Re: [PATCH v1 05/12] mm/memory: detect writability in restore_exclusive_pte() through can_change_pte_writable()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 31.01.25 00:06, Alistair Popple wrote:

On Thu, Jan 30, 2025 at 02:03:42PM +0100, Simona Vetter wrote:

On Thu, Jan 30, 2025 at 10:58:51AM +0100, David Hildenbrand wrote:

On 30.01.25 10:51, Simona Vetter wrote:

On Wed, Jan 29, 2025 at 12:54:03PM +0100, David Hildenbrand wrote:

Let's do it just like mprotect write-upgrade or during NUMA-hinting
faults on PROT_NONE PTEs: detect if the PTE can be writable by using
can_change_pte_writable().

Set the PTE only dirty if the folio is dirty: we might not
necessarily have a write access, and setting the PTE writable doesn't
require setting the PTE dirty.


Not sure whether there's much difference in practice, since a device
exclusive access means a write, so the folio better be dirty (unless we
aborted halfway through). But then I couldn't find the code in nouveau to
do that, so now I'm confused.


That confused me as well. Requiring the PTE to be writable does not imply
that it is dirty.

So something must either set the PTE or the folio dirty.


Yeah I'm not finding that something.


( In practice, most anonymous folios are dirty most of the time ... )


And yup that's why I think it hasn't blown up yet.


If we assume that "device-exclusive entries" are always dirty, then it
doesn't make sense to set the folio dirty when creating device-exclusive
entries. We'd always have to set the PTE dirty when restoring the exclusive
pte.


I do agree with your change, I think it's correct to put this
responsibility onto drivers. It's just that nouveau seems to not be
entirely correct.


Yeah, agree it should be a driver responsibility but also can't see how nouveau
is correct there either. I might see if I can get it to blow up...
(in context of the rmap walkers) The question is, how do we consider device-exclusive entries: 

(1) dirty? Not from a CPU perspective.
(2) referenced? Not from a CPU perspective.
If the answer is always "no" to all questions, then memory notifiers must handle it, because we'd be answering the question from the CPU point of view.
If the answer is always "yes", there is a problem: we can only make it clean/young by converting it to an ordinary PTE first (requiring MMU notifiers etc.), which makes it quite nasty.
Mixed answers are not possible, because we don't know just from staring at the entry. 

--
Cheers,

David / dhildenb
[Index of Archives]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux FS]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]     [Linux Resources]
  Powered by Linux