| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <02239ca7-9701-4bfa-af0f-dcf0d05a3e89@linux.alibaba.com>
Date: Thu, 25 Dec 2025 10:48:42 +0800
From: Baolin Wang <baolin.wang@...ux.alibaba.com>
To: Ryan Roberts <ryan.roberts@....com>, akpm@...ux-foundation.org,
david@...nel.org, catalin.marinas@....com, will@...nel.org
Cc: lorenzo.stoakes@...cle.com, Liam.Howlett@...cle.com, vbabka@...e.cz,
rppt@...nel.org, surenb@...gle.com, mhocko@...e.com, riel@...riel.com,
harry.yoo@...cle.com, jannh@...gle.com, willy@...radead.org,
baohua@...nel.org, dev.jain@....com, linux-mm@...ck.org,
linux-arm-kernel@...ts.infradead.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v4 3/5] arm64: mm: support batch clearing of the young
flag for large folios
On 2025/12/24 22:07, Ryan Roberts wrote:
> On 23/12/2025 05:48, Baolin Wang wrote:
>> Currently, contpte_ptep_test_and_clear_young() and contpte_ptep_clear_flush_young()
>> only clear the young flag and flush TLBs for PTEs within the contiguous range.
>> To support batch PTE operations for other sized large folios in the following
>> patches, adding a new parameter to specify the number of PTEs that map consecutive
>> pages of the same large folio in a single VMA and a single page table.
>>
>> While we are at it, rename the functions to maintain consistency with other
>> contpte_*() functions.
>>
>> Signed-off-by: Baolin Wang <baolin.wang@...ux.alibaba.com>
>> ---
>> arch/arm64/include/asm/pgtable.h | 12 ++++++------
>> arch/arm64/mm/contpte.c | 33 ++++++++++++++++++--------------
>> 2 files changed, 25 insertions(+), 20 deletions(-)
>>
>> diff --git a/arch/arm64/include/asm/pgtable.h b/arch/arm64/include/asm/pgtable.h
>> index 445e18e92221..d5fbe72e820a 100644
>> --- a/arch/arm64/include/asm/pgtable.h
>> +++ b/arch/arm64/include/asm/pgtable.h
>> @@ -1648,10 +1648,10 @@ extern void contpte_clear_full_ptes(struct mm_struct *mm, unsigned long addr,
>> extern pte_t contpte_get_and_clear_full_ptes(struct mm_struct *mm,
>> unsigned long addr, pte_t *ptep,
>> unsigned int nr, int full);
>> -extern int contpte_ptep_test_and_clear_young(struct vm_area_struct *vma,
>> - unsigned long addr, pte_t *ptep);
>> -extern int contpte_ptep_clear_flush_young(struct vm_area_struct *vma,
>> - unsigned long addr, pte_t *ptep);
>> +int contpte_test_and_clear_young_ptes(struct vm_area_struct *vma,
>> + unsigned long addr, pte_t *ptep, unsigned int nr);
>> +int contpte_clear_flush_young_ptes(struct vm_area_struct *vma,
>> + unsigned long addr, pte_t *ptep, unsigned int nr);
>> extern void contpte_wrprotect_ptes(struct mm_struct *mm, unsigned long addr,
>> pte_t *ptep, unsigned int nr);
>> extern int contpte_ptep_set_access_flags(struct vm_area_struct *vma,
>> @@ -1823,7 +1823,7 @@ static inline int ptep_test_and_clear_young(struct vm_area_struct *vma,
>> if (likely(!pte_valid_cont(orig_pte)))
>> return __ptep_test_and_clear_young(vma, addr, ptep);
>>
>> - return contpte_ptep_test_and_clear_young(vma, addr, ptep);
>> + return contpte_test_and_clear_young_ptes(vma, addr, ptep, CONT_PTES);
>
> As per your fixup patch, I agree that nr should be 1 here, not CONT_PTES.
Yes.
>> }
>>
>> #define __HAVE_ARCH_PTEP_CLEAR_YOUNG_FLUSH
>> @@ -1835,7 +1835,7 @@ static inline int ptep_clear_flush_young(struct vm_area_struct *vma,
>> if (likely(!pte_valid_cont(orig_pte)))
>> return __ptep_clear_flush_young(vma, addr, ptep);
>>
>> - return contpte_ptep_clear_flush_young(vma, addr, ptep);
>> + return contpte_clear_flush_young_ptes(vma, addr, ptep, CONT_PTES);
>
> And same here.
