From patchwork Wed Mar 10 21:31:17 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Sean Christopherson X-Patchwork-Id: 12129471 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-26.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, INCLUDES_CR_TRAILER,INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_GIT,USER_IN_DEF_DKIM_WL autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id C5CFAC433E6 for ; Wed, 10 Mar 2021 21:31:29 +0000 (UTC) Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by mail.kernel.org (Postfix) with ESMTP id 32D7E64FC4 for ; Wed, 10 Mar 2021 21:31:29 +0000 (UTC) DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 32D7E64FC4 Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix) id B6B4B8D0212; Wed, 10 Mar 2021 16:31:28 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id B1ABE8D01ED; Wed, 10 Mar 2021 16:31:28 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 994448D0212; Wed, 10 Mar 2021 16:31:28 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from forelay.hostedemail.com (smtprelay0100.hostedemail.com [216.40.44.100]) by kanga.kvack.org (Postfix) with ESMTP id 798BC8D01ED for ; Wed, 10 Mar 2021 16:31:28 -0500 (EST) Received: from smtpin14.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251]) by forelay03.hostedemail.com (Postfix) with ESMTP id 32582824999B for ; Wed, 10 Mar 2021 21:31:28 +0000 (UTC) X-FDA: 77905261056.14.589EC49 Received: from mail-yb1-f202.google.com (mail-yb1-f202.google.com [209.85.219.202]) by imf12.hostedemail.com (Postfix) with ESMTP id 23C723DB for ; Wed, 10 Mar 2021 21:31:23 +0000 (UTC) Received: by mail-yb1-f202.google.com with SMTP id g17so23017442ybh.4 for ; Wed, 10 Mar 2021 13:31:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=reply-to:date:message-id:mime-version:subject:from:to:cc :content-transfer-encoding; bh=6zFz1na/xQ1K4cFFaYIhngDFvy1L6Rfcvb/ohgSzv34=; b=ZpacngMpkTe50hu+4MmmZ9mDxTjiKTOau858QXWt9fGgl9XI0CVhFcWlsfFk2rcjji Y2N+nza3ZlGHA6BcotE31mzQQikWGpvEq1Q1SN+/ZBZvglHUm0SrDkty+gV/DgETLZzy Gv3prnDZZNR+3Jj3MRJg+ycmKe5XAiH3Gepck4sJ2xOij3z18tRJg/+Ukz/AWSZPIsvf Gj/BG6DgqJs98mNUQmf/pDBYnYPiyBUehAusrqDBpfhoDtTdVhWOSN7U0j5CVF6p8ZJA nh7kf+zGgz3wvwGCfhgAy7nDml0NU5uGzrT3N+NVf9uED0sVjXxpebvwIL8kSHI84es1 /oig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:reply-to:date:message-id:mime-version:subject :from:to:cc:content-transfer-encoding; bh=6zFz1na/xQ1K4cFFaYIhngDFvy1L6Rfcvb/ohgSzv34=; b=RS+SO53eMpDppM2rcJdzKDwP6ixM4NlH0h1Yuyir1tQhu3BL+1oTMDuD/jpBrfjUiZ eNlqsfYgFQUwJpzqAMopMOhvnYM0WowvQ+NNdIXYSGk1Z9rEv84xrZoEVplwhWAe+2Tz W/hc9jVNg0SErkhleW83GualhxUEpbqYrcsVDJmBQNa+Z+RsSHpqBE+Agoda0Y+NSfve X9HkI3wOgy73avm3QTQhGq+N6qBNu8H0j39AlLP/MYwmYAI5xI3+3gNq0nO4IQGKcJrX oCgm4loN0s7hCmcXy3G3eg9X6ENaYMECG7+OUJEo+zAIGcVITvaqDr8DmNzCL9B/KWXM bPmQ== X-Gm-Message-State: AOAM533o8CwSGTHiKM7gCTdsOdc02mxurle+nf+fDx0PqhAiYrM9W7C/ fw/355zCCdBFpDBmZNYLha2n/vzXQZg= X-Google-Smtp-Source: ABdhPJz4oo0IZDanHo1iwUxfV6RdFiPpFC+E/fradMAqbkrsr5TR349ePu7+xhg92qQXD/a2oL7cT2Nu0pU= X-Received: from seanjc798194.pdx.corp.google.com ([2620:15c:f:10:e4dd:6c31:9463:f8da]) (user=seanjc job=sendgmr) by 2002:a25:a002:: with SMTP id x2mr7418118ybh.13.1615411886828; Wed, 10 Mar 2021 13:31:26 -0800 (PST) Reply-To: Sean Christopherson Date: Wed, 10 Mar 2021 13:31:17 -0800 Message-Id: <20210310213117.1444147-1-seanjc@google.com> Mime-Version: 1.0 X-Mailer: git-send-email 2.30.1.766.gb4fecdf3b7-goog Subject: [PATCH] mm/oom_kill: Ensure MMU notifier range_end() is paired with range_start() From: Sean Christopherson To: Andrew Morton Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, David Rientjes , Ben Gardon , Jason Gunthorpe , Michal Hocko , " =?utf-8?b?SsOpcsO0bWUgR2xpc3Nl?