| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 18 Jan 2017 17:13:54 -0500 (EST) From: David Miller <davem@...emloft.net> To: daniel@...earbox.net Cc: alexei.starovoitov@...il.com, netdev@...r.kernel.org Subject: Re: [PATCH net] bpf: don't trigger OOM killer under pressure with map alloc From: Daniel Borkmann <daniel@...earbox.net> Date: Wed, 18 Jan 2017 15:14:17 +0100 > This patch adds two helpers, bpf_map_area_alloc() and bpf_map_area_free(), > that are to be used for map allocations. Using kmalloc() for very large > allocations can cause excessive work within the page allocator, so i) fall > back earlier to vmalloc() when the attempt is considered costly anyway, > and even more importantly ii) don't trigger OOM killer with any of the > allocators. > > Since this is based on a user space request, for example, when creating > maps with element pre-allocation, we really want such requests to fail > instead of killing other user space processes. > > Also, don't spam the kernel log with warnings should any of the allocations > fail under pressure. Given that, we can make backend selection in > bpf_map_area_alloc() generic, and convert all maps over to use this API > for spots with potentially large allocation requests. > > Note, replacing the one kmalloc_array() is fine as overflow checks happen > earlier in htab_map_alloc(), since it must also protect the multiplication > for vmalloc() should kmalloc_array() fail. > > Signed-off-by: Daniel Borkmann <daniel@...earbox.net> > Acked-by: Alexei Starovoitov <ast@...nel.org> Applied, thanks.
Powered by blists - more mailing lists