lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <f276a028-e2d2-f098-fdf9-6ee505f32e33@gmail.com>
Date:   Thu, 11 Mar 2021 10:50:31 +1100
From:   "Singh, Balbir" <bsingharora@...il.com>
To:     Hugh Dickins <hughd@...gle.com>
Cc:     Michal Hocko <mhocko@...e.com>,
        Zhou Guanghui <zhouguanghui1@...wei.com>,
        linux-kernel@...r.kernel.org, linux-mm@...ck.org,
        akpm@...ux-foundation.org, hannes@...xchg.org,
        kirill.shutemov@...ux.intel.com, npiggin@...il.com, ziy@...dia.com,
        wangkefeng.wang@...wei.com, guohanjun@...wei.com,
        dingtianhong@...wei.com, chenweilong@...wei.com,
        rui.xiang@...wei.com
Subject: Re: [PATCH v2 1/2] mm/memcg: rename mem_cgroup_split_huge_fixup to
 split_page_memcg

On 11/3/21 9:00 am, Hugh Dickins wrote:
> On Thu, 11 Mar 2021, Singh, Balbir wrote:
>> On 9/3/21 7:28 pm, Michal Hocko wrote:
>>> On Tue 09-03-21 09:37:29, Balbir Singh wrote:
>>>> On 4/3/21 6:40 pm, Zhou Guanghui wrote:
>>> [...]
>>>>> -#ifdef CONFIG_TRANSPARENT_HUGEPAGE
>>>>>  /*
>>>>> - * Because page_memcg(head) is not set on compound tails, set it now.
>>>>> + * Because page_memcg(head) is not set on tails, set it now.
>>>>>   */
>>>>> -void mem_cgroup_split_huge_fixup(struct page *head)
>>>>> +void split_page_memcg(struct page *head, unsigned int nr)
>>>>>  {
>>>>
>>>> Do we need input validation on nr? Can nr be aribtrary or can we enforce
>>>>
>>>> VM_BUG_ON(!is_power_of_2(nr));
>>>
>>> In practice this will be power of 2 but why should we bother to sanitze
>>> that? 
>>>
>>
>> Just when DEBUG_VM is enabled to ensure the contract is valid, given that
>> nr is now variable, we could end up with subtle bugs unless we can audit
>> all callers. Even the power of 2 check does not catch the fact that nr
>> is indeed what we expect, but it still checks a large range of invalid
>> inputs.
> 
> I think you imagine this is something it's not.
> 
> "all callers" are __split_huge_page() and split_page() (maybe Matthew
> will have a third caller, maybe not).  It is not something drivers will
> be calling directly themselves, and it won't ever get EXPORTed to them.
> 

Don't feel strongly about it if that is the case.

Thanks,
Balbir Singh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