The existing nohz_full mode does a nice job of suppressing extraneous
kernel interrupts for cores that desire it. However, there is a need
for a more deterministic mode that rigorously disallows kernel
interrupts, even at a higher cost in user/kernel transition time:
for example, high-speed networking applications running userspace
drivers that will drop packets if they are ever interrupted.
These changes attempt to provide an initial draft of such a framework;
the changes do not add any overhead to the usual non-nohz_full mode,
and only very small overhead to the typical nohz_full mode. A prctl()
option (PR_SET_DATAPLANE) is added to control whether processes have
requested this stricter semantics, and within that prctl() option we
provide a number of different bits for more precise control.
Additionally, we add a new command-line boot argument to facilitate
debugging where unexpected interrupts are being delivered from.
Code that is conceptually similar has been in use in Tilera's
Multicore Development Environment since 2008, known as Zero-Overhead
Linux, and has seen wide adoption by a range of customers. This patch
series represents the first serious attempt to upstream that
functionality. Although the current state of the kernel isn't quite
ready to run with absolutely no kernel interrupts (for example,
workqueues on dataplane cores still remain to be dealt with), this
patch series provides a way to make dynamic tradeoffs between avoiding
kernel interrupts on the one hand, and making voluntary calls in and
out of the kernel more expensive, for tasks that want it.
The series (based currently on my arch/tile master tree for 4.2,
in turn based on 4.1-rc1) is available at:
git://git.kernel.org/pub/scm/linux/kernel/git/cmetcalf/linux-tile.git dataplane
Chris Metcalf (6):
nohz_full: add support for "dataplane" mode
nohz: dataplane: allow tick to be fully disabled for dataplane
dataplane nohz: run softirqs synchronously on user entry
nohz: support PR_DATAPLANE_QUIESCE
nohz: support PR_DATAPLANE_STRICT mode
nohz: add dataplane_debug boot flag
Documentation/kernel-parameters.txt | 6 ++
arch/tile/mm/homecache.c | 5 +-
include/linux/sched.h | 3 +
include/linux/tick.h | 12 ++++
include/uapi/linux/prctl.h | 8 +++
kernel/context_tracking.c | 3 +
kernel/irq_work.c | 4 +-
kernel/sched/core.c | 18 ++++++
kernel/signal.c | 5 ++
kernel/smp.c | 4 ++
kernel/softirq.c | 15 ++++-
kernel/sys.c | 8 +++
kernel/time/tick-sched.c | 112 +++++++++++++++++++++++++++++++++++-
13 files changed, 198 insertions(+), 5 deletions(-)
--
2.1.2
The existing nohz_full mode makes tradeoffs to minimize userspace
interruptions while still attempting to avoid overheads in the
kernel entry/exit path, to provide 100% kernel semantics, etc.
However, some applications require a stronger commitment from the
kernel to avoid interruptions, in particular userspace device
driver style applications, such as high-speed networking code.
This change introduces a framework to allow applications to elect
to have the stronger semantics as needed, specifying
prctl(PR_SET_DATAPLANE, PR_DATAPLANE_ENABLE) to do so.
Subsequent commits will add additional flags and additional
semantics.
The dataplane state is indicated by setting a new task struct
field, dataplane_flags, to the value passed by prctl(). When the
_ENABLE bit is set for a task, and it is returning to userspace
on a nohz_full core, it calls the new tick_nohz_dataplane_enter()
routine to take additional actions to help the task avoid being
interrupted in the future.
For this first patch, the only action taken is to call
lru_add_drain() to prevent being interrupted by a subsequent
lru_add_drain_all() call on another core.
Signed-off-by: Chris Metcalf <[email protected]>
---
include/linux/sched.h | 3 +++
include/linux/tick.h | 10 ++++++++++
include/uapi/linux/prctl.h | 5 +++++
kernel/context_tracking.c | 3 +++
kernel/sys.c | 8 ++++++++
kernel/time/tick-sched.c | 13 +++++++++++++
6 files changed, 42 insertions(+)
diff --git a/include/linux/sched.h b/include/linux/sched.h
index 8222ae40ecb0..3680aa07c9ea 100644
--- a/include/linux/sched.h
+++ b/include/linux/sched.h
@@ -1732,6 +1732,9 @@ struct task_struct {
#ifdef CONFIG_DEBUG_ATOMIC_SLEEP
unsigned long task_state_change;
#endif
+#ifdef CONFIG_NO_HZ_FULL
+ unsigned int dataplane_flags;
+#endif
};
/* Future-safe accessor for struct task_struct's cpus_allowed. */
diff --git a/include/linux/tick.h b/include/linux/tick.h
index f8492da57ad3..d191cda9b71a 100644
--- a/include/linux/tick.h
+++ b/include/linux/tick.h
@@ -10,6 +10,7 @@
#include <linux/context_tracking_state.h>
#include <linux/cpumask.h>
#include <linux/sched.h>
+#include <linux/prctl.h>
#ifdef CONFIG_GENERIC_CLOCKEVENTS
extern void __init tick_init(void);
@@ -134,11 +135,18 @@ static inline bool tick_nohz_full_cpu(int cpu)
return cpumask_test_cpu(cpu, tick_nohz_full_mask);
}
+static inline bool tick_nohz_is_dataplane(void)
+{
+ return tick_nohz_full_cpu(smp_processor_id()) &&
+ (current->dataplane_flags & PR_DATAPLANE_ENABLE);
+}
+
extern void __tick_nohz_full_check(void);
extern void tick_nohz_full_kick(void);
extern void tick_nohz_full_kick_cpu(int cpu);
extern void tick_nohz_full_kick_all(void);
