Re: Q: backport of the free_pgtables tlb fixes to 2.4

From: Andrea Arcangeli (andrea@suse.de)
Date: Thu May 23 2002 - 16:15:37 EST

Next message: Christer Weinigel: "Re: [PATCH] 2.5.17 /dev/ports"
Previous message: Hileman, Larry: "20275 linux driver patch dated 3/7/2002"
In reply to: Martin Dalecki: "Re: Q: backport of the free_pgtables tlb fixes to 2.4"
Next in thread: Martin Dalecki: "Re: Q: backport of the free_pgtables tlb fixes to 2.4"
Reply: Martin Dalecki: "Re: Q: backport of the free_pgtables tlb fixes to 2.4"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, May 23, 2002 at 09:53:44PM +0200, Martin Dalecki wrote:
> Uz.ytkownik Andrea Arcangeli napisa?:
>
> >What I don't understand is how the BTB can invoke random userspace tlb
> >fills when we are running do_munmap, there's no point at all in doing
> >that. If the cpu see a read of an user address after invalidate_tlb,
> >the tlb must not be started because it's before an invalidate_tlb.
> >
> >And if it's true not even irq are barriers for the tlb fills invoked by
> >this p4-BTB thing, so if leave_mm is really necessary, then 2.5 is as
> >well wrong in UP, because the pagetable can be scribbled by irqs in a UP
> >machine, and so the fastmode must go away even in 1 cpu systems.
>
> I for one would be really really surprised if the execution of an
> interrupt isn't treating the BTB specially. If one reads

me too of course. If an irq isn't making UP-transparent the speculative
actions of the BTB, then 2.5 is still buggy in allowing the fast mode in
UP machines (beause the irq can allocate the pagetable and scribble over
it so then the tlb will be filled with global garbage). To make things
more clear this is what will happen right now in 2.5 if the irq isn't
serializing the BTB speculative tlb fills:

CPU1

        munmap
        .. speculation starts ..
        .. TLB reads pmd entry, so it now knows the phys address of the pte ..

        clear pmd entry
        free pte
        (doesn't matter if we clear the pmd entry or if we free the pte first)

        irq fired, BTB speculative actions aren't stopped they runs speculative in parallel to the irq
        alloc page - get old pte
        scribble on pte

.. TLB reads the contents of the pte at the phys address now invalid ..
.. tlb fill ends and we filled the tlb with random pte contents marked global ...

If instead the irq is serializing the BTB actions as expected (the
invariant is that an UP machine will never see any speculative action
internally, speculations is a problem only with SMP on shared memory
or while talking with hardware devices outside the local cpu), then it
means the above cannot happen, so 2.5 isn't buggy in allowing the
fastmode with 1 cpu systems, but then it also means 2.5 is overkill in
the leave_mm hack and so we can drop it.

Andrea
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Christer Weinigel: "Re: [PATCH] 2.5.17 /dev/ports"
Previous message: Hileman, Larry: "20275 linux driver patch dated 3/7/2002"
In reply to: Martin Dalecki: "Re: Q: backport of the free_pgtables tlb fixes to 2.4"
Next in thread: Martin Dalecki: "Re: Q: backport of the free_pgtables tlb fixes to 2.4"
Reply: Martin Dalecki: "Re: Q: backport of the free_pgtables tlb fixes to 2.4"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Thu May 23 2002 - 22:00:31 EST