lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4713391.F8r316W7xa@opensuse>
Date:   Thu, 02 Jun 2022 20:01:04 +0200
From:   "Fabio M. De Francesco" <fmdefrancesco@...il.com>
To:     dsterba@...e.cz, "Fabio M. De Francesco" <fmdefrancesco@...il.com>,
        Chris Mason <clm@...com>, Josef Bacik <josef@...icpanda.com>,
        David Sterba <dsterba@...e.com>,
        Ira Weiny <ira.weiny@...el.com>, linux-btrfs@...r.kernel.org,
        linux-kernel@...r.kernel.org,
        Christoph Hellwig <hch@...radead.org>,
        Matthew Wilcox <willy@...radead.org>
Subject: Re: [PATCH 0/3] btrfs: Replace kmap() with kmap_local_page()

On mercoledì 1 giugno 2022 15:25:45 CEST David Sterba wrote:
> On Tue, May 31, 2022 at 04:53:32PM +0200, Fabio M. De Francesco wrote:
> > This is the first series of patches aimed towards the conversion of 
Btrfs
> > filesystem from the use of kmap() to kmap_local_page().
> 
> We've already had patches converting kmaps and you're changing the last
> ones, so this is could be the last series, with two exceptions.
> 
> 1) You've changed lzo.c and zlib.

and inode.c.

> but the same kmap/kunmap pattern is
>    used in zstd.c.

I thought that these mappings I had worked on were safe to convert.

Instead I wasn't sure that the others I left untouched in zstd.c could so 
easily and mechanically be converted without prior code inspection and 
proper tests.

I did see those in zstd.c, but I decided to postpone those conversions 
because I'm not yet sure if and how the virtual addresses we get currently 
from kmap() are re-used.

I saw assignments like "workspace->in_buf.src = kmap(in_page);". Is 
"in_buf" re-used across different contexts? (I see that Btrfs uses a dozen 
workqueues). 

I also see that kunmap() is called in the same functions that assign 
virtual addresses to "in_buf" and this makes me think that those addresses 
are not handled across contexts, otherwise you already have bugs. But may 
very well be that somewhere in the calls chain the code flushes workqueues 
before returning to the callers (it would mean that when kunmap() is called 
we can be sure that those workqueues are done with using those addresses). 

Furthermore, what can you say about the tens of page_address() spread 
across the whole fs/btrfs? 

If those page_address() take pages from HIGHMEM which were mapped using 
kmap_local_page(), the filesystem will oops the kernel...

About this issue, please see a bug fix ("[PATCH v2] fs/ext2: Avoid 
page_address on pages returned by ext2_get_page") at 
https://lore.kernel.org/lkml/
20210714185448.8707ac239e9f12b3a7f5b9f9@...c.es/#r

Do they only use physical memory from ZONE_NORMAL?

Can you please confirm that it is safe to convert those left kmap() to 
kmap_local_page() and that those page_address() are safe?

If so, I have no problems to convert what I had left for later. Otherwise 
I'll need to carefully inspect the code.

> 2) kmap_atomic in inode.c, so that's technically not kmap but it's said
>    to be deprecated and also can be replaced by kmap_local_page. The
>    context in check_compressed_csum is atomic (in end io) so the kmap
>    hasn't been used there.

I was not 100% sure about the preemption requirements for those call sites 
so I had not converted them yet. Are you saying that there is no need for 
preempt_disable() at the following sites?

# git grep kmap_atomic fs/btrfs
fs/btrfs/compression.c:                 kaddr = kmap_atomic(page);
fs/btrfs/inode.c:                       kaddr = kmap_atomic(cpage);
fs/btrfs/inode.c:               kaddr = kmap_atomic(page);
fs/btrfs/inode.c:       kaddr = kmap_atomic(page);

> > tweed32:~ # btrfs check -p ~zoek/dev/btrfs.file
> 
> That won't verify if the kmap conversion is OK, it's a runtime thing
> while 'check' verifies the data on device. Have you run any kind of
> stress test with enabled compression before running the check?

Ah, thanks. I didn't know this thing.

I installed (x)fstests a couple of days ago. I think it helps to test this 
and other conversions to local mappings, but I haven't yet had time to 
learn how to use it.

Does (x)fstests cover the compression code? Are there any specific tests I 
should target?

> Please send patches converting zstd.c and the remaining kmap_atomic
> usage in inode.c, otherwise the 3 patches are now in misc-next, thanks.

New version is required in any case because LKP reported four uninitialized 
variables in patch 3/3. 

I'm just reading the reports that both you and Christoph hit. At first 
sight they seem to be due to page_address() calls (but I may be wrong, just 
had few minutes to reply so late) :( 

I was wrong in thinking that these call sites could be converted safely. 
I'll do the tests before posting v2.

Thanks,

Fabio

P.S.: I've just read a message from Ira Weiny about something he saw in the 
unmapping order in zstd_compress_pages(). We must think how to address 
mapping /unmapping order properly.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