extern void __tick_nohz_task_switch(struct task_struct *tsk);
+extern void tick_nohz_dataplane_enter(void);
#else
static inline bool tick_nohz_full_enabled(void) { return false; }
static inline bool tick_nohz_full_cpu(int cpu) { return false; }
@@ -147,6 +155,8 @@ static inline void tick_nohz_full_kick_cpu(int cpu) { }
static inline void tick_nohz_full_kick(void) { }
static inline void tick_nohz_full_kick_all(void) { }
static inline void __tick_nohz_task_switch(struct task_struct *tsk) { }
+static inline bool tick_nohz_is_dataplane(void) { return false; }
+static inline void tick_nohz_dataplane_enter(void) { }
#endif
static inline bool is_housekeeping_cpu(int cpu)
diff --git a/include/uapi/linux/prctl.h b/include/uapi/linux/prctl.h
index 31891d9535e2..1aa8fa8a8b05 100644
--- a/include/uapi/linux/prctl.h
+++ b/include/uapi/linux/prctl.h
@@ -190,4 +190,9 @@ struct prctl_mm_map {
# define PR_FP_MODE_FR (1 << 0) /* 64b FP registers */
# define PR_FP_MODE_FRE (1 << 1) /* 32b compatibility */
+/* Enable/disable or query dataplane mode for NO_HZ_FULL kernels. */
+#define PR_SET_DATAPLANE 47
+#define PR_GET_DATAPLANE 48
+# define PR_DATAPLANE_ENABLE (1 << 0)
+
#endif /* _LINUX_PRCTL_H */
diff --git a/kernel/context_tracking.c b/kernel/context_tracking.c
index 72d59a1a6eb6..dd6bdd6197b6 100644
--- a/kernel/context_tracking.c
+++ b/kernel/context_tracking.c
@@ -20,6 +20,7 @@
#include <linux/hardirq.h>
#include <linux/export.h>
#include <linux/kprobes.h>
+#include <linux/tick.h>
#define CREATE_TRACE_POINTS
#include <trace/events/context_tracking.h>
@@ -85,6 +86,8 @@ void context_tracking_enter(enum ctx_state state)
* on the tick.
*/
if (state == CONTEXT_USER) {
+ if (tick_nohz_is_dataplane())
+ tick_nohz_dataplane_enter();
trace_user_enter(0);
vtime_user_enter(current);
}
diff --git a/kernel/sys.c b/kernel/sys.c
index a4e372b798a5..930b750aefde 100644
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -2243,6 +2243,14 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3,
case PR_GET_FP_MODE:
error = GET_FP_MODE(me);
break;
+#ifdef CONFIG_NO_HZ_FULL
+ case PR_SET_DATAPLANE:
+ me->dataplane_flags = arg2;
+ break;
+ case PR_GET_DATAPLANE:
+ error = me->dataplane_flags;
+ break;
+#endif
default:
error = -EINVAL;
break;
diff --git a/kernel/time/tick-sched.c b/kernel/time/tick-sched.c
index 914259128145..31c674719647 100644
--- a/kernel/time/tick-sched.c
+++ b/kernel/time/tick-sched.c
@@ -24,6 +24,7 @@
#include <linux/posix-timers.h>
#include <linux/perf_event.h>
#include <linux/context_tracking.h>
+#include <linux/swap.h>
#include <asm/irq_regs.h>
@@ -389,6 +390,18 @@ void __init tick_nohz_init(void)
pr_info("NO_HZ: Full dynticks CPUs: %*pbl.\n",
cpumask_pr_args(tick_nohz_full_mask));
}
+
+/*
+ * When returning to userspace on a nohz_full core after doing
+ * prctl(PR_DATAPLANE_SET,1), we come here and try more aggressively
+ * to prevent this core from being interrupted later.
+ */
+void tick_nohz_dataplane_enter(void)
+{
+ /* Drain the pagevecs to avoid unnecessary IPI flushes later. */
+ lru_add_drain();
+}
+
#endif
/*
--
2.1.2
While the current fallback to 1-second tick is still helpful for
maintaining completely correct kernel semantics, processes using
prctl(PR_SET_DATAPLANE) semantics place a higher priority on running
completely tickless, so don't bound the time_delta for such processes.
This was previously discussed in
https://lkml.org/lkml/2014/10/31/364
and Thomas Gleixner observed that vruntime, load balancing data,
load accounting, and other things might be impacted. Frederic
Weisbecker similarly observed that allowing the tick to be indefinitely
deferred just meant that no one would ever fix the underlying bugs.
However it's at least true that the mode proposed in this patch can
only be enabled on an isolcpus core, which may limit how important
it is to maintain scheduler data correctly, for example.
It's also worth observing that the tile architecture has been using
similar code for its Zero-Overhead Linux for many years (starting in
2005) and customers are very enthusiastic about the resulting bare-metal
performance on cores that are available to run full Linux semantics
on demand (crash, logging, shutdown, etc). So this semantics is very
useful if we can convince ourselves that doing this is safe.
Signed-off-by: Chris Metcalf <[email protected]>
---
kernel/time/tick-sched.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/time/tick-sched.c b/kernel/time/tick-sched.c
index 31c674719647..25fdd6bdd1eb 100644
--- a/kernel/time/tick-sched.c
+++ b/kernel/time/tick-sched.c
@@ -644,7 +644,7 @@ static ktime_t tick_nohz_stop_sched_tick(struct tick_sched *ts,
}
#ifdef CONFIG_NO_HZ_FULL
- if (!ts->inidle) {
+ if (!ts->inidle && !tick_nohz_is_dataplane()) {
time_delta = min(time_delta,
scheduler_tick_max_deferment());
}
--
2.1.2
For tasks which have elected dataplane functionality, we run
any pending softirqs for the core before returning to userspace,
rather than ever scheduling ksoftirqd to run. The problem we
fix is that by allowing another task to run on the core, we
guarantee more interrupts in the future to the dataplane task,
which is exactly what dataplane mode is required to prevent.
