Linaro-mm-sig

linaro-mm-sig@lists.linaro.org

29 participants
3371 discussions

[PATCH mm-hotfixes 0/4] mm kernel-doc fixes

by Bagas Sanjaya

Hi, Here are kernel-doc fixes for mm subsystem, based on mm-hotfixes-unstable branch. This series is split from previous assorted kernel-doc fixes series [1] with review trailers applied. I'm also including textsearch fix since there's currently no maintainer for include/linux/textsearch.h (get_maintainer.pl only shows LKML). Enjoy! [1]: https://lore.kernel.org/linux-fsdevel/20251215113903.46555-1-bagasdotme@gma… Bagas Sanjaya (4): mm: Describe @flags parameter in memalloc_flags_save() textsearch: Describe @list member in ts_ops search mm: vmalloc: Fix up vrealloc_node_align() kernel-doc macro name mm, kfence: Describe @slab parameter in __kfence_obj_info() include/linux/kfence.h | 1 + include/linux/sched/mm.h | 1 + include/linux/textsearch.h | 1 + mm/vmalloc.c | 2 +- 4 files changed, 4 insertions(+), 1 deletion(-) base-commit: 980dbceadd50af9437257d8095d4a3606818e8c4 -- An old man doll... just what I always wanted! - Clara

2 months

Re: [PATCH 05/19] dma-buf/selftests: test RCU ops and inline lock

by Christian König

On 12/11/25 16:04, Tvrtko Ursulin wrote: ... >> @@ -90,6 +73,11 @@ static int test_signaling(void *arg) >> goto err_free; >> } >> + if (rcu_dereference_protected(f->ops, true)) { >> + pr_err("Fence ops not cleared on signal\n"); >> + goto err_free; >> + } > > Bump to after the signaled check just below? Otherwise the signaled state hasn't been ascertained yet. Done. I've put it to the end of the test. >> + >> if (!dma_fence_is_signaled(f)) { >> pr_err("Fence not reporting signaled\n"); >> goto err_free; >> @@ -540,19 +528,7 @@ int dma_fence(void) >> SUBTEST(test_stub), >> SUBTEST(race_signal_callback), >> }; >> - int ret; >> pr_info("sizeof(dma_fence)=%zu\n", sizeof(struct dma_fence)); >> - >> - slab_fences = KMEM_CACHE(mock_fence, >> - SLAB_TYPESAFE_BY_RCU | > > Hm.. race_signal_callback looks like it could be depending on SLAB_TYPESAFE_BY_RCU. To you not? Hui? As far as I can see it doesn't. The race_signal_callback test just depends on the general RCU functionality of fences. Regards, Christian. > > Regards, > > Tvrtko > >> - SLAB_HWCACHE_ALIGN); >> - if (!slab_fences) >> - return -ENOMEM; >> - >> - ret = subtests(tests, NULL); >> - >> - kmem_cache_destroy(slab_fences); >> - >> - return ret; >> + return subtests(tests, NULL); >> } >

2 months

[PATCH 00/14] Assorted kernel-doc fixes

by Bagas Sanjaya

Hi, Here are assorted kernel-doc fixes for 6.19 cycle. As the name implies, for the merging strategy, the patches can be taken by respective maintainers to appropriate fixes branches (targetting 6.19 of course) (e.g. for mm it will be mm-hotfixes). Enjoy! Bagas Sanjaya (14): genalloc: Describe @start_addr parameter in genpool_algo_t mm: Describe @flags parameter in memalloc_flags_save() textsearch: Describe @list member in ts_ops search mm: vmalloc: Fix up vrealloc_node_align() kernel-doc macro name mm, kfence: Describe @slab parameter in __kfence_obj_info() virtio: Describe @map and @vmap members in virtio_device struct fs: Describe @isnew parameter in ilookup5_nowait() VFS: fix __start_dirop() kernel-doc warnings drm/amd/display: Don't use kernel-doc comment in dc_register_software_state struct drm/amdgpu: Describe @AMD_IP_BLOCK_TYPE_RAS in amd_ip_block_type enum drm/gem/shmem: Describe @shmem and @size parameters drm/scheduler: Describe @result in drm_sched_job_done() drm/gpusvm: Fix drm_gpusvm_pages_valid_unlocked() kernel-doc comment net: bridge: Describe @tunnel_hash member in net_bridge_vlan_group struct drivers/gpu/drm/amd/display/dc/dc.h | 2 +- drivers/gpu/drm/amd/include/amd_shared.h | 1 + drivers/gpu/drm/drm_gem_shmem_helper.c | 3 ++- drivers/gpu/drm/drm_gpusvm.c | 4 ++-- drivers/gpu/drm/scheduler/sched_main.c | 1 + fs/inode.c | 1 + fs/namei.c | 3 ++- include/linux/genalloc.h | 1 + include/linux/kfence.h | 1 + include/linux/sched/mm.h | 1 + include/linux/textsearch.h | 1 + include/linux/virtio.h | 2 ++ mm/vmalloc.c | 2 +- net/bridge/br_private.h | 1 + 14 files changed, 18 insertions(+), 6 deletions(-) base-commit: 8f0b4cce4481fb22653697cced8d0d04027cb1e8 -- An old man doll... just what I always wanted! - Clara

2 months

Re: [PATCH] dma-buf: really enable DMABUF_DEBUG by default on DEBUG kernels

by Christian König

On 12/17/25 11:25, Lukas Bulwahn wrote: > From: Lukas Bulwahn <lukas.bulwahn(a)redhat.com> > > The intent of commit 646013f513f3 ("dma-buf: enable DMABUF_DEBUG by default > on DEBUG kernels") is clear, but it mixes up the config option name. The > config option for kernel debugging is named DEBUG_KERNEL, not DEBUG. > > Fix up the DMABUF_DEBUG definition to use the intended name. > > Fixes: 646013f513f3 ("dma-buf: enable DMABUF_DEBUG by default on DEBUG kernels") > Signed-off-by: Lukas Bulwahn <lukas.bulwahn(a)redhat.com> Ah, yeah. I mixed up the C define vs the config option. Thanks for pointing that out. Reviewed-by: Christian König <christian.koenig(a)amd.com> > --- > drivers/dma-buf/Kconfig | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/drivers/dma-buf/Kconfig b/drivers/dma-buf/Kconfig > index fdd823e446cc..426c9ad3364f 100644 > --- a/drivers/dma-buf/Kconfig > +++ b/drivers/dma-buf/Kconfig > @@ -55,7 +55,7 @@ config DMABUF_MOVE_NOTIFY > config DMABUF_DEBUG > bool "DMA-BUF debug checks" > depends on DMA_SHARED_BUFFER > - default y if DEBUG > + default y if DEBUG_KERNEL > help > This option enables additional checks for DMA-BUF importers and > exporters. Specifically it validates that importers do not peek at the

2 months

Re: [PATCH] dma-buf: system_heap: account for system heap allocation in memcg

by Christian König

On 12/15/25 14:59, Maxime Ripard wrote: > On Mon, Dec 15, 2025 at 02:30:47PM +0100, Christian König wrote: >> On 12/15/25 11:51, Maxime Ripard wrote: >>> Hi TJ, >>> >>> On Fri, Dec 12, 2025 at 08:25:19AM +0900, T.J. Mercier wrote: >>>> On Fri, Dec 12, 2025 at 4:31 AM Eric Chanudet <echanude(a)redhat.com> wrote: >>>>> >>>>> The system dma-buf heap lets userspace allocate buffers from the page >>>>> allocator. However, these allocations are not accounted for in memcg, >>>>> allowing processes to escape limits that may be configured. >>>>> >>>>> Pass the __GFP_ACCOUNT for our allocations to account them into memcg. >>>> >>>> We had a discussion just last night in the MM track at LPC about how >>>> shared memory accounted in memcg is pretty broken. Without a way to >>>> identify (and possibly transfer) ownership of a shared buffer, this >>>> makes the accounting of shared memory, and zombie memcg problems >>>> worse. :\ >>> >>> Are there notes or a report from that discussion anywhere? >>> >>> The way I see it, the dma-buf heaps *trivial* case is non-existent at >>> the moment and that's definitely broken. Any application can bypass its >>> cgroups limits trivially, and that's a pretty big hole in the system. >> >> Well, that is just the tip of the iceberg. >> >> Pretty much all driver interfaces doesn't account to memcg at the >> moment, all the way from alsa, over GPUs (both TTM and SHM-GEM) to >> V4L2. > > Yes, I know, and step 1 of the plan we discussed earlier this year is to > fix the heaps. > >>> The shared ownership is indeed broken, but it's not more or less broken >>> than, say, memfd + udmabuf, and I'm sure plenty of others. >>> >>> So we really improve the common case, but only make the "advanced" >>> slightly more broken than it already is. >>> >>> Would you disagree? >> >> I strongly disagree. As far as I can see there is a huge chance we >> break existing use cases with that. > > Which ones? And what about the ones that are already broken? Well everybody that expects that driver resources are *not* accounted to memcg. >> There has been some work on TTM by Dave but I still haven't found time >> to wrap my head around all possible side effects such a change can >> have. >> >> The fundamental problem is that neither memcg nor the classic resource >> tracking (e.g. the OOM killer) has a good understanding of shared >> resources. > > And yet heap allocations don't necessarily have to be shared. But they > all have to be allocated. > >> For example you can use memfd to basically kill any process in the >> system because the OOM killer can't identify the process which holds >> the reference to the memory in question. And that is a *MUCH* bigger >> problem than just inaccurate memcg accounting. > > When you frame it like that, sure. Also, you can use the system heap to > DoS any process in the system. I'm not saying that what you're concerned > about isn't an issue, but let's not brush off other people legitimate > issues as well. Completely agree, but we should prioritize. That driver allocated memory is not memcg accounted is actually uAPI, e.g. that is not something which can easily change. While fixing the OOM killer looks perfectly doable and will then most likely also show a better path how to fix the memcg accounting. Christian. > > Maxime

