Re: [PATCH net-next v6 9/9] page_pool: access ->pp_magic through struct netmem_desc in page_pool_page_is_pp()
From: David Hildenbrand
Date: Mon Jun 23 2025 - 11:03:53 EST
On 23.06.25 13:13, Zi Yan wrote:
On 23 Jun 2025, at 6:16, Byungchul Park wrote:
On Mon, Jun 23, 2025 at 11:16:43AM +0200, David Hildenbrand wrote:
On 20.06.25 06:12, Byungchul Park wrote:
To simplify struct page, the effort to separate its own descriptor from
struct page is required and the work for page pool is on going.
To achieve that, all the code should avoid directly accessing page pool
members of struct page.
Access ->pp_magic through struct netmem_desc instead of directly
accessing it through struct page in page_pool_page_is_pp(). Plus, move
page_pool_page_is_pp() from mm.h to netmem.h to use struct netmem_desc
without header dependency issue.
Signed-off-by: Byungchul Park <byungchul@xxxxxx>
Reviewed-by: Toke Høiland-Jørgensen <toke@xxxxxxxxxx>
Reviewed-by: Mina Almasry <almasrymina@xxxxxxxxxx>
Reviewed-by: Pavel Begunkov <asml.silence@xxxxxxxxx>
Reviewed-by: Vlastimil Babka <vbabka@xxxxxxx>
Acked-by: Harry Yoo <harry.yoo@xxxxxxxxxx>
---
include/linux/mm.h | 12 ------------
include/net/netmem.h | 14 ++++++++++++++
mm/page_alloc.c | 1 +
3 files changed, 15 insertions(+), 12 deletions(-)
diff --git a/include/linux/mm.h b/include/linux/mm.h
index 0ef2ba0c667a..0b7f7f998085 100644
--- a/include/linux/mm.h
+++ b/include/linux/mm.h
@@ -4172,16 +4172,4 @@ int arch_lock_shadow_stack_status(struct task_struct *t, unsigned long status);
*/
#define PP_MAGIC_MASK ~(PP_DMA_INDEX_MASK | 0x3UL)
-#ifdef CONFIG_PAGE_POOL
-static inline bool page_pool_page_is_pp(struct page *page)
-{
- return (page->pp_magic & PP_MAGIC_MASK) == PP_SIGNATURE;
-}
-#else
-static inline bool page_pool_page_is_pp(struct page *page)
-{
- return false;
-}
-#endif
-
#endif /* _LINUX_MM_H */
diff --git a/include/net/netmem.h b/include/net/netmem.h
index d49ed49d250b..3d1b1dfc9ba5 100644
--- a/include/net/netmem.h
+++ b/include/net/netmem.h
@@ -56,6 +56,20 @@ NETMEM_DESC_ASSERT_OFFSET(pp_ref_count, pp_ref_count);
*/
static_assert(sizeof(struct netmem_desc) <= offsetof(struct page, _refcount));
+#ifdef CONFIG_PAGE_POOL
+static inline bool page_pool_page_is_pp(struct page *page)
+{
+ struct netmem_desc *desc = (struct netmem_desc *)page;
+
+ return (desc->pp_magic & PP_MAGIC_MASK) == PP_SIGNATURE;
+}
+#else
+static inline bool page_pool_page_is_pp(struct page *page)
+{
+ return false;
+}
+#endif
I wonder how helpful this cleanup is long-term.
page_pool_page_is_pp() is only called from mm/page_alloc.c, right?
Yes.
There, we want to make sure that no pagepool page is ever returned to
the buddy.
How reasonable is this sanity check to have long-term? Wouldn't we be
able to check that on some higher-level freeing path?
The reason I am commenting is that once we decouple "struct page" from
"struct netmem_desc", we'd have to lookup here the corresponding "struct
netmem_desc".
... but at that point here (when we free the actual pages), the "struct
netmem_desc" would likely already have been freed separately (remember:
it will be dynamically allocated).
With that in mind:
1) Is there a higher level "struct netmem_desc" freeing path where we
could check that instead, so we don't have to cast from pages to
netmem_desc at all.
I also thought it's too paranoiac. However, I thought it's other issue
than this work. That's why I left the API as is for now, it can be gone
once we get convinced the check is unnecessary in deep buddy. Wrong?
2) How valuable are these sanity checks deep in the buddy?
That was also what I felt weird on.
It seems very useful when I asked last time[1]:
|> We have actually used this at Cloudflare to catch some page_pool bugs.
My question is rather, whether there is some higher-level freeing path
for netmem_desc where we could check that instead (IOW, earlier).
Or is it really arbitrary put_page() (IOW, we assume that many possible
references can be held)?
--
Cheers,
David / dhildenb