Received: by 2002:ac0:b08d:0:0:0:0:0 with SMTP id l13csp4803124imc; Mon, 25 Feb 2019 11:17:55 -0800 (PST) X-Google-Smtp-Source: AHgI3IZRS8PtiuN9Xvf3z5wZRfqJiYNfVCeFgo3g5m6wMj+JVtSl3OxKPdCJKOowF5SS4pD0ukhq X-Received: by 2002:a17:902:8bc6:: with SMTP id r6mr22354328plo.235.1551122275659; Mon, 25 Feb 2019 11:17:55 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1551122275; cv=none; d=google.com; s=arc-20160816; b=h8i/zTyIKCdLz/VlxHEQGJAG7ZyHZnLoftz3szQzJP6sv+saPx1cB+sCiS6NdWsAQ2 7R7HtbWVRchH0fEhAFWrqaBgahb/js/oyqywIVmKlApEnbCkgUKOow6imdeI8FPvk9oG aY+Zd28vQR5Njy2r/LJxKTjtDYAqhxLBXYMJruBDPu8uQZM74T2aotVdUOpmjV/IsZou I3PWBMkDOzeQ93EC0dgS2G42xzACt8NbLcqK0fEBj58KS6cRQcRcm4uqjFS1K7lBGN5d r/IfXYBBktE0PRa7cRDGti0uWkS/pXqb49gnfB3qPvypK1X4Xdq9Vy/L2FqEhSNkQXfg 11Fw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:user-agent:references :message-id:in-reply-to:subject:cc:to:from:date:dkim-signature; bh=hUkZS3RN5nGm+9djQiBmGffJnFbcZdls1iUZK4YyJo8=; b=MWZzZDjrIs6nNBGhWGLYmINnpm+KNOesBvmUvsW8NTVvW8GcD1F8vr75uSnO4FBR29 ZlzbmrNV3RwqW/YYJXjfJElgG+0PdDUvxlUC/2CU8+zsdru3WaM3aX1G9Pdz33aEXjr+ wJNlMNHtv/4MDc9XBLwRo4pmmjyTomJUjHgWlal3qva3JDmv057DCJpYf+qFtlojkX1w qoXINneSAA0C0ecIzy1tuj8zg3OUwoxglG2wHIcEBayMfFg+zR9MFpzhBoFfRXTEJYdG 3YW5o1epgbL3rxCMZ4bMSSYmehX8+4Mh15UKjE1wscnAEHpt87LmE1FLW38lse3Ng2sY UJcA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=eE3BRqKI; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id d64si10126905pgc.413.2019.02.25.11.17.40; Mon, 25 Feb 2019 11:17:55 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=eE3BRqKI; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726557AbfBYTRR (ORCPT + 99 others); Mon, 25 Feb 2019 14:17:17 -0500 Received: from mail-pg1-f195.google.com ([209.85.215.195]:38479 "EHLO mail-pg1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726377AbfBYTRR (ORCPT ); Mon, 25 Feb 2019 14:17:17 -0500 Received: by mail-pg1-f195.google.com with SMTP id m2so4928056pgl.5 for ; Mon, 25 Feb 2019 11:17:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:from:to:cc:subject:in-reply-to:message-id:references :user-agent:mime-version; bh=hUkZS3RN5nGm+9djQiBmGffJnFbcZdls1iUZK4YyJo8=; b=eE3BRqKI/JwJqMizD82Jl4ElWBMD5woz1Yu6j5SuMPFmYPPUWNOBLjMT7FdYTMDaXL tDQq5/NEzuFr/h6zFkrYK9tVmzGkXPrQmRsk+eUbKsz2kmWVyeAJAefuHtB55lfhyZ3x TTtsIdEiIiAgmVoAw39No7jdWQF0uAhO8HNys3fQ08xK5948nf0l3SNNq0sEWhDW0shS YpoAotlkRoa7XZLU6HrFkNRZvv0KHpYg4tkMm1RuUziMuPVgu8vtLgucOHyPXr4s3plj EcbEP0rRaTl/cZwApk/lButnXP9o7n0jRuOvCt7SHRgduIAXCsplvUp0IMitn64R8PC2 sWKw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:in-reply-to:message-id :references:user-agent:mime-version; bh=hUkZS3RN5nGm+9djQiBmGffJnFbcZdls1iUZK4YyJo8=; b=IjZ4qA3s4eQZ+MrwTxsDOM2iJiH7xg/QXRnLxHr1RNkhYJuNWF/1iLs4ym9L0ehChn FlMio/DOEFRcF+OIBa/rlrJ8NeO50vyNW2xwIQX9vQVAup88X08OT0FNFiMErKJaFKp2 vkdcb5ryJCqk/U0ZXF9GDi/ZK3aVbjlgM/TFqAWf6KMw4pvnPoC2Xcoy1gGUpWSj5u2i TOmW705vpKBjQedxh4ANctfIso9p8yLPuivC7ldrrl7pCHaluufIoOUer1fNKcGeyZHW 86hRnoTAmni1NcRdqjCE4TPRxCDJR0fKEHxDwFs+/6ZfaiiKuT7/D4AcPsaxbORkHJu9 78bw== X-Gm-Message-State: AHQUAuYwJ0dNbpxVvTjyFeknHAxISontrvoC854nxz79vpZ4QSHPVPXZ cIUEO+u0qbVazs6NySNcFLNWnA== X-Received: by 2002:a63:788a:: with SMTP id t132mr20819792pgc.0.1551122236139; Mon, 25 Feb 2019 11:17:16 -0800 (PST) Received: from [2620:15c:17:3:3a5:23a7:5e32:4598] ([2620:15c:17:3:3a5:23a7:5e32:4598]) by smtp.gmail.com with ESMTPSA id i13sm9791483pfo.106.2019.02.25.11.17.14 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Mon, 25 Feb 2019 11:17:15 -0800 (PST) Date: Mon, 25 Feb 2019 11:17:14 -0800 (PST) From: David Rientjes X-X-Sender: rientjes@chino.kir.corp.google.com To: Mike Kravetz cc: Jing Xiangfeng , mhocko@kernel.org, akpm@linux-foundation.org, hughd@google.com, linux-mm@kvack.org, n-horiguchi@ah.jp.nec.com, aarcange@redhat.com, kirill.shutemov@linux.intel.com, linux-kernel@vger.kernel.org Subject: Re: [PATCH v4] mm/hugetlb: Fix unsigned overflow in __nr_hugepages_store_common() In-Reply-To: <13400ee2-3d3b-e5d6-2d78-a770820417de@oracle.com> Message-ID: References: <1550885529-125561-1-git-send-email-jingxiangfeng@huawei.com> <388cbbf5-7086-1d04-4c49-049021504b9d@oracle.com> <8c167be7-06fa-a8c0-8ee7-0bfad41eaba2@oracle.com> <13400ee2-3d3b-e5d6-2d78-a770820417de@oracle.com> User-Agent: Alpine 2.21 (DEB 202 2017-01-01) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 25 Feb 2019, Mike Kravetz wrote: > Ok, what about just moving the calculation/check inside the lock as in the > untested patch below? > > Signed-off-by: Mike Kravetz > --- > mm/hugetlb.c | 34 ++++++++++++++++++++++++++-------- > 1 file changed, 26 insertions(+), 8 deletions(-) > > diff --git a/mm/hugetlb.c b/mm/hugetlb.c > index 1c5219193b9e..5afa77dc7bc8 100644 > --- a/mm/hugetlb.c > +++ b/mm/hugetlb.c > @@ -2274,7 +2274,7 @@ static int adjust_pool_surplus(struct hstate *h, > nodemask_t *nodes_allowed, > } > > #define persistent_huge_pages(h) (h->nr_huge_pages - h->surplus_huge_pages) > -static int set_max_huge_pages(struct hstate *h, unsigned long count, > +static int set_max_huge_pages(struct hstate *h, unsigned long count, int nid, > nodemask_t *nodes_allowed) > { > unsigned long min_count, ret; > @@ -2289,6 +2289,23 @@ static int set_max_huge_pages(struct hstate *h, unsigned > long count, > goto decrease_pool; > } > > + spin_lock(&hugetlb_lock); > + > + /* > + * Check for a node specific request. Adjust global count, but > + * restrict alloc/free to the specified node. > + */ > + if (nid != NUMA_NO_NODE) { > + unsigned long old_count = count; > + count += h->nr_huge_pages - h->nr_huge_pages_node[nid]; > + /* > + * If user specified count causes overflow, set to > + * largest possible value. > + */ > + if (count < old_count) > + count = ULONG_MAX; > + } > + > /* > * Increase the pool size > * First take pages out of surplus state. Then make up the > @@ -2300,7 +2317,6 @@ static int set_max_huge_pages(struct hstate *h, unsigned > long count, > * pool might be one hugepage larger than it needs to be, but > * within all the constraints specified by the sysctls. > */ > - spin_lock(&hugetlb_lock); > while (h->surplus_huge_pages && count > persistent_huge_pages(h)) { > if (!adjust_pool_surplus(h, nodes_allowed, -1)) > break; > @@ -2421,16 +2437,18 @@ static ssize_t __nr_hugepages_store_common(bool > obey_mempolicy, > nodes_allowed = &node_states[N_MEMORY]; > } > } else if (nodes_allowed) { > + /* Node specific request */ > + init_nodemask_of_node(nodes_allowed, nid); > + } else { > /* > - * per node hstate attribute: adjust count to global, > - * but restrict alloc/free to the specified node. > + * Node specific request, but we could not allocate > + * node mask. Pass in ALL nodes, and clear nid. > */ > - count += h->nr_huge_pages - h->nr_huge_pages_node[nid]; > - init_nodemask_of_node(nodes_allowed, nid); > - } else > + nid = NUMA_NO_NODE; > nodes_allowed = &node_states[N_MEMORY]; > + } > > - err = set_max_huge_pages(h, count, nodes_allowed); > + err = set_max_huge_pages(h, count, nid, nodes_allowed); > if (err) > goto out; > Looks good; Jing, could you test that this fixes your case?