Re: FOLL_LONGTERM vs FOLL_EPHEMERAL Re: [PATCH] tee: add FOLL_LONGTERM for CMA case when alloc shm

From: John Hubbard
Date: Mon May 22 2023 - 21:54:41 EST

Next message: Jakub Kicinski: "Re: [PATCH net-next 00/30] net: dsa: mt7530: improve, trap BPDU & LLDP, and prefer CPU port"
Previous message: Wesley Cheng: "[PATCH] usb: host: xhci: Do not re-initialize the XHCI HC if being removed"
In reply to: David Hildenbrand: "Re: FOLL_LONGTERM vs FOLL_EPHEMERAL Re: [PATCH] tee: add FOLL_LONGTERM for CMA case when alloc shm"
Next in thread: Lorenzo Stoakes: "Re: FOLL_LONGTERM vs FOLL_EPHEMERAL Re: [PATCH] tee: add FOLL_LONGTERM for CMA case when alloc shm"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 5/18/23 06:56, David Hildenbrand wrote:

On 18.05.23 08:08, Sumit Garg wrote:

On Thu, 18 May 2023 at 09:51, Christoph Hellwig <hch@xxxxxxxxxxxxx> wrote:

On Wed, May 17, 2023 at 08:23:33PM +0200, David Hildenbrand wrote:

In general: if user space controls it -> possibly forever -> long-term. Even
if in most cases it's a short delay: there is no trusting on user space.

For example, iouring fixed buffers keep pages pinned until user space
decides to unregistered the buffers -> long-term.

Short-term is, for example, something like O_DIRECT where we pin -> DMA ->
unpin in essentially one operation.

Btw, one thing that's been on my mind is that I think we got the
polarity on FOLL_LONGTERM wrong. Instead of opting into the long term
behavior it really should be the default, with a FOLL_EPHEMERAL flag
to opt out of it. And every users of this flag is required to have
a comment explaining the life time rules for the pin..

I see maybe 10 or 20 call sites today. So it is definitely feasible to add
documentation at each, explaining the why it wants a long term pin.

It does look like a better approach to me given the very nature of
user space pages.

Yeah, there is a lot of historical baggage. For example, FOLL_GET should be inaccessible to kernel modules completely at one point, to be only used by selected core-mm pieces.

Yes. When I first mass-converted call sites from gup to pup, I just
preserved FOLL_GET behavior in order to keep from changing too much at
once. But I agree that that it would be nice to make FOLL_GET an
mm internal-only flag like FOLL_PIN.

Maybe we should even disallow passing in FOLL_LONGTERM as a flag and only provide functions like pin_user_pages() vs. pin_user_pages_longterm(). Then, discussions about conditional flag-setting are no more :)

... or even use pin_user_pages_shortterm() vs. pin_user_pages() ... to make the default be longterm.

Yes, it is true that having most gup flags be internal to mm does tend
to avoid some bugs. But it's also a lot of churn. I'm still on the fence
as to whether it's really a good move to do this for FOLL_LONGTERM or
not. But it's really easy to push me off of fences. :)

thanks,
--
John Hubbard
NVIDIA

Next message: Jakub Kicinski: "Re: [PATCH net-next 00/30] net: dsa: mt7530: improve, trap BPDU & LLDP, and prefer CPU port"
Previous message: Wesley Cheng: "[PATCH] usb: host: xhci: Do not re-initialize the XHCI HC if being removed"
In reply to: David Hildenbrand: "Re: FOLL_LONGTERM vs FOLL_EPHEMERAL Re: [PATCH] tee: add FOLL_LONGTERM for CMA case when alloc shm"
Next in thread: Lorenzo Stoakes: "Re: FOLL_LONGTERM vs FOLL_EPHEMERAL Re: [PATCH] tee: add FOLL_LONGTERM for CMA case when alloc shm"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]