Received: by 2002:a05:7412:31a9:b0:e2:908c:2ebd with SMTP id et41csp3819073rdb; Thu, 14 Sep 2023 03:49:53 -0700 (PDT) X-Google-Smtp-Source: AGHT+IGRL31PGV21uJHGvvJ8hOmVbvyqscRIjAnKSqSD+HcTXNB5MJvuAX967p0TI+j+YTA+ZVm+ X-Received: by 2002:a05:6a20:ce9f:b0:137:74f8:62ee with SMTP id if31-20020a056a20ce9f00b0013774f862eemr4631247pzb.18.1694688592795; Thu, 14 Sep 2023 03:49:52 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1694688592; cv=none; d=google.com; s=arc-20160816; b=fl2x1tInK/oSyqo9Yi3U7jvLF7x/d1YIXCaDHo++MWiqJ4YtKQ01QvynioVO7CkxqW ZySRxQwUo1W2kRkfH/9Q25IetuE/gj2fprM8oDai6TeRu74D+9AT9uokGZWFEDMLJ/h4 EtEMvSAhvFXKqtMK0SudCdW/UiBFfxFQ9KGsjD9Ih5VlIq5yNElk8WgOI8BA+kZ4ZtBF lzJh6XJ28eX/+Rb5l0RYaIrdi5Om3142L0YnzzL3dhUMN+lp1GWRVWofnOMjTMPVjo7n JgRWJ2FPd7UMY2Z/KT4if/fSscZ5jOlPDPIhuZR2aUdy5HC/6OSWeHzaQhuoUeEHGk/b iUgA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to:from :content-language:references:cc:to:subject:user-agent:mime-version :date:message-id:dkim-signature; bh=fMTMaDwtrm+8kHRk+dxYsAjmLy+RlWo+BUwqoe6XbtQ=; fh=TLdaYVTYpkOucWp2gi2TZIRkEiwPxZ330gpwGOOjymo=; b=LJ4pMtKAgFow6Cdj1jWI5JS5ZA5YyNqmpEfO/D/YO5VeF6ClzubM2O8EjhSji+vtcw YjtpSGaN80YBZ/IBzANtrMDHvPkoeKjWLW523mD9b+bEo1dq8t5qeu2BC7QD7hAjfBd6 TKGBvPsE3iXZ+uggb9Q63FRvQD2ui9QoF+iVQ7oSOFWQViwsHSqP31MS0YSKQec6aSKY YR6N6Xcxrj20zGA0Dw8UN/liMwI8sFibDza9xmCBuiXmcSQe/6GKco8JCO6JFtleqA5y JD4GkEw6ZGBO9xWDqwMG3QlXDmbpgIE7bkemyej7u88JrEXjMf7sIDzjoPFDBKQVbT57 AAGQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@collabora.com header.s=mail header.b=g1jdrQkY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=collabora.com Return-Path: Received: from lipwig.vger.email (lipwig.vger.email. [23.128.96.33]) by mx.google.com with ESMTPS id kv13-20020a17090328cd00b001b8a70ee029si1333752plb.449.2023.09.14.03.49.52 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 14 Sep 2023 03:49:52 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) client-ip=23.128.96.33; Authentication-Results: mx.google.com; dkim=pass header.i=@collabora.com header.s=mail header.b=g1jdrQkY; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.33 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=collabora.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by lipwig.vger.email (Postfix) with ESMTP id 33BD682CC479; Wed, 13 Sep 2023 21:03:06 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at lipwig.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S234230AbjINEDD (ORCPT + 99 others); Thu, 14 Sep 2023 00:03:03 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57344 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233285AbjINEDC (ORCPT ); Thu, 14 Sep 2023 00:03:02 -0400 Received: from madras.collabora.co.uk (madras.collabora.co.uk [IPv6:2a00:1098:0:82:1000:25:2eeb:e5ab]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7C270E6C for ; Wed, 13 Sep 2023 21:02:58 -0700 (PDT) Received: from [192.168.2.134] (109-252-153-31.dynamic.spd-mgts.ru [109.252.153.31]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: dmitry.osipenko) by madras.collabora.co.uk (Postfix) with ESMTPSA id 8B2C46607326; Thu, 14 Sep 2023 05:02:54 +0100 (BST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=collabora.com; s=mail; t=1694664175; bh=XNbZvDNPElbhAVe9CVrAb1FFndRQKl4kGYWIY9PJnVE=; h=Date:Subject:To:Cc:References:From:In-Reply-To:From; b=g1jdrQkYXRLrocVXUWPIylg1LMihLjE3ojWdlAwpK60zyHWOZPap+U0EQn4jMNjm1 S/XQ7xRi7W2kFJhAfMUxpe/HHGKTRLbIT/xmLYJroouiSMGha1IqDeuTO2XDsaSrmq etfqJHhcmE4n9/yfr6B9mFjTRG0aaHsP6kZGvA/tnMOQBCqEw8C0DYfKiSPWXlZ2FE