From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2FC19C6FD18 for ; Tue, 28 Mar 2023 18:26:19 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 53ACA6B0071; Tue, 28 Mar 2023 14:26:19 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 4EAFD6B0072; Tue, 28 Mar 2023 14:26:19 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 38B3C6B0074; Tue, 28 Mar 2023 14:26:19 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17]) by kanga.kvack.org (Postfix) with ESMTP id 2548F6B0071 for ; Tue, 28 Mar 2023 14:26:19 -0400 (EDT) Received: from smtpin28.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id EC9DC140AFE for ; Tue, 28 Mar 2023 18:26:18 +0000 (UTC) X-FDA: 80619136836.28.13B2A8A Received: from mail-yw1-f181.google.com (mail-yw1-f181.google.com [209.85.128.181]) by imf15.hostedemail.com (Postfix) with ESMTP id 31DCCA0021 for ; Tue, 28 Mar 2023 18:26:16 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=TWVo5kbM; spf=pass (imf15.hostedemail.com: domain of jstultz@google.com designates 209.85.128.181 as permitted sender) smtp.mailfrom=jstultz@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1680027977; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=2AGWQH5bNreKYweyVy17yy5EiRLAFTbclRLyhJW+HkY=; b=2Qeij5mjA3jtThh9k13w8LqhxZPJmW3py3TXhHM0Uwwf2Y2GxMaeLJ9UFHXN26x52fWajK Wzq1L33BDxHzfv9lz04Xr7dZxNgqz7xIjS6EO55UTwWivajswzG80oU8Nse75nTcFEFb+/ nbisKBVplR+t+enutV3Z7Ld6Igz3MPw= ARC-Authentication-Results: i=1; imf15.hostedemail.com; dkim=pass header.d=google.com header.s=20210112 header.b=TWVo5kbM; spf=pass (imf15.hostedemail.com: domain of jstultz@google.com designates 209.85.128.181 as permitted sender) smtp.mailfrom=jstultz@google.com; dmarc=pass (policy=reject) header.from=google.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1680027977; a=rsa-sha256; cv=none; b=a8hRnQNmTtU4z3G9NU2fL4vkSmPMNQVok9MgyWXftvnyvj8p82E7a035KIXzAt+LIHpmle F7nJAO5LuHFnDKC1ZpdoKR4C2DICfKlF1N1PIrzyanemFrYEfDpc2mgcncjGQW+0LNclL1 axC2NJA2ySxWOYYAwaKq0/Y7Pk/waps= Received: by mail-yw1-f181.google.com with SMTP id 00721157ae682-544787916d9so245923787b3.13 for ; Tue, 28 Mar 2023 11:26:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; t=1680027976; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=2AGWQH5bNreKYweyVy17yy5EiRLAFTbclRLyhJW+HkY=; b=TWVo5kbMLITL44SiH7QYY6gA56iFqydbBz9LpsNG5pQX0UxGhBqRfyS0OE/RXAmH5j Hwk8TtVX+HakFvAzvGW2g0GXaRdZROgwBGtPu7L7/Q3yY3zms8BPJnqkR0QPIKdTncLp HZtgOmOWFaHKXnXy2TYecgnS9H4iKxZE5eCIauQnrCsTRwf2nOLmt4yNhORFLzzy3jjh aaA7V5Ds1dG8Z5ot6VgV6/pJkt4N7faikn90E80JBJpg3oILIC/Y13TJ1Yx8mN109R6+ morxv3RFkhojp+HqzJWacObN6b57bqtOIszmjrqM1PEBcmL1idawXM4ArUq+A9QJPJwr gUUg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680027976; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=2AGWQH5bNreKYweyVy17yy5EiRLAFTbclRLyhJW+HkY=; b=4IEHKc8z9o3ObCxySj4GaCtHloT8/6gtxMDQutIb34Tb25QuAxsRP6TCE7AyWT31ne 1rFD7EYClTcHsOTKY4pwoC2Tq882+yywgytmrlPZrBJy/rXY7Mg/ANWyFN47ThZS62Qk NMvVAOGMhBFjropGFCEEsqZB5a2XGQ9KLNMZQLO51kCKyTcsnwAtvq7o7M3qG8/t2GPT t52Wvfr+jh5uRNM3pEjDxjPkbDaZiL1FPIhYqzoAk9OjJ50xKkPN7i9Gbe8RWGuiy6fp wdD7tozCvqaEXArROOmeBkGiHQInSry2HIk28/ap2pyEmMqp/9Aa2G7MVhOtsMUnCa8i 4SqA== X-Gm-Message-State: AAQBX9dPcoHfSfMyXI8boPJxBsolflxmJJMPPGryfpWdXfS91QTFr5gl s5J50IzdAagZm9JrNvPgS6ATSQZPHJYvIFoS7gT6 X-Google-Smtp-Source: AKy350ZyAqttORMKJqMeGkcjgyqFvxCtrRDSSph/mceXQCWZauj3OekieipEEg3Sxxt2ulFFbJjJEdmb7AnYqhB9DCQ= X-Received: by 2002:a81:a908:0:b0:545:7164:49ac with SMTP id g8-20020a81a908000000b00545716449acmr7679518ywh.5.1680027976159; Tue, 28 Mar 2023 11:26:16 -0700 (PDT) MIME-Version: 1.0 References: <20230328125818.5574-1-jaewon31.kim@samsung.com> In-Reply-To: <20230328125818.5574-1-jaewon31.kim@samsung.com> From: John Stultz Date: Tue, 28 Mar 2023 11:26:05 -0700 Message-ID: Subject: Re: [PATCH] dma-buf/heaps: c9e8440eca61 staging: ion: Fix overflow and list bugs in system heap: To: Jaewon Kim Cc: tjmercier@google.com, sumit.semwal@linaro.org, daniel.vetter@ffwll.ch, akpm@linux-foundation.org, hannes@cmpxchg.org, mhocko@kernel.org, linux-mm@kvack.org, linux-kernel@vger.kernel.org, jaewon31.kim@gmail.