From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 930E3C433EF for ; Mon, 11 Jul 2022 09:02:54 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 121256B00B3; Mon, 11 Jul 2022 05:02:54 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 0D24E6B00B5; Mon, 11 Jul 2022 05:02:54 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id EDA556B00B6; Mon, 11 Jul 2022 05:02:53 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id DC4276B00B3 for ; Mon, 11 Jul 2022 05:02:53 -0400 (EDT) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id B2BA320980 for ; Mon, 11 Jul 2022 09:02:53 +0000 (UTC) X-FDA: 79674229026.15.94C7392 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by imf13.hostedemail.com (Postfix) with ESMTP id 082082006A for ; Mon, 11 Jul 2022 09:02:52 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1657530172; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=KahG8dPujyuQmr3vS7XPH97ViH9jTIKR8+ux8kd1QT8=; b=YoBjNWFSdiVE4nyU/UR5Pu3xAuCjX98IukCDYtnEo3U7VYfsCetL4jrKESM0fPHtql7ZdL QY8b04gPDn+0/GjlvKl8Sl/gX626YmOMDGRwUrt8xyK/LwD5BqSDyUIE8faF3n0mfpSr5x bm/9/IAyAcqEu+1rBotqPhajRzpxRBk= Received: from mail-ua1-f71.google.com (mail-ua1-f71.google.com [209.85.222.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-622-IT0Q3CiUMVabBdRTRFPtww-1; Mon, 11 Jul 2022 05:02:45 -0400 X-MC-Unique: IT0Q3CiUMVabBdRTRFPtww-1 Received: by mail-ua1-f71.google.com with SMTP id 68-20020a9f204a000000b00381f94e700fso896755uam.9 for ; Mon, 11 Jul 2022 02:02:45 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=KahG8dPujyuQmr3vS7XPH97ViH9jTIKR8+ux8kd1QT8=; b=zD3KA+ZTBNL6+8N2byrv7y6Hs443+042kkV62sy4S6DF7PSKFf5wk8Xh1cB03Nszid 2b14yONvgYqaCIrnpC2ze/Ho6ebGjow/26linGpbJvuQ//QVgVAeHT25Gj1/v6LheL/N JiMNzZkQwM5leynjL2NOp4ttFl7pyhSsZa3OoWPJH82aQYGjmCJMmv5am5N6gIt1AxNb 6RNwHIBcyJOXnI8Gf3kCUZiU5ioje5Eoc0yEEOFSkIiM7f9hKgj/vPkyI/DeBKaXhoGc 2DuzaZ0Kpk78GyYHiPy8QuUNIv+R+xpiMY6rfyyHa/WOeqzSq20DOf6hDtr6DZThOKOd 9/Lw== X-Gm-Message-State: AJIora+e8cRkZ/lSEJDLRqvzoJ9lvbAvs6GIrjpohhBXJN46sxyE5sjB YGIX+FtZp2tfv+G/lWOAsmdRQaDfLheyqLWD0I+7juq3hbF/XPW4Z2E9nk/qkM5rEJAiKSZvp0N nRBe+1esUu7qvQmWpVtDq9foK+O0= X-Received: by 2002:a67:c894:0:b0:324:c5da:a9b5 with SMTP id v20-20020a67c894000000b00324c5daa9b5mr5669766vsk.33.1657530164812; Mon, 11 Jul 2022 02:02:44 -0700 (PDT) X-Google-Smtp-Source: AGRyM1teULKkvMHQJT95HO1uc0BNaAWznMll/Eik667wlaxMwKBx5Q4HHSX6ytTJUr0wN8GaaKbk1p8dwuemfZtwOG4= X-Received: by 2002:a67:c894:0:b0:324:c5da:a9b5 with SMTP id v20-20020a67c894000000b00324c5daa9b5mr5669757vsk.33.1657530164473; Mon, 11 Jul 2022 02:02:44 -0700 (PDT) MIME-Version: 1.0 References: <20220711075225.15687-1-mlombard@redhat.com> In-Reply-To: <20220711075225.15687-1-mlombard@redhat.com> From: Maurizio Lombardi Date: Mon, 11 Jul 2022 11:02:33 +0200 Message-ID: Subject: Re: [PATCH] mm: prevent page_frag_alloc() from corrupting the memory To: Alexander Duyck Cc: Jakub Kicinski , Andrew Morton , linux-mm , LKML , Netdev , =?UTF-8?B?5oSa5qCR?= X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="UTF-8" ARC-Authentication-Results: i=1; imf13.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=YoBjNWFS; dmarc=pass (policy=none) header.from=redhat.com; spf=none (imf13.hostedemail.com: domain of mlombard@redhat.com has no SPF policy when checking 170.10.133.124) smtp.mailfrom=mlombard@redhat.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1657530173; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=KahG8dPujyuQmr3vS7XPH97ViH9jTIKR8+ux8kd1QT8=; b=Ejv++1zJD0xZfVYkY1DCKp1MgqkGxonJ4HJihLCBp5l1mY8SRNXVqGk2Zgr11/9lmI9yCb sKdV+63h1+WXCzwlputPA3EkXku/tp+u103OvZVfNfYS8R6uJ2KGrPvatdJHeG3S03OcMG dBZMjXOUH8K6AXZAm+k1hSZw9EeYjpg= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1657530173; a=rsa-sha256; cv=none; b=5aYFLZdKX4F9ICPVMk4Ruz5Xgw0yrDdWr4JBrOMWa2lxT7d/snhz5WBENeiglt7A0gOT7K G3KrDltlK7Po83kqylz0YTM4SS6+CS6b0ab4XYYuBU9WvMVavvHpQGW6OD6o5tq3koKSKV 6uBS6HnnEDCFw9xykPGc3BmK/+OZzaM= Authentication-Results: imf13.