lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <953d4a2c-bf0c-9a92-9964-eae445a8f113@amd.com>
Date:   Fri, 20 May 2022 09:03:00 +0200
From:   Christian König <christian.koenig@....com>
To:     "T.J. Mercier" <tjmercier@...gle.com>
Cc:     Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
        Suren Baghdasaryan <surenb@...gle.com>,
        Kalesh Singh <kaleshsingh@...gle.com>,
        Minchan Kim <minchan@...gle.com>,
        Greg Kroah-Hartman <gregkh@...gle.com>,
        John Stultz <jstultz@...gle.com>,
        Sumit Semwal <sumit.semwal@...aro.org>,
        Daniel Vetter <daniel.vetter@...ll.ch>,
        Hridya Valsaraju <hridya@...gle.com>, kernel-team@...roid.com,
        linux-media@...r.kernel.org, dri-devel@...ts.freedesktop.org,
        linaro-mm-sig@...ts.linaro.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] dma-buf: Move sysfs work out of DMA-BUF export path

Am 20.05.22 um 00:58 schrieb T.J. Mercier:
> [SNIP]
>>> Is there some other
>>> solution to the problem of exports getting blocked that you would
>>> suggest here?
>> Well pretty much the same as Greg outlined as well. Go back to your
>> drawing board and come back with a solution which does not need such
>> workarounds.
>>
>> Alternatively you can give me a full overview of the design and explain
>> why exactly that interface here is necessary in exactly that form.
>>
> We ended up here because we could not use debugfs.

[SNIP]

> Another idea was adding per-buffer stats to procfs, but that was not
> an option since per-buffer stats are not process specific.
>
> So it seemed like sysfs was an appropriate solution at the time. It
> comes with a stable interface as a bonus, but with the limitation of 1
> value per file this leads to creating lots of files in sysfs for all
> dma buffers. This leads to increased kernfs lock contention, and
> unfortunately we try to take the lock on the hot path.

That's what I totally agree on about. debugfs is for debugging and not 
for production use.

So either sysfs or procfs or something completely different seems to be 
the right direction for the solution of the problem.

> With the description and links to the userspace code which actually
> uses the feature I feel like that's a complete picture of what's
> currently happening with this interface. If you could explain what
> information is missing I'll do my best to provide it.

Yeah, I've realized that I didn't made it clear what my concerns are 
here. So let me try once more from the beginning:

DMA-buf is a framework for sharing device buffers and their handles 
between different userspace processes and kernel device. It's based 
around the concept of representing those buffers as files which can then 
be mmap(), referenced with a file descriptor, etc....

Those abilities come with a certain overhead, using inode numbers, 
reference counters, creating virtual files for tracking (both debugfs, 
sysfs, procfs) etc... So what both drivers and userspace implementing 
DMA-buf is doing is that they share buffers using this framework only 
when they have to.

In other words for upstream graphics drivers 99.9% of the buffers are 
*not* shared using DMA-buf. And this is perfectly intentional because of 
the additional overhead. Only the 3 or 4 buffers which are shared per 
process between the client and server in a display environment are 
actually exported and imported as DMA-buf.

What the recent patches suggest is that this is not the case on Android. 
So for example overrunning a 32bit inode number means that you manage to 
created and destroy over 4 billion DMA-bufs. Same for this sysfs based 
accounting, this only makes sense when you really export *everything* as 
DMA-buf.

So if that is correct, then that would be a pretty clear design issue in 
Android. Now, if you want to keep this design then that is perfectly 
fine with the kernel, but it also means that you need to deal with any 
arising problems by yourself.

Pushing patches upstream indicates that you want to share your work with 
others. And in this case it suggests that you want to encourage others 
to follow the Android design and that is something I would pretty 
clearly reject.

>> Yeah and to be honest I have the strong feeling now that this was
>> absolutely not well thought through.
> I'm open to working on a replacement for this if we can't find an
> acceptable solution here, but I would appreciate some direction on
> what would be acceptable. For example Greg's idea sounds workable, but
> the question is if it mergeable?

Well one possibility would be to use cgroups. That framework needs to do 
accounting as well, just with an additional limitation to it.

And there are already some proposed cgroup patches for device driver 
memory. While reviewing those both Daniel and I already made it pretty 
clear that it must be separated from DMA-buf, exactly because of the 
reason that we probably don't want every buffer exported.

But to work on a full blown solution I need a better understanding of 
how your userspace components do.

Regards,
Christian.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