2 months

Re: [PATCH] dma-buf: system_heap: account for system heap allocation in memcg

by T.J. Mercier

On Mon, Dec 15, 2025 at 7:51 PM Maxime Ripard <mripard(a)redhat.com> wrote: > > Hi TJ, Hi Maxime, > On Fri, Dec 12, 2025 at 08:25:19AM +0900, T.J. Mercier wrote: > > On Fri, Dec 12, 2025 at 4:31 AM Eric Chanudet <echanude(a)redhat.com> wrote: > > > > > > The system dma-buf heap lets userspace allocate buffers from the page > > > allocator. However, these allocations are not accounted for in memcg, > > > allowing processes to escape limits that may be configured. > > > > > > Pass the __GFP_ACCOUNT for our allocations to account them into memcg. > > > > We had a discussion just last night in the MM track at LPC about how > > shared memory accounted in memcg is pretty broken. Without a way to > > identify (and possibly transfer) ownership of a shared buffer, this > > makes the accounting of shared memory, and zombie memcg problems > > worse. :\ > > Are there notes or a report from that discussion anywhere? The LPC vids haven't been clipped yet, and actually I can't even find the recorded full live stream from Hall A2 on the first day. So I don't think there's anything to look at, but I bet there's probably nothing there you don't already know. > The way I see it, the dma-buf heaps *trivial* case is non-existent at > the moment and that's definitely broken. Any application can bypass its > cgroups limits trivially, and that's a pretty big hole in the system. Agree, but if we only charge the first allocator then limits can still easily be bypassed assuming an app can cause an allocation outside of its cgroup tree. I'm not sure using static memcg limits where a significant portion of the memory can be shared is really feasible. Even with just pagecache being charged to memcgs, we're having trouble defining a static memcg limit that is really useful since it has to be high enough to accomodate occasional spikes due to shared memory that might or might not be charged (since it can only be charged to one memcg - it may be spread around or it may all get charged to one memcg). So excessive anonymous use has to get really bad before it gets punished. What I've been hearing lately is that folks are polling memory.stat or PSI or other metrics and using that to take actions (memory.reclaim / killing / adjust memory.high) at runtime rather than relying on memory.high/max behavior with a static limit. > The shared ownership is indeed broken, but it's not more or less broken > than, say, memfd + udmabuf, and I'm sure plenty of others. One thing that's worse about system heap buffers is that unlike memfd the memory isn't reclaimable. So without killing all users there's currently no way to deal with the zombie issue. Harry's proposing reparenting, but I don't think our current interfaces support that because we'd have to mess with the page structs behind system heap dmabufs to change the memcg during reparenting. Ah... but udmabuf pins the memfd pages, so you're right that memfd + udmabuf isn't worse. > So we really improve the common case, but only make the "advanced" > slightly more broken than it already is. > > Would you disagree? I think memcg limits in this case just wouldn't be usable because of what I mentioned above. In our common case the allocator is in a different cgroup tree than the real users of the buffer. > Maxime

2 months

Re: [PATCH 09/19] drm/sched: use inline locks for the drm-sched-fence

by Christian König

On 12/15/25 16:53, Tvrtko Ursulin wrote: > > On 15/12/2025 15:38, Christian König wrote: >> On 12/15/25 10:20, Tvrtko Ursulin wrote: >>> >>> On 12/12/2025 15:50, Christian König wrote: >>>> On 12/11/25 16:13, Tvrtko Ursulin wrote: >>>>> >>>>> On 11/12/2025 13:16, Christian König wrote: >>>>>> Using the inline lock is now the recommended way for dma_fence implementations. >>>>>> >>>>>> So use this approach for the scheduler fences as well just in case if >>>>>> anybody uses this as blueprint for its own implementation. >>>>>> >>>>>> Also saves about 4 bytes for the external spinlock. >>>>>> >>>>>> Signed-off-by: Christian König <christian.koenig(a)amd.com> >>>>>> --- >>>>>> drivers/gpu/drm/scheduler/sched_fence.c | 7 +++---- >>>>>> include/drm/gpu_scheduler.h | 4 ---- >>>>>> 2 files changed, 3 insertions(+), 8 deletions(-) >>>>>> >>>>>> diff --git a/drivers/gpu/drm/scheduler/sched_fence.c b/drivers/gpu/drm/scheduler/sched_fence.c >>>>>> index 08ccbde8b2f5..47471b9e43f9 100644 >>>>>> --- a/drivers/gpu/drm/scheduler/sched_fence.c >>>>>> +++ b/drivers/gpu/drm/scheduler/sched_fence.c >>>>>> @@ -161,7 +161,7 @@ static void drm_sched_fence_set_deadline_finished(struct dma_fence *f, >>>>>> /* If we already have an earlier deadline, keep it: */ >>>>>> if (test_bit(DRM_SCHED_FENCE_FLAG_HAS_DEADLINE_BIT, &f->flags) && >>>>>> ktime_before(fence->deadline, deadline)) { >>>>>> - spin_unlock_irqrestore(&fence->lock, flags); >>>>>> + dma_fence_unlock_irqrestore(f, flags); >>>>> >>>>> Rebase error I guess. Pull into the locking helpers patch. >>>> >>>> No that is actually completely intentional here. >>>> >>>> Previously we had a separate lock which protected both the DMA-fences as well as the deadline state. >>>> >>>> Now we turn that upside down by dropping the separate lock and protecting the deadline state with the dma_fence lock instead. >>> >>> I don't follow. The code is currently like this: >>> >>> static void drm_sched_fence_set_deadline_finished(struct dma_fence *f, >>> ktime_t deadline) >>> { >>> struct drm_sched_fence *fence = to_drm_sched_fence(f); >>> struct dma_fence *parent; >>> unsigned long flags; >>> >>> spin_lock_irqsave(&fence->lock, flags); >>> >>> /* If we already have an earlier deadline, keep it: */ >>> if (test_bit(DRM_SCHED_FENCE_FLAG_HAS_DEADLINE_BIT, &f->flags) && >>> ktime_before(fence->deadline, deadline)) { >>> spin_unlock_irqrestore(&fence->lock, flags); >>> return; >>> } >>> >>> fence->deadline = deadline; >>> set_bit(DRM_SCHED_FENCE_FLAG_HAS_DEADLINE_BIT, &f->flags); >>> >>> spin_unlock_irqrestore(&fence->lock, flags);... >>> >>> The diff changes one out of the three lock/unlock operations. Other two are changed in 3/19. All three should surely be changed in the same patch. >> >> We could change those spin_lock/unlock calls in patch #3, but I don't think that this is clean. >> >> See the code here currently uses fence->lock and patch #3 would change it to use fence->finished->lock instead. That might be the pointer at the moment, but that is just by coincident and not design. >> >> Only this change here ontop makes it intentional that we use fence->finished->lock for everything. > > Sorry I still don't follow. After 3/19 and before this 9/19 the function looks like this: > > static void drm_sched_fence_set_deadline_finished(struct dma_fence *f, > ktime_t deadline) > { > struct drm_sched_fence *fence = to_drm_sched_fence(f); > struct dma_fence *parent; > unsigned long flags; > > dma_fence_lock_irqsave(f, flags); > > /* If we already have an earlier deadline, keep it: */ > if (test_bit(DRM_SCHED_FENCE_FLAG_HAS_DEADLINE_BIT, &f->flags) && > ktime_before(fence->deadline, deadline)) { > spin_unlock_irqrestore(&fence->lock, flags); > return; > } > > fence->deadline = deadline; > set_bit(DRM_SCHED_FENCE_FLAG_HAS_DEADLINE_BIT, &f->flags); > > dma_fence_unlock_irqrestore(f, flags); > > Notice the lonely spin_unlock_irqrestore on the early return path while other two use the dma_fence_(un)lock helpers. Am I blind or how is that clean? Oh, that's what you mean. Sorry I was blind! Yeah that is clearly unintentional. Thanks, Christian. > > Regards, > > Tvrtko > >> >> Regards, >> Christian. >> >>> >>> Regards, >>> >>> Tvrtko >>> >>>> >>>> Regards, >>>> Christian. >>>> >>>>> >>>>> Regards, >>>>> >>>>> Tvrtko >>>>> >>>>>> return; >>>>>> } >>>>>> @@ -217,7 +217,6 @@ struct drm_sched_fence *drm_sched_fence_alloc(struct drm_sched_entity *entity, >>>>>> fence->owner = owner; >>>>>> fence->drm_client_id = drm_client_id; >>>>>> - spin_lock_init(&fence->lock); >>>>>> return fence; >>>>>> } >>>>>> @@ -230,9 +229,9 @@ void drm_sched_fence_init(struct drm_sched_fence *fence, >>>>>> fence->sched = entity->rq->sched; >>>>>> seq = atomic_inc_return(&entity->fence_seq); >>>>>> dma_fence_init(&fence->scheduled, &drm_sched_fence_ops_scheduled, >>>>>> - &fence->lock, entity->fence_context, seq); >>>>>> + NULL, entity->fence_context, seq); >>>>>> dma_fence_init(&fence->finished, &drm_sched_fence_ops_finished, >>>>>> - &fence->lock, entity->fence_context + 1, seq); >>>>>> + NULL, entity->fence_context + 1, seq); >>>>>> } >>>>>> module_init(drm_sched_fence_slab_init); >>>>>> diff --git a/include/drm/gpu_scheduler.h b/include/drm/gpu_scheduler.h >>>>>> index fb88301b3c45..b77f24a783e3 100644 >>>>>> --- a/include/drm/gpu_scheduler.h >>>>>> +++ b/include/drm/gpu_scheduler.h >>>>>> @@ -297,10 +297,6 @@ struct drm_sched_fence { >>>>>> * belongs to. >>>>>> */ >>>>>> struct drm_gpu_scheduler *sched; >>>>>> - /** >>>>>> - * @lock: the lock used by the scheduled and the finished fences. >>>>>> - */ >>>>>> - spinlock_t lock; >>>>>> /** >>>>>> * @owner: job owner for debugging >>>>>> */ >>>>> >>>> >>> >> >

