[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: pin_user_pages and foreign mappings error
- To: xen-devel@xxxxxxxxxxxxxxxxxxxx
- From: Demi Marie Obenour <demiobenour@xxxxxxxxx>
- Date: Tue, 20 May 2025 20:33:54 -0400
- Autocrypt: addr=demiobenour@xxxxxxxxx; keydata= xsFNBFp+A0oBEADffj6anl9/BHhUSxGTICeVl2tob7hPDdhHNgPR4C8xlYt5q49yB+l2nipd aq+4Gk6FZfqC825TKl7eRpUjMriwle4r3R0ydSIGcy4M6eb0IcxmuPYfbWpr/si88QKgyGSV Z7GeNW1UnzTdhYHuFlk8dBSmB1fzhEYEk0RcJqg4AKoq6/3/UorR+FaSuVwT7rqzGrTlscnT DlPWgRzrQ3jssesI7sZLm82E3pJSgaUoCdCOlL7MMPCJwI8JpPlBedRpe9tfVyfu3euTPLPx wcV3L/cfWPGSL4PofBtB8NUU6QwYiQ9Hzx4xOyn67zW73/G0Q2vPPRst8LBDqlxLjbtx/WLR 6h3nBc3eyuZ+q62HS1pJ5EvUT1vjyJ1ySrqtUXWQ4XlZyoEFUfpJxJoN0A9HCxmHGVckzTRl 5FMWo8TCniHynNXsBtDQbabt7aNEOaAJdE7to0AH3T/Bvwzcp0ZJtBk0EM6YeMLtotUut7h2 Bkg1b//r6bTBswMBXVJ5H44Qf0+eKeUg7whSC9qpYOzzrm7+0r9F5u3qF8ZTx55TJc2g656C 9a1P1MYVysLvkLvS4H+crmxA/i08Tc1h+x9RRvqba4lSzZ6/Tmt60DPM5Sc4R0nSm9BBff0N m0bSNRS8InXdO1Aq3362QKX2NOwcL5YaStwODNyZUqF7izjK4QARAQABzTxEZW1pIE1hcmll IE9iZW5vdXIgKGxvdmVyIG9mIGNvZGluZykgPGRlbWlvYmVub3VyQGdtYWlsLmNvbT7CwXgE EwECACIFAlp+A0oCGwMGCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheAAAoJELKItV//nCLBhr8Q AK/xrb4wyi71xII2hkFBpT59ObLN+32FQT7R3lbZRjVFjc6yMUjOb1H/hJVxx+yo5gsSj5LS 9AwggioUSrcUKldfA/PKKai2mzTlUDxTcF3vKx6iMXKA6AqwAw4B57ZEJoMM6egm57TV19kz PMc879NV2nc6+elaKl+/kbVeD3qvBuEwsTe2Do3HAAdrfUG/j9erwIk6gha/Hp9yZlCnPTX+ VK+xifQqt8RtMqS5R/S8z0msJMI/ajNU03kFjOpqrYziv6OZLJ5cuKb3bZU5aoaRQRDzkFIR 6aqtFLTohTo20QywXwRa39uFaOT/0YMpNyel0kdOszFOykTEGI2u+kja35g9TkH90kkBTG+a EWttIht0Hy6YFmwjcAxisSakBuHnHuMSOiyRQLu43ej2+mDWgItLZ48Mu0C3IG1seeQDjEYP tqvyZ6bGkf2Vj+L6wLoLLIhRZxQOedqArIk/Sb2SzQYuxN44IDRt+3ZcDqsPppoKcxSyd1Ny 2tpvjYJXlfKmOYLhTWs8nwlAlSHX/c/jz/ywwf7eSvGknToo1Y0VpRtoxMaKW1nvH0OeCSVJ itfRP7YbiRVc2aNqWPCSgtqHAuVraBRbAFLKh9d2rKFB3BmynTUpc1BQLJP8+D5oNyb8Ts4x Xd3iV/uD8JLGJfYZIR7oGWFLP4uZ3tkneDfYzsFNBFp+A0oBEAC9ynZI9LU+uJkMeEJeJyQ/ 8VFkCJQPQZEsIGzOTlPnwvVna0AS86n2Z+rK7R/usYs5iJCZ55/JISWd8xD57ue0eB47bcJv VqGlObI2DEG8TwaW0O0duRhDgzMEL4t1KdRAepIESBEA/iPpI4gfUbVEIEQuqdqQyO4GAe+M kD0Hy5JH/0qgFmbaSegNTdQg5iqYjRZ3ttiswalql1/iSyv1WYeC1OAs+2BLOAT2NEggSiVO txEfgewsQtCWi8H1SoirakIfo45Hz0tk/Ad9ZWh2PvOGt97Ka85o4TLJxgJJqGEnqcFUZnJJ riwoaRIS8N2C8/nEM53jb1sH0gYddMU3QxY7dYNLIUrRKQeNkF30dK7V6JRH7pleRlf+wQcN fRAIUrNlatj9TxwivQrKnC9aIFFHEy/0mAgtrQShcMRmMgVlRoOA5B8RTulRLCmkafvwuhs6 dCxN0GNAORIVVFxjx9Vn7OqYPgwiofZ6SbEl0hgPyWBQvE85klFLZLoj7p+joDY1XNQztmfA rnJ9x+YV4igjWImINAZSlmEcYtd+xy3Li/8oeYDAqrsnrOjb+WvGhCykJk4urBog2LNtcyCj kTs7F+WeXGUo0NDhbd3Z6AyFfqeF7uJ3D5hlpX2nI9no/ugPrrTVoVZAgrrnNz0iZG2DVx46 x913pVKHl5mlYQARAQABwsFfBBgBAgAJBQJafgNKAhsMAAoJELKItV//nCLBwNIP/AiIHE8b oIqReFQyaMzxq6lE4YZCZNj65B/nkDOvodSiwfwjjVVE2V3iEzxMHbgyTCGA67+Bo/d5aQGj gn0TPtsGzelyQHipaUzEyrsceUGWYoKXYyVWKEfyh0cDfnd9diAm3VeNqchtcMpoehETH8fr RHnJdBcjf112PzQSdKC6kqU0Q196c4Vp5HDOQfNiDnTf7gZSj0BraHOByy9LEDCLhQiCmr+2 E0rW4tBtDAn2HkT9uf32ZGqJCn1O+2uVfFhGu6vPE5qkqrbSE8TG+03H8ecU2q50zgHWPdHM OBvy3EhzfAh2VmOSTcRK+tSUe/u3wdLRDPwv/DTzGI36Kgky9MsDC5gpIwNbOJP2G/q1wT1o Gkw4IXfWv2ufWiXqJ+k7HEi2N1sree7Dy9KBCqb+ca1vFhYPDJfhP75I/VnzHVssZ/rYZ9+5 1yDoUABoNdJNSGUYl+Yh9Pw9pE3Kt4EFzUlFZWbE4xKL/NPno+z4J9aWemLLszcYz/u3XnbO vUSQHSrmfOzX3cV4yfmjM5lewgSstoxGyTx2M8enslgdXhPthZlDnTnOT+C+OTsh8+m5tos8 HQjaPM01MKBiAqdPgksm1wu2DrrwUi6ChRVTUBcj6+/9IJ81H2P2gJk3Ls3AVIxIffLoY34E +MYSfkEjBz0E8CLOcAw7JIwAaeBT
