Re: [PATCH v3 05/11] x86/mm: Track the TLB's tlb_gen and update the flushing algorithm

From: Andy Lutomirski
Date: Thu Jun 22 2017 - 10:48:48 EST


On Thu, Jun 22, 2017 at 12:24 AM, Borislav Petkov <bp@xxxxxxxxx> wrote:
> On Wed, Jun 21, 2017 at 07:46:05PM -0700, Andy Lutomirski wrote:
>> > I'm certainly still missing something here:
>> >
>> > We have f->new_tlb_gen and mm_tlb_gen to control the flushing, i.e., we
>> > do once
>> >
>> > bump_mm_tlb_gen(mm);
>> >
>> > and once
>> >
>> > info.new_tlb_gen = bump_mm_tlb_gen(mm);
>> >
>> > and in both cases, the bumping is done on mm->context.tlb_gen.
>> >
>> > So why isn't that enough to do the flushing and we have to consult
>> > info.new_tlb_gen too?
>>
>> The issue is a possible race. Suppose we start at tlb_gen == 1 and
>> then two concurrent flushes happen. The first flush is a full flush
>> and sets tlb_gen to 2. The second is a partial flush and sets tlb_gen
>> to 3. If the second flush gets propagated to a given CPU first and it
>
> Maybe I'm still missing something, which is likely...
>
> but if the second flush gets propagated to the CPU first, the CPU will
> have local tlb_gen 1 and thus enforce a full flush anyway because we
> will go 1 -> 3 on that particular CPU. Or?
>

Yes, exactly. Which means I'm probably just misunderstanding your
original question. Can you re-ask it?

--Andy