| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 26 Jan 2011 09:33:09 -0800
From: Greg Thelen <gthelen@...gle.com>
To: Johannes Weiner <hannes@...xchg.org>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
David Rientjes <rientjes@...gle.com>,
KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>,
Minchan Kim <minchan.kim@...il.com>,
KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>,
linux-mm@...ck.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] oom: handle overflow in mem_cgroup_out_of_memory()
Johannes Weiner <hannes@...xchg.org> writes:
> On Wed, Jan 26, 2011 at 12:29:15AM -0800, Greg Thelen wrote:
>> mem_cgroup_get_limit() returns a byte limit as a unsigned 64 bit value,
>> which is converted to a page count by mem_cgroup_out_of_memory(). Prior
>> to this patch the conversion could overflow on 32 bit platforms
>> yielding a limit of zero.
>
> Balbir: It can truncate, because the conversion shrinks the required
> bits of this 64-bit number by only PAGE_SHIFT (12). Trying to store
> the resulting up to 52 significant bits in a 32-bit integer will cut
> up to 20 significant bits off.
>
>> Signed-off-by: Greg Thelen <gthelen@...gle.com>
>> ---
>> mm/oom_kill.c | 2 +-
>> 1 files changed, 1 insertions(+), 1 deletions(-)
>>
>> diff --git a/mm/oom_kill.c b/mm/oom_kill.c
>> index 7dcca55..3fcac51 100644
>> --- a/mm/oom_kill.c
>> +++ b/mm/oom_kill.c
>> @@ -538,7 +538,7 @@ void mem_cgroup_out_of_memory(struct mem_cgroup *mem, gfp_t gfp_mask)
>> struct task_struct *p;
>>
>> check_panic_on_oom(CONSTRAINT_MEMCG, gfp_mask, 0, NULL);
>> - limit = mem_cgroup_get_limit(mem) >> PAGE_SHIFT;
>> + limit = min(mem_cgroup_get_limit(mem) >> PAGE_SHIFT, (u64)ULONG_MAX);
>
> I would much prefer using min_t(u64, ...). To make it really, really
> explicit that this is 64-bit arithmetic. But that is just me, no
> correctness issue.
>
> Acked-by: Johannes Weiner <hannes@...xchg.org>
I agree that min_t() is clearer. Does the following look better?
Author: Greg Thelen <gthelen@...gle.com>
Date: Wed Jan 26 00:05:59 2011 -0800
oom: handle truncation in mem_cgroup_out_of_memory()
mem_cgroup_get_limit() returns a byte limit as an unsigned 64 bit value.
mem_cgroup_out_of_memory() converts this byte limit to an unsigned long
page count. Prior to this patch, the 32 bit version of
mem_cgroup_out_of_memory() would silently truncate the most significant
20 bits from byte limit when constructing the limit as a page count.
For byte limits with the lowest 44 bits set to zero, this truncation
would compute a page limit of zero.
This patch checks for such large byte limits that cannot be converted to
page counts without loosing information. In such situations, where a 32
bit page counter is too small to represent the corresponding byte count,
select a maximal page count.
Signed-off-by: Greg Thelen <gthelen@...gle.com>
diff --git a/mm/oom_kill.c b/mm/oom_kill.c
index 7dcca55..0164060 100644
--- a/mm/oom_kill.c
+++ b/mm/oom_kill.c
@@ -538,7 +538,7 @@ void mem_cgroup_out_of_memory(struct mem_cgroup *mem, gfp_t gfp_mask)
struct task_struct *p;
check_panic_on_oom(CONSTRAINT_MEMCG, gfp_mask, 0, NULL);
- limit = mem_cgroup_get_limit(mem) >> PAGE_SHIFT;
+ limit = min_t(u64, mem_cgroup_get_limit(mem) >> PAGE_SHIFT, ULONG_MAX);
read_lock(&tasklist_lock);
retry:
p = select_bad_process(&points, limit, mem, NULL);
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists