On Sat, Apr 26, 2025 at 08:14:18PM -0700, Caleb Sander Mateos wrote:
> On Sat, Apr 26, 2025 at 6:37 PM Ming Lei <ming.lei@xxxxxxxxxx> wrote:
> >
> > On Sat, Apr 26, 2025 at 01:38:14PM -0700, Caleb Sander Mateos wrote:
> > > On Sat, Apr 26, 2025 at 2:41 AM Ming Lei <ming.lei@xxxxxxxxxx> wrote:
> > > >
> > > > The simple check of UBLK_IO_FLAG_OWNED_BY_SRV can avoid incorrect
> > > > register/unregister io buffer easily, so check it before calling
> > > > starting to register/un-register io buffer.
> > > >
> > > > Also only allow io buffer register/unregister uring_cmd in case of
> > > > UBLK_F_SUPPORT_ZERO_COPY.
> > >
> > > Indeed, both these checks make sense. (Hopefully there aren't any
> > > applications depending on the ability to use ublk zero-copy without
> > > setting the flag.) I too was thinking of adding the
> > > UBLK_IO_FLAG_OWNED_BY_SRV check because it could allow the
> > > kref_get_unless_zero() to be replaced with the cheaper kref_get(). I
> > > think the checks could be split into 2 separate commits, but up to
> > > you.
> >
> > Let's do it in single patch for making everyone easier.
> >
> > >
> > > >
> > > > Fixes: 1f6540e2aabb ("ublk: zc register/unregister bvec")
> > > > Signed-off-by: Ming Lei <ming.lei@xxxxxxxxxx>
> > > > ---
> > > > drivers/block/ublk_drv.c | 23 ++++++++++++++++++++++-
> > > > 1 file changed, 22 insertions(+), 1 deletion(-)
> > > >
> > > > diff --git a/drivers/block/ublk_drv.c b/drivers/block/ublk_drv.c
> > > > index 40f971a66d3e..347790b3a633 100644
> > > > --- a/drivers/block/ublk_drv.c
> > > > +++ b/drivers/block/ublk_drv.c
> > > > @@ -609,6 +609,11 @@ static void ublk_apply_params(struct ublk_device *ub)
> > > > ublk_dev_param_zoned_apply(ub);
> > > > }
> > > >
> > > > +static inline bool ublk_support_zero_copy(const struct ublk_queue *ubq)
> > > > +{
> > > > + return ubq->flags & UBLK_F_SUPPORT_ZERO_COPY;
> > > > +}
> > > > +
> > > > static inline bool ublk_support_user_copy(const struct ublk_queue *ubq)
> > > > {
> > > > return ubq->flags & (UBLK_F_USER_COPY | UBLK_F_SUPPORT_ZERO_COPY);
> > > > @@ -1950,9 +1955,16 @@ static int ublk_register_io_buf(struct io_uring_cmd *cmd,
> > > > unsigned int index, unsigned int issue_flags)
> > > > {
> > > > struct ublk_device *ub = cmd->file->private_data;
> > > > + struct ublk_io *io = &ubq->ios[tag];
> > >
> > > I thought you had mentioned in
> > > https://lore.kernel.org/linux-block/aAmYJxaV1-yWEMRo@fedora/ wanting
> > > to the ability to offload the ublk zero-copy buffer registration to a
> > > thread other than ubq_daemon. Are you still planning to do that, or
> > > does the "auto-register" feature supplant the need for that?
> >
> > The auto-register idea is actually thought of when I was working on ublk
> > selftest offload function.
> >
> > If this auto-register feature is supported, it becomes less important to
> > relax the ubq_daemon limit for register_io_buffer command, then I jump
> > on this feature & post put the patch.
> >
> > But I will continue to work on the offload test code and finally relax
> > the limit for register/unregister io buffer command, hope it can be
> > done in next week.
> >
> > > Accessing
> > > the ublk_io here only seems safe when on the ubq_daemon thread.
> >
> > Both ublk_register_io_buf()/ublk_unregister_io_buf() just reads ublk_io or
> > the request buffer only, so it is just fine for the two to run from other
> > contexts.
>
> Isn't it racy to check io->flags when it could be concurrently
> modified by another thread (the ubq_daemon)?
Good question!
Yeah, it becomes tricky if registering buffer from other pthread, such as:
- one io handler thread is registering buffer for tag 0 from cpu 0
- UBLK_IO_COMMIT_AND_FETCH_REQ comes on tag 0 from one bad ublk daemon
Then the io handler thread may observe UBLK_IO_FLAG_OWNED_BY_SRV, but
meantime UBLK_IO_COMMIT_AND_FETCH_REQ clears it and completes the request,
and this request may be freed or recycled immediately. Then the io handler
pthread sees wrong request data.
The approach I mentioned in the following link may help to support 'offload':
https://lore.kernel.org/linux-block/aAscRPVcTBiBHNe7@fedora/
The nice thing is that one batch of commands can be delivered via single or
multiple READ_MULTISHOT, and per-queue spin lock can be used. Same with io
command completion side. And it becomes easier to remove the ubq_daemon
constraint with the per-queue lock.
Thanks,
Ming