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=YoBjNWFS; dmarc=pass (policy=none) header.from=redhat.com; spf=none (imf13.hostedemail.com: domain of mlombard@redhat.com has no SPF policy when checking 170.10.133.124) smtp.mailfrom=mlombard@redhat.com X-Rspamd-Server: rspam06 X-Rspam-User: X-Stat-Signature: qycwwz4uiqzfajo7bm8nt38jpb586jnz X-Rspamd-Queue-Id: 082082006A X-HE-Tag: 1657530172-761939 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Tested with this kernel module: http://bsdbackstore.eu/misc/oomk/ It requires 2 parameters: the first one is the amount of memory you want to allocate with page_frag_alloc(), the second one is the size of the fragment I tested it on a machine with ~7Gb of free memory. Without the patch: ------------------------------------------------- 3Gb of memory will be used with frag size = 1024 byte. No issue: #insmod oomk.ko memory_size_gb=3 fragsize=1024 [ 177.875107] Test begins, memory size = 3 fragsize = 1024 [ 177.974538] Test completed! 10 Gb of memory, 1024 byte frag. page allocation failure but the kernel handles it and doesn't crash: #insmod oomk.ko memory_size_gb=10 fragsize=1024 [ 215.104801] Test begins, memory size = 10 fragsize = 1024 [ 215.227854] insmod: page allocation failure: order:0, mode:0xa20(GFP_ATOMIC), nodemask=(null),cpuset=/,mems_allowed=0 [ 215.230231] CPU: 1 PID: 1738 Comm: insmod Kdump: loaded Tainted: G OE --------- --- 5.14.0-124.kpq0.el9.x86_64 #1 [ 215.232344] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011 [ 215.233523] Call Trace: [ 215.234001] dump_stack_lvl+0x34/0x44 [ 215.234894] warn_alloc+0x134/0x160 [ 215.235592] __alloc_pages_slowpath.constprop.0+0x809/0x840 [ 215.236687] ? get_page_from_freelist+0xc6/0x500 [ 215.237569] __alloc_pages+0x1fa/0x230 [ 215.238381] page_frag_alloc_align+0x16c/0x1a0 [...] [ 215.315722] allocation number 7379888 failed! [ 215.426227] Test completed! 10Gb, 4097 byte frag. Kernel crashes: #insmod oomk.ko memory_size_gb=10 fragsize=4097 [ 623.461505] BUG: Bad page state in process insmod pfn:10a80c [ 623.462634] page:000000000654dc14 refcount:0 mapcount:0 mapping:000000007a56d6cd index:0x0 pfn:0x10a80c [ 623.464401] memcg:ffff900343a5b501 [ 623.465058] aops:0xffff9003409e5d38 with invalid host inode 00003524480055f0 [ 623.466394] flags: 0x17ffffc0000000(node=0|zone=2|lastcpupid=0x1fffff) [ 623.467632] raw: 0017ffffc0000000 dead000000000100 dead000000000122 ffff900346cf2900 [ 623.469069] raw: 0000000000000000 0000000000100010 00000000ffffffff ffff900343a5b501 [ 623.470521] page dumped because: page still charged to cgroup [...] [ 626.632838] general protection fault, probably for non-canonical address 0xdead000000000108: 0000 [#1] PREEMPT SMP PTI [ 626.633913] ------------[ cut here ]------------ [ 626.639981] CPU: 0 PID: 722 Comm: agetty Kdump: loaded Tainted: G B OE --------- --- 5.14.0-124.kpq0.el9.x86_64 #1 [ 626.640923] WARNING: CPU: 1 PID: 22 at mm/slub.c:4566 __ksize+0xc4/0xe0 [ 626.645018] Hardware name: Red Hat KVM, BIOS 0.5.1 01/01/2011 [ 626.645021] RIP: 0010:___slab_alloc+0x1b7/0x5c0 ------------------------------------------ With the patch the kernel doesn't crash: #insmod oomk.ko memory_size_gb=10 fragsize=4097 [ 4859.358496] Test begins, memory size = 10 fragsize = 4097 [ 4859.459674] allocation number 607754 failed! [ 4859.495489] Test completed! #insmod oomk.ko memory_size_gb=10 fragsize=40000 [ 8428.021491] Test begins, memory size = 10 fragsize = 40000 [ 8428.024308] allocation number 0 failed! [ 8428.025709] Test completed! Maurizio