>
>> }
>>
>> #define wrprotect_ptes wrprotect_ptes
>> diff --git a/arch/arm64/mm/contpte.c b/arch/arm64/mm/contpte.c
>> index e4ddeb46f25d..b929a455103f 100644
>> --- a/arch/arm64/mm/contpte.c
>> +++ b/arch/arm64/mm/contpte.c
>> @@ -508,8 +508,9 @@ pte_t contpte_get_and_clear_full_ptes(struct mm_struct *mm,
>> }
>> EXPORT_SYMBOL_GPL(contpte_get_and_clear_full_ptes);
>>
>> -int contpte_ptep_test_and_clear_young(struct vm_area_struct *vma,
>> - unsigned long addr, pte_t *ptep)
>> +int contpte_test_and_clear_young_ptes(struct vm_area_struct *vma,
>> + unsigned long addr, pte_t *ptep,
>> + unsigned int nr)
>> {
>> /*
>> * ptep_clear_flush_young() technically requires us to clear the access
>> @@ -518,41 +519,45 @@ int contpte_ptep_test_and_clear_young(struct vm_area_struct *vma,
>> * contig range when the range is covered by a single folio, we can get
>> * away with clearing young for the whole contig range here, so we avoid
>> * having to unfold.
>> + *
>> + * The 'nr' means consecutive (present) PTEs that map consecutive pages
>> + * of the same large folio in a single VMA and a single page table.
>> */
>>
>> + unsigned long end = addr + nr * PAGE_SIZE;
>> int young = 0;
>> - int i;
>>
>> - ptep = contpte_align_down(ptep);
>> - addr = ALIGN_DOWN(addr, CONT_PTE_SIZE);
>> -
>> - for (i = 0; i < CONT_PTES; i++, ptep++, addr += PAGE_SIZE)
>> + ptep = contpte_align_addr_ptep(&addr, &end, ptep, nr);
>> + for (; addr != end; ptep++, addr += PAGE_SIZE)
>> young |= __ptep_test_and_clear_young(vma, addr, ptep);
>>
>> return young;
>> }
>> -EXPORT_SYMBOL_GPL(contpte_ptep_test_and_clear_young);
>> +EXPORT_SYMBOL_GPL(contpte_test_and_clear_young_ptes);
>>
>> -int contpte_ptep_clear_flush_young(struct vm_area_struct *vma,
>> - unsigned long addr, pte_t *ptep)
>> +int contpte_clear_flush_young_ptes(struct vm_area_struct *vma,
>> + unsigned long addr, pte_t *ptep,
>> + unsigned int nr)
>> {
>> int young;
>>
>> - young = contpte_ptep_test_and_clear_young(vma, addr, ptep);
>> + young = contpte_test_and_clear_young_ptes(vma, addr, ptep, nr);
>>
>> if (young) {
>> + unsigned long end = addr + nr * PAGE_SIZE;
>> +
>> + contpte_align_addr_ptep(&addr, &end, ptep, nr);
>> /*
>> * See comment in __ptep_clear_flush_young(); same rationale for
>> * eliding the trailing DSB applies here.
>> */
>> - addr = ALIGN_DOWN(addr, CONT_PTE_SIZE);
>> - __flush_tlb_range_nosync(vma->vm_mm, addr, addr + CONT_PTE_SIZE,
>> + __flush_tlb_range_nosync(vma->vm_mm, addr, end,
>> PAGE_SIZE, true, 3);
>
> Hmm... The requirement is that we must flush the _page_ if clearing access for a
> pte that does not have the contiguous bit set, or we must flush the _contpte
> block_ if clearing access for a pte that does have the contiguous bit set.
>
> With your changes, you may call for a large range that covers multiple contpte
> blocks but only has a single pte in a single contpte block for which the access
> bit was previously set. But that will cause flushing the TLB for the full range.
> Could this cause a performance issue? Yes, no, maybe... I think it's unlikely
> but I wouldn't rule it out in some edge case.
>
> I wonder if it's better to track the sub-ranges where access was cleared and
> only issue tlbi for those sub-ranges? Probably just keep it simple (the way you
> have done it) until/unless we see an actual problem?
Good question. Indeed, as you said, we flush the TLB per folio now,
which might increase the flush range. However, I think this approach is
relatively reasonable for now.
First, the mm-core also tracks the access status per folio, and it's
really unnecessary to add excessive complexity to track the access
status of sub-pages (or sub-ranges). I can already imagine that tracking
the access status for each cont-block range as well as for non-cont
pages across the entire large folio range, which can be too complicated.
Second, __flush_tlb_range_nosync() is a lightweight flush. I quickly ran
a measurement on my machine and found that the overhead of
__flush_tlb_range_nosync() barely changes between nr=16 and nr=256 (both
are around 40 ns).
Therefore, I would still prefer to keep the logic here simple.
Powered by blists - more mailing lists