lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20230412094440epcms1p445319579ead0d0576bb616ebb07501b4@epcms1p4>
Date:   Wed, 12 Apr 2023 18:44:40 +0900
From:   Jaewon Kim <jaewon31.kim@...sung.com>
To:     Michal Hocko <mhocko@...e.com>
CC:     "jstultz@...gle.com" <jstultz@...gle.com>,
        "tjmercier@...gle.com" <tjmercier@...gle.com>,
        "sumit.semwal@...aro.org" <sumit.semwal@...aro.org>,
        "daniel.vetter@...ll.ch" <daniel.vetter@...ll.ch>,
        "akpm@...ux-foundation.org" <akpm@...ux-foundation.org>,
        "hannes@...xchg.org" <hannes@...xchg.org>,
        "linux-mm@...ck.org" <linux-mm@...ck.org>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "jaewon31.kim@...il.com" <jaewon31.kim@...il.com>
Subject: RE: [PATCH v3] dma-buf/heaps: system_heap: avoid too much
 allocation

>On Wed 12-04-23 17:57:26, Jaewon Kim wrote:
>> >Sorry for being late. I know there was some pre-existing discussion
>> >around that but I didn't have time to participate.
>> >
>> >On Mon 10-04-23 16:32:28, Jaewon Kim wrote:
>> >> @@ -350,6 +350,9 @@ static struct dma_buf *system_heap_allocate(struct dma_heap *heap,
>> >>  	struct page *page, *tmp_page;
>> >>  	int i, ret = -ENOMEM;
>> >>  
>> >> +	if (len / PAGE_SIZE > totalram_pages())
>> >> +		return ERR_PTR(-ENOMEM);
>> >> +
>> >
>> >This is an antipattern imho. Check 7661809d493b ("mm: don't allow
>> >oversized kvmalloc() calls") how kvmalloc has dealt with a similar
>> 
>> Hello Thank you for the information.
>> 
>> I tried to search the macro of INT_MAX.
>> 
>> include/vdso/limits.h
>> #define INT_MAX         ((int)(~0U >> 1))
>> 
>> AFAIK the dma-buf system heap user can request that huge size more than 2GB.
>
>Do you have any pointers? This all is unreclaimable memory, right? How
>are those users constrained to not go overboard?

Correct dma-buf system heap memory is unreclaimable. To avoid that huge request,
this patch includes __GFP_RETRY_MAYFAIL.

 #define LOW_ORDER_GFP (GFP_HIGHUSER | __GFP_ZERO | __GFP_RETRY_MAYFAIL)

>
>> So
>> I think totalram_pages() is better than INT_MAX in this case.
>> 
>> >issue. totalram_pages doesn't really tell you anything about incorrect
>> >users. You might be on a low memory system where the request size is
>> >sane normally, it just doesn't fit into memory on that particular
>> >machine.
>> 
>> Sorry maybe I'm not fully understand what you meant. User may requested
>> a huge size like 3GB on 2GB ram device. But I think that should be rejected
>> because it is bigger than the device ram size.
>
>Even totalram_pages/10 can be just unfeasible amount of data to be
>allocated without a major disruption. totalram_pages is no measure of
>the memory availability.
>If you want to have a ballpark estimation then si_mem_available might be
>something you are looking for. But I thought the sole purpose of this
>patch is to catch obviously buggy callers (like sign overflow lenght
>etc) rather than any memory consumption sanity check.

Yes if we want to avoid some big size, si_mem_available could be one option.
Actually I tried to do totalram_pages() / 2 like the old ion system heap in
the previous patch version. Anyway totalram_pages in this patch is used to
avoid the buggy size.

And as we discussed in v2 patch, __GFP_RETRY_MAYFAIL was added. And I think
the gfp makes us feel better in memory perspective.

>
>-- 
>Michal Hocko
>SUSE Labs

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