Received: by 2002:ac0:b08d:0:0:0:0:0 with SMTP id l13csp4014971imc; Sun, 24 Feb 2019 19:18:22 -0800 (PST) X-Google-Smtp-Source: AHgI3Ia9TK/a0zZcJeAecPfjfAY7ZqP/OHIFJA7PAl/u8kYVlfbFpjnu01nsT6vTgkjfMTCU5lGb X-Received: by 2002:a17:902:45:: with SMTP id 63mr18154457pla.281.1551064702362; Sun, 24 Feb 2019 19:18:22 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1551064702; cv=none; d=google.com; s=arc-20160816; b=HQZ8bsK5fLvQ8Tda4BKhWMrVm/HVPKoRIGlqKB+Zo8TiXBj5MNcEuq+p37VkBibYkI i1o2/NLiLls3iI4BBwkYvOgOKOMiN45KYYkPlTfmdse6gWOLESU2nsY9ZXcgRMoHZmGX +c0j6yaGj4ah0vT7FvTDYbQs0do8pkyQBKJD4laPJLjDBN8PxSOHA7BL0kE2y9MMQoOe 2+uB4hC+HFgaoW8/VwRwSwMH91FeUkQJQx4SmCQ4PbY+mMx9sRedeptyU1FqctueL4Jm KwRaCHqf4Uw7uVF1+ALk56SXvU/AQK277KazFsnLiXfhpm7Yw9+lKP6lID8uIyrP6m4h IGAQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date:dkim-signature; bh=3hqHXO72C1pMmktCE8lDSqZjAXGOL5gPjm/u1LuEqsY=; b=kdSIiWDv7Fy+xBCMmJxSUnKkyIikT5vZZ73loemp5oYn771NqbH/ag3FyW56JXP7oY I7C5CxXSYq8vMMtEwQDYcFMfJRXV/TR9IPXZI9H9Qpc7tCC29oCOZ8h49WWbiY72iwSN Dw7Uvslmx21J353ktMvhLTrI56yTy/Asus6hNRSnKIms9llDfrukXGeLT47Binj1GA/E 6aGER1VDv+cHV0rxFwizFHgKxUs0fILmoheMrnIWxm2iiPINfC5P2LzwB8vCwJuKWMXe a7Nx68ZfLfBt1jbprO8oILVk1OXVDR3PjiPAmAAjYjLKPtMysQnvF3a81Jg0M9XOZ8TT FTsw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=WoKWNFpe; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id z13si6342568pgv.508.2019.02.24.19.18.06; Sun, 24 Feb 2019 19:18:22 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=WoKWNFpe; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728277AbfBYDRs (ORCPT + 99 others); Sun, 24 Feb 2019 22:17:48 -0500 Received: from mail-pg1-f196.google.com ([209.85.215.196]:42896 "EHLO mail-pg1-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726458AbfBYDRs (ORCPT ); Sun, 24 Feb 2019 22:17:48 -0500 Received: by mail-pg1-f196.google.com with SMTP id b2so3782500pgl.9 for ; Sun, 24 Feb 2019 19:17:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:from:to:cc:subject:in-reply-to:message-id:references :user-agent:mime-version; bh=3hqHXO72C1pMmktCE8lDSqZjAXGOL5gPjm/u1LuEqsY=; b=WoKWNFpeqO+9fJm+2Yykir+w7q1YpgJzrgrV1TLQpDdpFmIRO1Yb3HtpcNunjefWyi XrGUEdpzhQus31HR1KKKggztb5ep5ykid5pc/fHos8M3Qy/Ps8+Blv6tBCVl62WqgC0a 0cf/NA5ognbk8avb0S5nsdadfj7+dxgThg2P04Ig7eagYQ1zU9NTNpWbJ8LFhObHmAni /CG2wPPAcPTYl02+k3+y8p39P3RjArvOZRwaFAvkG183MdeYw9VOQFxYGWlPXZEXbmkd f3X+Ca9qpXCk+FqSuj/QKHlzViXfMOCf3wKPN7brAcmBf8AZc6Tjqlx6xGZSQBIy1F2t LmEg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:in-reply-to:message-id :references:user-agent:mime-version; bh=3hqHXO72C1pMmktCE8lDSqZjAXGOL5gPjm/u1LuEqsY=; b=aBkpEzQ/Xl3CMBzmAm4YWShw104I6PISzJLNrzVr9pvzNw3oHqfMxcOm0FRuL4yCaO L3bhqxpA+eS0eSyRmomwsOpo/ggmoGaqV3292Vte5ITmOmnv5w5dPma7CYYhi4i5l7U/ 52QtYqG8VEpAKG129vjy3DynyF/tt8kzkMSZAQl+pJihlt99dZkx9x3uD8We50pZjHeu kQuwRirSp9s6WOG6mGpJ7LAdsp5Q+IXRxp3Q7cAMmWkH+r/SvN7Xolp0Twcf+IEs/mwH 0sprMCon100C397CY+axqU5bDyCn2I2uJWpXG7RIMv7NJoG0hu0RHmBVLtpdUyIuhP4V UtOA== X-Gm-Message-State: AHQUAubDg7N2VMrC5UIHmDxnPL6bTU3qdEEzVqZLauQa+BlAVT0ufNZ2 UBiUvOaksWEP4+dy4AAkqNZfzw== X-Received: by 2002:a62:864c:: with SMTP id x73mr17991591pfd.49.1551064667030; Sun, 24 Feb 2019 19:17:47 -0800 (PST) Received: from [2620:15c:17:3:3a5:23a7:5e32:4598] ([2620:15c:17:3:3a5:23a7:5e32:4598]) by smtp.gmail.com with ESMTPSA id 10sm15814929pfq.146.2019.02.24.19.17.45 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Sun, 24 Feb 2019 19:17:46 -0800 (PST) Date: Sun, 24 Feb 2019 19:17:45 -0800 (PST) From: David Rientjes X-X-Sender: rientjes@chino.kir.corp.google.com To: Mike Kravetz cc: Jing Xiangfeng , mhocko@kernel.org, akpm@linux-foundation.org, hughd@google.com, linux-mm@kvack.org, n-horiguchi@ah.jp.nec.com, aarcange@redhat.com, kirill.shutemov@linux.intel.com, linux-kernel@vger.kernel.org Subject: Re: [PATCH v4] mm/hugetlb: Fix unsigned overflow in __nr_hugepages_store_common() In-Reply-To: <388cbbf5-7086-1d04-4c49-049021504b9d@oracle.com> Message-ID: References: <1550885529-125561-1-git-send-email-jingxiangfeng@huawei.com> <388cbbf5-7086-1d04-4c49-049021504b9d@oracle.com> User-Agent: Alpine 2.21 (DEB 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, 24 Feb 2019, Mike Kravetz wrote: > > User can change a node specific hugetlb count. i.e. > > /sys/devices/system/node/node1/hugepages/hugepages-2048kB/nr_hugepages > > the calculated value of count is a total number of huge pages. It could > > be overflow when a user entering a crazy high value. If so, the total > > number of huge pages could be a small value which is not user expect. > > We can simply fix it by setting count to ULONG_MAX, then it goes on. This > > may be more in line with user's intention of allocating as many huge pages > > as possible. > > > > Signed-off-by: Jing Xiangfeng > > Thank you. > > Acked-by: Mike Kravetz > > > --- > > mm/hugetlb.c | 7 +++++++ > > 1 file changed, 7 insertions(+) > > > > diff --git a/mm/hugetlb.c b/mm/hugetlb.c > > index afef616..6688894 100644 > > --- a/mm/hugetlb.c > > +++ b/mm/hugetlb.c > > @@ -2423,7 +2423,14 @@ static ssize_t __nr_hugepages_store_common(bool obey_mempolicy, > > * per node hstate attribute: adjust count to global, > > * but restrict alloc/free to the specified node. > > */ > > + unsigned long old_count = count; > > count += h->nr_huge_pages - h->nr_huge_pages_node[nid]; > > + /* > > + * If user specified count causes overflow, set to > > + * largest possible value. > > + */ > > + if (count < old_count) > > + count = ULONG_MAX; > > init_nodemask_of_node(nodes_allowed, nid); > > } else > > nodes_allowed = &node_states[N_MEMORY]; > > Looks like this fixes the overflow issue, but isn't there already a possible underflow since we don't hold hugetlb_lock? Even if count == 0, what prevents h->nr_huge_pages_node[nid] being greater than h->nr_huge_pages here? I think the per hstate values need to be read with READ_ONCE() and stored on the stack to do any sane bounds checking.