Re: [PATCH 2/8] bpf: Recover arena kernel faults with scratch page

Next message: Yury Norov: "Re: [PATCH] mm: don't allow empty relative nodemask in mpol_relative_nodemask()"
Previous message: Jakub Kicinski: "Re: [Patch net-next v6 2/7] r8169: add support for multi rx queues"
In reply to: Alexei Starovoitov: "Re: [PATCH 2/8] bpf: Recover arena kernel faults with scratch page"
Next in thread: Alexei Starovoitov: "Re: [PATCH 2/8] bpf: Recover arena kernel faults with scratch page"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Tejun Heo

Date: Fri May 29 2026 - 14:13:15 EST

Hello,

> It should do set_pte_at() unconditionally.

I think two concerns are tangled here.

1. The racing write. set_pte_at() and the scratch installer's
ptep_try_set() hit the same PTE with no common lock. On x86-64 and arm64
set_pte_at() is a single atomic store, so it can't tear against the
cmpxchg, but a plain store racing a cmpxchg isn't atomic in general.
David, is that the worry - an arch where set_pte_at() is split and could
tear - or something else?

2. The SEGV. It's a BPF program failure propagating out as a SEGV. Maybe
not ideal, but as long as we surface the BPF error properly, it doesn't
necessarily seem broken to me.

Thanks.

--
tejun