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 31DCCA0021 X-Rspam-User: X-Stat-Signature: z1royn8msohdxmct85eageow5jjy8ymd X-HE-Tag: 1680027976-311754 X-HE-Meta: U2FsdGVkX1+5yvKusNuddfXSr1oyYSQCHZVYAOyCN9Y7oWnTRltWUumFgLGlt53fxnqwoYUWXBzITc0kS02yV4KScMLJ04H4Lzea8wG7iWjFengT0MNzKE+QIR+2HeQF9xpFrSwV9nLNrF6Sfsomo12yQgVUlmJJG5sKvOYal09KdJeA/tVfARCJGLCrWsUPauyM/jzHGV/9Br1Os09Y1UTT0nxDkTqgamPKZDkuJnN6FL24rtGyqZABa6XDGA2hbpxkwM+zKaGnmrlQ7cN9h57VtVawRfn/9zKIxoc14RyNiuE0UrXfVORzMTX+VPPlfoAdySKPDQAYbvplJrn7Rqe+hJLP1iIBDzOSeVgZcoIVJQ+p65liwgTloveaosqBm7lyTSbdrzbgG5L+b3Z68pNSKlpc5bpJ0mE4KGD2ylYj0hks2KaaOuoDSPBVQE0PQQt4SVw3wG+Wb+nt0fyuibc1sMl/yQlu/MNccLp3ASgwfqzVZL2ElpNgNm3X+Jy7ojg6uJ3h/YszCEvK1ywxZ+LT32vJuK8iFaoDzACufucNGO5nB1bEpI56HbeP/JnbcOx6NyQAOcaSRjRpDR7JiOo0WoK59idyemth9M9MtZdvJc1svHAaIhM4bNoAMMic3AoPO1J+QqJSPGuxoYWPYR25MhlalzlyNGb+Alhh0hdAL/KUzH63LZeeNVR/iRuzHxMFAnUAKd6w/3Qio6uKP/TfJwkMMdlViUH63CK87UwayHnExHo4NRqBlgXX4psVS4Ljkbs02lNDTMLPSoOVtq/vGoND2H1IzS1o3eraQg7j1yuPGHuYxSfyjgG+JsPdn3jCzAAiR+QtB7vrK9u2henZoo18UqC2QkMZaOwAKtzo6t1GxnbOiDHaDAHEVdrxJbPul7LOft02sFgXko1CsvmSiaM2xKFqxO9BPdwrzDIMgG2b9Ero4qE6rTxbNoUrrKHG7NNWvg6Calu/38o cCiM5iuv 71PLEXPAzuN9Knp8xbnYqc5nn4OpHDJ6HVAHJGSfnyiOStJ61ofDUSckNsjZykfzHqGqmJeCwfcsnRDsXmQ2O9Q8iTETvQCk0FxEevlEDriSiCMINkfAMthngney+UpTa01ua0xVAfSlpUJbyir5cd5lO5d1KLDmFjLF5UJWJH1oofrauc64KXQzXCjATT8wQfmL5pVJLmSTRoNm6yAx7QpQDBCaR+BQT4ouzpcQXNPIJ4F/2sDPOZ/ecF2bGd8/8T6yblDXBWGgICccYOBGYICFe83USe9Tbaj0RTl5ML1ryPSuaFjT7qE0yPw5sB9fXAKWiksMc6qXyk9PaoaudphqNhN08nqOZT/moSwLKXL+Ig+k= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000049, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Tue, Mar 28, 2023 at 5:58=E2=80=AFAM Jaewon Kim wrote: > > Normal free:212600kB min:7664kB low:57100kB high:106536kB > reserved_highatomic:4096KB active_anon:276kB inactive_anon:180kB > active_file:1200kB inactive_file:0kB unevictable:2932kB > writepending:0kB present:4109312kB managed:3689488kB mlocked:2932kB > pagetables:13600kB bounce:0kB free_pcp:0kB local_pcp:0kB > free_cma:200844kB > Out of memory and no killable processes... > Kernel panic - not syncing: System is deadlocked on memory > > An OoM panic was reported, there were only native processes which are > non-killable as OOM_SCORE_ADJ_MIN. > > After looking into the dump, I've found the dma-buf system heap was > trying to allocate a huge size. It seems to be a signed negative value. > > dma_heap_ioctl_allocate(inline) > | heap_allocation =3D 0xFFFFFFC02247BD38 -> ( > | len =3D 0xFFFFFFFFE7225100, > > Actually the old ion system heap had policy which does not allow that > huge size with commit c9e8440eca61 ("staging: ion: Fix overflow and list > bugs in system heap"). We need this change again. Single allocation > should not be bigger than half of all memory. > > Signed-off-by: Jaewon Kim Hey, Thanks so much for sending this out! Looks reasonable to me, the only issue is the commit subject line could be a bit better. Maybe instead: "dma-buf/heaps: system_heap: Avoid DoS by limiting single allocations to half of all memory" Otherwise, Acked-by: John Stultz thanks -john