- Delivery-date: Wed, 21 May 2025 00:34:18 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 5/20/25 20:24, Stefano Stabellini wrote:
> Hi Juergen and all,
>
> We have an issue where QEMU is mapping foreign pages as usual and
> passing them to a driver in Linux (amdxdna). The driver in Linux calls
> pin_user_pages_fast() on these pages, and it returns -EFAULT. Stack
> trace appended below.
Is the QEMU virtual device that does this upstreamed?
> This is Dom0 PVH. We disabled CONFIG_XEN_UNPOPULATED_ALLOC and
> CONFIG_XEN_BALLOON_MEMORY_HOTPLUG attemping to make things better but it
> did not solved the issue. We tried changing pin_user_pages_fast() to
> pin_user_pages(), still -EFAULT. check_vma_flags returns -EFAULT because
> of the (VM_IO | VM_PFNMAP) check.
>
> We tried removing (VM_IO | VM_PFNMAP) from privcmd_mmap and
> xen_xlate_remap_gfn_array based on the idea that the underlying pages
> are normal memory once CONFIG_XEN_UNPOPULATED_ALLOC and
> CONFIG_XEN_BALLOON_MEMORY_HOTPLUG are disabled.
>
> In this case, vm_normal_page takes the if
> (IS_ENABLED(CONFIG_ARCH_HAS_PTE_SPECIAL)) path, none of the checks work,
> so it calls print_bad_pte and it breaks.
>
> As another attempt, we tried removing pte_mkspecial from
> xlate_mmu.c:remap_pte_fn and remap_pfn_fn, based again on the same idea
> that the underlying pages should not be "special". Now it went further
> but it broke at unmap_vmas time on a reference counting error. Specifically,
> we get "non-zero mapcount" on the callchain from unmap_vmas:
>
> [31789.440433] BUG: Bad page map in process qemu-system-x86
> pte:800000018f8a9027 pmd:13c29a067
> [31789.440459] page:000000008316c487 refcount:0 mapcount:-1
> mapping:0000000000000000 index:0x0 pfn:0x18f8a9
> [31789.440461] flags:
> 0x17ffffc0000214(referenced|dirty|workingset|node=0|zone=2|lastcpupid=0x1fffff)
> [31789.440463] page_type: 0xfffffffe()
> [31789.440465] raw: 0017ffffc0000214 dead000000000100 dead000000000122
> 0000000000000000
> [31789.440467] raw: 0000000000000000 0000000000000000 00000000fffffffe
> 0000000000000000
> [31789.440468] page dumped because: bad pte
> [31789.440469] addr:0000780c1213a000 vm_flags:0c0600fb
> anon_vma:0000000000000000 mapping:ffff888185672418 index:3a
> [31789.440498] file:privcmd fault:privcmd_fault [xen_privcmd]
> mmap:privcmd_mmap [xen_privcmd] read_folio:0x0
>
> So, it would seem that we need to keep treating foreign mapping pages as
> special (pte_mkspecial and also VM_IO | VM_PFNMAP) but if we do that
> pin_user_pages() fails.
>
> Do you have any ideas how to get pin_user_pages() to work with foreign
> mappings from userspace?I
Does the privcmd driver try to free the pages while amdxdna is still
using them? privcmd might be assuming that the pages are freed once
the unmap ioctl is called from userspace and the pages are unmapped
from userspace memory. That isn't true if the pages are pinned by
another driver.
--
Sincerely,
Demi Marie Obenour (she/her/hers) Attachment:
OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key
Attachment:
OpenPGP_signature.asc
Description: OpenPGP digital signature
|