2 months

Re: [PATCH 09/19] drm/sched: use inline locks for the drm-sched-fence

by Christian König

On 12/15/25 10:20, Tvrtko Ursulin wrote: > > On 12/12/2025 15:50, Christian König wrote: >> On 12/11/25 16:13, Tvrtko Ursulin wrote: >>> >>> On 11/12/2025 13:16, Christian König wrote: >>>> Using the inline lock is now the recommended way for dma_fence implementations. >>>> >>>> So use this approach for the scheduler fences as well just in case if >>>> anybody uses this as blueprint for its own implementation. >>>> >>>> Also saves about 4 bytes for the external spinlock. >>>> >>>> Signed-off-by: Christian König <christian.koenig(a)amd.com> >>>> --- >>>> drivers/gpu/drm/scheduler/sched_fence.c | 7 +++---- >>>> include/drm/gpu_scheduler.h | 4 ---- >>>> 2 files changed, 3 insertions(+), 8 deletions(-) >>>> >>>> diff --git a/drivers/gpu/drm/scheduler/sched_fence.c b/drivers/gpu/drm/scheduler/sched_fence.c >>>> index 08ccbde8b2f5..47471b9e43f9 100644 >>>> --- a/drivers/gpu/drm/scheduler/sched_fence.c >>>> +++ b/drivers/gpu/drm/scheduler/sched_fence.c >>>> @@ -161,7 +161,7 @@ static void drm_sched_fence_set_deadline_finished(struct dma_fence *f, >>>> /* If we already have an earlier deadline, keep it: */ >>>> if (test_bit(DRM_SCHED_FENCE_FLAG_HAS_DEADLINE_BIT, &f->flags) && >>>> ktime_before(fence->deadline, deadline)) { >>>> - spin_unlock_irqrestore(&fence->lock, flags); >>>> + dma_fence_unlock_irqrestore(f, flags); >>> >>> Rebase error I guess. Pull into the locking helpers patch. >> >> No that is actually completely intentional here. >> >> Previously we had a separate lock which protected both the DMA-fences as well as the deadline state. >> >> Now we turn that upside down by dropping the separate lock and protecting the deadline state with the dma_fence lock instead. > > I don't follow. The code is currently like this: > > static void drm_sched_fence_set_deadline_finished(struct dma_fence *f, > ktime_t deadline) > { > struct drm_sched_fence *fence = to_drm_sched_fence(f); > struct dma_fence *parent; > unsigned long flags; > > spin_lock_irqsave(&fence->lock, flags); > > /* If we already have an earlier deadline, keep it: */ > if (test_bit(DRM_SCHED_FENCE_FLAG_HAS_DEADLINE_BIT, &f->flags) && > ktime_before(fence->deadline, deadline)) { > spin_unlock_irqrestore(&fence->lock, flags); > return; > } > > fence->deadline = deadline; > set_bit(DRM_SCHED_FENCE_FLAG_HAS_DEADLINE_BIT, &f->flags); > > spin_unlock_irqrestore(&fence->lock, flags);... > > The diff changes one out of the three lock/unlock operations. Other two are changed in 3/19. All three should surely be changed in the same patch. We could change those spin_lock/unlock calls in patch #3, but I don't think that this is clean. See the code here currently uses fence->lock and patch #3 would change it to use fence->finished->lock instead. That might be the pointer at the moment, but that is just by coincident and not design. Only this change here ontop makes it intentional that we use fence->finished->lock for everything. Regards, Christian. > > Regards, > > Tvrtko > >> >> Regards, >> Christian. >> >>> >>> Regards, >>> >>> Tvrtko >>> >>>> return; >>>> } >>>> @@ -217,7 +217,6 @@ struct drm_sched_fence *drm_sched_fence_alloc(struct drm_sched_entity *entity, >>>> fence->owner = owner; >>>> fence->drm_client_id = drm_client_id; >>>> - spin_lock_init(&fence->lock); >>>> return fence; >>>> } >>>> @@ -230,9 +229,9 @@ void drm_sched_fence_init(struct drm_sched_fence *fence, >>>> fence->sched = entity->rq->sched; >>>> seq = atomic_inc_return(&entity->fence_seq); >>>> dma_fence_init(&fence->scheduled, &drm_sched_fence_ops_scheduled, >>>> - &fence->lock, entity->fence_context, seq); >>>> + NULL, entity->fence_context, seq); >>>> dma_fence_init(&fence->finished, &drm_sched_fence_ops_finished, >>>> - &fence->lock, entity->fence_context + 1, seq); >>>> + NULL, entity->fence_context + 1, seq); >>>> } >>>> module_init(drm_sched_fence_slab_init); >>>> diff --git a/include/drm/gpu_scheduler.h b/include/drm/gpu_scheduler.h >>>> index fb88301b3c45..b77f24a783e3 100644 >>>> --- a/include/drm/gpu_scheduler.h >>>> +++ b/include/drm/gpu_scheduler.h >>>> @@ -297,10 +297,6 @@ struct drm_sched_fence { >>>> * belongs to. >>>> */ >>>> struct drm_gpu_scheduler *sched; >>>> - /** >>>> - * @lock: the lock used by the scheduled and the finished fences. >>>> - */ >>>> - spinlock_t lock; >>>> /** >>>> * @owner: job owner for debugging >>>> */ >>> >> >

