| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <634e7371353c8466b3d0fa0dd7ceeaf17c8c4d7b274f4f7369d3094d22872cd6@mail.kernel.org>
Date: Mon, 27 Oct 2025 23:48:32 +0000 (UTC)
From: bot+bpf-ci@...nel.org
To: roman.gushchin@...ux.dev,akpm@...ux-foundation.org
Cc: linux-kernel@...r.kernel.org,ast@...nel.org,surenb@...gle.com,mhocko@...nel.org,shakeel.butt@...ux.dev,hannes@...xchg.org,andrii@...nel.org,inwardvessel@...il.com,linux-mm@...ck.org,cgroups@...r.kernel.org,bpf@...r.kernel.org,martin.lau@...nel.org,song@...nel.org,memxor@...il.com,tj@...nel.org,roman.gushchin@...ux.dev,ast@...nel.org,andrii@...nel.org,daniel@...earbox.net,martin.lau@...nel.org,eddyz87@...il.com,yonghong.song@...ux.dev,clm@...a.com,ihor.solodrai@...ux.dev
Subject: Re: [PATCH v2 14/23] mm: allow specifying custom oom constraint for BPF triggers
```
commit 5cd8d912032d2c2105c04660338cf4ad47d24697
Author: Roman Gushchin <roman.gushchin@...ux.dev>
mm: allow specifying custom oom constraint for BPF triggers
This patch adds a new OOM constraint type CONSTRAINT_BPF and allows
BPF programs to specify a custom constraint name when calling
bpf_out_of_memory().
> diff --git a/include/linux/oom.h b/include/linux/oom.h
> index 3cbdcd013..704fc0e78 100644
> --- a/include/linux/oom.h
> +++ b/include/linux/oom.h
> @@ -19,6 +19,7 @@ enum oom_constraint {
> CONSTRAINT_CPUSET,
> CONSTRAINT_MEMORY_POLICY,
> CONSTRAINT_MEMCG,
> + CONSTRAINT_BPF,
> };
>
> enum bpf_oom_flags {
[ ... ]
> @@ -63,6 +64,9 @@ struct oom_control {
>
> /* Policy name */
> const char *bpf_policy_name;
> +
> + /* BPF-specific constraint name */
> + const char *bpf_constraint;
> #endif
> };
[ ... ]
> diff --git a/mm/oom_kill.c b/mm/oom_kill.c
> index d7fca4bf5..72a346261 100644
> --- a/mm/oom_kill.c
> +++ b/mm/oom_kill.c
[ ... ]
> @@ -267,6 +281,9 @@ static enum oom_constraint constrained_alloc(struct oom_control *oc)
> bool cpuset_limited = false;
> int nid;
>
> + if (oc->constraint == CONSTRAINT_BPF)
> + return CONSTRAINT_BPF;
> +
> if (is_memcg_oom(oc)) {
> oc->totalpages = mem_cgroup_get_max(oc->memcg) ?: 1;
> return CONSTRAINT_MEMCG;
[ ... ]
> @@ -1350,11 +1367,14 @@ __bpf_kfunc int bpf_oom_kill_process(struct oom_control *oc,
> * Returns a negative value if an error occurred.
> */
> __bpf_kfunc int bpf_out_of_memory(struct mem_cgroup *memcg__nullable,
> - int order, u64 flags)
> + int order, u64 flags,
> + const char *constraint_text__nullable)
> {
> struct oom_control oc = {
> .memcg = memcg__nullable,
> .order = order,
> + .constraint = CONSTRAINT_BPF,
> + .bpf_constraint = constraint_text__nullable,
> };
> int ret;
When CONSTRAINT_BPF is set in bpf_out_of_memory(), the early return in
constrained_alloc() prevents oc->totalpages from being initialized. This
leaves totalpages at zero (from the designated initializer).
Later in the call chain out_of_memory()->select_bad_process()->
oom_evaluate_task()->oom_badness(), the code performs division by
totalpages at line 237:
adj *= totalpages / 1000;
Can this cause a division by zero? The path is reachable when a BPF
program calls bpf_out_of_memory() and either no BPF OOM handler is
registered or the handler fails to free memory, causing execution to fall
through to select_bad_process().
```
---
AI reviewed your patch. Please fix the bug or email reply why it's not a bug.
See: https://github.com/kernel-patches/vmtest/blob/master/ci/claude/README.md
In-Reply-To-Subject: `mm: allow specifying custom oom constraint for BPF triggers`
CI run summary: https://github.com/kernel-patches/bpf/actions/runs/18859027430
Powered by blists - more mailing lists