| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <15f937d7-7ac1-4a7f-abcd-abfede191b51@arm.com>
Date: Wed, 20 Nov 2024 16:17:59 +0000
From: Robin Murphy <robin.murphy@....com>
To: Yunsheng Lin <linyunsheng@...wei.com>, davem@...emloft.net,
kuba@...nel.org, pabeni@...hat.com
Cc: liuyonglong@...wei.com, fanghaiqing@...wei.com, zhangkun09@...wei.com,
Alexander Duyck <alexander.duyck@...il.com>,
Andrew Morton <akpm@...ux-foundation.org>, IOMMU <iommu@...ts.linux.dev>,
MM <linux-mm@...ck.org>, Jesper Dangaard Brouer <hawk@...nel.org>,
Ilias Apalodimas <ilias.apalodimas@...aro.org>,
Eric Dumazet <edumazet@...gle.com>, Simon Horman <horms@...nel.org>,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH RFC v4 3/3] page_pool: skip dma sync operation for
inflight pages
On 20/11/2024 10:34 am, Yunsheng Lin wrote:
> Skip dma sync operation for inflight pages before the
> page_pool_destroy() returns to the driver as DMA API
> expects to be called with a valid device bound to a
> driver as mentioned in [1].
>
> After page_pool_destroy() is called, the page is not
> expected to be recycled back to pool->alloc cache and
> dma sync operation is not needed when the page is not
> recyclable or pool->ring is full, so only skip the dma
> sync operation for the infilght pages by clearing the
> pool->dma_sync under protection of rcu lock when page
> is recycled to pool->ring to ensure that there is no
> dma sync operation called after page_pool_destroy() is
> returned.
Something feels off here - either this is a micro-optimisation which I
wouldn't really expect to be meaningful, or it means patch #2 doesn't
actually do what it claims. If it really is possible to attempt to
dma_sync a page *after* page_pool_inflight_unmap() has already reclaimed
and unmapped it, that represents yet another DMA API lifecycle issue,
which as well as being even more obviously incorrect usage-wise, could
also still lead to the same crash (if the device is non-coherent).
Otherwise, I don't imagine it's really worth worrying about optimising
out syncs for any pages which happen to get naturally returned after
page_pool_destroy() starts but before they're explicitly reclaimed.
Realistically, the kinds of big server systems where reclaim takes an
appreciable amount of time are going to be coherent and skipping syncs
anyway.
Thanks,
Robin.
> 1. https://lore.kernel.org/all/caf31b5e-0e8f-4844-b7ba-ef59ed13b74e@arm.com/
> CC: Robin Murphy <robin.murphy@....com>
> CC: Alexander Duyck <alexander.duyck@...il.com>
> CC: Andrew Morton <akpm@...ux-foundation.org>
> CC: IOMMU <iommu@...ts.linux.dev>
> CC: MM <linux-mm@...ck.org>
> Fixes: f71fec47c2df ("page_pool: make sure struct device is stable")
> Signed-off-by: Yunsheng Lin <linyunsheng@...wei.com>
> ---
> net/core/page_pool.c | 25 ++++++++++++++++++-------
> 1 file changed, 18 insertions(+), 7 deletions(-)
>
> diff --git a/net/core/page_pool.c b/net/core/page_pool.c
> index 33a314abbba4..0bde7c6c781a 100644
> --- a/net/core/page_pool.c
> +++ b/net/core/page_pool.c
> @@ -712,7 +712,8 @@ static void page_pool_return_page(struct page_pool *pool, netmem_ref netmem)
> rcu_read_unlock();
> }
>
> -static bool page_pool_recycle_in_ring(struct page_pool *pool, netmem_ref netmem)
> +static bool page_pool_recycle_in_ring(struct page_pool *pool, netmem_ref netmem,
> + unsigned int dma_sync_size)
> {
> int ret;
> /* BH protection not needed if current is softirq */
> @@ -723,10 +724,13 @@ static bool page_pool_recycle_in_ring(struct page_pool *pool, netmem_ref netmem)
>
> if (!ret) {
> recycle_stat_inc(pool, ring);
> - return true;
> +
> + rcu_read_lock();
> + page_pool_dma_sync_for_device(pool, netmem, dma_sync_size);
> + rcu_read_unlock();
> }
>
> - return false;
> + return !ret;
> }
>
> /* Only allow direct recycling in special circumstances, into the
> @@ -779,10 +783,11 @@ __page_pool_put_page(struct page_pool *pool, netmem_ref netmem,
> if (likely(__page_pool_page_can_be_recycled(netmem))) {
> /* Read barrier done in page_ref_count / READ_ONCE */
>
> - page_pool_dma_sync_for_device(pool, netmem, dma_sync_size);
> -
> - if (allow_direct && page_pool_recycle_in_cache(netmem, pool))
> + if (allow_direct && page_pool_recycle_in_cache(netmem, pool)) {
> + page_pool_dma_sync_for_device(pool, netmem,
> + dma_sync_size);
> return 0;
> + }
>
> /* Page found as candidate for recycling */
> return netmem;
> @@ -845,7 +850,7 @@ void page_pool_put_unrefed_netmem(struct page_pool *pool, netmem_ref netmem,
>
> netmem =
> __page_pool_put_page(pool, netmem, dma_sync_size, allow_direct);
> - if (netmem && !page_pool_recycle_in_ring(pool, netmem)) {
> + if (netmem && !page_pool_recycle_in_ring(pool, netmem, dma_sync_size)) {
> /* Cache full, fallback to free pages */
> recycle_stat_inc(pool, ring_full);
> page_pool_return_page(pool, netmem);
> @@ -903,14 +908,18 @@ void page_pool_put_page_bulk(struct page_pool *pool, void **data,
>
> /* Bulk producer into ptr_ring page_pool cache */
> in_softirq = page_pool_producer_lock(pool);
> + rcu_read_lock();
> for (i = 0; i < bulk_len; i++) {
> if (__ptr_ring_produce(&pool->ring, data[i])) {
> /* ring full */
> recycle_stat_inc(pool, ring_full);
> break;
> }
> + page_pool_dma_sync_for_device(pool, (__force netmem_ref)data[i],
> + -1);
> }
> recycle_stat_add(pool, ring, i);
> + rcu_read_unlock();
> page_pool_producer_unlock(pool, in_softirq);
>
> /* Hopefully all pages was return into ptr_ring */
> @@ -1200,6 +1209,8 @@ void page_pool_destroy(struct page_pool *pool)
> if (!page_pool_release(pool))
> return;
>
> + pool->dma_sync = false;
> +
> /* Paired with rcu lock in page_pool_napi_local() to enable clearing
> * of pool->p.napi in page_pool_disable_direct_recycling() is seen
> * before returning to driver to free the napi instance.
Powered by blists - more mailing lists