Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp903105pxu; Wed, 6 Jan 2021 07:24:25 -0800 (PST) X-Google-Smtp-Source: ABdhPJwmKP314engFrX6cMnL9nm+P4XddlbLjjtrWU6sCppEOd+raATpD+xKdOElQloc7/EDCx7g X-Received: by 2002:a17:906:b7d6:: with SMTP id fy22mr3202935ejb.219.1609946665468; Wed, 06 Jan 2021 07:24:25 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1609946665; cv=none; d=google.com; s=arc-20160816; b=xwj4VNxN4wyQpwyTceT5Cj33UStRFeDpM2szqqTa7UHH7PRnRPX8qG8IMgozeJYMab u4+30Mj+0tRLsEdhCKz3EGnwo8Z13Roanb498vXnsSkVZjKUiqQZ3/XAqWo7JhdGanOf G4wRfAgpEEk2LawMHvWJ4IdlsauFKrImKnQXFY7yOJv/SNv0rPEQycYVspxrU+UriOxB bwbko7PlR5VRaxgs0SX2W6F9ABI8EnrqepPssbbUHkHP3ByXhppIr3leljy9En9DkVfh JrsszfnekHDeWR3uZle57pB0VikZcoNMAsB7RsuwzxEcNGZLZL8ckd5zUVhIjmy9lPk+ JDag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :mime-version:user-agent:date:message-id:subject:from:cc:to :dkim-signature; bh=u9BfJw9bwODVGWCy/LjRuDollmtVrULB9sLGdsTMFog=; b=BIFmMNx2eMXIreiATIg5GT+51tS8s9E9uZ2WcRsycADfMgu1lE1xFddrDsn6quNPK+ fy9vn199h+LUKqf3AW2B51xgybIqxjxo2aRHL1KPvquufM8xb9pAXfL4JSwkq/D07Q9c EMHIl//f/5xYPzCvgWXseRg75EcmcN0cpppB4FCruTq0InVx3TsSLbXUVEyCdMlXHBP2 QHGffs0Fr+avz2jY0HJVLXo3CNK+n/PuDwt5ZMh4/9bk8kD3QblT6UTS8hK3b9KfAIyX a2oVqJD02weo3PxLnbN/ojwlqDLwjRR3sebW5zJgh361zofpr9aAu8hbFXKsKiWEIoNO WxyA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=iSKYKqg3; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id m22si1087005edr.514.2021.01.06.07.24.00; Wed, 06 Jan 2021 07:24:25 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b=iSKYKqg3; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726511AbhAFPU6 (ORCPT + 99 others); Wed, 6 Jan 2021 10:20:58 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36874 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726390AbhAFPU6 (ORCPT ); Wed, 6 Jan 2021 10:20:58 -0500 Received: from mail-wr1-x435.google.com (mail-wr1-x435.google.com [IPv6:2a00:1450:4864:20::435]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E109BC06134C for ; Wed, 6 Jan 2021 07:20:17 -0800 (PST) Received: by mail-wr1-x435.google.com with SMTP id q18so2792607wrn.1 for ; Wed, 06 Jan 2021 07:20:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=to:cc:from:subject:message-id:date:user-agent:mime-version :content-language:content-transfer-encoding; bh=u9BfJw9bwODVGWCy/LjRuDollmtVrULB9sLGdsTMFog=; b=iSKYKqg3EPV9zohrHs4gWOkHtNCORtYsqfgfDl5RhqX/1KKvbLxhUa4ZdE4RfD0s0L A9HXrWQI6CgTBpGzMsV86U3ZM8Y++2zDRI0oUO1C+1OxixGQGryf8xjndjwK8dmRai15 9LPjyH3wdpiXGWCg959H5TZ85pV/nhyigUgExw/UhLSc7AgWJ1g/3yCht7Bh+D3ZzIr0 ClW3+EJ6XQwb55bEIEgNjTLXV8ySl0vKkUIjnokEtiFrORX6jOlQFzhgbV+N3u6hDdxV OvVpGMdLww8P5heIjJqoP+m30hOEOfdGQD8ObIgR2rdjvuKmIay6k7Le5JAfKh9aJpt3 942g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:cc:from:subject:message-id:date:user-agent :mime-version:content-language:content-transfer-encoding; bh=u9BfJw9bwODVGWCy/LjRuDollmtVrULB9sLGdsTMFog=; b=j+iEIwEg4R9Nl28NuEt0K3mSMHcxb+WqnECJD0nMwwr7uK9gAzY2KEszH0Gcaxd+2o hbUq2ZlW4qL/3XqNK25t4/cjbdshGuVablF2wiZeWjXZ4cMVc7b5rpnA75UA9zC9xSaq 2SzhFov6bQMKvxEqwFcfPlvEO1Xd3PXGaNo5H3WUPy6QLbQsDdgwhy3WVLggMOlJSesk NVs/MGomb9EbOqFbKDgDxBhoamaImMOACxm3Blo+gGRv/OkMGXO3K5tx+iymFiGPufTM 3WyLjBuXq4fKYJtw/0kPZ1M+vhXdkp3Rd+EhHR655xgbE7HKTf+fbLhcpLym5tqD+34p YTSw== X-Gm-Message-State: AOAM532C98itDJMOi70Miklk71M60EkPJylx/W5FidYQ5LioxnlqHR6P XEWg48kUL6ys0HuoMNxgKAOP2XAZv7Q= X-Received: by 2002:a5d:5105:: with SMTP id s5mr4609164wrt.136.1609946416649; Wed, 06 Jan 2021 07:20:16 -0800 (PST) Received: from [192.168.2.27] (39.35.broadband4.iol.cz. [85.71.35.39]) by smtp.gmail.com with ESMTPSA id 138sm3673962wma.41.2021.01.06.07.20.15 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 06 Jan 2021 07:20:16 -0800 (PST) To: linux-mm@kvack.org Cc: Linux Kernel Mailing List , Mikulas Patocka From: Milan Broz Subject: Very slow unlockall() Message-ID: <70885d37-62b7-748b-29df-9e94f3291736@gmail.com> Date: Wed, 6 Jan 2021 16:20:15 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.6.0 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, we use mlockall(MCL_CURRENT | MCL_FUTURE) / munlockall() in cryptsetup code and someone tried to use it with hardened memory allocator library. Execution time was increased to extreme (minutes) and as we found, the problem is in munlockall(). Here is a plain reproducer for the core without any external code - it takes unlocking on Fedora rawhide kernel more than 30 seconds! I can reproduce it on 5.10 kernels and Linus' git. The reproducer below tries to mmap large amount memory with PROT_NONE (later never used). The real code of course does something more useful but the problem is the same. #include #include #include #include int main (int argc, char *argv[]) { void *p = mmap(NULL, 1UL << 41, PROT_NONE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); if (p == MAP_FAILED) return 1; if (mlockall(MCL_CURRENT | MCL_FUTURE)) return 1; printf("locked\n"); if (munlockall()) return 1; printf("unlocked\n"); return 0; } In traceback I see that time is spent in munlock_vma_pages_range. [ 2962.006813] Call Trace: [ 2962.006814] ? munlock_vma_pages_range+0xe7/0x4b0 [ 2962.006814] ? vma_merge+0xf3/0x3c0 [ 2962.006815] ? mlock_fixup+0x111/0x190 [ 2962.006815] ? apply_mlockall_flags+0xa7/0x110 [ 2962.006816] ? __do_sys_munlockall+0x2e/0x60 [ 2962.006816] ? do_syscall_64+0x33/0x40 ... Or with perf, I see # Overhead Command Shared Object Symbol # ........ ....... ................. ..................................... # 48.18% lock [kernel.kallsyms] [k] lock_is_held_type 11.67% lock [kernel.kallsyms] [k] ___might_sleep 10.65% lock [kernel.kallsyms] [k] follow_page_mask 9.17% lock [kernel.kallsyms] [k] debug_lockdep_rcu_enabled 6.73% lock [kernel.kallsyms] [k] munlock_vma_pages_range ... Could please anyone check what's wrong here with the memory locking code? Running it on my notebook I can effectively DoS the system :) Original report is https://gitlab.com/cryptsetup/cryptsetup/-/issues/617 but this is apparently a kernel issue, just amplified by usage of munlockall(). Thanks, Milan