On 2020-12-02 3:14 a.m., Christoph Hellwig wrote:>> MEMORY_DEVICE_PCI_P2PDMA:
Struct pages are created in pci_p2pdma_add_resource() and represent device memory accessible by PCIe bar address space. Memory is allocated with pci_alloc_p2pmem() based on a byte length but the gen_pool_alloc_owner() call will allocate memory in a minimum of PAGE_SIZE units. Reference counting is +1 per *allocation* on the pgmap->ref reference count. Note that this is not +1 per page which is what put_page() expects. So currently, a get_page()/put_page() works OK because the page reference count only goes 1->2 and 2->1. If it went to zero, the pgmap->ref reference count would be incorrect if the allocation size was greater than one page.
I see pci_alloc_p2pmem() is called by nvme_alloc_sq_cmds() and pci_p2pmem_alloc_sgl() to create a command queue and a struct scatterlist *. Looks like sg_page(sg) returns the ZONE_DEVICE struct page of the scatterlist. There are a huge number of places sg_page() is called so it is hard to tell whether or not get_page()/put_page() is ever called on MEMORY_DEVICE_PCI_P2PDMA pages.
Nothing should call get_page/put_page on them, as they are not treated as refcountable memory. More importantly nothing is allowed to keep a reference longer than the time of the I/O.
Yes, right now this is safe, as Christoph notes there are no places where these should be got/put.
But eventually we'll need to change how pci_alloc_p2pmem() works to take references on the actual pages and allow freeing individual pages, similar to what you suggest. This is one of the issues Jason pointed out in my last RFC to try to pass these pages through GUP.
Logan