From: Matthew Wilcox <willy@infradead.org>
To: Catalin Marinas <catalin.marinas@arm.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
Josef Bacik <josef@toxicpanda.com>,
David Sterba <dsterba@suse.com>,
Andreas Gruenbacher <agruenba@redhat.com>,
Al Viro <viro@zeniv.linux.org.uk>,
Andrew Morton <akpm@linux-foundation.org>,
Will Deacon <will@kernel.org>,
linux-fsdevel <linux-fsdevel@vger.kernel.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Linux ARM <linux-arm-kernel@lists.infradead.org>,
linux-btrfs <linux-btrfs@vger.kernel.org>
Subject: Re: [PATCH 3/3] btrfs: Avoid live-lock in search_ioctl() on hardware with sub-page faults
Date: Thu, 25 Nov 2021 21:02:29 +0000 [thread overview]
Message-ID: <YZ/55fYE0l7ewo/t@casper.infradead.org> (raw)
In-Reply-To: <YZ/1jflaSjgRRl2o@arm.com>
On Thu, Nov 25, 2021 at 08:43:57PM +0000, Catalin Marinas wrote:
> > I really believe that the fix is to make the read/write probing just
> > be more aggressive.
> >
> > Make the read/write probing require that AT LEAST <n> bytes be
> > readable/writable at the beginning, where 'n' is 'min(len,ALIGN)', and
> > ALIGN is whatever size that copy_from/to_user_xyz() might require just
> > because it might do multi-byte accesses.
> >
> > In fact, make ALIGN be perhaps something reasonable like 512 bytes or
> > whatever, and then you know you can handle the btrfs "copy a whole
> > structure and reset if that fails" case too.
>
> IIUC what you are suggesting, we still need changes to the btrfs loop
> similar to willy's but that should work fine together with a slightly
> more aggressive fault_in_writable().
>
> A probing of at least sizeof(struct btrfs_ioctl_search_key) should
> suffice without any loop changes and 512 would cover it but it doesn't
> look generic enough. We could pass a 'probe_prefix' argument to
> fault_in_exact_writeable() to only probe this and btrfs would just
> specify the above sizeof().
How about something like this?
+++ b/mm/gup.c
@@ -1672,6 +1672,13 @@ size_t fault_in_writeable(char __user *uaddr, size_t size)
if (unlikely(size == 0))
return 0;
+ if (SUBPAGE_PROBE_INTERVAL) {
+ while (uaddr < PAGE_ALIGN((unsigned long)uaddr)) {
+ if (unlikely(__put_user(0, uaddr) != 0))
+ goto out;
+ uaddr += SUBPAGE_PROBE_INTERVAL;
+ }
+ }
if (!PAGE_ALIGNED(uaddr)) {
if (unlikely(__put_user(0, uaddr) != 0))
return size;
ARM then defines SUBPAGE_PROBE_INTERVAL to be 16 and the rest of us
leave it as 0. That way we probe all the way to the end of the current
page and the start of the next page.
Oh, that needs to be checked to not exceed size as well ... anyway,
you get the idea.
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
next prev parent reply other threads:[~2021-11-25 21:04 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-24 19:20 [PATCH 0/3] Avoid live-lock in fault-in+uaccess loops with sub-page faults Catalin Marinas
2021-11-24 19:20 ` [PATCH 1/3] mm: Introduce fault_in_exact_writeable() to probe for " Catalin Marinas
2021-11-24 19:20 ` [PATCH 2/3] arm64: Add support for sub-page faults user probing Catalin Marinas
2021-11-24 19:20 ` [PATCH 3/3] btrfs: Avoid live-lock in search_ioctl() on hardware with sub-page faults Catalin Marinas
2021-11-24 20:03 ` Matthew Wilcox
2021-11-24 20:37 ` Catalin Marinas
2021-11-25 22:25 ` Andreas Gruenbacher
2021-11-25 22:42 ` Catalin Marinas
2021-11-26 22:29 ` Andreas Gruenbacher
2021-11-26 22:57 ` Catalin Marinas
2021-11-27 3:52 ` Andreas Gruenbacher
2021-11-27 14:33 ` Catalin Marinas
2021-11-27 12:39 ` Andreas Gruenbacher
2021-11-27 15:21 ` Catalin Marinas
2021-11-27 18:05 ` Andreas Gruenbacher
2021-11-29 12:16 ` Catalin Marinas
2021-11-29 13:33 ` Andreas Gruenbacher
2021-11-29 15:36 ` Catalin Marinas
2021-11-29 18:40 ` Linus Torvalds
2021-11-29 19:31 ` Andreas Gruenbacher
2021-11-29 20:56 ` Catalin Marinas
2021-11-29 21:53 ` Linus Torvalds
2021-11-29 23:12 ` Catalin Marinas
2021-11-29 13:52 ` Catalin Marinas
2021-11-24 23:00 ` Linus Torvalds
2021-11-25 11:10 ` Catalin Marinas
2021-11-25 18:13 ` Linus Torvalds
2021-11-25 20:43 ` Catalin Marinas
2021-11-25 21:02 ` Matthew Wilcox [this message]
2021-11-25 21:29 ` Catalin Marinas
2021-11-25 21:40 ` Andreas Gruenbacher
2021-11-26 16:42 ` David Sterba
2021-11-24 21:36 ` [PATCH 0/3] Avoid live-lock in fault-in+uaccess loops " Andrew Morton
2021-11-24 22:31 ` Catalin Marinas
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YZ/55fYE0l7ewo/t@casper.infradead.org \
--to=willy@infradead.org \
--cc=agruenba@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=catalin.marinas@arm.com \
--cc=dsterba@suse.com \
--cc=josef@toxicpanda.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
--cc=will@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).