Received: by 2002:a05:6a10:9848:0:0:0:0 with SMTP id x8csp354592pxf; Thu, 8 Apr 2021 04:43:02 -0700 (PDT) X-Google-Smtp-Source: ABdhPJz2q3dxKGN8XBSnpEtnorTluKLFienzWpMMoUQBSAd2jDSoiG3aoMoyuFsogUgWoE5Kt5xM X-Received: by 2002:a17:907:2069:: with SMTP id qp9mr10022959ejb.175.1617882181956; Thu, 08 Apr 2021 04:43:01 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1617882181; cv=none; d=google.com; s=arc-20160816; b=q+lQabHx5c1d1hMauqwep1hX8vobCWFtwQ5esMH3XFNGIFO75qNpC1Vvvk1sRT35sv Qvr+k5cHPU6P6qpLhecUB5C8oXW4JzFL6qKvu31epHyYYEMqqQ/R/OFPwLl0QJ35crkM OVDCM/IIoKNq9W2z9OBea4kYciRUrFaQu4a1V3orUdr5zF+4t+A4JfLLwfTwExHP71lb xQGj1cs+DpFLt70MEN+5YuD66/vgrvotgrC+OJ+tDG1aOdjRgk6GCBD/BCHY8H/X1H3h YhqNFPbWBWDIXRjv/qQ8iqbWBw8k1xV1OYAf2tVYjIN9ag2Tcjzk88q50Smv6IT1oWdT H/wQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:subject:from :references:to:dkim-signature; bh=s9XSwEEi1zJXTpbPUBOMu9HhV0dFlRjs6EwHYbE6+e4=; b=vfaOVNC7wQUHo4o29kWnu0O4RQmJhqfJ5WDf22yU+fo3d9BM45f+61j3hGPKuHHWfR cqVNJXnZZ/R10SOCkLSXQA/4pjH6iqqfANvBnaBxqX0ah5qy544xNzuuWha+fUIg7C3P WdXrV37FTzOSPHuuMyfQgSM2DIFAXnDlDMJ7vxrANOM8uByVzjlHR0eROeT8KbMu8exm TbxpFiAAJHPS+2cy4yX/0QMXFcQiuYTwoJd+YFwYLNYj+GqOWeR6LKyNRenjgQH0AHbE JYtSQL+oqCRW7NTyJjEk4Km4rXYRJWUWwoAhe8JbNuYPX/hBZ+tfXX+ppSm6aYplnXzT GQ1g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=UGQeJKMs; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id dp16si10950632ejc.170.2021.04.08.04.42.38; Thu, 08 Apr 2021 04:43:01 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=UGQeJKMs; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229921AbhDHLlU (ORCPT + 99 others); Thu, 8 Apr 2021 07:41:20 -0400 Received: from us-smtp-delivery-124.mimecast.com ([63.128.21.124]:57065 "EHLO us-smtp-delivery-124.mimecast.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231341AbhDHLlT (ORCPT ); Thu, 8 Apr 2021 07:41:19 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1617882068; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=s9XSwEEi1zJXTpbPUBOMu9HhV0dFlRjs6EwHYbE6+e4=; b=UGQeJKMsI6sVo/j8EdVBKlfNDxJ0MtgonPs4JE9o0imPQrFC++vpAksyx/5fODikUmHDd4 2gQ0EtVtk0uYD00dlqT3W2amSdQ42uWYLDiC7kzRAmclQ18PCBE0pqxnhMsq+N871+HJ18 BLktZ6z8Oa6T4rtfWFg9ni3Jla7U6Qw= Received: from mail-ej1-f72.google.com (mail-ej1-f72.google.com [209.85.218.72]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-506-43aYF8UWPWSBl4bbMFHnGw-1; Thu, 08 Apr 2021 07:41:01 -0400 X-MC-Unique: 43aYF8UWPWSBl4bbMFHnGw-1 Received: by mail-ej1-f72.google.com with SMTP id de56so712429ejc.16 for ; Thu, 08 Apr 2021 04:41:01 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:references:from:subject:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=s9XSwEEi1zJXTpbPUBOMu9HhV0dFlRjs6EwHYbE6+e4=; b=Mncr07M2jcRMPR+SE+MfN2sMN8V1MKzu7FaW8hZ1CeC8Lk7lI56xPbxt/uoTTiICHz BM2Q2hlNYJMQKAILAeSma7xkyvC03ZjEkC9N4KS/xM4n+jWa9JmyHd2dGRACiBjIY285 S7PD6qvKoRP164ybDPSNMxOe+NssLmJqWJpHHFj9vZNT1QiigIk/jYa/D68CPH1jLp4O HVUvT+b6mOouDAKDfA2g//pOkrsZS1fjo4YXW4XK7Yr0avYcjIGpVJITHmbHgzM5aU5G BGFkOf3S5yd+GJNd+7yTTYynGB54vzol0Q7EySOWfrCQc4fGxhqP1PD/r0/+JXLqp4M9 646A== X-Gm-Message-State: AOAM531zEazBw3GOtjgFF5IAjI/Ld/yWkLmde4pJnqSceb1KpB3hosZU