From: Barry Song <21cnbao@gmail.com>
To: Michal Hocko <mhocko@suse.com>
Cc: Vlastimil Babka <vbabka@suse.cz>,
akpm@linux-foundation.org, linux-mm@kvack.org,
Barry Song <v-songbaohua@oppo.com>,
Uladzislau Rezki <urezki@gmail.com>,
Christoph Hellwig <hch@infradead.org>,
Lorenzo Stoakes <lstoakes@gmail.com>,
Christoph Lameter <cl@linux.com>,
Pekka Enberg <penberg@kernel.org>,
David Rientjes <rientjes@google.com>,
Joonsoo Kim <iamjoonsoo.kim@lge.com>,
Roman Gushchin <roman.gushchin@linux.dev>,
Hyeonggon Yoo <42.hyeyoo@gmail.com>
Subject: Re: [PATCH RFC] mm: warn potential return NULL for kmalloc_array and kvmalloc_array with __GFP_NOFAIL
Date: Sat, 20 Jul 2024 08:36:16 +0800 [thread overview]
Message-ID: <CAGsJ_4y3+L_VvBuiAYLvZTgNqRBc=hXXVB+hA79LUSf22oq8iw@mail.gmail.com> (raw)
In-Reply-To: <ZppqjuwTYWeh7vzF@tiehlicka>
On Fri, Jul 19, 2024 at 9:30 PM Michal Hocko <mhocko@suse.com> wrote:
>
> On Fri 19-07-24 21:02:10, Barry Song wrote:
> > what about an earlier WARN_ON, for example, even before we begin to
> > try the allocation?
>
> Page allocator is a hot path and adding checks for something that
> shouldn't really even exist is not a great addition there IMHO.
I would argue adding checks for something that shouldn't really
even exist is precisely the point of having those checks. These
checks help ensure the integrity and robustness of the system
by catching unexpected conditions. I agree that the page allocator
is a hot path, but adding one line might not cause noticeable
overhead, especially considering that alloc_pages() already
contains a few hundred lines of code.
Regardless, let me try to summarize the discussions. Unless
anyone has better ideas, v2 series might start with the following
actions:
1. Update the documentation for GFP_NOFAIL to explicitly state
that non-wait GFP_NOFAIL is not legal and should be avoided.
This will provide a basis for other subsystems to explicitly
reject anyone using GFP_ATOMIC | GFP_NOFAIL, etc.
2. Add BUG_ON() at the existing points where we return NULL
for GFP_NOFAIL - __alloc_pages_slowpath() , kmalloc, vmalloc
to avoid exposing security vulnerabilities.
3. Raise a bug report to the vdpa maintainer, requesting that they
either drop GFP_ATOMIC or GFP_NOFAIL based on whether
their context is atomic. If GFP_NOFAIL is dropped, ask for an
explicit check on the return value.
Christoph, Michal, Hailong, Vlastimil, if you have any better ideas
or objections, please let me know :-)
>
> --
> Michal Hocko
> SUSE Labs
Thanks
Barry
next prev parent reply other threads:[~2024-07-20 0:36 UTC|newest]
Thread overview: 50+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-17 23:00 Barry Song
2024-07-18 6:58 ` Michal Hocko
2024-07-18 7:04 ` Christoph Hellwig
2024-07-18 7:12 ` Michal Hocko
2024-07-18 8:16 ` Vlastimil Babka
2024-07-18 7:22 ` Barry Song
2024-07-18 7:27 ` Michal Hocko
2024-07-18 7:41 ` Barry Song
2024-07-18 7:53 ` Michal Hocko
2024-07-18 8:18 ` Barry Song
2024-07-18 8:32 ` Michal Hocko
2024-07-18 8:43 ` Barry Song
2024-07-18 8:50 ` Michal Hocko
2024-07-19 0:35 ` Barry Song
2024-07-19 7:02 ` Michal Hocko
2024-07-19 7:07 ` Barry Song
2024-07-19 7:42 ` Michal Hocko
2024-07-19 7:51 ` Barry Song
2024-07-19 8:01 ` Michal Hocko
2024-07-19 8:28 ` Barry Song
2024-07-19 8:40 ` Michal Hocko
2024-07-19 9:36 ` Barry Song
2024-07-19 9:45 ` Michal Hocko
2024-07-19 9:58 ` Barry Song
2024-07-19 10:57 ` Michal Hocko
2024-07-19 11:05 ` Barry Song
2024-07-19 11:19 ` Michal Hocko
2024-07-19 8:50 ` Vlastimil Babka
2024-07-19 9:33 ` Michal Hocko
2024-07-19 10:10 ` Vlastimil Babka
2024-07-19 10:52 ` Michal Hocko
2024-07-19 11:13 ` Vlastimil Babka
2024-07-19 11:26 ` Michal Hocko
2024-07-19 13:02 ` Barry Song
2024-07-19 13:30 ` Michal Hocko
2024-07-20 0:36 ` Barry Song [this message]
2024-07-22 7:23 ` Michal Hocko
2024-07-22 7:34 ` Vlastimil Babka
2024-07-19 7:37 ` Christoph Hellwig
2024-07-19 7:43 ` Barry Song
2024-07-19 7:53 ` Christoph Hellwig
2024-07-20 22:14 ` Barry Song
2024-07-22 7:26 ` Michal Hocko
2024-07-22 8:09 ` Barry Song
2024-07-22 9:01 ` Michal Hocko
2024-07-22 23:18 ` Christoph Hellwig
2024-07-22 23:22 ` Barry Song
2024-07-19 8:35 ` Vlastimil Babka
2024-07-18 7:48 ` Hailong Liu
2024-07-18 8:33 ` Barry Song
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAGsJ_4y3+L_VvBuiAYLvZTgNqRBc=hXXVB+hA79LUSf22oq8iw@mail.gmail.com' \
--to=21cnbao@gmail.com \
--cc=42.hyeyoo@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=cl@linux.com \
--cc=hch@infradead.org \
--cc=iamjoonsoo.kim@lge.com \
--cc=linux-mm@kvack.org \
--cc=lstoakes@gmail.com \
--cc=mhocko@suse.com \
--cc=penberg@kernel.org \
--cc=rientjes@google.com \
--cc=roman.gushchin@linux.dev \
--cc=urezki@gmail.com \
--cc=v-songbaohua@oppo.com \
--cc=vbabka@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox