Received: by 10.213.65.68 with SMTP id h4csp519946imn; Wed, 4 Apr 2018 02:34:20 -0700 (PDT) X-Google-Smtp-Source: AIpwx48bK6o7nMM0YwYIZq3b2UVnGcjSajVOEwduLuLC1PpZHrZL1vKWRcG+QmC47Hkz69G3fK96 X-Received: by 2002:a17:902:6984:: with SMTP id l4-v6mr18445488plk.61.1522834460219; Wed, 04 Apr 2018 02:34:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1522834460; cv=none; d=google.com; s=arc-20160816; b=Bg5E7h4A7iwDxn4p/ZwLUEhUy8xMbNmLyEsoFiBoVDBsVZpzNvR5Qeeqi9uQ40brSZ wWDQUXrTbGGRAP3zqyG8ITgmp6COlqbyYUqCSZYWkBXLMgbOufKcTcViAxYVEzNbQkFu lUNoq4pyt+Q8sNPQ6K0Q9EQBuj+xxsUnFbvSC4SQrNzqCTru6ubL4pkTwLoyb6bAfOIN Vsbj343kkyiRRhYMagrKVRKj5rmLHnktaY0o/Zb3RjJevDTAXXhVDywIXELkS1zgRsjE v3MvAfqR7/BpFuknbhh07Vji6wwZcTHnczUQ5mdjEb0/Olzc8acFuV+NmeNroJhj8UCS 5tpQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:mail-followup-to :message-id:subject:cc:to:from:date:dkim-signature :arc-authentication-results; bh=0wys0M64ikuJxolInD/On8ejMnw5yiK0pO/U8RuHy20=; b=uZHBLVWo4sPfbIlGx3do3LFZYAGJvMtZQuzFXIG/iIXpioqz1dwHBtefc2OlW8YtA4 qMb73Im7LL+XD1DG3f+NxS+nZYmQJ2UHqOU7pQwjVEpWhEFw3TPU2jgZg1etDLArThqO bqAcfQpzJ39uSKdmV1X+r1bxjRSe+/qEP9M5grFGQnOFUx2biJyMAyHcaBgXIuXMjcsR l+tPDes6nUKxlW6VVHc3VeLRfBay6E1O3VDB1DgdFJ15VqWbfjHkEDLBT+1VFSFWfzH3 fJWm2nyB4Uvd1RR9pOUkGpwAWXj485OhSaq/ttj7UdlUADykySj4Jnd2MxE6FOI6dTrn ugKg== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@ffwll.ch header.s=google header.b=ZeWOO+bq; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id v9-v6si2728969plo.681.2018.04.04.02.34.06; Wed, 04 Apr 2018 02:34:20 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@ffwll.ch header.s=google header.b=ZeWOO+bq; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1750916AbeDDJdA (ORCPT + 99 others); Wed, 4 Apr 2018 05:33:00 -0400 Received: from mail-wm0-f42.google.com ([74.125.82.42]:53926 "EHLO mail-wm0-f42.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1750736AbeDDJc6 (ORCPT ); Wed, 4 Apr 2018 05:32:58 -0400 Received: by mail-wm0-f42.google.com with SMTP id p9so38945123wmc.3 for ; Wed, 04 Apr 2018 02:32:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ffwll.ch; s=google; h=sender:date:from:to:cc:subject:message-id:mail-followup-to :references:mime-version:content-disposition:in-reply-to:user-agent; bh=0wys0M64ikuJxolInD/On8ejMnw5yiK0pO/U8RuHy20=; b=ZeWOO+bq+i/4BZTtZOUVJZPI5p8VmZ9l56M40yw1PscuQzGh8oLt1bQX22jPZUsHlF sn4svtuymKLcZwBcS5utove/LxaACi3Tmr2PiE9Ul3rKEz2/tuo0ULTd1Azv8MDimmFX mmr/9tYn6dsT6A2Q/BG5Wu3Sz+KKdygEUKvac= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:cc:subject:message-id :mail-followup-to:references:mime-version:content-disposition :in-reply-to:user-agent; bh=0wys0M64ikuJxolInD/On8ejMnw5yiK0pO/U8RuHy20=; b=P4uSoCSOCZLzNAkiZhX5sE4xaXAMnzvrJ52CHZzmL8/EpyIzyIx0Kq00xsP+veFTSU kfTALokojNjlEWy16HrUibRn+oAICuzM0hp/cnLOlO7TB2WYyXE7puztfuKQZknZW7zn sm76mEXHNK4gb45FcimUHrMhfaM/aXkIVvdiqGMQ3eTwtQgA//dwJhLJciWhUbbllc4M 6D7Qz280t0k4Q9Vfe8mYNyyHfZ5q2dhVPc/zFXfcPIiGveUUbxR79t+ox/C841pAgu/q wXzO/aQ3LUpvaahf1OKz/61xOsy7luBzqakPgkroBOlLbSyDMgh5MagOd36uXGYPFHcL Carg== X-Gm-Message-State: AElRT7GeKU/HOtH/m63pXfA5BnbxZ58aGVEeEgI9rgd7RjXjXK37QPlO 72sPStZxteLv1AqsmwWXRx/Q1sjU X-Received: by 10.80.135.202 with SMTP id 10mr19990736edz.1.1522834377325; Wed, 04 Apr 2018 02:32:57 -0700 (PDT) Received: from phenom.ffwll.local (212-51-149-109.fiber7.init7.net. [212.51.149.109]) by smtp.gmail.com with ESMTPSA id k24sm3207343ede.62.2018.04.04.02.32.56 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Wed, 04 Apr 2018 02:32:56 -0700 (PDT) Date: Wed, 4 Apr 2018 11:32:54 +0200 From: Daniel Vetter To: Matthew Wilcox Cc: dri-devel@lists.freedesktop.org, linux-mm@kvack.org, Souptick Joarder , linux-kernel@vger.kernel.org Subject: Re: Signal handling in a page fault handler Message-ID: <20180404093254.GC3881@phenom.ffwll.local> Mail-Followup-To: Matthew Wilcox , dri-devel@lists.freedesktop.org, linux-mm@kvack.org, Souptick Joarder , linux-kernel@vger.kernel.org References: <20180402141058.GL13332@bombadil.infradead.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180402141058.GL13332@bombadil.infradead.org> X-Operating-System: Linux phenom 4.15.0-1-amd64 User-Agent: Mutt/1.9.4 (2018-02-28) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Apr 02, 2018 at 07:10:58AM -0700, Matthew Wilcox wrote: > > Souptick and I have been auditing the various page fault handler routines > and we've noticed that graphics drivers assume that a signal should be > able to interrupt a page fault. In contrast, the page cache takes great > care to allow only fatal signals to interrupt a page fault. > > I believe (but have not verified) that a non-fatal signal being delivered > to a task which is in the middle of a page fault may well end up in an > infinite loop, attempting to handle the page fault and failing forever. > > Here's one of the simpler ones: > > ret = mutex_lock_interruptible(&etnaviv_obj->lock); > if (ret) > return VM_FAULT_NOPAGE; > > (many other drivers do essentially the same thing including i915) > > On seeing NOPAGE, the fault handler believes the PTE is in the page > table, so does nothing before it returns to arch code at which point > I get lost in the magic assembler macros. I believe it will end up > returning to userspace if the signal is non-fatal, at which point it'll > go right back into the page fault handler, and mutex_lock_interruptible() > will immediately fail. So we've converted a sleeping lock into the most > expensive spinlock. > > I don't think the graphics drivers really want to be interrupted by > any signal. I think they want to be interruptible by fatal signals > and should use the mutex_lock_killable / fatal_signal_pending family of > functions. That's going to be a bit of churn, funnelling TASK_KILLABLE > / TASK_INTERRUPTIBLE all the way down into the dma-fence code. Before > anyone gets started on that, I want to be sure that my analysis is > correct, and the drivers are doing the wrong thing by using interruptible > waits in a page fault handler. So we've done some experiments for the case where the fault originated from kernel context (copy_to|from_user and friends). The fixup code seems to retry the copy once after the fault (in copy_user_handle_tail), if that fails again we get a short read/write. This might result in an -EFAULT, short read()/write() or anything else really, depending upon the syscall api. Except in some code paths in gpu drivers where we convert anything into -ERESTARTSYS/EINTR if there's a signal pending it won't ever result in the syscall getting restarted (well except maybe short read/writes if userspace bothers with that). So I guess gpu fault handlers indeed break the kernel's expectations, but then I think we're getting away with that because the inner workings of gpu memory objects is all heavily abstracted away by opengl/vulkan and friends. I guess what we could do is try to only do killable sleeps if it's a kernel fault, but that means wiring a flag through all the callchains. Not pretty. Except when there's a magic set of functions that would convert all interruptible sleeps to killable ones only for us. -Daniel -- Daniel Vetter Software Engineer, Intel Corporation http://blog.ffwll.ch