On Mon, Apr 20, 2026 at 08:20:57PM +0200, David Hildenbrand (Arm) wrote: > On 4/20/26 14:51, Michael S. Tsirkin wrote: > > > > Hi! > > > > > v2 - this is an attempt to address David Hildenbrand's comments: > > overloading GFP and using page->private, support for > > balloon deflate. > > > > I hope this one is acceptable, API wise. > > > > I also went ahead and implemented an alternative approach > > that David suggested: > > using GFP_ZERO to zero userspace pages. > > The issue is simple: on some architectures, one has to know the > > userspace fault address in order to flush the cache. > > > > So, I had to propagate the fault address everywhere. > > As I said, that might not be necessary. vma_alloc_folio() is the > interface we mostly care about in that regard. >
I'm not sure I follow what "might not be necessary". We need a fault address so zeroing can be effective wrt cache. Since you asked that it's done deep in post alloc hook, the address has to propagate all over mm. > > A lot of churn, and my concern is, if we miss even one > > place, silent, subtle data corruption will result and only > > on some arches (x86 will be fine). > > Which would *already* be the case of you use folio_alloc(GFP_ZERO) > instead of magical vma_alloc_folio() + folio_zero_user(). > > I don't really see how vma_alloc_folio_hints() -- that also consumes the > address -- is any better in that regard? By itself, it is not. But the issue is propagating the address from there all over mm. If we miss even one place - we get a subtle cache corruption on non x86. hints are exactly that - if we forget to set them, all that happens is that we do an extra zeroing. That is all. > When we just do the right thing with vma_alloc_folio(GFP_ZERO), at least > vma_alloc_folio() users will not accidentally do the wrong thing by > forgetting to use folio_zero_user(). Well, it's simply that 1. if you plain forget folio_zero_user you get non zero on all arches 2. we *already* have folio_zero_user in place > > > > Still, you can view that approach here: > > https://git.kernel.org/pub/scm/linux/kernel/git/mst/vhost.git gfp_zero > > > > David, if you still feel I should switch to that approach, > > let me know. Personally, I'd rather keep that as a separate > > project from this optimization. > I'd prefer if we extend vma_alloc_folio() to just handle GFP_ZERO for us. Pls take a look at that tree then. What do you think of that approach? Better? If you want it in form of patches, I can post them in private or on list. Let me know, I don't have a problem with that approach - I tested it and the performance is the same. But the issue is that there's lot of paths that have to propagate the fault address. It took me a while to even find them all (assuming I found them all). I also note that we need a flag for free in order to implement balloon deflate as you asked. Here, I reused the hints. > But let's hear other opinions first. > > -- > Cheers, > > David