= " , Andrea Arcangeli , Johannes Weiner , Dimitri Sivanich , Sean Christopherson X-Stat-Signature: 33gawu39fdau7gs3w171qie5mspjgo9z X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 23C723DB Received-SPF: none (flex--seanjc.bounces.google.com>: No applicable sender policy available) receiver=imf12; identity=mailfrom; envelope-from="<3rjpJYAYKCFEBxt62vz77z4x.v75416DG-553Etv3.7Az@flex--seanjc.bounces.google.com>"; helo=mail-yb1-f202.google.com; client-ip=209.85.219.202 X-HE-DKIM-Result: pass/pass X-HE-Tag: 1615411883-78461 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Invoke the MMU notifier's .invalidate_range_end() callbacks even if one of the .invalidate_range_start() callbacks failed. If there are multiple notifiers, the notifier that did not fail may have performed actions in its ...start() that it expects to unwind via ...end(). Per the mmu_notifier_ops documentation, ...start() and ...end() must be paired. The only in-kernel usage that is fatally broken is the SGI UV GRU driver, which effectively blocks and sleeps fault handlers during ...start(), and unblocks/wakes the handlers during ...end(). But, the only users that can fail ...start() are the i915 and Nouveau drivers, which are unlikely to collide with the SGI driver. KVM is the only other user of ...end(), and while KVM also blocks fault handlers in ...start(), the fault handlers do not sleep and originate in killable ioctl() calls. So while it's possible for the i915 and Nouveau drivers to collide with KVM, the bug is benign for KVM since the process is dying and KVM's guest is about to be terminated. So, as of today, the bug is likely benign. But, that may not always be true, e.g. there is a potential use case for blocking memslot updates in KVM while an invalidation is in-progress, and failure to unblock would result in said updates being blocked indefinitely and hanging. Found by inspection. Verified by adding a second notifier in KVM that periodically returns -EAGAIN on non-blockable ranges, triggering OOM, and observing that KVM exits with an elevated notifier count. Fixes: 93065ac753e4 ("mm, oom: distinguish blockable mode for mmu notifiers") Cc: stable@vger.kernel.org Cc: David Rientjes Cc: Ben Gardon Cc: Jason Gunthorpe Cc: Michal Hocko Cc: "Jérôme Glisse" Cc: Andrea Arcangeli Cc: Johannes Weiner Cc: Dimitri Sivanich Signed-off-by: Sean Christopherson Reviewed-by: Ben Gardon --- mm/oom_kill.c | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/mm/oom_kill.c b/mm/oom_kill.c index bc65ba4f5192..acc3ba8b2ed7 100644 --- a/mm/oom_kill.c +++ b/mm/oom_kill.c @@ -546,12 +546,10 @@ bool __oom_reap_task_mm(struct mm_struct *mm) vma, mm, vma->vm_start, vma->vm_end); tlb_gather_mmu(&tlb, mm); - if (mmu_notifier_invalidate_range_start_nonblock(&range)) { - tlb_finish_mmu(&tlb); + if (!mmu_notifier_invalidate_range_start_nonblock(&range)) + unmap_page_range(&tlb, vma, range.start, range.end, NULL); + else ret = false; - continue; - } - unmap_page_range(&tlb, vma, range.start, range.end, NULL); mmu_notifier_invalidate_range_end(&range); tlb_finish_mmu(&tlb); }