From: John Hubbard <jhubbard@nvidia.com>
To: Peter Xu <peterx@redhat.com>
Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org,
Paolo Bonzini <pbonzini@redhat.com>,
Andrew Morton <akpm@linux-foundation.org>,
David Hildenbrand <david@redhat.com>,
"Dr . David Alan Gilbert" <dgilbert@redhat.com>,
Andrea Arcangeli <aarcange@redhat.com>,
Linux MM Mailing List <linux-mm@kvack.org>,
Sean Christopherson <seanjc@google.com>
Subject: Re: [PATCH 1/4] mm/gup: Add FOLL_INTERRUPTIBLE
Date: Wed, 29 Jun 2022 18:53:30 -0700 [thread overview]
Message-ID: <17f9eae0-01bb-4793-201e-16ee267c07f2@nvidia.com> (raw)
In-Reply-To: <Yrx0ETyb2kk4fO4M@xz-m1.local>
On 6/29/22 08:47, Peter Xu wrote:
>> It looks like part of this comment is trying to document a pre-existing
>> concept, which is that faultin_page() only ever sets FAULT_FLAG_KILLABLE
>> if locked != NULL.
>
> I'd say that's not what I wanted to comment.. I wanted to express that
> INTERRUPTIBLE should rely on KILLABLE, that's also why I put the comment to
> be after KILLABLE, not before. IMHO it makes sense already to have
> "interruptible" only if "killable", no matter what's the pre-requisite for
> KILLABLE (in this case it's having "locked" being non-null).
>
OK, I think I finally understand both the intention of the comment,
and (thanks to your notes, below) the interaction between *locked and
_RETRY, _KILLABLE, and _INTERRUPTIBLE. Really appreciate your leading
me by the nose through that. The pre-existing code is abusing *locked
a bit, by treating it as a flag when really it is a side effect of
flags, but at least now that's clear to me.
Anyway...this leads to finally getting into the comment, which I now
think is not quite what we want: there is no need for a hierarchy of
"_INTERRUPTIBLE should depend upon _KILLABLE". That is: even though an
application allows a fatal signal to get through, it's not clear to me
that that implies that non-fatal signal handling should be prevented.
The code is only vaguely enforcing such a thing, because it just so
happens that both cases require the same basic prerequisites. So the
code looks good, but I don't see a need to claim a hierarchy in the
comments.
So I'd either delete the comment entirely, or go with something that is
doesn't try to talk about hierarchy nor locked/retry either. Does this
look reasonable to you:
/*
* FAULT_FLAG_INTERRUPTIBLE is opt-in: kernel callers must set
* FOLL_INTERRUPTIBLE. That's because some callers may not be
* prepared to handle early exits caused by non-fatal signals.
*/
?
>> The problem I am (personally) having is that I don't yet understand why
>> or how those are connected: what is it about having locked non-NULL that
>> means the process is killable? (Can you explain why that is?)
>
> Firstly RETRY_KILLABLE relies on ALLOW_RETRY, because if we don't allow
> retry at all it means we'll never wait in handle_mm_fault() anyway, then no
> need to worry on being interrupted by any kind of signal (fatal or not).
>
> Then if we allow retry, we need some way to know "whether mmap_sem is
> released or not" during the process for the caller (because the caller
> cannot see VM_FAULT_RETRY). That's why we added "locked" parameter, so
> that we can set *locked=false to tell the caller we have released mmap_sem.
>
> I think that's why we have "locked" defined as "we allow this page fault
> request to retry and wait, during wait we can always allow fatal signals".
> I think that's defined throughout the gup call interfaces too, and
> faultin_page() is the last step to talk to handle_mm_fault().
>
> To make this whole picture complete, NOWAIT is another thing that relies on
> ALLOW_RETRY but just to tell "oh please never release the mmap_sem at all".
> For example, when we want to make sure no vma will be released after
> faultin_page() returned.
>
Again, thanks for taking the time to explain that for me. :)
>>
>> If that were clear, I think I could suggest a good comment wording.
>
> IMHO it's a little bit weird to explain "locked" here, especially after
> KILLABLE is set, that's why I didn't try to mention "locked" in my 2nd
> attempt. There are some comments for "locked" above the definition of
> faultin_page(), I think that'll be a nicer place to enrich explanations for
> "locked", and it seems even more suitable as a separate patch?
>
Totally agreed. I didn't intend to ask for that kind of documentation
here.
For that, I'm thinking a combination of cleaning up *locked a little
bit, plus maybe some higher level notes like what you wrote above, added
to either pin_user_pages.rst or a new get_user_pages.rst or some .rst
anyway. Definitely a separately thing.
thanks,
--
John Hubbard
NVIDIA
next prev parent reply other threads:[~2022-06-30 1:53 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-22 21:36 [PATCH 0/4] kvm/mm: Allow GUP to respond to non fatal signals Peter Xu
2022-06-22 21:36 ` [PATCH 1/4] mm/gup: Add FOLL_INTERRUPTIBLE Peter Xu
2022-06-25 0:35 ` Jason Gunthorpe
2022-06-25 1:23 ` Peter Xu
2022-06-25 23:59 ` Jason Gunthorpe
2022-06-27 15:29 ` Peter Xu
2022-06-28 2:07 ` John Hubbard
2022-06-28 19:31 ` Peter Xu
2022-06-28 21:40 ` John Hubbard
2022-06-28 22:33 ` Peter Xu
2022-06-29 0:31 ` John Hubbard
2022-06-29 15:47 ` Peter Xu
2022-06-30 1:53 ` John Hubbard [this message]
2022-06-30 13:49 ` Peter Xu
2022-06-30 19:01 ` John Hubbard
2022-06-30 21:27 ` Peter Xu
2022-07-04 22:48 ` Matthew Wilcox
2022-07-07 15:06 ` Peter Xu
2022-06-22 21:36 ` [PATCH 2/4] kvm: Merge "atomic" and "write" in __gfn_to_pfn_memslot() Peter Xu
2022-06-23 14:49 ` Sean Christopherson
2022-06-23 19:46 ` Peter Xu
2022-06-23 20:29 ` Sean Christopherson
2022-06-23 21:29 ` Peter Xu
2022-06-23 21:52 ` Sean Christopherson
2022-06-27 19:12 ` John Hubbard
2022-06-28 2:17 ` John Hubbard
2022-06-28 19:46 ` Peter Xu
2022-06-28 21:52 ` John Hubbard
2022-06-28 22:50 ` Peter Xu
2022-06-28 22:55 ` John Hubbard
2022-06-28 23:02 ` Peter Xu
2022-06-22 21:36 ` [PATCH 3/4] kvm: Add new pfn error KVM_PFN_ERR_INTR Peter Xu
2022-06-23 14:31 ` Sean Christopherson
2022-06-23 19:32 ` Peter Xu
2022-06-22 21:36 ` [PATCH 4/4] kvm/x86: Allow to respond to generic signals during slow page faults Peter Xu
2022-06-23 14:46 ` Sean Christopherson
2022-06-23 19:31 ` Peter Xu
2022-06-23 20:07 ` Sean Christopherson
2022-06-23 20:18 ` Peter Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=17f9eae0-01bb-4793-201e-16ee267c07f2@nvidia.com \
--to=jhubbard@nvidia.com \
--cc=aarcange@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=david@redhat.com \
--cc=dgilbert@redhat.com \
--cc=kvm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=pbonzini@redhat.com \
--cc=peterx@redhat.com \
--cc=seanjc@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.