This may be an alternate approach to what Mike Galbraith
recently proposed in e.g.:
https://lkml.org/lkml/2015/3/13/11
Signed-off-by: Chris Metcalf <[email protected]>
---
kernel/softirq.c | 14 +++++++++++++-
kernel/time/tick-sched.c | 26 +++++++++++++++++++++++++-
2 files changed, 38 insertions(+), 2 deletions(-)
diff --git a/kernel/softirq.c b/kernel/softirq.c
index 479e4436f787..bc9406337f82 100644
--- a/kernel/softirq.c
+++ b/kernel/softirq.c
@@ -291,6 +291,15 @@ restart:
--max_restart)
goto restart;
+ /*
+ * For dataplane tasks, waking ksoftirqd because the
+ * softirqs are slow is a bad idea; we would rather
+ * synchronously finish whatever is interrupting us,
+ * and then be able to cleanly enter dataplane mode.
+ */
+ if (tick_nohz_is_dataplane())
+ goto restart;
+
wakeup_softirqd();
}
@@ -410,8 +419,11 @@ inline void raise_softirq_irqoff(unsigned int nr)
*
* Otherwise we wake up ksoftirqd to make sure we
* schedule the softirq soon.
+ *
+ * For dataplane tasks, we will handle the softirq
+ * synchronously on return to userspace.
*/
- if (!in_interrupt())
+ if (!in_interrupt() && !tick_nohz_is_dataplane())
wakeup_softirqd();
}
diff --git a/kernel/time/tick-sched.c b/kernel/time/tick-sched.c
index 25fdd6bdd1eb..fd0e6e5c931c 100644
--- a/kernel/time/tick-sched.c
+++ b/kernel/time/tick-sched.c
@@ -398,8 +398,26 @@ void __init tick_nohz_init(void)
*/
void tick_nohz_dataplane_enter(void)
{
+ /*
+ * Check for softirqs as close as possible to our return to
+ * userspace, and run any that are waiting. We need to ensure
+ * that we can safely avoid running softirqd, which will cause
+ * interrupts for nohz_full tasks. Note that interrupts may
+ * be enabled internally by do_softirq().
+ */
+ do_softirq();
+
/* Drain the pagevecs to avoid unnecessary IPI flushes later. */
lru_add_drain();
+
+ /*
+ * Disable interrupts again since other code running in this
+ * function may have enabled them, and the caller expects
+ * interrupts to be disabled on return. Enabling them during
+ * this call is safe since the caller is not assuming any
+ * state that might have been altered by an interrupt.
+ */
+ local_irq_disable();
}
#endif
@@ -771,7 +789,13 @@ static bool can_stop_idle_tick(int cpu, struct tick_sched *ts)
if (need_resched())
return false;
- if (unlikely(local_softirq_pending() && cpu_online(cpu))) {
+ /*
+ * If we are running dataplane for this process, don't worry
+ * about pending softirqs; we will force them to run
+ * synchronously before returning to userspace.
+ */
+ if (unlikely(local_softirq_pending() && cpu_online(cpu) &&
+ !tick_nohz_is_dataplane())) {
static int ratelimit;
if (ratelimit < 10 &&
--
2.1.2
This prctl() flag for PR_SET_DATAPLANE sets a mode that requires the
kernel to quiesce any pending timer interrupts prior to returning
to userspace. When running with this mode set, sys calls (and page
faults, etc.) can be inordinately slow. However, user applications
that want to guarantee that no unexpected interrupts will occur
(even if they call into the kernel) can set this flag to guarantee
that semantics.
Signed-off-by: Chris Metcalf <[email protected]>
---
include/uapi/linux/prctl.h | 1 +
kernel/time/tick-sched.c | 54 ++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 55 insertions(+)
diff --git a/include/uapi/linux/prctl.h b/include/uapi/linux/prctl.h
index 1aa8fa8a8b05..8b735651304a 100644
--- a/include/uapi/linux/prctl.h
+++ b/include/uapi/linux/prctl.h
@@ -194,5 +194,6 @@ struct prctl_mm_map {
#define PR_SET_DATAPLANE 47
#define PR_GET_DATAPLANE 48
# define PR_DATAPLANE_ENABLE (1 << 0)
+# define PR_DATAPLANE_QUIESCE (1 << 1)
#endif /* _LINUX_PRCTL_H */
diff --git a/kernel/time/tick-sched.c b/kernel/time/tick-sched.c
index fd0e6e5c931c..69d908c6cef8 100644
--- a/kernel/time/tick-sched.c
+++ b/kernel/time/tick-sched.c
@@ -392,6 +392,53 @@ void __init tick_nohz_init(void)
}
/*
+ * We normally return immediately to userspace.
+ *
+ * The PR_DATAPLANE_QUIESCE flag causes us to wait until no more
+ * interrupts are pending. Otherwise we nap with interrupts enabled
+ * and wait for the next interrupt to fire, then loop back and retry.
+ *
+ * Note that if you schedule two processes on the same core and both
+ * specify PR_DATAPLANE_QUIESCE, neither will ever leave the kernel,
+ * and one will have to be killed manually. Otherwise in situations
+ * where another process is in the runqueue on this cpu, this task
+ * will just wait for that other task to go idle before returning to
+ * user space.
+ */
+static void dataplane_quiesce(void)
+{
+ struct clock_event_device *dev =
+ __this_cpu_read(tick_cpu_device.evtdev);
+ struct task_struct *task = current;
+ unsigned long start = jiffies;
+ bool warned = false;
+
+ while (ACCESS_ONCE(dev->next_event.tv64) != KTIME_MAX) {
+ if (!warned && (jiffies - start) >= (5 * HZ)) {
+ pr_warn("%s/%d: cpu %d: dataplane task blocked for %ld jiffies\n",
+ task->comm, task->pid, smp_processor_id(),
+ (jiffies - start));
+ warned = true;
+ }
+ if (should_resched())
+ schedule();
+ if (test_thread_flag(TIF_SIGPENDING))
+ break;
+
+ /* Idle with interrupts enabled and wait for the tick. */
+ set_current_state(TASK_INTERRUPTIBLE);
+ arch_cpu_idle();
+ set_current_state(TASK_RUNNING);
+ }
+ if (warned) {
+ pr_warn("%s/%d: cpu %d: dataplane task unblocked after %ld jiffies\n",
+ task->comm, task->pid, smp_processor_id(),
+ (jiffies - start));
+ dump_stack();
+ }
+}
+
+/*
* When returning to userspace on a nohz_full core after doing
* prctl(PR_DATAPLANE_SET,1), we come here and try more aggressively
* to prevent this core from being interrupted later.
@@ -411,6 +458,13 @@ void tick_nohz_dataplane_enter(void)
lru_add_drain();
/*
+ * Quiesce any timer ticks if requested. On return from this
+ * function, no timer ticks are pending.
+ */
+ if ((current->dataplane_flags & PR_DATAPLANE_QUIESCE) != 0)
+ dataplane_quiesce();
+
+ /*
* Disable interrupts again since other code running in this
* function may have enabled them, and the caller expects
* interrupts to be disabled on return. Enabling them during
--
2.1.2
With QUIESCE mode, the task is in principle guaranteed not to be
interrupted by the kernel, but only if it behaves. In particular,
if it enters the kernel via system call, page fault, or any of
a number of other synchronous traps, it may be unexpectedly
exposed to long latencies. Add a simple flag that puts the process
into a state where any such kernel entry is fatal.
To allow the state to be entered and exited, we add an internal
bit to current->dataplane_flags that is set when prctl() sets the
flags. That way, when we are exiting the kernel after calling
prctl() to forbid future kernel exits, we don't get immediately
killed.
Signed-off-by: Chris Metcalf <[email protected]>
---
include/uapi/linux/prctl.h | 2 ++
kernel/sys.c | 2 +-
kernel/time/tick-sched.c | 17 +++++++++++++++++
3 files changed, 20 insertions(+), 1 deletion(-)
diff --git a/include/uapi/linux/prctl.h b/include/uapi/linux/prctl.h
index 8b735651304a..9cf79aa1e73f 100644
--- a/include/uapi/linux/prctl.h
+++ b/include/uapi/linux/prctl.h
@@ -195,5 +195,7 @@ struct prctl_mm_map {
#define PR_GET_DATAPLANE 48
# define PR_DATAPLANE_ENABLE (1 << 0)
# define PR_DATAPLANE_QUIESCE (1 << 1)
+# define PR_DATAPLANE_STRICT (1 << 2)
+# define PR_DATAPLANE_PRCTL (1U << 31) /* kernel internal */
#endif /* _LINUX_PRCTL_H */
diff --git a/kernel/sys.c b/kernel/sys.c
index 930b750aefde..8102433c9edd 100644
--- a/kernel/sys.c
+++ b/kernel/sys.c
@@ -2245,7 +2245,7 @@ SYSCALL_DEFINE5(prctl, int, option, unsigned long, arg2, unsigned long, arg3,
break;
#ifdef CONFIG_NO_HZ_FULL
case PR_SET_DATAPLANE:
- me->dataplane_flags = arg2;
+ me->dataplane_flags = arg2 | PR_DATAPLANE_PRCTL;
break;
case PR_GET_DATAPLANE:
error = me->dataplane_flags;
diff --git a/kernel/time/tick-sched.c b/kernel/time/tick-sched.c
index 69d908c6cef8..22ed0decb363 100644
--- a/kernel/time/tick-sched.c
+++ b/kernel/time/tick-sched.c
@@ -436,6 +436,20 @@ static void dataplane_quiesce(void)
(jiffies - start));
dump_stack();
}
+
+ /*
+ * Kill the process if it violates STRICT mode. Note that this
+ * code also results in killing the task if a kernel bug causes an
+ * irq to be delivered to this core.
+ */
+ if ((task->dataplane_flags & (PR_DATAPLANE_STRICT|PR_DATAPLANE_PRCTL))
+ == PR_DATAPLANE_STRICT) {
+ pr_warn("Dataplane STRICT mode violated; process killed.\n");
+ dump_stack();
+ task->dataplane_flags &= ~PR_DATAPLANE_QUIESCE;
+ local_irq_enable();
+ do_group_exit(SIGKILL);
+ }
}
/*
@@ -464,6 +478,9 @@ void tick_nohz_dataplane_enter(void)
if ((current->dataplane_flags & PR_DATAPLANE_QUIESCE) != 0)
dataplane_quiesce();
+ /* Clear the bit set by prctl() when it updates the flags. */
+ current->dataplane_flags &= ~PR_DATAPLANE_PRCTL;
+
/*
* Disable interrupts again since other code running in this
* function may have enabled them, and the caller expects
--
2.1.2
This flag simplifies debugging of NO_HZ_FULL kernels when processes
are running in PR_DATAPLANE_QUIESCE mode. Such processes should
get no interrupts from the kernel, and if they do, when this boot
flag is specified a kernel stack dump on the console is generated.
It's possible to use ftrace to simply detect whether a dataplane core
has unexpectedly entered the kernel. But what this boot flag does
is allow the kernel to provide better diagnostics, e.g. by reporting
in the IPI-generating code what remote core and context is preparing
to deliver an interrupt to a dataplane core.
It may be worth considering other ways to generate useful debugging
output rather than console spew, but for now that is simple and direct.
