| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <42E9BEA8-9B02-440F-94BF-74393827B01E@nvidia.com>
Date: Mon, 23 Jun 2025 11:25:40 -0400
From: Zi Yan <ziy@...dia.com>
To: David Hildenbrand <david@...hat.com>,
Toke Høiland-Jørgensen <toke@...hat.com>
Cc: Byungchul Park <byungchul@...com>, willy@...radead.org,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org, linux-mm@...ck.org,
kernel_team@...ynix.com, kuba@...nel.org, almasrymina@...gle.com,
ilias.apalodimas@...aro.org, harry.yoo@...cle.com, hawk@...nel.org,
akpm@...ux-foundation.org, davem@...emloft.net, john.fastabend@...il.com,
andrew+netdev@...n.ch, asml.silence@...il.com, toke@...hat.com,
tariqt@...dia.com, edumazet@...gle.com, pabeni@...hat.com, saeedm@...dia.com,
leon@...nel.org, ast@...nel.org, daniel@...earbox.net,
lorenzo.stoakes@...cle.com, Liam.Howlett@...cle.com, vbabka@...e.cz,
rppt@...nel.org, surenb@...gle.com, mhocko@...e.com, horms@...nel.org,
linux-rdma@...r.kernel.org, bpf@...r.kernel.org, vishal.moola@...il.com,
hannes@...xchg.org, jackmanb@...gle.com
Subject: Re: [PATCH net-next v6 9/9] page_pool: access ->pp_magic through
struct netmem_desc in page_pool_page_is_pp()
On 23 Jun 2025, at 10:58, David Hildenbrand wrote:
> On 23.06.25 13:13, Zi Yan wrote:
>> On 23 Jun 2025, at 6:16, Byungchul Park wrote:
>>
>>> On Mon, Jun 23, 2025 at 11:16:43AM +0200, David Hildenbrand wrote:
>>>> On 20.06.25 06:12, Byungchul Park wrote:
>>>>> To simplify struct page, the effort to separate its own descriptor from
>>>>> struct page is required and the work for page pool is on going.
>>>>>
>>>>> To achieve that, all the code should avoid directly accessing page pool
>>>>> members of struct page.
>>>>>
>>>>> Access ->pp_magic through struct netmem_desc instead of directly
>>>>> accessing it through struct page in page_pool_page_is_pp(). Plus, move
>>>>> page_pool_page_is_pp() from mm.h to netmem.h to use struct netmem_desc
>>>>> without header dependency issue.
>>>>>
>>>>> Signed-off-by: Byungchul Park <byungchul@...com>
>>>>> Reviewed-by: Toke Høiland-Jørgensen <toke@...hat.com>
>>>>> Reviewed-by: Mina Almasry <almasrymina@...gle.com>
>>>>> Reviewed-by: Pavel Begunkov <asml.silence@...il.com>
>>>>> Reviewed-by: Vlastimil Babka <vbabka@...e.cz>
>>>>> Acked-by: Harry Yoo <harry.yoo@...cle.com>
>>>>> ---
>>>>> include/linux/mm.h | 12 ------------
>>>>> include/net/netmem.h | 14 ++++++++++++++
>>>>> mm/page_alloc.c | 1 +
>>>>> 3 files changed, 15 insertions(+), 12 deletions(-)
>>>>>
>>>>> diff --git a/include/linux/mm.h b/include/linux/mm.h
>>>>> index 0ef2ba0c667a..0b7f7f998085 100644
>>>>> --- a/include/linux/mm.h
>>>>> +++ b/include/linux/mm.h
>>>>> @@ -4172,16 +4172,4 @@ int arch_lock_shadow_stack_status(struct task_struct *t, unsigned long status);
>>>>> */
>>>>> #define PP_MAGIC_MASK ~(PP_DMA_INDEX_MASK | 0x3UL)
>>>>>
>>>>> -#ifdef CONFIG_PAGE_POOL
>>>>> -static inline bool page_pool_page_is_pp(struct page *page)
>>>>> -{
>>>>> - return (page->pp_magic & PP_MAGIC_MASK) == PP_SIGNATURE;
>>>>> -}
>>>>> -#else
>>>>> -static inline bool page_pool_page_is_pp(struct page *page)
>>>>> -{
>>>>> - return false;
>>>>> -}
>>>>> -#endif
>>>>> -
>>>>> #endif /* _LINUX_MM_H */
>>>>> diff --git a/include/net/netmem.h b/include/net/netmem.h
>>>>> index d49ed49d250b..3d1b1dfc9ba5 100644
>>>>> --- a/include/net/netmem.h
>>>>> +++ b/include/net/netmem.h
>>>>> @@ -56,6 +56,20 @@ NETMEM_DESC_ASSERT_OFFSET(pp_ref_count, pp_ref_count);
>>>>> */
>>>>> static_assert(sizeof(struct netmem_desc) <= offsetof(struct page, _refcount));
>>>>>
>>>>> +#ifdef CONFIG_PAGE_POOL
>>>>> +static inline bool page_pool_page_is_pp(struct page *page)
>>>>> +{
>>>>> + struct netmem_desc *desc = (struct netmem_desc *)page;
>>>>> +
>>>>> + return (desc->pp_magic & PP_MAGIC_MASK) == PP_SIGNATURE;
>>>>> +}
>>>>> +#else
>>>>> +static inline bool page_pool_page_is_pp(struct page *page)
>>>>> +{
>>>>> + return false;
>>>>> +}
>>>>> +#endif
>>>>
>>>> I wonder how helpful this cleanup is long-term.
>>>>
>>>> page_pool_page_is_pp() is only called from mm/page_alloc.c, right?
>>>
>>> Yes.
>>>
>>>> There, we want to make sure that no pagepool page is ever returned to
>>>> the buddy.
>>>>
>>>> How reasonable is this sanity check to have long-term? Wouldn't we be
>>>> able to check that on some higher-level freeing path?
>>>>
>>>> The reason I am commenting is that once we decouple "struct page" from
>>>> "struct netmem_desc", we'd have to lookup here the corresponding "struct
>>>> netmem_desc".
>>>>
>>>> ... but at that point here (when we free the actual pages), the "struct
>>>> netmem_desc" would likely already have been freed separately (remember:
>>>> it will be dynamically allocated).
>>>>
>>>> With that in mind:
>>>>
>>>> 1) Is there a higher level "struct netmem_desc" freeing path where we
>>>> could check that instead, so we don't have to cast from pages to
>>>> netmem_desc at all.
>>>
>>> I also thought it's too paranoiac. However, I thought it's other issue
>>> than this work. That's why I left the API as is for now, it can be gone
>>> once we get convinced the check is unnecessary in deep buddy. Wrong?
>>>
>>>> 2) How valuable are these sanity checks deep in the buddy?
>>>
>>> That was also what I felt weird on.
>>
>> It seems very useful when I asked last time[1]:
>>
>> |> We have actually used this at Cloudflare to catch some page_pool bugs.
>
> My question is rather, whether there is some higher-level freeing path for netmem_desc where we could check that instead (IOW, earlier).
>
> Or is it really arbitrary put_page() (IOW, we assume that many possible references can be held)?
+Toke, who I talked about this last time.
Maybe he can shed some light on it.
--
Best Regards,
Yan, Zi
Powered by blists - more mailing lists