From patchwork Fri Apr 14 14:23:29 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chih-En Lin X-Patchwork-Id: 13211631 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6C7B3C77B72 for ; Fri, 14 Apr 2023 14:25:53 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230498AbjDNOZw (ORCPT ); Fri, 14 Apr 2023 10:25:52 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:49434 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230499AbjDNOZf (ORCPT ); Fri, 14 Apr 2023 10:25:35 -0400 Received: from mail-pj1-x1035.google.com (mail-pj1-x1035.google.com [IPv6:2607:f8b0:4864:20::1035]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3A945C159; Fri, 14 Apr 2023 07:25:08 -0700 (PDT) Received: by mail-pj1-x1035.google.com with SMTP id z11-20020a17090abd8b00b0024721c47ceaso4803623pjr.3; Fri, 14 Apr 2023 07:25:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20221208; t=1681482307; x=1684074307; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=dV/mcZq3W0H+ZVjv4/WnTWEPlbKKMR+weOFNfLWMeuE=; b=BQzfiDtPhE/M68lDOGSaU8+eH4GXZloBn+mcpK/aB1N6LYOdAjEHlkaXhXyCfvnuvb CEpHvh+6L7eTtlX4yjqbuSmzGdE8fDpHFFYGnZbcZ6MNJT9ylYo2GZtipXJ+6+UzOHTP D9tDXMnJaFlxK7VzjklsrLI+Av/83wf+aOZbs0pt3RSvdic9m6nNNQPQNVFeZpQ+CdQC 995Zkm9AnPgmLkqehhkRv+/kwi2qGfOnf/V+BnSYKMp7WXLrh660WuQiac7blN5+7+zM OxDurW2yAjeOkZJcY9VilooGc5d9qjlhXDXtnE3QoGRPpuKLJN+X+vr5d2OKSx411qOk mH+A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1681482307; x=1684074307; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=dV/mcZq3W0H+ZVjv4/WnTWEPlbKKMR+weOFNfLWMeuE=; b=PncXfUVSv4SOYf3jdUX0J4/cn3EljQIX9CeIJfVVkBnOldqJcpOoqmRqK+GFyUxA2/ uGuGxRxk0rb2AAg14iqE3Laa/F15zI0hQpFWxh2wKbqelbZF5+c3r5XDcoNh/Gc8xbqX nZcFa7mAlSekRCI5ckUlK1rBbI/hn/9vnrJsQcORP22xXD834IT++R32bgYtfNn9STgJ Qd6Ozlp87AZfXUTzEMJfUvnFTBHUXIuhgoN2CSITq2cZ7OEC8503x7ckP3LRVY8o0d0H 2bR7i9oOw1BhGD/39gmunyZDqslab/v1FlfEM3HK6lRAzYbGUSU2QcHMZpsItktuKAIq Qg2g== X-Gm-Message-State: AAQBX9fILVNpyWWN90rMbvcZoeligUZojvtgYqb5EvDnPOD0asfqCa68 hz7AJ9CMmTfF/tCFM6t+Img= X-Google-Smtp-Source: AKy350aLkOiAuG932gYmw+BNYfvRwYLr6hT7jeWvEtEaIuQt7YrDBI1fGEqKpu+mP4tyXM4ARraeiA== X-Received: by 2002:a17:902:ce89:b0:19f:2dff:21a4 with SMTP id f9-20020a170902ce8900b0019f2dff21a4mr3285427plg.16.1681482307277; Fri, 14 Apr 2023 07:25:07 -0700 (PDT) Received: from strix-laptop.. (2001-b011-20e0-1499-8303-7502-d3d7-e13b.dynamic-ip6.hinet.net. [2001:b011:20e0:1499:8303:7502:d3d7:e13b]) by smtp.googlemail.com with ESMTPSA id h7-20020a17090ac38700b0022335f1dae2sm2952386pjt.22.2023.04.14.07.24.58 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 14 Apr 2023 07:25:06 -0700 (PDT) From: Chih-En Lin To: Andrew Morton , Qi Zheng , David Hildenbrand , "Matthew Wilcox (Oracle)" , Christophe Leroy , John Hubbard , Nadav Amit , Barry Song , Pasha Tatashin Cc: Thomas Gleixner , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Steven Rostedt , Masami Hiramatsu , Peter Zijlstra , Arnaldo Carvalho de Melo , Mark Rutland , Alexander Shishkin , Jiri Olsa , Namhyung Kim , Ian Rogers , Adrian Hunter , Yu Zhao , Steven Barrett , Juergen