Received: by 2002:a05:6a10:5bc5:0:0:0:0 with SMTP id os5csp28523pxb; Wed, 20 Oct 2021 15:46:11 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwIlANDCUf4zzly36yiwIahKI+uAhuqNw3e4uC+Dmg8zbyCC2C1WzOIAAQzCtpwfpEn3cXq X-Received: by 2002:a05:6a00:b95:b0:44c:7c8b:f762 with SMTP id g21-20020a056a000b9500b0044c7c8bf762mr1596118pfj.60.1634769970848; Wed, 20 Oct 2021 15:46:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1634769970; cv=none; d=google.com; s=arc-20160816; b=ITjZ8yqAzdN3sijy412EsN3GoSa7wwJByUEWSZDHK7Zo6YBQ0rXfyumRxcaPb2qpZ4 q37qLiWfI1taBncUUaoqQrQ1/xDzdtgBZqApGjXTVqxdPXTTE93/wmCBKXkFCI0hlUpm hK6Dp/BLfmkgJQ0fC9lAyfLhEtg/PfqTLBcOxwdAUOPUOwDUM4V+75d+c6IuKEnUR/kW DsV3AOf1lPUgg0fT9RPigWPRsSdAZed6Mqj70OSTLM1AIqw6ErbWiPU6ljcf177SPnSp EzNIfR01d5T8tGIe9p4+QJlEz7NMgkMIF6z+Th+Ef5102h39gropw+I5tUZbU2XuqQ99 czoQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=cbo1IZIsGTb7FaN4dcfV3vYYBWiluYAXZ5RlxqnK+h4=; b=d0fijtAXrO56D43gFcYpunMWM6wpDzScMN5Q3Ufn7AnE3iqUhrv/l1gj8dEiKUtBqJ +dtijCGEi2lMY7I6PKT1eUnPasDepYXFfVZMu1l1D6CFTYRj1m+4hf8KsUtRszaXwGJF 9PjfZXg9bXfCeNj8iDv7ww9MwXqzkrnCq3fdkquuQ+bYLEGGoNVOZAsGJja/IyT+QcAs 56OYO+qRZRD7wt+92m/nCvXOLxNzFrzxKZatAulZEz7SJizbEwbEo/mKXnHcXVv05Bn3 aZclmGnHjeelGmXyDECP6Cmo5oCbQE4laCoLzr2JdFANC6B/An6IFM9nOUtIhqnUnkLX jrfg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h9si4934976pgs.569.2021.10.20.15.45.57; Wed, 20 Oct 2021 15:46:10 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231183AbhJTWqg (ORCPT + 99 others); Wed, 20 Oct 2021 18:46:36 -0400 Received: from mail.kernel.org ([198.145.29.99]:39478 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229771AbhJTWqf (ORCPT ); Wed, 20 Oct 2021 18:46:35 -0400 Received: by mail.kernel.org (Postfix) with ESMTPSA id 5CBE26115B; Wed, 20 Oct 2021 22:44:18 +0000 (UTC) Date: Wed, 20 Oct 2021 23:44:15 +0100 From: Catalin Marinas To: Linus Torvalds Cc: Andreas Gruenbacher , Paul Mackerras , Alexander Viro , Christoph Hellwig , "Darrick J. Wong" , Jan Kara , Matthew Wilcox , cluster-devel , linux-fsdevel , Linux Kernel Mailing List , ocfs2-devel@oss.oracle.com, kvm-ppc@vger.kernel.org, linux-btrfs Subject: Re: [PATCH v8 00/17] gfs2: Fix mmap + page fault deadlocks Message-ID: References: <20211019134204.3382645-1-agruenba@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Oct 20, 2021 at 10:11:19AM -1000, Linus Torvalds wrote: > On Wed, Oct 20, 2021 at 6:37 AM Catalin Marinas wrote: > > The atomic "add zero" trick isn't that simple for MTE since the arm64 > > atomic or exclusive instructions run with kernel privileges and > > therefore with the kernel tag checking mode. > > Are there any instructions that are useful for "probe_user_write()" > kind of thing? If it's on a user address, the only single-instruction that works with MTE is STTR (as in put_user()) but that's destructive. Other "add zero" constructs require some potentially expensive system register accesses just to set the tag checking mode of the current task. A probe_user_write() on the kernel linear address involves reading the tag from memory and comparing it with the tag in the user pointer. In addition, it needs to take into account the current task's tag checking mode and the vma vm_flags. We should have most of the information in the gup code. > Although at least for MTE, I think the solution was to do a regular > read, and that checks the tag, and then we could use the gup machinery > for the writability checks. Yes, for MTE this should work. For CHERI I think an "add zero" would do the trick (it should have atomics that work on capabilities directly). However, with MTE doing both get_user() every 16 bytes and gup can get pretty expensive. The problematic code is fault_in_safe_writable() in this series. I can give this 16-byte probing in gup a try (on top of -next) but IMHO we unnecessarily overload the fault_in_*() logic with something the kernel cannot fix up. The only reason we do it is so that we get an error code and bail out of a loop but the uaccess routines could be extended to report the fault type instead. It looks like we pretty much duplicate the uaccess in the fault_in_*() functions (four accesses per cache line). -- Catalin