From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-8.5 required=3.0 tests=BAYES_00,DKIM_ADSP_CUSTOM_MED, DKIM_INVALID,DKIM_SIGNED,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C69C1C4361B for ; Tue, 15 Dec 2020 12:11:33 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 463882228A for ; Tue, 15 Dec 2020 12:11:33 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 463882228A Authentication-Results: mail.kernel.org; dmarc=fail (p=none dis=none) header.from=gmail.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id BB61C6B0078; Tue, 15 Dec 2020 07:11:32 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id B665E6B007B; Tue, 15 Dec 2020 07:11:32 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id A7CD98D0005; Tue, 15 Dec 2020 07:11:32 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0115.hostedemail.com [216.40.44.115]) by kanga.kvack.org (Postfix) with ESMTP id 927756B0078 for ; Tue, 15 Dec 2020 07:11:32 -0500 (EST) Received: from smtpin07.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay04.hostedemail.com (Postfix) with ESMTP id 59474249C for ; Tue, 15 Dec 2020 12:11:32 +0000 (UTC) X-FDA: 77595402024.07.fang95_330259827423 Received: from filter.hostedemail.com (10.5.16.251.rfc1918.com [10.5.16.251]) by smtpin07.hostedemail.com (Postfix) with ESMTP id 3F7151803F9B2 for ; Tue, 15 Dec 2020 12:11:32 +0000 (UTC) X-HE-Tag: fang95_330259827423 X-Filterd-Recvd-Size: 4878 Received: from mail-pg1-f196.google.com (mail-pg1-f196.google.com [209.85.215.196]) by imf29.hostedemail.com (Postfix) with ESMTP for ; Tue, 15 Dec 2020 12:11:31 +0000 (UTC) Received: by mail-pg1-f196.google.com with SMTP id w5so14326729pgj.3 for ; Tue, 15 Dec 2020 04:11:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=wgftsuGwQFbT6xVw1tmrVYPl42/Jp1U2MMS5XD5VMto=; b=GLsK6qTTnpHubCYp/1Vz3NKWi5yFo4QBF86qc34F8J5khDvyKGAeAtqW1dR+AvWgsD OXd2lAlFJxG21o1S5sXBixgkXkbMiZWT0lxnS5Eer9dBaooKvP5DC3Qxmw1G08v1mUb8 rZ7wTj0GTECEPGwPsJPwGzshjH79FBfVASJCdFTdvaaEWRZyz1vFR6Ui8x6ip7eL0SFR G4incJDsqKCa8Ntzt+C7zeFDmGwyxkravesqA8nbNJKYfbzm/V4VSc66yQ+2e6hcMEQO ePKobT7oTSpe0z4b6E7ey936VuGlmLNEFBNWo93vX5cJ2KVlGeacYS97SaP74NmiC9Qt YNrg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=wgftsuGwQFbT6xVw1tmrVYPl42/Jp1U2MMS5XD5VMto=; b=cQKcT4SroKBlAGWor+gDOOjkq+5EHziJL3tSyKIt8TbdV+scImBcQHGKroR/qvRMc3 AwMvVUQia0rJ2W4oPhTz2WJ/FNLew8FuXwp2QLrPpIIowonBrjSYgiRNPhsLgZL6xc2h T0MWTC8saDQ8Kwsl5MUFed4cpckU5CsBcsEwOHuy6HvWHUU/KAMm81TvS4OwsajJVHKZ ZMbhuihQsc4Gup3g7hZ0boXHsfEnbuKpQa1vdvkGyxMyU4+pOyfI8gJW3j6pBT2pdNpN rGdFm0Djz1lh8yjgF/FUICtC65OPNU0PWfv7ZKlGaBc6g5riuJC7iosi7TFKssJK+h7p aleQ== X-Gm-Message-State: AOAM532C4vfxHvTdzqiFmQseAtIdLUEamgdlK5x2SGZ3PwSJOQlnJyQz Uj6SyNUcPCqHT1nvyCpHiMIA+HmPj8g= X-Google-Smtp-Source: ABdhPJyUsH8NFT2eHCWnTxtMZD0BK7Q0/Q8Aq+rMQGkEVYDMeC0BAcLttdzQCOfwaEMvpgkUGiq4ow== X-Received: by 2002:a63:6683:: with SMTP id a125mr28082992pgc.272.1608034290540; Tue, 15 Dec 2020 04:11:30 -0800 (PST) Received: from bobo.ozlabs.ibm.com (193-116-100-46.tpgi.com.au. [193.116.100.46]) by smtp.gmail.com with ESMTPSA id e8sm19855082pfn.176.2020.12.15.04.11.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 15 Dec 2020 04:11:30 -0800 (PST) From: Nicholas Piggin To: linux-mm@kvack.org Cc: Nicholas Piggin , Suresh Siddha , "David S. Miller" , Hugh Dickins , Peter Zijlstra , Suresh Siddha , Andrew Morton , Linus Torvalds Subject: [RFC PATCH] mm: generalise COW SMC TLB flushing race comment Date: Tue, 15 Dec 2020 22:11:19 +1000 Message-Id: <20201215121119.351650-1-npiggin@gmail.com> X-Mailer: git-send-email 2.23.0 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: I'm not sure if I'm completely missing something here, but AFAIKS the reference to the mysterious "COW SMC race" confuses the issue. The origin= al changelog and mailing list thread didn't help me either. This SMC race is where the problem was detected, but isn't the general problem bigger and more obvious: that the new PTE could be picked up at any time by any TLB while entries for the old PTE exist in other TLBs before the TLB flush takes effect? The case where the iTLB and dTLB of a CPU are pointing at different pages is an interesting one but follows from the general problem. The other (minor) thing with the comment I think it makes it a bit clearer to say what the old code was doing (i.e., it avoids the race as opposed to what?). References: 4ce072f1faf29 ("mm: fix a race condition under SMC + COW") --- mm/memory.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/mm/memory.c b/mm/memory.c index ecda25d855ea..fd034b908070 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -2880,11 +2880,13 @@ static vm_fault_t wp_page_copy(struct vm_fault *v= mf) entry =3D mk_pte(new_page, vma->vm_page_prot); entry =3D pte_mkyoung(entry); entry =3D maybe_mkwrite(pte_mkdirty(entry), vma); + /* * Clear the pte entry and flush it first, before updating the - * pte with the new entry. This will avoid a race condition - * seen in the presence of one thread doing SMC and another - * thread doing COW. + * pte with the new entry, to keep TLBs on different CPUs in + * sync. This code used to set the new PTE then flush TLBs, but + * that left a window where the new PTE could be loaded into + * some TLBs while the old PTE remains in others. */ ptep_clear_flush_notify(vma, vmf->address, vmf->pte); page_add_new_anon_rmap(new_page, vma, vmf->address, false); --=20 2.23.0