Gross , Peter Xu , Kefeng Wang , Tong Tiangen , Christoph Hellwig , "Liam R. Howlett" , Yang Shi , Vlastimil Babka , Alex Sierra , Vincent Whitchurch , Anshuman Khandual , Li kunyu , Liu Shixin , Hugh Dickins , Minchan Kim , Joey Gouly , Chih-En Lin , Michal Hocko , Suren Baghdasaryan , "Zach O'Keefe" , Gautam Menghani , Catalin Marinas , Mark Brown , "Eric W. Biederman" , Andrei Vagin , Shakeel Butt , Daniel Bristot de Oliveira , "Jason A. Donenfeld" , Greg Kroah-Hartman , Alexey Gladkov , x86@kernel.org, linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, linux-trace-kernel@vger.kernel.org, linux-perf-users@vger.kernel.org, Dinglan Peng , Pedro Fonseca , Jim Huang , Huichun Feng Subject: [PATCH v5 05/17] mm: Handle COW-ed PTE during zapping Date: Fri, 14 Apr 2023 22:23:29 +0800 Message-Id: <20230414142341.354556-6-shiyn.lin@gmail.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20230414142341.354556-1-shiyn.lin@gmail.com> References: <20230414142341.354556-1-shiyn.lin@gmail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: linux-trace-kernel@vger.kernel.org To support the zap functionally for COW-ed PTE, we need to zap the entire PTE table each time instead of partially zapping pages. Therefore, if the zap range covers the entire PTE table, we can handle de-account, remove the rmap, etc. However we shouldn't modify the entries when there are still someone references to the COW-ed PTE. Otherwise, if only the zapped process references to this COW-ed PTE, we just reuse it and do the normal zapping. Signed-off-by: Chih-En Lin --- mm/memory.c | 92 ++++++++++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 87 insertions(+), 5 deletions(-) diff --git a/mm/memory.c b/mm/memory.c index f8a87a0fc382..7908e20f802a 100644 --- a/mm/memory.c +++ b/mm/memory.c @@ -192,6 +192,12 @@ static inline void free_pmd_range(struct mmu_gather *tlb, pud_t *pud, pmd = pmd_offset(pud, addr); do { next = pmd_addr_end(addr, end); +#ifdef CONFIG_COW_PTE + if (test_bit(MMF_COW_PTE, &tlb->mm->flags)) { + if (!pmd_none(*pmd) && !pmd_write(*pmd)) + VM_WARN_ON(cow_pte_count(pmd) != 1); + } +#endif if (pmd_none_or_clear_bad(pmd)) continue; free_pte_range(tlb, pmd, addr); @@ -1656,6 +1662,7 @@ zap_install_uffd_wp_if_needed(struct vm_area_struct *vma, #define ZAP_PTE_INIT 0x0000 #define ZAP_PTE_FORCE_FLUSH 0x0001 +#define ZAP_PTE_IS_SHARED 0x0002 struct zap_pte_details { pte_t **pte; @@ -1681,9 +1688,13 @@ zap_present_pte(struct mmu_gather *tlb, struct vm_area_struct *vma, if (unlikely(!should_zap_page(details, page))) return 0; - ptent = ptep_get_and_clear_full(mm, addr, pte, tlb->fullmm); + if (pte_details->flags & ZAP_PTE_IS_SHARED) + ptent = ptep_get(pte); + else + ptent = ptep_get_and_clear_full(mm, addr, pte, tlb->fullmm); tlb_remove_tlb_entry(tlb, pte, addr); - zap_install_uffd_wp_if_needed(vma, addr, pte, details, ptent); + if (!