From patchwork Mon Dec 23 09:40:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Qi Zheng X-Patchwork-Id: 13918640 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id E251FE7718B for ; Mon, 23 Dec 2024 09:43:07 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 5AA106B0083; Mon, 23 Dec 2024 04:43:07 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 559A16B0088; Mon, 23 Dec 2024 04:43:07 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 420AF6B0089; Mon, 23 Dec 2024 04:43:07 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id 253876B0083 for ; Mon, 23 Dec 2024 04:43:07 -0500 (EST) Received: from smtpin27.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id D2300121718 for ; Mon, 23 Dec 2024 09:43:06 +0000 (UTC) X-FDA: 82925733660.27.6607000 Received: from mail-pf1-f174.google.com (mail-pf1-f174.google.com [209.85.210.174]) by imf05.hostedemail.com (Postfix) with ESMTP id 22165100015 for ; Mon, 23 Dec 2024 09:41:51 +0000 (UTC) Authentication-Results: imf05.hostedemail.com; dkim=pass header.d=bytedance.com header.s=google header.b=gUo2ydO4; spf=pass (imf05.hostedemail.com: domain of zhengqi.arch@bytedance.com designates 209.85.210.174 as permitted sender) smtp.mailfrom=zhengqi.arch@bytedance.com; dmarc=pass (policy=quarantine) header.from=bytedance.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1734946968; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:references:dkim-signature; bh=hW6jy85GFxw1rlbhA2IQSgcMmC6SEwxIAu1eEJQsQ+g=; b=6Fjxj6Y11RJZvlZAz5Ohoc/e7fQ25YdCNBgUNGC339+b51xh6emgxsD/lkHnZg443guOzG 9AR4f3ZsdCxwZ9GrughHx6ibllZwMjuMlnQ3HtvE8RRQx+5qbfyyz1CJJwjJXCvB4iqZJw eHi3LmYuzXoaypXKQbsV1ZlUFycIxK8= ARC-Authentication-Results: i=1; imf05.hostedemail.com; dkim=pass header.d=bytedance.com header.s=google header.b=gUo2ydO4; spf=pass (imf05.hostedemail.com: domain of zhengqi.arch@bytedance.com designates 209.85.210.174 as permitted sender) smtp.mailfrom=zhengqi.arch@bytedance.com; dmarc=pass (policy=quarantine) header.from=bytedance.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1734946968; a=rsa-sha256; cv=none; b=0dx4Tg8yZMJ+shLeIgFEFquEzc+i2PYMYFimkdjzBGH5S2nWsfQHlLjb1XMGxskirq4U7V 2vJSzxG2MfJqA5I8x/TNw+u1/RsSYSpIATgVhwo64Mv0duaAP/idc/KPJwG6Fn+bIyNOLn SGR4i0Cme1hBOxE8KgowPrA1MU1ozvA= Received: by mail-pf1-f174.google.com with SMTP id d2e1a72fcca58-725ef0397aeso3095710b3a.2 for ; Mon, 23 Dec 2024 01:43:04 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=bytedance.com; s=google; t=1734946983; x=1735551783; darn=kvack.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=hW6jy85GFxw1rlbhA2IQSgcMmC6SEwxIAu1eEJQsQ+g=; b=gUo2ydO4K/uoPI6SLrP1QX32eZlpQdOYTM/fYNtSpuL+9G9RPQctWupDz+XnFMHqCU IQsSb2hvCra67/Az6YTgGkv2ZKW6wuT/5psLZdYIbOuibvYd6LTcDPvY0x1wWde0r0gM aIoyJ41cUFHUh3Zt5VBQI/EQ7BsmtV5uYHVnabDRvFJym2Y8LZOXb7qk1SgNWs6/IWcv FGwvINV3+HQPW8JKJsskclcPTBPtkm/c7pycLvplxgjuqvAFQUPxDh13FaID1RaX1acT rMinC+xEqsTeXnjbg0JE6Rj8pNLKYOf0QYNAGlLuvY7a9HT9sb/8gyRnhbEitLORahzQ uAZw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1734946983; x=1735551783; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=hW6jy85GFxw1rlbhA2IQSgcMmC6SEwxIAu1eEJQsQ+g=; b=bnVU/RxPW2zBeG2HgpVhITgyAjmLhytj3svVwdFJe9r7A2KKs/bY2NgETsq0P55UGE +NSXauZxZAU0CCeJJ00u+ZouQWnxIfqLOJoJUPP9IVUaS1CmYqfZwUsHKbPikh8Gocb3 NWvRsX0OMkcrJ3zRUnDZhOulDFPYfgwYMLUGtEGD1WVk0ye64osSITPt4xBMkwxR5Fl8 zsi55tHG9oQi1IBAci08Y/h4PqbK2NlayqJW7ss5op7+Br56np27ZPwkvLuAcyx3ApB3 sz/nR/0PtsTnlv7GofvpPyU0l0uc65TDCEhC2x5wlD7CKf8FmFe1sfGe6Arshze6sl5z ILuA== X-Gm-Message-State: AOJu0YzKLQpa4J3X3/95Lc2wa4YsBvVMA+Q7vOWAxs5Sqmm3kfemM5Wt TL5m/k2vAaOIRtUOdGycuaDQXWY7RNysNQSN+eZCE5ghFNIURA0+Poj+ulErjCE= X-Gm-Gg: ASbGnctbOxmBKNbmJe2c9glfqslP3tPHEbnIaCPHgt4h8mq7qbhxHfC93TW2PyYzuZy JHFHqBoSrRt/wMCVAn9i8EBmw5S8oL00Yn0Kr26MryM00vIFETnu09Eq8Wzk1mu/lHt5nAX5JJ+ PthFSXh/t+fBMbE4bWQirnbuhUcPPuiQihebKcxz6G0s8+8xlqdWOkT8MtxZu2zT4xEkC+8NWMO cbCW/sTwOyyLFUr+YZ2maJdoLXjl77Qxvp0Cnst4tQuM3pY0JL37EOJVrBTAfjHnSb9TU9WQKtb MJPZgyp/HScIMgnkZYxlxg== X-Google-Smtp-Source: AGHT+IFRta8/SfQvcBY4OAtIB9mripqs4z6X28qqGG6H0nQGOiKq9bgrNZS2epuvDdaQMCTGZ3ooIw== X-Received: by 2002:a05:6a21:4986:b0:1e1:b1bb:87a0 with SMTP id adf61e73a8af0-1e606dfe60fmr3973055637.34.1734946982984; Mon, 23 Dec 2024 01:43:02 -0800 (PST) Received: from C02DW0BEMD6R.bytedance.net ([203.208.167.150]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72aad8486c6sm7468309b3a.85.2024.12.23.01.42.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 23 Dec 2024 01:43:02 -0800 (PST) From: Qi Zheng To: peterz@infradead.org, agordeev@linux.ibm.com, kevin.brodsky@arm.com, tglx@linutronix.de, david@redhat.com, jannh@google.com, hughd@google.com, yuzhao@google.com, willy@infradead.org, muchun.song@linux.dev, vbabka@kernel.org, lorenzo.stoakes@oracle.com, akpm@linux-foundation.org, rientjes@google.com, vishal.moola@gmail.com, arnd@arndb.de, will@kernel.org, aneesh.kumar@kernel.org, npiggin@gmail.com, dave.hansen@linux.intel.com, rppt@kernel.org, ryan.roberts@arm.com Cc: linux-mm@kvack.org, linux-arm-kernel@lists.infradead.org, linuxppc-dev@lists.ozlabs.org, linux-riscv@lists.infradead.org, linux-s390@vger.kernel.org, sparclinux@vger.kernel.org, linux-kernel@vger.kernel.org, x86@kernel.org, linux-arch@vger.kernel.org, linux-csky@vger.kernel.org, linux-hexagon@vger.kernel.org, loongarch@lists.linux.dev, linux-m68k@lists.linux-m68k.org, linux-mips@vger.kernel.org, linux-openrisc@vger.kernel.org, linux-sh@vger.kernel.org, linux-um@lists.infradead.org, Qi Zheng Subject: [PATCH v3 00/17] move pagetable_*_dtor() to __tlb_remove_table() Date: Mon, 23 Dec 2024 17:40:46 +0800 Message-Id: X-Mailer: git-send-email 2.24.3 (Apple Git-128) MIME-Version: 1.0 X-Rspamd-Queue-Id: 22165100015 X-Stat-Signature: w948o6bn4mcwqykxgxzsw81ye4fg5n6h X-Rspam-User: X-Rspamd-Server: rspam11 X-HE-Tag: 1734946911-585432 X-HE-Meta: U2FsdGVkX18vqaL6Ok1fbv898Q/GWmish0O/R7y+GFB5L80fShKceJC9G5DrBsRD2G2b7lmRsK80Cw8/++kJHZn+USOExNfPRE5AjKEiSy3ZPJMMT8TKacXQXorhVWq9g6viMLaeDeZ/yM12I8rLOYcd6+vX19xea3Oi3I0o8JtHfW9/bYkmADHSQhq2tuyNmgp+5KY0+vx1d0u0c4JaTmgxXAvMWmTd6uevZgxh1uUQHBtMOCvQw5t/nIzMQZdZQie6vGlmFfoqJwnc8fS+07oBjPp2lFAguPI9FUYR7OkFZC9JodPWKBWRj7NXAQQXCJ7kkhVqA1wNCuJrMneRZM+LNQ0fbtbU2ONuZANzSwmGOy5OS+iB00AuTeWrjMc3ixfZvHbSTNcYCE2/bBP8OHqNQ/avZ2C5ikv39B9FztbnyBNtg5MPJBGgsLlcc4nAkRI8rnPM65yGUJyBcVVSO/6DtGnh3IlUgQ9RHla1ZDAhw7aM4CxuIvi5nDlLw2+ANkGsh0Pc6QInxhLSpxUD3zDzpGicX1z4CXTXFGf1asZM8snh6r7EyZ+7D11i2IsRDFNjyuI8WhFIo2RXT2o+haonvW65rMmkLjVjWn6LXNBGjJ8A5HNTZb+rrjxMX3jg4zXqpe9vrb7lreA3PpSXhLI7LiSRwC3uSdxYAE9Rxi6j6Hmp/9nWQJMu2Q8b/2aAbTfPlC9DP0VmigHvhOLRb4guuJo7OlYCey8x85218M56YMFGAp0iesgHqlAfE/AMQI0wfDHWKcBkQj+cNc5mf2FRzT68gTVozjH2illAnheLQy9I0fr35HwPeVPEjg7LPeKj5T5W3aYXTkhtfE7mxsPSJiP1VRKU0bp2DUiip7d28mlAH5REfZzPokH+PPrqhvV0pPvSubxQRNirH1PyJdSGIKp7UsbvnHedz2o11HQs6KOZkss5OuPPbEIXuyuT06lBSYFZ10+KoyjdmgA eB2Cuidi lAkk2HkD+Je05VbVmD3x1MSdTLb9WHV2Dt8sKt2XkvFIici+0rcvDqp90QVbNiP9ZZtDpqymqR3Yi9LlYA/Umt7LwTHUnpDllV7IZ5VvMPcTBVjaCPwMTDyJeuYc01wmzzvL3jyqeyD7d4o690tkjNo7s07DPKUysbUKPJVo+fkF9gBz2YSY6LzCregoxu0uViERYJnGzy3p0CiVE/KhDNtDi4w33rpeD+cAzTG2KtiEu3kgoNxKQr17uUn5Zmul4OI8gAsI/cAIgpQfaDvhWIp/EjJnaYttEfMDCAjowj2b0axlhh5S4qbOpvGh/if2xx+LHfeugVEYGajaB+4KLM6e1kT9TnB4EbsgWgMqTF+E2yYOh/4s0XenGfBXxuNrd8XtoaXo4hdEzIPkMujH6GcqK1/jjCaOILb1OrdBRzMNLNoTG2wCq/hweQN+RijrxAbSMGZtSirlE+oAVLXexo6PWjuSRG8mxetIgekEofiWmndaByZiy7BZ6FNAj5USmmqi50eFddzZr4HbiGBhyCFHrfC9VVIdjdcuuOXuTkST+91ETbKMR91KbZfIwv4n9SRlz X-Bogosity: Ham, tests=bogofilter, spamicity=0.000100, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Changes in v3: - take patch #5 and #6 from Kevin Brodsky's patch series below. Link: https://lore.kernel.org/lkml/20241219164425.2277022-1-kevin.brodsky@arm.com/ - separate the statistics part from [PATCH v2 02/15] as [PATCH v3 04/17], and replace the rest part with Kevin Brodsky's patch #6 (Alexander Gordeev and Kevin Brodsky) - change the commit message of [PATCH v2 10/15] and [PATCH v2 11/15] (Alexander Gordeev) - fix the bug introduced by [PATCH v2 11/15] (Peter Zijlstra) - rebase onto the next-20241220 Changes in v2: - add [PATCH v2 13|14|15/15] (suggested by Peter Zijlstra) - add Originally-bys and Suggested-bys - rebase onto the next-20241218 Hi all, As proposed [1] by Peter Zijlstra below, this patch series aims to move pagetable_*_dtor() into __tlb_remove_table(). This will cleanup pagetable_*_dtor() a bit and more gracefully fix the UAF issue [2] reported by syzbot. ``` Notably: - s390 pud isn't calling the existing pagetable_pud_[cd]tor() - none of the p4d things have pagetable_p4d_[cd]tor() (x86,arm64,s390,riscv) and they have inconsistent accounting - while much of the _ctor calls are in generic code, many of the _dtor calls are in arch code for hysterial raisins, this could easily be fixed - if we fix ptlock_free() to handle NULL, then all the _dtor() functions can use it, and we can observe they're all identical and can be folded after all that cleanup, you can move the _dtor from *_free_tlb() into tlb_remove_table() -- which for the above case, would then have it called from __tlb_remove_table_free(). ``` And hi Andrew, I developed the code based on the latest linux-next, so I reverted the "mm: pgtable: make ptlock be freed by RCU" first. Once the review of this patch series is completed, the "mm: pgtable: make ptlock be freed by RCU" can be dropped directly from mm tree, and this revert patch will not be needed. This series is based on next-20241220. And I tested this patch series on x86 and only cross-compiled it on arm, arm64, powerpc, riscv, s390 and sparc. Comments and suggestions are welcome! Thanks, Qi [1]. https://lore.kernel.org/all/20241211133433.GC12500@noisy.programming.kicks-ass.net/ [2]. https://lore.kernel.org/all/67548279.050a0220.a30f1.015b.GAE@google.com/ Kevin Brodsky (2): riscv: mm: Skip pgtable level check in {pud,p4d}_alloc_one asm-generic: pgalloc: Provide generic p4d_{alloc_one,free} Qi Zheng (15): Revert "mm: pgtable: make ptlock be freed by RCU" mm: pgtable: add statistics for P4D level page table arm64: pgtable: use mmu gather to free p4d level page table s390: pgtable: add statistics for PUD and P4D level page table mm: pgtable: introduce pagetable_dtor() arm: pgtable: move pagetable_dtor() to __tlb_remove_table() arm64: pgtable: move pagetable_dtor() to __tlb_remove_table() riscv: pgtable: move pagetable_dtor() to __tlb_remove_table() x86: pgtable: move pagetable_dtor() to __tlb_remove_table() s390: pgtable: also move pagetable_dtor() of PxD to __tlb_remove_table() mm: pgtable: introduce generic __tlb_remove_table() mm: pgtable: move __tlb_remove_table_one() in x86 to generic file mm: pgtable: remove tlb_remove_page_ptdesc() mm: pgtable: remove tlb_remove_ptdesc() mm: pgtable: introduce generic pagetable_dtor_free() Documentation/mm/split_page_table_lock.rst | 4 +- arch/arm/include/asm/tlb.h | 18 +----- arch/arm64/include/asm/pgalloc.h | 18 ------ arch/arm64/include/asm/tlb.h | 31 ++++----- arch/csky/include/asm/pgalloc.h | 4 +- arch/hexagon/include/asm/pgalloc.h | 4 +- arch/loongarch/include/asm/pgalloc.h | 4 +- arch/m68k/include/asm/mcf_pgalloc.h | 4 +- arch/m68k/include/asm/sun3_pgalloc.h | 4 +- arch/m68k/mm/motorola.c | 2 +- arch/mips/include/asm/pgalloc.h | 4 +- arch/nios2/include/asm/pgalloc.h | 4 +- arch/openrisc/include/asm/pgalloc.h | 4 +- arch/powerpc/include/asm/tlb.h | 1 + arch/powerpc/mm/book3s64/mmu_context.c | 2 +- arch/powerpc/mm/book3s64/pgtable.c | 2 +- arch/powerpc/mm/pgtable-frag.c | 4 +- arch/riscv/include/asm/pgalloc.h | 75 ++++++---------------- arch/riscv/include/asm/tlb.h | 18 ------ arch/riscv/mm/init.c | 4 +- arch/s390/include/asm/pgalloc.h | 31 ++++++--- arch/s390/include/asm/tlb.h | 43 ++++++------- arch/s390/mm/pgalloc.c | 31 ++------- arch/sh/include/asm/pgalloc.h | 4 +- arch/sparc/include/asm/tlb_32.h | 1 + arch/sparc/include/asm/tlb_64.h | 1 + arch/sparc/mm/init_64.c | 2 +- arch/sparc/mm/srmmu.c | 2 +- arch/um/include/asm/pgalloc.h | 12 ++-- arch/x86/include/asm/pgalloc.h | 18 ------ arch/x86/include/asm/tlb.h | 33 ---------- arch/x86/kernel/paravirt.c | 1 + arch/x86/mm/pgtable.c | 13 ++-- include/asm-generic/pgalloc.h | 60 +++++++++++++---- include/asm-generic/tlb.h | 23 +++---- include/linux/mm.h | 52 ++++++--------- include/linux/mm_types.h | 9 +-- mm/memory.c | 23 ++----- mm/mmu_gather.c | 19 +++++- 39 files changed, 228 insertions(+), 361 deletions(-)