Received: by 2002:a05:6358:d09b:b0:dc:cd0c:909e with SMTP id jc27csp6129242rwb; Mon, 5 Dec 2022 08:18:37 -0800 (PST) X-Google-Smtp-Source: AA0mqf4060+mANHo3Vvu5n8c54cELrKmR67fzOjmz48THFfzy72S+OdjBous/UDAVN7CrCvBGoAW X-Received: by 2002:a17:902:bd42:b0:188:ca57:8945 with SMTP id b2-20020a170902bd4200b00188ca578945mr66672792plx.116.1670257117564; Mon, 05 Dec 2022 08:18:37 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1670257117; cv=none; d=google.com; s=arc-20160816; b=eev+LPNsM1edbbd3QCoQYtpzPpBjwG+1R3++/9izlWck+mCuEyb6R/GiWTyzII/N9V lsyUXLa794QpXkP0VRd9+aGNyp/ypJB1FyjwLtKveBtmwXWucl9pUgTc8nUTU/6dyt3F hRPIHCSdhAlfmKImxfX9p4H4YI9IvvJpD4iNSj++tbEzceBKax66iaIBxkhQ307lATjK 54/690iXTfMX0QVnxmft352945pFmYlhNKuR8jJar8kmjMVzJRnwmN/5G0URWIQ4mzfc v98xM8yA4KaKQK0wX2Q3lr6rSs2GfRKSey1oB+R4FCQIbG3oQBlDMEukzOHb41BfBd/D 8NcA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:subject :organization:from:references:cc:to:content-language:user-agent :mime-version:date:message-id:dkim-signature; bh=O4DnLiVd7TqHoYp1fGwa2EmHtbH0Mt+vbsAU9CAo3Kg=; b=paJRM0sm9N5tBkcDBo/TXYVEAkeIyOB3G/GKeV7wCurheJtTudmG74QoK8uJwM8A2y yVAUpOkOxEGX8uOYUc56YuuVN1K2wcUVu9q9rKWkMHJaK4P+uhXcbM7s1DahhFtlsWoF +n0ZcyOjpGnDOhjWrfrobf4e7Ngd0vDfyo25urqPYxjdDN0kp763zRt4s1DF3NIX2u6h SSPkETHeyRimkquERnrYqYJp+PxQIp0V3waRVojZPouNv2BPZ7dRiS2VRxe9dsiSfwFu f0S7PdJY1wwXb+G1SHavVQkRsxtY0HY7R7Z9W/PFpZXF9E5Ks22EenN2b8vm1Xgzj0HV 3jZA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=FEWftpJq; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id f11-20020a65550b000000b0043cb43f584fsi14485056pgr.482.2022.12.05.08.18.22; Mon, 05 Dec 2022 08:18:37 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=FEWftpJq; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232024AbiLEPkv (ORCPT + 81 others); Mon, 5 Dec 2022 10:40:51 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:48014 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230377AbiLEPkt (ORCPT ); Mon, 5 Dec 2022 10:40:49 -0500 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 8D90C2D3 for ; Mon, 5 Dec 2022 07:39:51 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1670254790; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=O4DnLiVd7TqHoYp1fGwa2EmHtbH0Mt+vbsAU9CAo3Kg=; b=FEWftpJqlsZ+xuMK3q2+ypIen5AMXulabs1YSc9XoAbqDPzy4eK0riKYFTIpG08kLj7jUW Jfc0Npf1TK0b5pngm7/Cg7agPeDNKVnpPYDHgf43uP7dVXiPQ5mctaFemlySI5lD9PqWme Vp2XcFHQT7maIn/qactdxrMrbuIKa5A= Received: from mail-wm1-f69.google.com (mail-wm1-f69.google.com [209.85.128.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_128_GCM_SHA256) id us-mta-380-qYWjIfF0MDCBOckmTu1FGg-1; Mon, 05 Dec 2022 10:39:49 -0500 X-MC-Unique: qYWjIfF0MDCBOckmTu1FGg-1 Received: by mail-wm1-f69.google.com with SMTP id 8-20020a05600c228800b003d0376e42deso4551731wmf.4 for ; Mon, 05 Dec 2022 07:39:48 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:in-reply-to:subject:organization:from :references:cc:to:content-language:user-agent:mime-version:date :message-id:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=O4DnLiVd7TqHoYp1fGwa2EmHtbH0Mt+vbsAU9CAo3Kg=; b=yhMl0CHazoemJXANlVKQs8D8dcfUWSUaiUDe/oIAuKt+bFVBvijugNR3nbUewouVbL d7nIN2w1Yj+hi6OynH6dV6xMjYYAFD4EAAx6OSn4+11S16daoNXlRiGuNm/J4dKDVoYF gVLlibs1qylENiQuFUIEoAJcnJUis/0pjohq81Yeij5i6ICAeXL0RzJ429/jE5lynipd TqbMaABx2vY6On/HuFYEjinDCQtHWAboKZghaQsYDek8uQZhdMMxYcupZNDG6jMDLqdO Fp3yjyoqnrbXdJI19ggl5hHaYRVMNNRtSTUKBjPFKcbFDECp3wVO3JCOWkY4IORkwOJW hQtA== X-Gm-Message-State: ANoB5plGrPOh58gXhSzXPWJzmXK2zPaaeQswAZMuPWYQzy6B6+B5AtNV lGuem2q34ujcVtVVNkft9xxLwwM/oJmgwj5i+U1ogwtoM5tK4lnuzSvqg/4XU4tGrioNAMUB4Gd WXfbJAI4IhJhW5KWRxdw3u60E X-Received: by 