On Mon 29-08-22 12:59:26, John Hubbard wrote: > On 8/29/22 09:08, Jan Kara wrote: > >> However, the core block/bio conversion in patch 4 still does depend upon > >> a key assumption, which I got from a 2019 email discussion with > >> Christoph Hellwig and others here [1], which says: > >> > >> "All pages released by bio_release_pages should come from > >> get_get_user_pages...". > >> > >> I really hope that still holds true. Otherwise this whole thing is in > >> trouble. > >> > >> [1] https://lore.kernel.org/kvm/20190724053053.GA18330@xxxxxxxxxxxxx/ > > > > Well as far as I've checked that discussion, Christoph was aware of pipe > > pages etc. (i.e., bvecs) entering direct IO code. But he had some patches > > [2] which enabled GUP to work for bvecs as well (using the kernel mapping > > under the hood AFAICT from a quick glance at the series). I suppose we > > could also handle this in __iov_iter_get_pages_alloc() by grabbing pin > > reference instead of plain get_page() for the case of bvec iter. That way > > we should have only pinned pages in bio_release_pages() even for the bvec > > case. > > OK, thanks, that looks viable. So, that approach assumes that the > remaining two cases in __iov_iter_get_pages_alloc() will never end up > being released via bio_release_pages(): > > iov_iter_is_pipe(i) > iov_iter_is_xarray(i) > > I'm actually a little worried about ITER_XARRAY, which is a recent addition. > It seems to be used in ways that are similar to ITER_BVEC, and cephfs is > using it. It's probably OK for now, for this series, which doesn't yet > convert cephfs. So after looking into that a bit more, I think a clean approach would be to provide iov_iter_pin_pages2() and iov_iter_pages_alloc2(), under the hood in __iov_iter_get_pages_alloc() make sure we use pin_user_page() instead of get_page() in all the cases (using this in pipe_get_pages() and iter_xarray_get_pages() is easy) and then make all bio handling use the pinning variants for iters. I think at least iov_iter_is_pipe() case needs to be handled as well because as I wrote above, pipe pages can enter direct IO code e.g. for splice(2). Also I think that all iov_iter_get_pages2() (or the _alloc2 variant) users actually do want the "pin page" semantics in the end (they are accessing page contents) so eventually we should convert them all to iov_iter_pin_pages2() and remove iov_iter_get_pages2() altogether. But this will take some more conversion work with networking etc. so I'd start with converting bios only. Honza -- Jan Kara <jack@xxxxxxxx> SUSE Labs, CR