2 months

Re: [PATCH] dma-buf: system_heap: account for system heap allocation in memcg

by Christian König

On 12/15/25 11:51, Maxime Ripard wrote: > Hi TJ, > > On Fri, Dec 12, 2025 at 08:25:19AM +0900, T.J. Mercier wrote: >> On Fri, Dec 12, 2025 at 4:31 AM Eric Chanudet <echanude(a)redhat.com> wrote: >>> >>> The system dma-buf heap lets userspace allocate buffers from the page >>> allocator. However, these allocations are not accounted for in memcg, >>> allowing processes to escape limits that may be configured. >>> >>> Pass the __GFP_ACCOUNT for our allocations to account them into memcg. >> >> We had a discussion just last night in the MM track at LPC about how >> shared memory accounted in memcg is pretty broken. Without a way to >> identify (and possibly transfer) ownership of a shared buffer, this >> makes the accounting of shared memory, and zombie memcg problems >> worse. :\ > > Are there notes or a report from that discussion anywhere? > > The way I see it, the dma-buf heaps *trivial* case is non-existent at > the moment and that's definitely broken. Any application can bypass its > cgroups limits trivially, and that's a pretty big hole in the system. Well, that is just the tip of the iceberg. Pretty much all driver interfaces doesn't account to memcg at the moment, all the way from alsa, over GPUs (both TTM and SHM-GEM) to V4L2. > The shared ownership is indeed broken, but it's not more or less broken > than, say, memfd + udmabuf, and I'm sure plenty of others. > > So we really improve the common case, but only make the "advanced" > slightly more broken than it already is. > > Would you disagree? I strongly disagree. As far as I can see there is a huge chance we break existing use cases with that. There has been some work on TTM by Dave but I still haven't found time to wrap my head around all possible side effects such a change can have. The fundamental problem is that neither memcg nor the classic resource tracking (e.g. the OOM killer) has a good understanding of shared resources. For example you can use memfd to basically kill any process in the system because the OOM killer can't identify the process which holds the reference to the memory in question. And that is a *MUCH* bigger problem than just inaccurate memcg accounting. Regards, Christian. > > Maxime

2 months

Re: [PATCH 14/19] drm/amdgpu: independence for the amdkfd_fence! v4

by Christian König

On 12/11/25 16:08, Philipp Stanner wrote: > On Thu, 2025-12-11 at 13:16 +0100, Christian König wrote: >> This allows amdkfd_fences to outlive the amdgpu module. >> >> v2: implement Felix suggestion to lock the fence while signaling it. >> v3: fix typos >> v4: fix return code in signal_eviction_fence >> >> Signed-off-by: Christian König <christian.koenig(a)amd.com> >> --- >> drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.h | 7 +++ >> .../gpu/drm/amd/amdgpu/amdgpu_amdkfd_fence.c | 44 +++++++++---------- >> drivers/gpu/drm/amd/amdkfd/kfd_process.c | 2 +- >> drivers/gpu/drm/amd/amdkfd/kfd_svm.c | 4 +- >> 4 files changed, 31 insertions(+), 26 deletions(-) >> >> diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.h b/drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.h >> index 8bdfcde2029b..2f2b277cfaed 100644 >> --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.h >> +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd.h >> @@ -196,6 +196,7 @@ int kfd_debugfs_kfd_mem_limits(struct seq_file *m, void *data); >> #endif >> #if IS_ENABLED(CONFIG_HSA_AMD) >> bool amdkfd_fence_check_mm(struct dma_fence *f, struct mm_struct *mm); >> +bool amdkfd_fence_signal(struct dma_fence *f); >> struct amdgpu_amdkfd_fence *to_amdgpu_amdkfd_fence(struct dma_fence *f); >> void amdgpu_amdkfd_remove_all_eviction_fences(struct amdgpu_bo *bo); >> int amdgpu_amdkfd_evict_userptr(struct mmu_interval_notifier *mni, >> @@ -210,6 +211,12 @@ bool amdkfd_fence_check_mm(struct dma_fence *f, struct mm_struct *mm) >> return false; >> } >> >> +static inline >> +bool amdkfd_fence_signal(struct dma_fence *f) >> +{ >> + return false; >> +} > > Huh? What's that? > > That function seems to be just a NOP. It's return code is used nowhere, > is it? It's the dummy which is used when CONFIG_HSA_AMD isn't enabled. Not sure if it's actually used or not, but we have dummies for all functions declared in this file. > >> + >> static inline >> struct amdgpu_amdkfd_fence *to_amdgpu_amdkfd_fence(struct dma_fence *f) >> { >> diff --git a/drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_fence.c b/drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_fence.c >> index 09c919f72b6c..9cd413e325f0 100644 >> --- a/drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_fence.c >> +++ b/drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_fence.c >> @@ -127,29 +127,9 @@ static bool amdkfd_fence_enable_signaling(struct dma_fence *f) >> if (!svm_range_schedule_evict_svm_bo(fence)) >> return true; >> } >> - return false; >> -} >> - >> -/** >> - * amdkfd_fence_release - callback that fence can be freed >> - * >> - * @f: dma_fence >> - * >> - * This function is called when the reference count becomes zero. >> - * Drops the mm_struct reference and RCU schedules freeing up the fence. >> - */ >> -static void amdkfd_fence_release(struct dma_fence *f) >> -{ >> - struct amdgpu_amdkfd_fence *fence = to_amdgpu_amdkfd_fence(f); >> - >> - /* Unconditionally signal