Signed-off-by: Chris Metcalf <[email protected]>
---
Documentation/kernel-parameters.txt | 6 ++++++
arch/tile/mm/homecache.c | 5 ++++-
include/linux/tick.h | 2 ++
kernel/irq_work.c | 4 +++-
kernel/sched/core.c | 18 ++++++++++++++++++
kernel/signal.c | 5 +++++
kernel/smp.c | 4 ++++
kernel/softirq.c | 1 +
8 files changed, 43 insertions(+), 2 deletions(-)
diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
index f6befa9855c1..5c5af5258e17 100644
--- a/Documentation/kernel-parameters.txt
+++ b/Documentation/kernel-parameters.txt
@@ -794,6 +794,12 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
dasd= [HW,NET]
See header of drivers/s390/block/dasd_devmap.c.
+ dataplane_debug [KNL]
+ In kernels built with CONFIG_NO_HZ_FULL and booted
+ in nohz_full= mode, this setting will generate console
+ backtraces when the kernel is about to interrupt a
+ task that has requested PR_DATAPLANE_QUIESCE.
+
db9.dev[2|3]= [HW,JOY] Multisystem joystick support via parallel port
(one device per port)
Format: <port#>,<type>
diff --git a/arch/tile/mm/homecache.c b/arch/tile/mm/homecache.c
index 40ca30a9fee3..dd5ec7eca9a8 100644
--- a/arch/tile/mm/homecache.c
+++ b/arch/tile/mm/homecache.c
@@ -31,6 +31,7 @@
#include <linux/smp.h>
#include <linux/module.h>
#include <linux/hugetlb.h>
+#include <linux/tick.h>
#include <asm/page.h>
#include <asm/sections.h>
@@ -83,8 +84,10 @@ static void hv_flush_update(const struct cpumask *cache_cpumask,
* Don't bother to update atomically; losing a count
* here is not that critical.
*/
- for_each_cpu(cpu, &mask)
+ for_each_cpu(cpu, &mask) {
++per_cpu(irq_stat, cpu).irq_hv_flush_count;
+ tick_nohz_dataplane_debug(cpu);
+ }
}
/*
diff --git a/include/linux/tick.h b/include/linux/tick.h
index d191cda9b71a..4610cdf0f972 100644
--- a/include/linux/tick.h
+++ b/include/linux/tick.h
@@ -147,6 +147,7 @@ extern void tick_nohz_full_kick_cpu(int cpu);
extern void tick_nohz_full_kick_all(void);
extern void __tick_nohz_task_switch(struct task_struct *tsk);
extern void tick_nohz_dataplane_enter(void);
+extern void tick_nohz_dataplane_debug(int cpu);
#else
static inline bool tick_nohz_full_enabled(void) { return false; }
static inline bool tick_nohz_full_cpu(int cpu) { return false; }
@@ -157,6 +158,7 @@ static inline void tick_nohz_full_kick_all(void) { }
static inline void __tick_nohz_task_switch(struct task_struct *tsk) { }
static inline bool tick_nohz_is_dataplane(void) { return false; }
static inline void tick_nohz_dataplane_enter(void) { }
+static inline void tick_nohz_dataplane_debug(int cpu) { }
#endif
static inline bool is_housekeeping_cpu(int cpu)
diff --git a/kernel/irq_work.c b/kernel/irq_work.c
index cbf9fb899d92..0adc53c4e899 100644
--- a/kernel/irq_work.c
+++ b/kernel/irq_work.c
@@ -75,8 +75,10 @@ bool irq_work_queue_on(struct irq_work *work, int cpu)
if (!irq_work_claim(work))
return false;
- if (llist_add(&work->llnode, &per_cpu(raised_list, cpu)))
+ if (llist_add(&work->llnode, &per_cpu(raised_list, cpu))) {
+ tick_nohz_dataplane_debug(cpu);
arch_send_call_function_single_ipi(cpu);
+ }
return true;
}
diff --git a/kernel/sched/core.c b/kernel/sched/core.c
index f9123a82cbb6..202fab0c41cb 100644
--- a/kernel/sched/core.c
+++ b/kernel/sched/core.c
@@ -719,6 +719,24 @@ bool sched_can_stop_tick(void)
return true;
}
+
+/* Enable debugging of any interrupts of dataplane cores. */
+static int dataplane_debug;
+static int __init dataplane_debug_func(char *str)
+{
+ dataplane_debug = true;
+ return 1;
+}
+__setup("dataplane_debug", dataplane_debug_func);
+
+void tick_nohz_dataplane_debug(int cpu)
+{
+ if (dataplane_debug && tick_nohz_full_cpu(cpu) &&
+ (cpu_curr(cpu)->dataplane_flags & PR_DATAPLANE_QUIESCE)) {
+ pr_err("Interrupt detected for dataplane cpu %d\n", cpu);
+ dump_stack();
+ }
+}
#endif /* CONFIG_NO_HZ_FULL */
void sched_avg_update(struct rq *rq)
diff --git a/kernel/signal.c b/kernel/signal.c
index d51c5ddd855c..ebc552cafff5 100644
--- a/kernel/signal.c
+++ b/kernel/signal.c
@@ -689,6 +689,11 @@ int dequeue_signal(struct task_struct *tsk, sigset_t *mask, siginfo_t *info)
*/
void signal_wake_up_state(struct task_struct *t, unsigned int state)
{
+#ifdef CONFIG_NO_HZ_FULL
+ /* If the task is being killed, don't complain about dataplane. */
+ if (state & TASK_WAKEKILL)
+ t->dataplane_flags = 0;
+#endif
set_tsk_thread_flag(t, TIF_SIGPENDING);
/*
* TASK_WAKEKILL also means wake it up in the stopped/traced/killable
diff --git a/kernel/smp.c b/kernel/smp.c
index 07854477c164..9518fc80321b 100644
--- a/kernel/smp.c
+++ b/kernel/smp.c
@@ -14,6 +14,7 @@
#include <linux/smp.h>
#include <linux/cpu.h>
#include <linux/sched.h>
+#include <linux/tick.h>
#include "smpboot.h"
@@ -178,6 +179,7 @@ static int generic_exec_single(int cpu, struct call_single_data *csd,
* locking and barrier primitives. Generic code isn't really
* equipped to do the right thing...
