On Wed, Feb 26, 2025 at 08:00:16PM +0000, Eric Biggers wrote:
On Wed, Feb 26, 2025 at 06:56:25PM +0000, Yosry Ahmed wrote:
Currently, zswap_cpu_comp_dead() calls crypto_free_acomp() while holding the per-CPU acomp_ctx mutex. crypto_free_acomp() then holds scomp_lock (through crypto_exit_scomp_ops_async()).
On the other hand, crypto_alloc_acomp_node() holds the scomp_lock (through crypto_scomp_init_tfm()), and then allocates memory. If the allocation results in reclaim, we may attempt to hold the per-CPU acomp_ctx mutex.
The bug is in acomp. crypto_free_acomp() should never have to wait for a memory allocation. That is what needs to be fixed.
crypto_free_acomp() does not explicitly wait for an allocation, but it waits for scomp_lock (in crypto_exit_scomp_ops_async()), which may be held while allocating memory from crypto_scomp_init_tfm().
Are you suggesting that crypto_exit_scomp_ops_async() should not be holding scomp_lock?
But really the bounce buffering in acomp (which is what is causing this problem) should not exist at all. There is really no practical use case for it; it's just there because of the Crypto API's insistence on shoehorning everything into scatterlists for no reason...
I am assuming this about scomp_scratch logic, which is what we need to hold the scomp_lock for, resulting in this problem.
If this is something that can be done right away I am fine with dropping this patch for an alternative fix, although it may be nice to reduce the lock critical section in zswap_cpu_comp_dead() to the bare minimum anyway.