| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 5 Jan 2022 14:36:43 +0800
From: <guangming.cao@...iatek.com>
To: <christian.koenig@....com>
CC: <Brian.Starkey@....com>, <benjamin.gaignard@...aro.org>,
<bo.song@...iatek.com>, <dri-devel@...ts.freedesktop.org>,
<guangming.cao@...iatek.com>, <jianjiao.zeng@...iatek.com>,
<john.stultz@...aro.org>, <labbott@...hat.com>,
<libo.kang@...iatek.com>, <linaro-mm-sig@...ts.linaro.org>,
<linux-arm-kernel@...ts.infradead.org>,
<linux-kernel@...r.kernel.org>, <linux-media@...r.kernel.org>,
<linux-mediatek@...ts.infradead.org>, <lmark@...eaurora.org>,
<matthias.bgg@...il.com>, <mingyuan.ma@...iatek.com>,
<sumit.semwal@...aro.org>, <wsd_upstream@...iatek.com>,
<yf.wang@...iatek.com>
Subject: Re: [PATCH v2] dma-buf: dma-heap: Add a size check for allocation
From: Guangming.Cao <guangming.cao@...iatek.com>
On Tue, 2022-01-04 at 08:47 +0100, Christian Ké°Šig wrote:
> Am 03.01.22 um 19:57 schrieb John Stultz:
> > On Mon, Dec 27, 2021 at 1:52 AM <guangming.cao@...iatek.com> wrote:
> > > From: Guangming <Guangming.Cao@...iatek.com>
> > >
> >
> > Thanks for submitting this!
> >
> > > Add a size check for allcation since the allocation size is
> >
> > nit: "allocation" above.
> >
> > > always less than the total DRAM size.
> >
> > In general, it might be good to add more context to the commit
> > message
> > to better answer *why* this change is needed rather than what the
> > change is doing. ie: What negative thing happens without this
> > change?
> > And so how does this change avoid or improve things?
>
> Completely agree, just one little addition: Could you also add this
> why
> as comment to the code?
>
> When we stumble over this five years from now it is absolutely not
> obvious why we do this.
>
> Thanks,
> Christian.
>
Thanks for your reply!
I will update the related reason in the patch later.
The reason for adding this check is that we met a case that the user
sent an invalid size(It seems it's a negative value, MSB is 0xff, it's
larger than DRAM size after convert it to size_t) to dma-heap to alloc
memory, and this allocation was running on a process(such as "gralloc"
on Android device) can't be killed by OOM flow, and we also couldn't
find the related dmabuf in "dma_buf_debug_show" because the related
dmabuf was not exported yet since the allocation is still on going.
Since this invalid argument case can be prevented at dma-heap side, so,
I added this size check, and moreover, to let debug it easily, I also
added logs when size is bigger than a threshold we set in mtk system
heap.
If you think that print logs in dma-heap framework is better, I will
update it in next version.
If you have better solution(such as dump the size under allocating
in "dma_buf_debug_show", which maybe need add global variable to record
it), please kindly let me know.
Thanks :)
Guangming
> >
> >
> > > Signed-off-by: Guangming <Guangming.Cao@...iatek.com>
> > > Signed-off-by: jianjiao zeng <jianjiao.zeng@...iatek.com>
> > > ---
> > > v2: 1. update size limitation as total_dram page size.
> > > 2. update commit message
> > > ---
> > > drivers/dma-buf/dma-heap.c | 2 ++
> > > 1 file changed, 2 insertions(+)
> > >
> > > diff --git a/drivers/dma-buf/dma-heap.c b/drivers/dma-buf/dma-
> > > heap.c
> > > index 56bf5ad01ad5..e39d2be98d69 100644
> > > --- a/drivers/dma-buf/dma-heap.c
> > > +++ b/drivers/dma-buf/dma-heap.c
> > > @@ -55,6 +55,8 @@ static int dma_heap_buffer_alloc(struct
> > > dma_heap *heap, size_t len,
> > > struct dma_buf *dmabuf;
> > > int fd;
> > >
> > > + if (len / PAGE_SIZE > totalram_pages())
> > > + return -EINVAL;
> >
> > This seems sane. I know ION used to have some 1/2 of memory cap to
> > avoid unnecessary memory pressure on crazy allocations.
> >
> > Could you send again with an improved commit message?
> >
> > thanks
> > -john
>
>
Powered by blists - more mailing lists