDLE_PIN_BIT, (unsigned long *)handle);
> > > +     clear_bit(HANDLE_PIN_BIT, (unsigned long *)handle);
> > >  }
> > >
> > >  static void reset_page(struct page *page)
> > > --
> > > 2.20.1
> > >

Powered by blists - more mailing lists