lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <6bbb8e29-9e21-dfbe-d23d-61de7e3cc6db@redhat.com>
Date:   Wed, 22 Sep 2021 20:21:40 +0200
From:   David Hildenbrand <david@...hat.com>
To:     Peter Xu <peterx@...hat.com>, linux-kernel@...r.kernel.org,
        linux-mm@...ck.org
Cc:     Andrew Morton <akpm@...ux-foundation.org>,
        Andrea Arcangeli <aarcange@...hat.com>,
        Axel Rasmussen <axelrasmussen@...gle.com>,
        Hugh Dickins <hughd@...gle.com>,
        Nadav Amit <nadav.amit@...il.com>
Subject: Re: [PATCH] mm/khugepaged: Detecting uffd-wp vma more efficiently

On 22.09.21 19:51, Peter Xu wrote:
> We forbid merging thps for uffd-wp enabled regions, by breaking the khugepaged
> scanning right after we detected a uffd-wp armed pte (either present, or swap).
> 
> It works, but it's less efficient, because those ptes only exist for VM_UFFD_WP
> enabled VMAs.  Checking against the vma flag would be more efficient, and good
> enough.  To be explicit, we could still be able to merge some thps for
> VM_UFFD_WP regions before this patch as long as they have zero uffd-wp armed
> ptes, however that's not a major target for thp collapse anyways.
> 

Hm, are we sure there are no users that could benefit from the current 
handling?

I'm thinking about long-term uffd-wp users that effectively end up 
wp-ing on only a small fraction of a gigantic vma, or always wp complete 
blocks in a certain granularity in the range of THP.

Databases come to mind ...

In the past, I played with the idea of using uffd-wp to protect access 
to logically unplugged memory regions part of virtio-mem devices in QEMU 
-- which would exactly do something as described above. But I'll most 
probably be using ordinary uffd once any users that might read such 
logically unplugged memory have been "fixed".

The change itself looks sane to me AFAIKT.

> This mostly reverts commit e1e267c7928fe387e5e1cffeafb0de2d0473663a, but
> instead we do the same check at vma level, so it's not a bugfix.
> 
> This also paves the way for file-backed uffd-wp support, as the VM_UFFD_WP flag
> will work for file-backed too.
> 
> After this patch, the error for khugepaged for these regions will switch from
> SCAN_PTE_UFFD_WP to SCAN_VMA_CHECK.
> 
> Since uffd minor mode should not allow thp as well, do the same thing for minor
> mode to stop early on trying to collapse pages in khugepaged.
> 
> Cc: Andrea Arcangeli <aarcange@...hat.com>
> Cc: Axel Rasmussen <axelrasmussen@...gle.com>
> Cc: Hugh Dickins <hughd@...gle.com>
> Cc: Nadav Amit <nadav.amit@...il.com>
> Signed-off-by: Peter Xu <peterx@...hat.com>
> ---
> 
> Axel: as I asked in the other thread, please help check whether minor mode will
> work properly with shmem thp enabled.  If not, I feel like this patch could be
> part of that effort at last, but it's also possible that I missed something.
> 
> Signed-off-by: Peter Xu <peterx@...hat.com>
> ---
>   include/trace/events/huge_memory.h |  1 -
>   mm/khugepaged.c                    | 26 +++-----------------------
>   2 files changed, 3 insertions(+), 24 deletions(-)
> 
> diff --git a/include/trace/events/huge_memory.h b/include/trace/events/huge_memory.h
> index 4fdb14a81108..53532f5925c3 100644
> --- a/include/trace/events/huge_memory.h
> +++ b/include/trace/events/huge_memory.h
> @@ -15,7 +15,6 @@
>   	EM( SCAN_EXCEED_SWAP_PTE,	"exceed_swap_pte")		\
>   	EM( SCAN_EXCEED_SHARED_PTE,	"exceed_shared_pte")		\
>   	EM( SCAN_PTE_NON_PRESENT,	"pte_non_present")		\
> -	EM( SCAN_PTE_UFFD_WP,		"pte_uffd_wp")			\
>   	EM( SCAN_PAGE_RO,		"no_writable_page")		\
>   	EM( SCAN_LACK_REFERENCED_PAGE,	"lack_referenced_page")		\
>   	EM( SCAN_PAGE_NULL,		"page_null")			\
> diff --git a/mm/khugepaged.c b/mm/khugepaged.c
> index 045cc579f724..3afe66d48db0 100644
> --- a/mm/khugepaged.c
> +++ b/mm/khugepaged.c
> @@ -31,7 +31,6 @@ enum scan_result {
>   	SCAN_EXCEED_SWAP_PTE,
>   	SCAN_EXCEED_SHARED_PTE,
>   	SCAN_PTE_NON_PRESENT,
> -	SCAN_PTE_UFFD_WP,
>   	SCAN_PAGE_RO,
>   	SCAN_LACK_REFERENCED_PAGE,
>   	SCAN_PAGE_NULL,
> @@ -467,6 +466,9 @@ static bool hugepage_vma_check(struct vm_area_struct *vma,
>   		return false;
>   	if (vma_is_temporary_stack(vma))
>   		return false;
> +	/* Don't allow thp merging for wp/minor enabled uffd regions */
> +	if (userfaultfd_wp(vma) || userfaultfd_minor(vma))
> +		return false;
>   	return !(vm_flags & VM_NO_KHUGEPAGED);
>   }
>   
> @@ -1246,15 +1248,6 @@ static int khugepaged_scan_pmd(struct mm_struct *mm,
>   		pte_t pteval = *_pte;
>   		if (is_swap_pte(pteval)) {
>   			if (++unmapped <= khugepaged_max_ptes_swap) {
> -				/*
> -				 * Always be strict with uffd-wp
> -				 * enabled swap entries.  Please see
> -				 * comment below for pte_uffd_wp().
> -				 */
> -				if (pte_swp_uffd_wp(pteval)) {
> -					result = SCAN_PTE_UFFD_WP;
> -					goto out_unmap;
> -				}
>   				continue;
>   			} else {
>   				result = SCAN_EXCEED_SWAP_PTE;
> @@ -1270,19 +1263,6 @@ static int khugepaged_scan_pmd(struct mm_struct *mm,
>   				goto out_unmap;
>   			}
>   		}
> -		if (pte_uffd_wp(pteval)) {
> -			/*
> -			 * Don't collapse the page if any of the small
> -			 * PTEs are armed with uffd write protection.
> -			 * Here we can also mark the new huge pmd as
> -			 * write protected if any of the small ones is
> -			 * marked but that could bring unknown
> -			 * userfault messages that falls outside of
> -			 * the registered range.  So, just be simple.
> -			 */
> -			result = SCAN_PTE_UFFD_WP;
> -			goto out_unmap;
> -		}
>   		if (pte_write(pteval))
>   			writable = true;
>   
> 


-- 
Thanks,

David / dhildenb

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