2002:adf:f54e:0:b0:242:1534:7b57 with SMTP id j14-20020adff54e000000b0024215347b57mr23767613wrp.404.1670254787288; Mon, 05 Dec 2022 07:39:47 -0800 (PST) X-Received: by 2002:adf:f54e:0:b0:242:1534:7b57 with SMTP id j14-20020adff54e000000b0024215347b57mr23767580wrp.404.1670254786889; Mon, 05 Dec 2022 07:39:46 -0800 (PST) Received: from ?IPV6:2003:cb:c701:fe00:a7c9:b0d6:909d:124a? (p200300cbc701fe00a7c9b0d6909d124a.dip0.t-ipconnect.de. [2003:cb:c701:fe00:a7c9:b0d6:909d:124a]) by smtp.gmail.com with ESMTPSA id j11-20020a05600c190b00b003b47e75b401sm24728909wmq.37.2022.12.05.07.39.45 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 05 Dec 2022 07:39:46 -0800 (PST) Message-ID: Date: Mon, 5 Dec 2022 16:39:44 +0100 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.5.0 Content-Language: en-US To: Muhammad Usama Anjum , Peter Xu , Cyrill Gorcunov Cc: Suren Baghdasaryan , Greg KH , Christian Brauner , Yang Shi , Vlastimil Babka , Zach O'Keefe , "Matthew Wilcox (Oracle)" , "Gustavo A. R. Silva" , Dan Williams , kernel@collabora.com, Gabriel Krisman Bertazi , Peter Enderborg , "open list : KERNEL SELFTEST FRAMEWORK" , Shuah Khan , open list , "open list : PROC FILESYSTEM" , "open list : MEMORY MANAGEMENT" , =?UTF-8?B?TWljaGHFgiBNaXJvc8WCYXc=?= , Andrei Vagin , Danylo Mocherniuk , Alexander Viro , Andrew Morton , Paul Gofman References: <20221109102303.851281-1-usama.anjum@collabora.com> <9c167d01-ef09-ec4e-b4a1-2fff62bf01fe@redhat.com> <6fdce544-8d4f-8b3c-9208-735769a9e624@collabora.com> <254130e7-7fb1-6cf1-e8fa-5bc2d4450431@collabora.com> <3d069746-d440-f1a6-1b64-5ee196c2fc21@collabora.com> <31fe345b-06ac-8c2c-1540-76dd09eca3ee@collabora.com> From: David Hildenbrand Organization: Red Hat Subject: Re: [PATCH v6 0/3] Implement IOCTL to get and/or the clear info about PTEs In-Reply-To: <31fe345b-06ac-8c2c-1540-76dd09eca3ee@collabora.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A, RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 05.12.22 16:29, Muhammad Usama Anjum wrote: > On 11/30/22 5:10 PM, David Hildenbrand wrote: >> On 30.11.22 12:42, Muhammad Usama Anjum wrote: >>> On 11/21/22 8:55 PM, David Hildenbrand wrote: >>>> On 21.11.22 16:00, Muhammad Usama Anjum wrote: >>>>> Hello, >>>>> >>>>> Thank you for replying. >>>>> >>>>> On 11/14/22 8:46 PM, David Hildenbrand wrote: >>>>>>> The soft-dirtiness is stored in the PTE. VMA is marked dirty to store >>>>>>> the >>>>>>> dirtiness for reused regions. Clearing the soft-dirty status of whole >>>>>>> process is straight forward. When we want to clear/monitor the >>>>>>> soft-dirtiness of a part of the virtual memory, there is a lot of >>>>>>> internal >>>>>>> noise. We don't want the non-dirty pages to become dirty because of how >>>>>>> the >>>>>>> soft-dirty feature has been working. Soft-dirty feature wasn't being >>>>>>> used >>>>>>> the way we want to use now. While monitoring a part of memory, it is not >>>>>>> acceptable to get non-dirty pages as dirty. Non-dirty pages become dirty >>>>>>> when the two VMAs are merged without considering if they both are >>>>>>> dirty or >>>>>>> not (34228d473efe). To monitor changes over the memory, sometimes >>>>>>> VMAs are >>>>>>> split to clear the soft-dirty bit in the VMA flags. But sometimes kernel >>>>>>> decide to merge them backup. It is so waste of resources. >>>>>> >>>>>> Maybe you'd want a per-process option to not merge if the VM_SOFTDIRTY >>>>>> property differs. But that might be just one alternative for handling >>>>>> this >>>>>> case. >>>>>> >>>>>>> >>>>>>> To keep things consistent, the default behavior of the IOCTL is to >>>>>>> output >>>>>>> even the extra non-dirty pages as dirty from the kernel noise. A >>>>>>> optional >>>>>>> PAGEMAP_NO_REUSED_REGIONS flag is added for those use cases which aren't >>>>>>> tolerant of extra non-dirty pages. This flag can be considered as >>>>>>> something >>>>>>> which is by-passing the already present buggy implementation in the >>>>>>> kernel. >>>>>>> It is not buggy per say as the issue can be solved if we don't allow the >>>>>>> two VMA which have different soft-dirty bits to get merged. But we are >>>>>>> allowing that so that the total number of VMAs doesn't increase. This >>>>>>> was >>>>>>> acceptable at the time, but now with the use case of monitoring a >>>>>>> part of >>>>>>> memory for soft-dirty doesn't want this merging. So either we need to >>>>>>> revert 34228d473efe and PAGEMAP_NO_REUSED_REGIONS flag will not be >>>>>>> needed >>>>>>> or we should allow PAGEMAP_NO_REUSED_REGIONS or similar mechanism to >>>>>>> ignore >>>>>>> the extra dirty pages which aren't dirty in reality. >>>>>>> >>>>>>> When PAGEMAP_NO_REUSED_REGIONS flag is used, only the PTEs are >>>>>>> checked to >>>>>>> find if the pages are dirty. So re-used regions cannot be detected. This >>>>>>> has the only side-effect of not checking the VMAs. So this is >>>>>>> limitation of >>>>>>> using this flag which should be acceptable in the current state of code. >>>>>>> This limitation is okay for the users as they can clear the >>>>>>> soft-dirty bit >>>>>>> of the VMA before starting to monitor a range of memory for >>>>>>> soft-dirtiness. >>>>>>> >>>>>>> >>>>>>>> Please separate that part out from the other changes; I am still not >>>>>>>> convinced that we want this and what the semantical implications are. >>>>>>>> >>>>>>>> Let's take a look at an example: can_change_pte_writable() >>>>>>>> >>>>>>>>        /* Do we need write faults for softdirty tracking? */ >>>>>>>>        if (vma_soft_dirty_enabled(vma) && !pte_soft_dirty(pte)) >>>>>>>>            return false; >>>>>>>> >>>>>>>> We care about PTE softdirty tracking, if it is enabled for the VMA. >>>>>>>> Tracking is enabled if: vma_soft_dirty_enabled() >>>>>>>> >>>>>>>>        /* >>>>>>>>         * Soft-dirty is kind of special: its tracking is enabled when >>>>>>>>         * the vma flags not set. >>>>>>>>         */ >>>>>>>>        return !(vma->vm_flags & VM_SOFTDIRTY); >>>>>>>> >>>>>>>> Consequently, if VM_SOFTDIRTY is set, we are not considering the >>>>>>>> soft_dirty >>>>>>>> PTE bits accordingly. >>>>>>> Sorry, I'm unable to completely grasp the meaning of the example. We >>>>>>> have >>>>>>> followed clear_refs_write() to write the soft-dirty bit clearing code in >>>>>>> the current patch. Dirtiness of the VMA and the PTE may be set >>>>>>> independently. Newer allocated memory has dirty bit set in the VMA. When >>>>>>> something is written the memory, the soft dirty bit is set in the >>>>>>> PTEs as >>>>>>> well regardless if the soft dirty bit is set in the VMA or not. >>>>>>> >>>>>> >>>>>> Let me try to find a simple explanation: >>>>>> >>>>>> After clearing a SOFTDIRTY PTE flag inside an area with VM_SOFTDIRTY set, >>>>>> there are ways that PTE could get written to and it could become dirty, >>>>>> without the PTE becoming softdirty. >>>>>> >>>>>> Essentially, inside a VMA with VM_SOFTDIRTY set, the PTE softdirty values >>>>>> might be stale: there might be entries that are softdirty even though the >>>>>> PTE is *not* marked softdirty. >>>>> Can someone please share the example to reproduce this? In all of my >>>>> testing, even if I ignore VM_SOFTDIRTY and only base my decision of >>>>> soft-dirtiness on individual pages, it always passes. >>>> >>>> Quick reproducer (the first and easiest one that triggered :) ) >>>> attached. >>>> >>>> With no kernel changes, it works as expected. >>>> >>>> # ./softdirty_mprotect >>>> >>>> >>>> With the following kernel change to simulate what you propose it fails: >>>> >>>> diff --git a/fs/proc/task_mmu.c b/fs/proc/task_mmu.c >>>> index d22687d2e81e..f2c682bf7f64 100644 >>>> --- a/fs/proc/task_mmu.c >>>> +++ b/fs/proc/task_mmu.c >>>> @@ -1457,8 +1457,8 @@ static pagemap_entry_t pte_to_pagemap_entry(struct >>>> pagemapread *pm, >>>>                  flags |= PM_FILE; >>>>          if (page && !migration && page_mapcount(page) == 1) >>>>                  flags |= PM_MMAP_EXCLUSIVE; >>>> -       if (vma->vm_flags & VM_SOFTDIRTY) >>>> -               flags |= PM_SOFT_DIRTY; >>>> +       //if (vma->vm_flags & VM_SOFTDIRTY) >>>> +       //      flags |= PM_SOFT_DIRTY; >>>>            return make_pme(frame, flags); >>>>   } >>>> >>>> >>>> # ./softdirty_mprotect >>>> Page #1 should be softdirty >>>> >>> Thank you so much for sharing the issue and reproducer. >>> >>> After remapping the second part of the memory and m-protecting + >>> m-unprotecting the whole memory, the PTE of the first half of the memory >>> doesn't get marked as soft dirty even after writing multiple times to it. >>> Even if soft-dirtiness is cleared on the whole process, the PTE of the >>> first half memory doesn't get dirty. This seems like more of a bug in >>> mprotect. The mprotect should not mess up with the soft-dirty flag in the >>> PTEs. >>> >>> I'm debugging this. I hope to find the issue soon. Soft-dirty tracking in >>> PTEs should be working correctly irrespective of the VM_SOFTDIRTY is set or >>> not on the VMA. >> >> No, it's not a bug and these are not the VM_SOFTDIRTY semantics -- just >> because you think they should be like this. As people explained, >> VM_SOFTDIRTY implies *until now* that any PTE is consideres softdirty. And >> there are other scenarios that can similarly trigger something like that, >> besides mprotect(). >> >> Sorry if I sound annoyed, but please >> >> 1) factor out that from your patch set for now >> 2) find a way to handle this cleanly, for example, not merging VMAs that >>    differ in VM_SOFTDIRTY >> > > I'm extremely sorry for the annoyance. I absolutely understand your point. No need to be sorry :) > The problem is that the half of this IOCTL wouldn't be useful without > solving the extra soft-dirty pages issue. We don't want to upstream > something which we wouldn't be using until 2 is solved. This is why we are > trying to solve the point 2 before upstreaming the 1. I'm working on ideas > on how this can be resolved or redesigned entirely. Maybe Cyril will share > the ideas soon once he has some time. He was involved in the soft-dirty > feature development. Got it, thanks for the info on usability without this feature. Let me make my point clearer: exposing VM_SOFTDIRTY details to user space and providing different kinds of "soft dirty" really is sub-optimal from an ABI POV. It would be really preferred if we could just find a way to improve the soft-dirty implementation in a way such that no such ABI hacks are required and that the existing interface will provide the semantics you want. For example, if we could rework the VMA merging case that would be really preferable. I understand that we might want more fine-grained soft-dirty clearing IOCTLs. My primary concern is regarding the VM_SOFTDIRTY special-casing just when observing whether a PTE is softdirty. -- Thanks, David / dhildenb