Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp3897723pxf; Mon, 29 Mar 2021 14:52:18 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxi4YYQsghXZZr5fmMTKMSHdd3eOcWIovtDuMeRyQF5ygrwpXlnxcaXmoXTPBYVbYPTDAON X-Received: by 2002:a17:907:9858:: with SMTP id jj24mr30071512ejc.212.1617054738678; Mon, 29 Mar 2021 14:52:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1617054738; cv=none; d=google.com; s=arc-20160816; b=OW3tqljCdG6o5/861YrdS4EuGpEEvWJUJIPjwVxTWxC8gh4nk7+W9L0MAoHk8yu3RW poglXpL/7DFdNXpMH80fIO1BnXoD8T2FEKN6rJqfxnb7Sy9cZb00pLtulPjUIGXGnmA3 7nfNmXC0Cvfi6IedBeRVldbw96zswHwy18D1leULROljRDX02S2LJnrHYQ0x4LKLRzKy o1o37QHQ27nsGg7dOdLG+8e7kC/SM/uzmawNpWmOk6HSwoPwYLEzsYwQNPRxQYk1EGqo m2TAj79Eb0YKkR2kSD/73LHEU5DcVaz92MWvwJJ268XaZOU+6mBr2NLj/IFzcmMjxaR2 bs8Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:to:in-reply-to:cc:references:message-id:date :subject:mime-version:from:content-transfer-encoding:dkim-signature; bh=dINV1jr3ervdCKyPzOLdFI3Vz2vitsmiwNxQTrYH5RQ=; b=yh55KbNNCTeUTOtS/ncohTEhiaSYzf0XUEnGrXBMLaDzqxTIkFGYqoaYTVXbc/AyAY GSZ7A3jzh//8c+bnbCV6iBaI7IKjopf312ArqVB30xRK1OjyJvuNiIvmO3nEwEs8+5ng zH43N9pVbUT2L4oihfdoHDqrEQcjI5adl6dWhQ7vGTsxYn3hVAo5n7SRTdNWj3T41beW kSHS0mKY3sMo7ErKNUjhPVcSyTQDEhFCKR9XORx/8Zqv5H9U20RphCK1O4RYSLTkfJap cRa/ix5VCaKq4k3yta4fsCipimcFgcXglhWgEvfmKZo/J0CdaZgEd4xY0YghX63PJzLQ HQkQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=lDSTz4TC; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b9si12746136ejg.509.2021.03.29.14.51.55; Mon, 29 Mar 2021 14:52:18 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@amacapital-net.20150623.gappssmtp.com header.s=20150623 header.b=lDSTz4TC; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230329AbhC2VrT (ORCPT + 99 others); Mon, 29 Mar 2021 17:47:19 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:55286 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229555AbhC2VrB (ORCPT ); Mon, 29 Mar 2021 17:47:01 -0400 Received: from mail-pf1-x42f.google.com (mail-pf1-x42f.google.com [IPv6:2607:f8b0:4864:20::42f]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5C27AC061574 for ; Mon, 29 Mar 2021 14:47:01 -0700 (PDT) Received: by mail-pf1-x42f.google.com with SMTP id c17so10739014pfn.6 for ; Mon, 29 Mar 2021 14:47:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=amacapital-net.20150623.gappssmtp.com; s=20150623; h=content-transfer-encoding:from:mime-version:subject:date:message-id :references:cc:in-reply-to:to; bh=dINV1jr3ervdCKyPzOLdFI3Vz2vitsmiwNxQTrYH5RQ=; b=lDSTz4TCyWcsTpXyixJ6cCMMi+DSjBFqYYBxn6ixhkR4l+vs0gWPYK0MdcjRDYZPL5 aT6zZGaXRkiKGweqGIY9EN+4NedABb4ZebJkcS/NqYwilL81qPvTNqaNGkQBMZFAcmXE WmWLAu0ngZpRcNoslP2q9n6S4+BIy2nIGDA1i16F8dQkiNklH2jSAyUSkJScxlswyyTd B0inE0heBvYLO5FbkhufA5uDx6snq+/f0+hucnLbZ6qp43pF6K96RK+SNMLs+mMf6oe1 lefco/KCRBtPXhg5GGBi4gVGp26j5Lnp1B2tWwnYJIyZGXc3H38ZFdg9PmTKkn+nDEJc 7l2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:content-transfer-encoding:from:mime-version :subject:date:message-id:references:cc:in-reply-to:to; bh=dINV1jr3ervdCKyPzOLdFI3Vz2vitsmiwNxQTrYH5RQ=; b=noysn51nA7TpU+GPhzfktT94JigvPUlmFSyOC/wXKrxQF62Eo6FvobwLsSfQrZ9+BA zO2BTGkuqcfFJT+8bIRCMmVx8JfEwotqzagOyM2m6o7+GqrsKFWU8yp0M6W/f2dIjqeu