On 07/02/2018 02:53 AM, Jan Kara wrote:
> On Sun 01-07-18 17:56:53, john.hubbard@xxxxxxxxx wrote:
>> From: John Hubbard <jhubbard@xxxxxxxxxx>
>>
> ...
>
>> @@ -904,12 +907,24 @@ static inline void get_page(struct page *page)
>> */
>> VM_BUG_ON_PAGE(page_ref_count(page) <= 0, page);
>> page_ref_inc(page);
>> +
>> + if (unlikely(PageDmaPinned(page)))
>> + __get_page_for_pinned_dma(page);
>> }
>>
>> static inline void put_page(struct page *page)
>> {
>> page = compound_head(page);
>>
>> + /* Because the page->dma_pinned_* fields are unioned with
>> + * page->lru, there is no way to do classical refcount-style
>> + * decrement-and-test-for-zero. Instead, PageDmaPinned(page) must
>> + * be checked, in order to safely check if we are allowed to decrement
>> + * page->dma_pinned_count at all.
>> + */
>> + if (unlikely(PageDmaPinned(page)))
>> + __put_page_for_pinned_dma(page);
>> +
>
> These two are just wrong. You cannot make any page reference for
> PageDmaPinned() account against a pin count. First, it is just conceptually
> wrong as these references need not be long term pins, second, you can
> easily race like:
>
> Pinner Random process
> get_page(page)
> pin_page_for_dma()
> put_page(page)
> -> oops, page gets unpinned too early
>
I'll drop this approach, without mentioning any of the locking that is hiding in
there, since that was probably breaking other rules anyway. :) Thanks for your
patience in reviewing this.
> So you really have to create counterpart to get_user_pages() - like
> put_user_page() or whatever... It is inconvenient to have to modify all GUP
> users but I don't see a way around that.
OK, there will be a long-ish pause, while I go visit all the gup sites. I count about
88 callers, which is not nearly as crazy as my first casual grep showed, but still
quite a chunk, since I have to track down where each one does its put_page call(s).
It's definitely worth the effort, though. These pins just plain need some special
handling in order to get everything correct.
thanks,
--
John Hubbard
NVIDIA