the fence. The process is getting >> - * terminated. >> - */ >> - if (WARN_ON(!fence)) >> - return; /* Not an amdgpu_amdkfd_fence */ >> - >> mmdrop(fence->mm); >> - kfree_rcu(f, rcu); >> + fence->mm = NULL; >> + return false; >> } >> >> /** >> @@ -174,9 +154,27 @@ bool amdkfd_fence_check_mm(struct dma_fence *f, struct mm_struct *mm) >> return false; >> } >> >> +bool amdkfd_fence_signal(struct dma_fence *f) >> +{ >> + struct amdgpu_amdkfd_fence *fence = to_amdgpu_amdkfd_fence(f); >> + unsigned long flags; >> + bool was_signaled; >> + >> + dma_fence_lock_irqsave(f, flags); >> + if (fence->mm) { >> + mmdrop(fence->mm); >> + fence->mm = NULL; >> + } >> + was_signaled = dma_fence_is_signaled_locked(f); >> + if (!was_signaled) >> + dma_fence_signal_locked(f); >> + dma_fence_unlock_irqrestore(f, flags); >> + >> + return was_signaled; >> +} >> + >> static const struct dma_fence_ops amdkfd_fence_ops = { >> .get_driver_name = amdkfd_fence_get_driver_name, >> .get_timeline_name = amdkfd_fence_get_timeline_name, >> .enable_signaling = amdkfd_fence_enable_signaling, >> - .release = amdkfd_fence_release, >> }; >> diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_process.c b/drivers/gpu/drm/amd/amdkfd/kfd_process.c >> index bb252ec43733..2cf39e3d3fae 100644 >> --- a/drivers/gpu/drm/amd/amdkfd/kfd_process.c >> +++ b/drivers/gpu/drm/amd/amdkfd/kfd_process.c >> @@ -1173,7 +1173,7 @@ static void kfd_process_wq_release(struct work_struct *work) >> synchronize_rcu(); >> ef = rcu_access_pointer(p->ef); >> if (ef) >> - dma_fence_signal(ef); >> + amdkfd_fence_signal(ef); >> >> kfd_process_remove_sysfs(p); >> kfd_debugfs_remove_process(p); >> diff --git a/drivers/gpu/drm/amd/amdkfd/kfd_svm.c b/drivers/gpu/drm/amd/amdkfd/kfd_svm.c >> index 97c2270f278f..0e94f3a976b1 100644 >> --- a/drivers/gpu/drm/amd/amdkfd/kfd_svm.c >> +++ b/drivers/gpu/drm/amd/amdkfd/kfd_svm.c >> @@ -428,7 +428,7 @@ static void svm_range_bo_release(struct kref *kref) >> >> if (!dma_fence_is_signaled(&svm_bo->eviction_fence->base)) >> /* We're not in the eviction worker. Signal the fence. */ >> - dma_fence_signal(&svm_bo->eviction_fence->base); >> + amdkfd_fence_signal(&svm_bo->eviction_fence->base); >> dma_fence_put(&svm_bo->eviction_fence->base); >> amdgpu_bo_unref(&svm_bo->bo); >> kfree(svm_bo); >> @@ -3628,7 +3628,7 @@ static void svm_range_evict_svm_bo_worker(struct work_struct *work) >> mmap_read_unlock(mm); >> mmput(mm); >> >> - dma_fence_signal(&svm_bo->eviction_fence->base); >> + amdkfd_fence_signal(&svm_bo->eviction_fence->base); > > > And why do you do those changes and why doesn't the commit message > explain it? > > You stop signalling those fences, after all. Hui? I don't stop signaling the fences. I just delegate signaling into a separate helper function which does some extra cleanup before signaling the fence. Regards, Christian. > > > P. > >> >> /* This is the last reference to svm_bo, after svm_range_vram_node_free >> * has been called in svm_migrate_vram_to_ram >

2 months, 1 week

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

Linaro-mm-sig