MRAguuZjpfP9VltojxCFWDBQxHLVzXbzOln7r2qZjMP3/f6q1lYamrlLtPDxVvyCxwE8 Eg18CuogEarS777gfp5/5ZP2JhRcZYV8ZQeKFxHUyVqT0pMx+fcNxKT+9G/Wh88wHZqq eHMKuHqZSVmeYGz1Jewceqo1VPc0EO/NqOCpBNjZ8nc8rd9jqCarBw0TE8rA+S0lmjBl 747g== X-Gm-Message-State: AOAM530tKPgPZ8gdX3H26XW53VGNR/7fhvFKuF0PieWtoLsVbJdaa/No 5l5Dqhy25F70fmEvrcuJ6gSx+Q== X-Received: by 2002:a63:6a84:: with SMTP id f126mr25094745pgc.352.1617054420880; Mon, 29 Mar 2021 14:47:00 -0700 (PDT) Received: from ?IPv6:2601:646:c200:1ef2:e17c:78f7:dc94:55dd? ([2601:646:c200:1ef2:e17c:78f7:dc94:55dd]) by smtp.gmail.com with ESMTPSA id a70sm17413227pfa.202.2021.03.29.14.47.00 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 29 Mar 2021 14:47:00 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable From: Andy Lutomirski Mime-Version: 1.0 (1.0) Subject: Re: I915 CI-run with kfence enabled, issues found Date: Mon, 29 Mar 2021 14:46:59 -0700 Message-Id: References: Cc: Dave Hansen , "Sarvela, Tomi P" , kasan-dev@googlegroups.com, Dave Hansen , Andy Lutomirski , Peter Zijlstra , Thomas Gleixner , Ingo Molnar , Borislav Petkov , the arch/x86 maintainers , "H. Peter Anvin" , LKML In-Reply-To: To: Marco Elver X-Mailer: iPhone Mail (18D61) Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org > On Mar 29, 2021, at 2:34 PM, Marco Elver wrote: >=20 > =EF=BB=BFOn Mon, 29 Mar 2021 at 23:03, Dave Hansen = wrote: >>> On 3/29/21 10:45 AM, Marco Elver wrote: >>>> On Mon, 29 Mar 2021 at 19:32, Dave Hansen wrote= : >>> Doing it to all CPUs is too expensive, and we can tolerate this being >>> approximate (nothing bad will happen, KFENCE might just miss a bug and >>> that's ok). >> ... >>>> BTW, the preempt checks in flush_tlb_one_kernel() are dependent on KPTI= >>>> being enabled. That's probably why you don't see this everywhere. We >>>> should probably have unconditional preempt checks in there. >>>=20 >>> In which case I'll add a preempt_disable/enable() pair to >>> kfence_protect_page() in arch/x86/include/asm/kfence.h. >>=20 >> That sounds sane to me. I'd just plead that the special situation (not >> needing deterministic TLB flushes) is obvious. We don't want any folks >> copying this code. >>=20 >> BTW, I know you want to avoid the cost of IPIs, but have you considered >> any other low-cost ways to get quicker TLB flushes? For instance, you >> could loop over all CPUs and set cpu_tlbstate.invalidate_other=3D1. That= >> would induce a context switch at the next context switch without needing >> an IPI. >=20 > This is interesting. And it seems like it would work well for our > usecase. Ideally we should only flush entries related to the page we > changed. But it seems invalidate_other would flush the entire TLB. >=20 > With PTI, flush_tlb_one_kernel() already does that for the current > CPU, but now we'd flush entire TLBs for all CPUs and even if PTI is > off. >=20 > Do you have an intuition for how much this would affect large > multi-socket systems? I currently can't quite say, and would err on > the side of caution. Flushing the kernel TLB for all addresses Is rather pricy. ISTR 600 cycles on Skylake, not to mention the cost of losi= ng the TLB. How common is this? >=20 > Thanks, > -- Marco