Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp4942304imm;
        Tue, 21 Aug 2018 03:47:19 -0700 (PDT)
X-Google-Smtp-Source: ANB0VdZD5jR0ybjLf5CcBt4OW1F3Qvy85oLVzfCq/aidklNFdYdOWb5Jul8lyPXNwLoesB9Ydk6r
X-Received: by 2002:a62:f554:: with SMTP id n81-v6mr1166994pfh.21.1534848439678;
        Tue, 21 Aug 2018 03:47:19 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1534848439; cv=none;
        d=google.com; s=arc-20160816;
        b=Be+5h2rV0hFLZCtQJI9gQh29j/XQ1ofIGYo46cL/XCTxLmS5vIc47++dDI1aMoNldE
         naYv8b94IZHMkcEgu2WxZDO+Zsm9ZKAIlm+BvcDZA/+Bfntls+l4p9tLLxaUrs4Xaa83
         zNjNv7l2Ix2bNawtQTZ/zAvIgoq3b2E3Rwjp1ZfNSZbmCMoTaYNaES0eClHSrTFOWGy/
         wTnU31rpn97byRlREY4VBUpHkox0mX/i0C0CwdMV1qic1HApyISgnIfhgE8M3jKnTes9
         /z/ejIh97jbsSj8IyjfB1eVfa0tAZ8gWGLiejCA2d4Wd1OR6IMLHygfmMUrLkXLcMsDC
         rhpw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:references:in-reply-to:message-id:date
         :subject:cc:to:from:arc-authentication-results;
        bh=nnfVyljX6cxkryibLmAWL2uYypuiCLeIZVe8KdBz6Ns=;
        b=wcnS1+cXp6CUGaqdX8VocgLdZi7Fncdg4nXXVBymqNdpmvWoldXkf84IaQYU3LQrCg
         17INKPW5+6YfbFHMRi4RWvCPRHGvPjh0aCg1vpcOLRlHYQnto2LAzQx+uooLvEFjssow
         NwstdvQbUVafu4312waqp3n4nqJS6zs9yiv3/6dIQfahMe1HRkfJI+pHo9ziNpUIX/17
         fvhCVWNQ+iauzg28ehK9GsKY9/1454oSjukMOxy1ZALC6gc28EBZqDf4gE7zGc3DVhG2
         IsBTpzxGwZ3nIqiluowm5vSmqhJjrHtlgHWqnGkfnKSvML+IQufwVxr35yV3c8WDNX4E
         qh1g==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id d13-v6si2148773pll.337.2018.08.21.03.47.01;
        Tue, 21 Aug 2018 03:47:19 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1727433AbeHUOEe (ORCPT <rfc822;gklkml16@gmail.com> + 99 others);
        Tue, 21 Aug 2018 10:04:34 -0400
Received: from mx3-rdu2.redhat.com ([66.187.233.73]:34220 "EHLO mx1.redhat.com"
        rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP
        id S1727367AbeHUOEd (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 21 Aug 2018 10:04:33 -0400
Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5])
        (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
        (No client certificate requested)
        by mx1.redhat.com (Postfix) with ESMTPS id CC6F240216FA;
        Tue, 21 Aug 2018 10:44:53 +0000 (UTC)
Received: from t460s.redhat.com (ovpn-117-96.ams2.redhat.com [10.36.117.96])
        by smtp.corp.redhat.com (Postfix) with ESMTP id 0B41E7D4C9;
        Tue, 21 Aug 2018 10:44:51 +0000 (UTC)
From:   David Hildenbrand <david@redhat.com>
To:     linux-mm@kvack.org
Cc:     linux-kernel@vger.kernel.org, linux-doc@vger.kernel.org,
        linuxppc-dev@lists.ozlabs.org, linux-acpi@vger.kernel.org,
        xen-devel@lists.xenproject.org, devel@linuxdriverproject.org,
        David Hildenbrand <david@redhat.com>,
        Jonathan Corbet <corbet@lwn.net>,
        Michal Hocko <mhocko@suse.com>,
        Andrew Morton <akpm@linux-foundation.org>
Subject: [PATCH RFCv2 6/6] memory-hotplug.txt: Add some details about locking internals
Date:   Tue, 21 Aug 2018 12:44:18 +0200
Message-Id: <20180821104418.12710-7-david@redhat.com>
In-Reply-To: <20180821104418.12710-1-david@redhat.com>
References: <20180821104418.12710-1-david@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.11.54.5
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Tue, 21 Aug 2018 10:44:53 +0000 (UTC)
X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Tue, 21 Aug 2018 10:44:53 +0000 (UTC) for IP:'10.11.54.5' DOMAIN:'int-mx05.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'david@redhat.com' RCPT:''
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Let's document the magic a bit, especially why device_hotplug_lock is
required when adding/removing memory and how it all play together with
requests to online/offline memory from user space.

Cc: Jonathan Corbet <corbet@lwn.net>
Cc: Michal Hocko <mhocko@suse.com>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: David Hildenbrand <david@redhat.com>
---
 Documentation/memory-hotplug.txt | 39 +++++++++++++++++++++++++++++++-
 1 file changed, 38 insertions(+), 1 deletion(-)

diff --git a/Documentation/memory-hotplug.txt b/Documentation/memory-hotplug.txt
index 7f49ebf3ddb2..03aaad7d7373 100644
--- a/Documentation/memory-hotplug.txt
+++ b/Documentation/memory-hotplug.txt
@@ -3,7 +3,7 @@ Memory Hotplug
 ==============
 
 :Created:							Jul 28 2007
-:Updated: Add description of notifier of memory hotplug:	Oct 11 2007
+:Updated: Add some details about locking internals:		Aug 20 2018
 
 This document is about memory hotplug including how-to-use and current status.
 Because Memory Hotplug is still under development, contents of this text will
@@ -495,6 +495,43 @@ further processing of the notification queue.
 
 NOTIFY_STOP stops further processing of the notification queue.
 
+
+Locking Internals
+=================
+
+When adding/removing memory that uses memory block devices (i.e. ordinary RAM),
+the device_hotplug_lock should be held to:
+
+- synchronize against online/offline requests (e.g. via sysfs). This way, memory
+  block devices can only be accessed (.online/.state attributes) by user
+  space once memory has been fully added. And when removing memory, we
+  know nobody is in critical sections.
+- synchronize against CPU hotplug and similar (e.g. relevant for ACPI and PPC)
+
+Especially, there is a possible lock inversion that is avoided using
+device_hotplug_lock when adding memory and user space tries to online that
+memory faster than expected:
+
+- device_online() will first take the device_lock(), followed by
+  mem_hotplug_lock
+- add_memory_resource() will first take the mem_hotplug_lock, followed by
+  the device_lock() (while creating the devices, during bus_add_device()).
+
+As the device is visible to user space before taking the device_lock(), this
+can result in a lock inversion.
+
+onlining/offlining of memory should be done via device_online()/
+device_offline() - to make sure it is properly synchronized to actions
+via sysfs. Holding device_hotplug_lock is advised (to e.g. protect online_type)
+
+When adding/removing/onlining/offlining memory or adding/removing
+heterogeneous/device memory, we should always hold the mem_hotplug_lock to
+serialise memory hotplug (e.g. access to global/zone variables).
+
+In addition, mem_hotplug_lock (in contrast to device_hotplug_lock) allows
+for a quite efficient get_online_mems/put_online_mems implementation.
+
+
 Future Work
 ===========
 
-- 
2.17.1