(pte_details->flags & ZAP_PTE_IS_SHARED)) + zap_install_uffd_wp_if_needed(vma, addr, pte, details, ptent); if (unlikely(!page)) return 0; @@ -1767,8 +1778,10 @@ zap_nopresent_pte(struct mmu_gather *tlb, struct vm_area_struct *vma, /* We should have covered all the swap entry types */ WARN_ON_ONCE(1); } - pte_clear_not_present_full(mm, addr, pte, tlb->fullmm); - zap_install_uffd_wp_if_needed(vma, addr, pte, details, ptent); + if (!(pte_details->flags & ZAP_PTE_IS_SHARED)) { + pte_clear_not_present_full(mm, addr, pte, tlb->fullmm); + zap_install_uffd_wp_if_needed(vma, addr, pte, details, ptent); + } } static unsigned long zap_pte_range(struct mmu_gather *tlb, @@ -1785,6 +1798,36 @@ static unsigned long zap_pte_range(struct mmu_gather *tlb, .flags = ZAP_PTE_INIT, .pte = &pte, }; +#ifdef CONFIG_COW_PTE + unsigned long orig_addr = addr; + + if (test_bit(MMF_COW_PTE, &mm->flags) && !pmd_write(*pmd)) { + if (!range_in_vma(vma, addr & PMD_MASK, + (addr + PMD_SIZE) & PMD_MASK)) { + /* + * We cannot promise this COW-ed PTE will also be zap + * with the rest of VMAs. So, break COW PTE here. + */ + break_cow_pte(vma, pmd, addr); + } else { + /* + * We free the batched memory before we handle + * COW-ed PTE. + */ + tlb_flush_mmu(tlb); + end = (addr + PMD_SIZE) & PMD_MASK; + addr = addr & PMD_MASK; + start_pte = pte_offset_map_lock(mm, pmd, addr, &ptl); + if (cow_pte_count(pmd) == 1) { + /* Reuse COW-ed PTE */ + pmd_t new = pmd_mkwrite(*pmd); + set_pmd_at(tlb->mm, addr, pmd, new); + } else + pte_details.flags |= ZAP_PTE_IS_SHARED; + pte_unmap_unlock(start_pte, ptl); + } + } +#endif tlb_change_page_size(tlb, PAGE_SIZE); again: @@ -1828,7 +1871,16 @@ static unsigned long zap_pte_range(struct mmu_gather *tlb, */ if (pte_details.flags & ZAP_PTE_FORCE_FLUSH) { pte_details.flags &= ~ZAP_PTE_FORCE_FLUSH; - tlb_flush_mmu(tlb); + /* + * With COW-ed PTE, we defer freeing the batched memory until + * after we have actually cleared the COW-ed PTE's pmd entry. + * Since, if we are the only ones still referencing the COW-ed + * PTe table after we have freed the batched memory, the page + * table check will report a bug with anon_map_count != 0 in + * page_table_check_zero(). + */ + if (!(pte_details.flags & ZAP_PTE_IS_SHARED)) + tlb_flush_mmu(tlb); } if (addr != end) { @@ -1836,6 +1888,36 @@ static unsigned long zap_pte_range(struct mmu_gather *tlb, goto again; } +#ifdef CONFIG_COW_PTE + if (pte_details.flags & ZAP_PTE_IS_SHARED) { + start_pte = pte_offset_map_lock(mm, pmd, orig_addr, &ptl); + if (!pmd_put_pte(pmd)) { + pmd_t new = pmd_mkwrite(*pmd); + set_pmd_at(tlb->mm, addr, pmd, new); + /* + * We are the only ones who still referencing this. + * Clear the page table check before we free the + * batched memory. + */ + page_table_check_pte_clear_range(mm, orig_addr, *pmd); + pte_unmap_unlock(start_pte, ptl); + /* free the batched memory and flush the TLB. */ + tlb_flush_mmu(tlb); + free_pte_range(tlb, pmd, addr); + } else { + pmd_clear(pmd); + pte_unmap_unlock(start_pte, ptl); + mm_dec_nr_ptes(tlb->mm); + /* + * Someone still referencing to the table, + * we just flush TLB here. + */ + flush_tlb_range(vma, addr & PMD_MASK, + (addr + PMD_SIZE) & PMD_MASK); + } + } +#endif + return addr; }