[Intel-gfx] [PATCH 0/5] dma-fence, i915: Stop allowing SLAB_TYPESAFE_BY_RCU for dma_fence

Tvrtko Ursulin tvrtko.ursulin at linux.intel.com
Thu Jun 10 09:29:12 UTC 2021


On 09/06/2021 22:29, Jason Ekstrand wrote:
> Ever since 0eafec6d3244 ("drm/i915: Enable lockless lookup of request
> tracking via RCU"), the i915 driver has used SLAB_TYPESAFE_BY_RCU (it
> was called SLAB_DESTROY_BY_RCU at the time) in order to allow RCU on
> i915_request.  As nifty as SLAB_TYPESAFE_BY_RCU may be, it comes with
> some serious disclaimers.  In particular, objects can get recycled while
> RCU readers are still in-flight.  This can be ok if everyone who touches
> these objects knows about the disclaimers and is careful.  However,
> because we've chosen to use SLAB_TYPESAFE_BY_RCU for i915_request and
> because i915_request contains a dma_fence, we've leaked
> SLAB_TYPESAFE_BY_RCU and its whole pile of disclaimers to every driver
> in the kernel which may consume a dma_fence.

I don't think the part about leaking is true...

> We've tried to keep it somewhat contained by doing most of the hard work
> to prevent access of recycled objects via dma_fence_get_rcu_safe().
> However, a quick grep of kernel sources says that, of the 30 instances
> of dma_fence_get_rcu*, only 11 of them use dma_fence_get_rcu_safe().
> It's likely there bear traps in DRM and related subsystems just waiting
> for someone to accidentally step in them.

...because dma_fence_get_rcu_safe apears to be about whether the 
*pointer* to the fence itself is rcu protected, not about the fence 
object itself.

If one has a stable pointer to a fence dma_fence_get_rcu is I think 
enough to deal with SLAB_TYPESAFE_BY_RCU used by i915_request (as dma 
fence is a base object there). Unless you found a bug in rq field 
recycling. But access to the dma fence is all tightly controlled so I 
don't get what leaks.

> This patch series stops us using SLAB_TYPESAFE_BY_RCU for i915_request
> and, instead, does an RCU-safe slab free via rcu_call().  This should
> let us keep most of the perf benefits of slab allocation while avoiding
> the bear traps inherent in SLAB_TYPESAFE_BY_RCU.  It then removes support
> for SLAB_TYPESAFE_BY_RCU from dma_fence entirely.

According to the rationale behind SLAB_TYPESAFE_BY_RCU traditional RCU 
freeing can be a lot more costly so I think we need a clear 
justification on why this change is being considered.

Regards,

Tvrtko

> 
> Note: The last patch is labled DONOTMERGE.  This was at Daniel Vetter's
> request as we may want to let this bake for a couple releases before we
> rip out dma_fence_get_rcu_safe entirely.
> 
> Signed-off-by: Jason Ekstrand <jason at jlekstrand.net>
> Cc: Jon Bloomfield <jon.bloomfield at intel.com>
> Cc: Daniel Vetter <daniel.vetter at ffwll.ch>
> Cc: Christian König <christian.koenig at amd.com>
> Cc: Dave Airlie <airlied at redhat.com>
> Cc: Matthew Auld <matthew.auld at intel.com>
> Cc: Maarten Lankhorst <maarten.lankhorst at linux.intel.com>
> 
> Jason Ekstrand (5):
>    drm/i915: Move intel_engine_free_request_pool to i915_request.c
>    drm/i915: Use a simpler scheme for caching i915_request
>    drm/i915: Stop using SLAB_TYPESAFE_BY_RCU for i915_request
>    dma-buf: Stop using SLAB_TYPESAFE_BY_RCU in selftests
>    DONOTMERGE: dma-buf: Get rid of dma_fence_get_rcu_safe
> 
>   drivers/dma-buf/dma-fence-chain.c         |   8 +-
>   drivers/dma-buf/dma-resv.c                |   4 +-
>   drivers/dma-buf/st-dma-fence-chain.c      |  24 +---
>   drivers/dma-buf/st-dma-fence.c            |  27 +---
>   drivers/gpu/drm/amd/amdgpu/amdgpu_fence.c |   4 +-
>   drivers/gpu/drm/i915/gt/intel_engine_cs.c |   8 --
>   drivers/gpu/drm/i915/i915_active.h        |   4 +-
>   drivers/gpu/drm/i915/i915_request.c       | 147 ++++++++++++----------
>   drivers/gpu/drm/i915/i915_request.h       |   2 -
>   drivers/gpu/drm/i915/i915_vma.c           |   4 +-
>   include/drm/drm_syncobj.h                 |   4 +-
>   include/linux/dma-fence.h                 |  50 --------
>   include/linux/dma-resv.h                  |   4 +-
>   13 files changed, 110 insertions(+), 180 deletions(-)
> 


More information about the Intel-gfx mailing list