*/
+ tick_nohz_dataplane_debug(cpu);
if (llist_add(&csd->llist, &per_cpu(call_single_queue, cpu)))
arch_send_call_function_single_ipi(cpu);
@@ -457,6 +459,8 @@ void smp_call_function_many(const struct cpumask *mask,
}
/* Send a message to all CPUs in the map */
+ for_each_cpu(cpu, cfd->cpumask)
+ tick_nohz_dataplane_debug(cpu);
arch_send_call_function_ipi_mask(cfd->cpumask);
if (wait) {
diff --git a/kernel/softirq.c b/kernel/softirq.c
index bc9406337f82..eeacabf08ca6 100644
--- a/kernel/softirq.c
+++ b/kernel/softirq.c
@@ -394,6 +394,7 @@ void irq_exit(void)
WARN_ON_ONCE(!irqs_disabled());
#endif
+ tick_nohz_dataplane_debug(smp_processor_id());
account_irq_exit_time(current);
preempt_count_sub(HARDIRQ_OFFSET);
if (!in_interrupt() && local_softirq_pending())
--
2.1.2
On Fri, 8 May 2015 13:58:41 -0400 Chris Metcalf <[email protected]> wrote:
> A prctl() option (PR_SET_DATAPLANE) is added
Dumb question: what does the term "dataplane" mean in this context? I
can't see the relationship between those words and what this patch
does.
On Fri, 8 May 2015 14:18:24 -0700
Andrew Morton <[email protected]> wrote:
> On Fri, 8 May 2015 13:58:41 -0400 Chris Metcalf <[email protected]> wrote:
>
> > A prctl() option (PR_SET_DATAPLANE) is added
>
> Dumb question: what does the term "dataplane" mean in this context? I
> can't see the relationship between those words and what this patch
> does.
I was thinking the same thing. I haven't gotten around to searching
DATAPLANE yet.
I would assume we want a name that is more meaningful for what is
happening.
-- Steve
On 5/8/2015 5:22 PM, Steven Rostedt wrote:
> On Fri, 8 May 2015 14:18:24 -0700
> Andrew Morton <[email protected]> wrote:
>
>> On Fri, 8 May 2015 13:58:41 -0400 Chris Metcalf <[email protected]> wrote:
>>
>>> A prctl() option (PR_SET_DATAPLANE) is added
>> Dumb question: what does the term "dataplane" mean in this context? I
>> can't see the relationship between those words and what this patch
>> does.
> I was thinking the same thing. I haven't gotten around to searching
> DATAPLANE yet.
>
> I would assume we want a name that is more meaningful for what is
> happening.
The text in the commit message and the 0/6 cover letter do try to explain
the concept. The terminology comes, I think, from networking line cards,
where the "dataplane" is the part of the application that handles all the
fast path processing of network packets, and the "control plane" is the part
that handles routing updates, etc., generally slow-path stuff. I've probably
just been using the terms so long they seem normal to me.
That said, what would be clearer? NO_HZ_STRICT as a superset of
NO_HZ_FULL? Or move away from the NO_HZ terminology a bit; after all,
we're talking about no interrupts of any kind, and maybe NO_HZ is too
limited in scope? So, NO_INTERRUPTS? USERSPACE_ONLY? Or look
to vendors who ship bare-metal runtimes and call it BARE_METAL?
Borrow the Tilera marketing name and call it ZERO_OVERHEAD?
Maybe BARE_METAL seems most plausible -- after DATAPLANE, to me,
of course :-)
--
Chris Metcalf, EZChip Semiconductor
http://www.ezchip.com
On Fri, 8 May 2015 19:11:10 -0400 Chris Metcalf <[email protected]> wrote:
> On 5/8/2015 5:22 PM, Steven Rostedt wrote:
> > On Fri, 8 May 2015 14:18:24 -0700
> > Andrew Morton <[email protected]> wrote:
> >
> >> On Fri, 8 May 2015 13:58:41 -0400 Chris Metcalf <[email protected]> wrote:
> >>
> >>> A prctl() option (PR_SET_DATAPLANE) is added
> >> Dumb question: what does the term "dataplane" mean in this context? I
> >> can't see the relationship between those words and what this patch
> >> does.
> > I was thinking the same thing. I haven't gotten around to searching
> > DATAPLANE yet.
> >
> > I would assume we want a name that is more meaningful for what is
> > happening.
>
> The text in the commit message and the 0/6 cover letter do try to explain
> the concept. The terminology comes, I think, from networking line cards,
> where the "dataplane" is the part of the application that handles all the
> fast path processing of network packets, and the "control plane" is the part
> that handles routing updates, etc., generally slow-path stuff. I've probably
> just been using the terms so long they seem normal to me.
>
> That said, what would be clearer? NO_HZ_STRICT as a superset of
> NO_HZ_FULL? Or move away from the NO_HZ terminology a bit; after all,
> we're talking about no interrupts of any kind, and maybe NO_HZ is too
> limited in scope? So, NO_INTERRUPTS? USERSPACE_ONLY? Or look
> to vendors who ship bare-metal runtimes and call it BARE_METAL?
> Borrow the Tilera marketing name and call it ZERO_OVERHEAD?
