lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 12 Apr 2023 17:57:26 +0900
From:   Jaewon Kim <jaewon31.kim@...sung.com>
To:     Michal Hocko <mhocko@...e.com>
CC:     "jstultz@...gle.com" <jstultz@...gle.com>,
        "tjmercier@...gle.com" <tjmercier@...gle.com>,
        "sumit.semwal@...aro.org" <sumit.semwal@...aro.org>,
        "daniel.vetter@...ll.ch" <daniel.vetter@...ll.ch>,
        "akpm@...ux-foundation.org" <akpm@...ux-foundation.org>,
        "hannes@...xchg.org" <hannes@...xchg.org>,
        "linux-mm@...ck.org" <linux-mm@...ck.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "jaewon31.kim@...il.com" <jaewon31.kim@...il.com>
Subject: RE: [PATCH v3] dma-buf/heaps: system_heap: avoid too much
 allocation

>Sorry for being late. I know there was some pre-existing discussion
>around that but I didn't have time to participate.
>
>On Mon 10-04-23 16:32:28, Jaewon Kim wrote:
>> @@ -350,6 +350,9 @@ static struct dma_buf *system_heap_allocate(struct dma_heap *heap,
>>  	struct page *page, *tmp_page;
>>  	int i, ret = -ENOMEM;
>>  
>> +	if (len / PAGE_SIZE > totalram_pages())
>> +		return ERR_PTR(-ENOMEM);
>> +
>
>This is an antipattern imho. Check 7661809d493b ("mm: don't allow
>oversized kvmalloc() calls") how kvmalloc has dealt with a similar

Hello Thank you for the information.

I tried to search the macro of INT_MAX.

include/vdso/limits.h
#define INT_MAX         ((int)(~0U >> 1))

AFAIK the dma-buf system heap user can request that huge size more than 2GB. So
I think totalram_pages() is better than INT_MAX in this case.

>issue. totalram_pages doesn't really tell you anything about incorrect
>users. You might be on a low memory system where the request size is
>sane normally, it just doesn't fit into memory on that particular
>machine.

Sorry maybe I'm not fully understand what you meant. User may requested
a huge size like 3GB on 2GB ram device. But I think that should be rejected
because it is bigger than the device ram size.

Jaewon Kim

>
>
>>  	buffer = kzalloc(sizeof(*buffer), GFP_KERNEL);
>>  	if (!buffer)
>>  		return ERR_PTR(-ENOMEM);
>> -- 
>> 2.17.1
>
>-- 
>Michal Hocko
>SUSE Labs

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