Eecreasing sysctl_perf_event_mlock between two consecutive perf_mmap()s of
a perf ring buffer may lead to an integer underflow in locked memory
accounting. This may lead to the undesired behaviors, such as failures in
BPF map creation.
Address this by adjusting the accounting logic to take into account the
possibility that the amount of already locked memory may exceed the
current limit.
Fixes: c4b75479741c ("perf/core: Make the mlock accounting simple again")
Signed-off-by: Song Liu <[email protected]>
Suggested-by: Alexander Shishkin <[email protected]>
Cc: Alexander Shishkin <[email protected]>
Cc: Arnaldo Carvalho de Melo <[email protected]>
Cc: Jiri Olsa <[email protected]>
Cc: Peter Zijlstra <[email protected]>
---
kernel/events/core.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/kernel/events/core.c b/kernel/events/core.c
index e543bab787e5..fdb7f7ef380c 100644
--- a/kernel/events/core.c
+++ b/kernel/events/core.c
@@ -5917,7 +5917,15 @@ static int perf_mmap(struct file *file, struct vm_area_struct *vma)
*/
user_lock_limit *= num_online_cpus();
- user_locked = atomic_long_read(&user->locked_vm) + user_extra;
+ user_locked = atomic_long_read(&user->locked_vm);
+
+ /*
+ * sysctl_perf_event_mlock may have changed, so that
+ * user->locked_vm > user_lock_limit
+ */
+ if (user_locked > user_lock_limit)
+ user_locked = user_lock_limit;
+ user_locked += user_extra;
if (user_locked > user_lock_limit) {
/*
--
2.17.1
Song Liu <[email protected]> writes:
> Eecreasing sysctl_perf_event_mlock between two consecutive perf_mmap()s of
Typo: "Decreasing".
> a perf ring buffer may lead to an integer underflow in locked memory
> accounting. This may lead to the undesired behaviors, such as failures in
> BPF map creation.
>
> Address this by adjusting the accounting logic to take into account the
> possibility that the amount of already locked memory may exceed the
> current limit.
>
> Fixes: c4b75479741c ("perf/core: Make the mlock accounting simple again")
> Signed-off-by: Song Liu <[email protected]>
> Suggested-by: Alexander Shishkin <[email protected]>
> Cc: Alexander Shishkin <[email protected]>
> Cc: Arnaldo Carvalho de Melo <[email protected]>
> Cc: Jiri Olsa <[email protected]>
> Cc: Peter Zijlstra <[email protected]>
Other than that,
Acked-by: Alexander Shishkin <[email protected]>
Thanks,
--
Alex
Thanks Alex!
> On Jan 24, 2020, at 1:25 AM, Alexander Shishkin <[email protected]> wrote:
>
> Song Liu <[email protected]> writes:
>
>> Eecreasing sysctl_perf_event_mlock between two consecutive perf_mmap()s of
>
> Typo: "Decreasing".
Peter, could you please fix this typo when you apply the patch? I guess
it is not necessary to spam the list with a v4 just for this typo.
Thanks,
Song
>
>> a perf ring buffer may lead to an integer underflow in locked memory
>> accounting. This may lead to the undesired behaviors, such as failures in
>> BPF map creation.
>>
>> Address this by adjusting the accounting logic to take into account the
>> possibility that the amount of already locked memory may exceed the
>> current limit.
>>
>> Fixes: c4b75479741c ("perf/core: Make the mlock accounting simple again")
>> Signed-off-by: Song Liu <[email protected]>
>> Suggested-by: Alexander Shishkin <[email protected]>
>> Cc: Alexander Shishkin <[email protected]>
>> Cc: Arnaldo Carvalho de Melo <[email protected]>
>> Cc: Jiri Olsa <[email protected]>
>> Cc: Peter Zijlstra <[email protected]>
>
> Other than that,
>
> Acked-by: Alexander Shishkin <[email protected]>
>
> Thanks,
> --
> Alex
On Fri, Jan 24, 2020 at 09:28:26PM +0000, Song Liu wrote:
> Thanks Alex!
>
> > On Jan 24, 2020, at 1:25 AM, Alexander Shishkin <[email protected]> wrote:
> >
> > Song Liu <[email protected]> writes:
> >
> >> Eecreasing sysctl_perf_event_mlock between two consecutive perf_mmap()s of
> >
> > Typo: "Decreasing".
>
> Peter, could you please fix this typo when you apply the patch? I guess
> it is not necessary to spam the list with a v4 just for this typo.
Done!
The following commit has been merged into the perf/urgent branch of tip:
Commit-ID: 003461559ef7a9bd0239bae35a22ad8924d6e9ad
Gitweb: https://git.kernel.org/tip/003461559ef7a9bd0239bae35a22ad8924d6e9ad
Author: Song Liu <[email protected]>
AuthorDate: Thu, 23 Jan 2020 10:11:46 -08:00
Committer: Ingo Molnar <[email protected]>
CommitterDate: Tue, 28 Jan 2020 21:20:18 +01:00
perf/core: Fix mlock accounting in perf_mmap()
Decreasing sysctl_perf_event_mlock between two consecutive perf_mmap()s of
a perf ring buffer may lead to an integer underflow in locked memory
accounting. This may lead to the undesired behaviors, such as failures in
BPF map creation.
Address this by adjusting the accounting logic to take into account the
possibility that the amount of already locked memory may exceed the
current limit.
Fixes: c4b75479741c ("perf/core: Make the mlock accounting simple again")
Suggested-by: Alexander Shishkin <[email protected]>
Signed-off-by: Song Liu <[email protected]>
Signed-off-by: Peter Zijlstra (Intel) <[email protected]>
Signed-off-by: Ingo Molnar <[email protected]>
Cc: <[email protected]>
Acked-by: Alexander Shishkin <[email protected]>
Link: https://lkml.kernel.org/r/[email protected]
---
kernel/events/core.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/kernel/events/core.c b/kernel/events/core.c
index 2173c23..2d9aeba 100644
--- a/kernel/events/core.c
+++ b/kernel/events/core.c
@@ -5916,7 +5916,15 @@ accounting:
*/
user_lock_limit *= num_online_cpus();
- user_locked = atomic_long_read(&user->locked_vm) + user_extra;
+ user_locked = atomic_long_read(&user->locked_vm);
+
+ /*
+ * sysctl_perf_event_mlock may have changed, so that
+ * user->locked_vm > user_lock_limit
+ */
+ if (user_locked > user_lock_limit)
+ user_locked = user_lock_limit;
+ user_locked += user_extra;
if (user_locked > user_lock_limit) {
/*