>
> Maybe BARE_METAL seems most plausible -- after DATAPLANE, to me,
> of course :-)
I like NO_INTERRUPTS. Simple, direct.
On Fri, 2015-05-08 at 13:58 -0400, Chris Metcalf wrote:
> For tasks which have elected dataplane functionality, we run
> any pending softirqs for the core before returning to userspace,
> rather than ever scheduling ksoftirqd to run. The problem we
> fix is that by allowing another task to run on the core, we
> guarantee more interrupts in the future to the dataplane task,
> which is exactly what dataplane mode is required to prevent.
If ksoftirqd were rt class, softirqs would be gone when the soloist gets
the CPU back and heads to userspace. Being a soloist, it has no use for
a priority, so why can't it just let ksoftirqd run if it raises the
occasional softirq? Meeting a contended lock while processing it will
wreck the soloist regardless of who does that processing.
-Mike
* Andrew Morton <[email protected]> wrote:
> On Fri, 8 May 2015 19:11:10 -0400 Chris Metcalf <[email protected]> wrote:
>
> > On 5/8/2015 5:22 PM, Steven Rostedt wrote:
> > > On Fri, 8 May 2015 14:18:24 -0700
> > > Andrew Morton <[email protected]> wrote:
> > >
> > >> On Fri, 8 May 2015 13:58:41 -0400 Chris Metcalf <[email protected]> wrote:
> > >>
> > >>> A prctl() option (PR_SET_DATAPLANE) is added
> > >> Dumb question: what does the term "dataplane" mean in this context? I
> > >> can't see the relationship between those words and what this patch
> > >> does.
> > > I was thinking the same thing. I haven't gotten around to searching
> > > DATAPLANE yet.
> > >
> > > I would assume we want a name that is more meaningful for what is
> > > happening.
> >
> > The text in the commit message and the 0/6 cover letter do try to explain
> > the concept. The terminology comes, I think, from networking line cards,
> > where the "dataplane" is the part of the application that handles all the
> > fast path processing of network packets, and the "control plane" is the part
> > that handles routing updates, etc., generally slow-path stuff. I've probably
> > just been using the terms so long they seem normal to me.
> >
> > That said, what would be clearer? NO_HZ_STRICT as a superset of
> > NO_HZ_FULL? Or move away from the NO_HZ terminology a bit; after all,
> > we're talking about no interrupts of any kind, and maybe NO_HZ is too
> > limited in scope? So, NO_INTERRUPTS? USERSPACE_ONLY? Or look
> > to vendors who ship bare-metal runtimes and call it BARE_METAL?
> > Borrow the Tilera marketing name and call it ZERO_OVERHEAD?
> >
> > Maybe BARE_METAL seems most plausible -- after DATAPLANE, to me,
> > of course :-)
'baremetal' has uses in virtualization speak, so I think that would be
confusing.
> I like NO_INTERRUPTS. Simple, direct.
NO_HZ_PURE?
That's what it's really about: user-space wants to run exclusively, in
pure user-mode, without any interrupts.
So I don't like 'NO_HZ_NO_INTERRUPTS' for a couple of reasons:
- It is similar to a term we use in perf: PERF_PMU_CAP_NO_INTERRUPT.
- Another reason is that 'NO_INTERRUPTS', in most existing uses in
the kernel generally relates to some sort of hardware weakness,
limitation, a negative property: that we try to limp along without
having a hardware interrupt and have to poll. In other driver code
that uses variants of NO_INTERRUPT it appears to be similar. So I
think there's some confusion potential here.
- Here the fact that we don't disturb user-space is an absolutely
positive property, not a limitation, a kernel feature we work hard
to achieve. NO_HZ_PURE would convey that while NO_HZ_NO_INTERRUPTS
wouldn't.
- NO_HZ_NO_INTERRUPTS has a double negation, and it's also too long,
compared to NO_HZ_FULL or NO_HZ_PURE ;-) The term 'no HZ' already
expresses that we don't have periodic interruptions. We just
duplicate that information with NO_HZ_NO_INTERRUPTS, while
NO_HZ_FULL or NO_HZ_PURE qualifies it, makes it a stronger
property - which is what we want I think.
So I think we should either rename NO_HZ_FULL to NO_HZ_PURE, or keep
it at NO_HZ_FULL: because the intention of NO_HZ_FULL was always to be
such a 'zero overhead' mode of operation, where if user-space runs, it
won't get interrupted in any way.
There's no need to add yet another Kconfig variant - lets just enhance
the current stuff and maybe rename it to NO_HZ_PURE to better express
its intent.
Thanks,
Ingo
On Sat, May 9, 2015 at 12:05 AM, Ingo Molnar <[email protected]> wrote:
>
> * Andrew Morton <[email protected]> wrote:
>
>> On Fri, 8 May 2015 19:11:10 -0400 Chris Metcalf <[email protected]> wrote:
>>
>> > On 5/8/2015 5:22 PM, Steven Rostedt wrote:
>> > > On Fri, 8 May 2015 14:18:24 -0700
>> > > Andrew Morton <[email protected]> wrote:
>> > >
>> > >> On Fri, 8 May 2015 13:58:41 -0400 Chris Metcalf <[email protected]> wrote:
>> > >>
>> > >>> A prctl() option (PR_SET_DATAPLANE) is added
>> > >> Dumb question: what does the term "dataplane" mean in this context? I
>> > >> can't see the relationship between those words and what this patch
>> > >> does.
>> > > I was thinking the same thing. I haven't gotten around to searching
>> > > DATAPLANE yet.
>> > >
>> > > I would assume we want a name that is more meaningful for what is
>> > > happening.
>> >
>> > The text in the commit message and the 0/6 cover letter do try to explain
>> > the concept. The terminology comes, I think, from networking line cards,
>> > where the "dataplane" is the part of the application that handles all the
>> > fast path processing of network packets, and the "control plane" is the part
>> > that handles routing updates, etc., generally slow-path stuff. I've probably
>> > just been using the terms so long they seem normal to me.
>> >
>> > That said, what would be clearer? NO_HZ_STRICT as a superset of
>> > NO_HZ_FULL? Or move away from the NO_HZ terminology a bit; after all,
>> > we're talking about no interrupts of any kind, and maybe NO_HZ is too
>> > limited in scope? So, NO_INTERRUPTS? USERSPACE_ONLY? Or look
>> > to vendors who ship bare-metal runtimes and call it BARE_METAL?
>> > Borrow the Tilera marketing name and call it ZERO_OVERHEAD?
>> >
>> > Maybe BARE_METAL seems most plausible -- after DATAPLANE, to me,
>> > of course :-)
>
> 'baremetal' has uses in virtualization speak, so I think that would be
> confusing.
>
>> I like NO_INTERRUPTS. Simple, direct.
>
> NO_HZ_PURE?
>
Naming aside, I don't think this should be a per-task flag at all. We
already have way too much overhead per syscall in nohz mode, and it
would be nice to get the per-syscall overhead as low as possible. We
should strive, for all tasks, to keep syscall overhead down *and*
avoid as many interrupts as possible.
That being said, I do see a legitimate use for a way to tell the
kernel "I'm going to run in userspace for a long time; stay away".
But shouldn't that be a single operation, not an ongoing flag? IOW, I
think that we should have a new syscall quiesce() or something rather
than a prctl.
--Andy
On Sat, 2015-05-09 at 09:05 +0200, Ingo Molnar wrote:
> * Andrew Morton <[email protected]> wrote:
>
> > On Fri, 8 May 2015 19:11:10 -0400 Chris Metcalf <[email protected]> wrote:
> >
> > > On 5/8/2015 5:22 PM, Steven Rostedt wrote:
> > > > On Fri, 8 May 2015 14:18:24 -0700
> > > > Andrew Morton <[email protected]> wrote:
> > > >
> > > >> On Fri, 8 May 2015 13:58:41 -0400 Chris Metcalf <[email protected]> wrote:
> > > >>
> > > >>> A prctl() option (PR_SET_DATAPLANE) is added
> > > >> Dumb question: what does the term "dataplane" mean in this context? I
> > > >> can't see the relationship between those words and what this patch
> > > >> does.
> > > > I was thinking the same thing. I haven't gotten around to searching
> > > > DATAPLANE yet.
> > > >
> > > > I would assume we want a name that is more meaningful for what is
> > > > happening.
> > >
> > > The text in the commit message and the 0/6 cover letter do try to explain
> > > the concept. The terminology comes, I think, from networking line cards,
> > > where the "dataplane" is the part of the application that handles all the
> > > fast path processing of network packets, and the "control plane" is the part
> > > that handles routing updates, etc., generally slow-path stuff. I've probably
> > > just been using the terms so long they seem normal to me.
> > >
> > > That said, what would be clearer? NO_HZ_STRICT as a superset of
> > > NO_HZ_FULL? Or move away from the NO_HZ terminology a bit; after all,
> > > we're talking about no interrupts of any kind, and maybe NO_HZ is too
> > > limited in scope? So, NO_INTERRUPTS? USERSPACE_ONLY? Or look
> > > to vendors who ship bare-metal runtimes and call it BARE_METAL?
> > > Borrow the Tilera marketing name and call it ZERO_OVERHEAD?
> > >
> > > Maybe BARE_METAL seems most plausible -- after DATAPLANE, to me,
> > > of course :-)
>
> 'baremetal' has uses in virtualization speak, so I think that would be
> confusing.
>
> > I like NO_INTERRUPTS. Simple, direct.
>
> NO_HZ_PURE?
Hm, coke light, coke zero... OS_LIGHT and OS_ZERO?
-Mike
On May 8, 2015 11:44 PM, "Chris Metcalf" <[email protected]> wrote:
>
> With QUIESCE mode, the task is in principle guaranteed not to be
> interrupted by the kernel, but only if it behaves. In particular,
> if it enters the kernel via system call, page fault, or any of
> a number of other synchronous traps, it may be unexpectedly
> exposed to long latencies. Add a simple flag that puts the process
> into a state where any such kernel entry is fatal.
>
> To allow the state to be entered and exited, we add an internal
> bit to current->dataplane_flags that is set when prctl() sets the
> flags. That way, when we are exiting the kernel after calling
> prctl() to forbid future kernel exits, we don't get immediately
> killed.
Is there any reason this can't already be addressed in userspace using
/proc/interrupts or perf_events? ISTM the real goal here is to detect
when we screw up and fail to avoid an interrupt, and killing the task
seems like overkill to me.
Also, can we please stop further torturing the exit paths? We have a
disaster of assembly code that calls into syscall_trace_leave and
do_notify_resume. Those functions, in turn, *both* call user_enter
(WTF?), and on very brief inspection user_enter makes it into the nohz
code through multiple levels of indirection, which, with these
patches, has yet another conditionally enabled helper, which does this
new stuff. It's getting to be impossible to tell what happens when we
exit to user space any more.
Also, I think your code is buggy. There's no particular guarantee
that user_enter is only called once between sys_prctl and the final
exit to user mode (see the above WTF), so you might spuriously kill
the process.
Also, I think that most users will be quite surprised if "strict
dataplane" code causes any machine check on the system to kill your
dataplane task. Similarly, a user accidentally running perf record -a
probably should have some reasonable semantics. /proc/interrupts gets
that right as is. Sure, MCEs will hurt your RT performance, but Intel
screwed up the way that MCEs work, so we should make do.
--Andy