lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <142e6a02-80bf-4e7e-9165-1b5690fde690@vivo.com>
Date: Thu, 24 Apr 2025 10:45:05 +0800
From: Huan Yang <link@...o.com>
To: Shakeel Butt <shakeel.butt@...ux.dev>,
 Andrew Morton <akpm@...ux-foundation.org>
Cc: Johannes Weiner <hannes@...xchg.org>, Michal Hocko <mhocko@...nel.org>,
 Roman Gushchin <roman.gushchin@...ux.dev>,
 Muchun Song <muchun.song@...ux.dev>, cgroups@...r.kernel.org,
 linux-mm@...ck.org, linux-kernel@...r.kernel.org, opensource.kernel@...o.com
Subject: Re: [PATCH 1/2] mm/memcg: use kmem_cache when alloc memcg

Hi Shakeel

在 2025/4/24 06:13, Shakeel Butt 写道:
> On Wed, Apr 23, 2025 at 02:59:12PM -0700, Andrew Morton wrote:
>> On Wed, 23 Apr 2025 16:43:04 +0800 Huan Yang <link@...o.com> wrote:
>>
>>> @@ -3652,7 +3654,10 @@ static struct mem_cgroup *mem_cgroup_alloc(struct mem_cgroup *parent)
>>>   	int __maybe_unused i;
>>>   	long error;
>>>   
>>> -	memcg = kzalloc(struct_size(memcg, nodeinfo, nr_node_ids), GFP_KERNEL);
>>> +	memcg = likely(memcg_cachep) ?
>>> +			kmem_cache_zalloc(memcg_cachep, GFP_KERNEL) :
>>> +			kzalloc(struct_size(memcg, nodeinfo, nr_node_ids),
>>> +				GFP_KERNEL);
>> Why are we testing for memcg_cachep=NULL?
>>
>>> @@ -5055,6 +5061,10 @@ static int __init mem_cgroup_init(void)
>>>   		INIT_WORK(&per_cpu_ptr(&memcg_stock, cpu)->work,
>>>   			  drain_local_stock);
>>>   
>>> +	memcg_size = struct_size_t(struct mem_cgroup, nodeinfo, nr_node_ids);
>>> +	memcg_cachep = kmem_cache_create("mem_cgroup", memcg_size, 0,
>>> +					 SLAB_PANIC | SLAB_HWCACHE_ALIGN, NULL);
>> If it's because this allocation might have failed then let's not
>> bother.  If an __init-time allocation failed, this kernel is unusable
>> anyway.
>>
>> +1 to Andrew's point. SLAB_PANIC is used here, so, memcg_cachep can't be
>> NULL later.

I see cgroup_init(in start_kernel) ahead of initcall( which in rest_init->kernel_init->...->initcall). So, root_mem_cgroup create use

cachep will trigger NULL pointer access.

Thanks,

Huan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