SSS/WdWwVrKC6H+OZMgArsa7/z2t9B3zrg6c90avD8DUcpn5LO8sm+671KZdxXs2pvkj55R7G+Y 9kRnQIsjHM17CMQxqmlgSEiuD X-Received: by 2002:aa7:cf90:: with SMTP id z16mr10682029edx.273.1617882060784; Thu, 08 Apr 2021 04:41:00 -0700 (PDT) X-Received: by 2002:aa7:cf90:: with SMTP id z16mr10682002edx.273.1617882060615; Thu, 08 Apr 2021 04:41:00 -0700 (PDT) Received: from ?IPv6:2001:b07:6468:f312:c8dd:75d4:99ab:290a? ([2001:b07:6468:f312:c8dd:75d4:99ab:290a]) by smtp.gmail.com with ESMTPSA id t1sm4680038eds.53.2021.04.08.04.40.59 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 08 Apr 2021 04:41:00 -0700 (PDT) To: Jason Gunthorpe , DRI Development , LKML , kvm@vger.kernel.org, linux-mm@kvack.org, linux-arm-kernel@lists.infradead.org, linux-samsung-soc@vger.kernel.org, linux-media@vger.kernel.org, 3pvd@google.com, Jann Horn , Cornelia Huck , Peter Xu , Alex Williamson , Daniel Vetter References: <20210316153303.3216674-1-daniel.vetter@ffwll.ch> <20210316153303.3216674-4-daniel.vetter@ffwll.ch> <20210329133101.GA1168973@nvidia.com> From: Paolo Bonzini Subject: Re: [PATCH 3/3] mm: unexport follow_pfn Message-ID: <5f956a46-da38-e72a-edaa-3b746a275f1e@redhat.com> Date: Thu, 8 Apr 2021 13:40:59 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 08/04/21 12:05, Daniel Vetter wrote: > On Mon, Mar 29, 2021 at 10:31:01AM -0300, Jason Gunthorpe wrote: >> On Tue, Mar 16, 2021 at 04:33:03PM +0100, Daniel Vetter wrote: >>> Both kvm (in bd2fae8da794 ("KVM: do not assume PTE is writable after >>> follow_pfn")) and vfio (in 07956b6269d3 ("vfio/type1: Use >>> follow_pte()")) have lost their callsites of follow_pfn(). All the >>> other ones have been switched over to unsafe_follow_pfn because they >>> cannot be fixed without breaking userspace api. >>> >>> Argueably the vfio code is still racy, but that's kinda a bigger >> >> vfio and kvm > > Hm I thought kvm is non-racy due to the mmu notifier catch races? No, but the plan is indeed to have some struct for each page that uses follow_pfn and update it from the MMU notifiers. Paolo >> >>> picture. But since it does leak the pte beyond where it drops the pt >>> lock, without anything else like an mmu notifier guaranteeing >>> coherence, the problem is at least clearly visible in the vfio code. >>> So good enough with me. >>> >>> I've decided to keep the explanation that after dropping the pt lock >>> you must have an mmu notifier if you keep using the pte somehow by >>> adjusting it and moving it into the kerneldoc for the new follow_pte() >>> function. >>> >>> Cc: 3pvd@google.com >>> Cc: Jann Horn >>> Cc: Paolo Bonzini >>> Cc: Jason Gunthorpe >>> Cc: Cornelia Huck >>> Cc: Peter Xu >>> Cc: Alex Williamson >>> Cc: linux-mm@kvack.org >>> Cc: linux-arm-kernel@lists.infradead.org >>> Cc: linux-samsung-soc@vger.kernel.org >>> Cc: linux-media@vger.kernel.org >>> Cc: kvm@vger.kernel.org >>> Signed-off-by: Daniel Vetter >>> --- >>> include/linux/mm.h | 2 -- >>> mm/memory.c | 26 +++++--------------------- >>> mm/nommu.c | 13 +------------ >>> 3 files changed, 6 insertions(+), 35 deletions(-) >> >> Reviewed-by: Jason Gunthorpe > > Thanks for your r-b tags, I'll add them. > -Daniel > >> >> Jason >