xlzS4jxYvZl32ffvAxz8WsP73OEnaNEQnj0TDp+nK4BBnYEU/xMgZ2sWbIhqki0RfB zD8+7Gyx35ydMcGwMD9kCtxIyf+Tu1sNc2YS4yE9LlNy0tJij60X5c5sNeYfsvlEEG QY5AGcQ3gmbGw== Message-ID: Date: Thu, 14 Sep 2023 07:02:52 +0300 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.13.0 Subject: Re: [PATCH v16 15/20] drm/shmem-helper: Add memory shrinker To: Boris Brezillon Cc: David Airlie , Gerd Hoffmann , Gurchetan Singh , Chia-I Wu , Daniel Vetter , Maarten Lankhorst , Maxime Ripard , Thomas Zimmermann , =?UTF-8?Q?Christian_K=c3=b6nig?= , Qiang Yu , Steven Price , Emma Anholt , Melissa Wen , dri-devel@lists.freedesktop.org, linux-kernel@vger.kernel.org, kernel@collabora.com, virtualization@lists.linux-foundation.org References: <20230903170736.513347-1-dmitry.osipenko@collabora.com> <20230903170736.513347-16-dmitry.osipenko@collabora.com> <20230905100306.3564e729@collabora.com> <26f7ba6d-3520-0311-35e2-ef5706a98232@collabora.com> <20230913094832.3317c2df@collabora.com> Content-Language: en-US From: Dmitry Osipenko In-Reply-To: <20230913094832.3317c2df@collabora.com> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (lipwig.vger.email [0.0.0.0]); Wed, 13 Sep 2023 21:03:06 -0700 (PDT) X-Spam-Status: No, score=-2.3 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI, NICE_REPLY_A,SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lipwig.vger.email On 9/13/23 10:48, Boris Brezillon wrote: > On Wed, 13 Sep 2023 03:56:14 +0300 > Dmitry Osipenko wrote: > >> On 9/5/23 11:03, Boris Brezillon wrote: >>>> * But >>>> + * acquiring the obj lock in drm_gem_shmem_release_pages_locked() can >>>> + * cause a locking order inversion between reservation_ww_class_mutex >>>> + * and fs_reclaim. >>>> + * >>>> + * This deadlock is not actually possible, because no one should >>>> + * be already holding the lock when drm_gem_shmem_free() is called. >>>> + * Unfortunately lockdep is not aware of this detail. So when the >>>> + * refcount drops to zero, don't touch the reservation lock. >>>> + */ >>>> + if (shmem->got_pages_sgt && >>>> + refcount_dec_and_test(&shmem->pages_use_count)) { >>>> + drm_gem_shmem_do_release_pages_locked(shmem); >>>> + shmem->got_pages_sgt = false; >>>> } >>> Leaking memory is the right thing to do if pages_use_count > 1 (it's >>> better to leak than having someone access memory it no longer owns), but >>> I think it's worth mentioning in the above comment. >> >> It's unlikely that it will be only a leak without a following up >> use-after-free. Neither is acceptable. > > Not necessarily, if you have a page leak, it could be that the GPU has > access to those pages, but doesn't need the GEM object anymore > (pages are mapped by the iommu, which doesn't need shmem->sgt or > shmem->pages after the mapping is created). Without a WARN_ON(), this > can go unnoticed and lead to memory corruptions/information leaks. > >> >> The drm_gem_shmem_free() could be changed such that kernel won't blow up >> on a refcnt bug, but that's not worthwhile doing because drivers >> shouldn't have silly bugs. > > We definitely don't want to fix that, but we want to complain loudly > (WARN_ON()), and make sure the risk is limited (preventing memory from > being re-assigned to someone else by not freeing it). That's what the code did and continues to do here. Not exactly sure what you're trying to say. I'm going to relocate the comment in v17 to put_pages(), we can continue discussing it there if I'm missing yours point. -- Best regards, Dmitry