Received: by 2002:a05:6a10:1287:0:0:0:0 with SMTP id d7csp788693pxv; Thu, 22 Jul 2021 12:10:09 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwEVcY/iZOjxeS28Uh3egoLsK+YwM4dj5hoshqXnd2Nysfk6pIWFKEFf3Y8EUHHkOLquA5W X-Received: by 2002:a17:906:57d1:: with SMTP id u17mr1217161ejr.401.1626981009006; Thu, 22 Jul 2021 12:10:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1626981008; cv=none; d=google.com; s=arc-20160816; b=lZkegRbAJkOopb9sBtGhgU6qQDJRJ+3gyO90AQ7AhRWJFj2h19GT2AiVLNnkOJ+CJB 5bkocFLy2ZfhjOegr8tznlHXFd3djo2Vst2HERc4RwH6pq3NYQVDHA0uZsXVrxJMPiO7 Q21uZP4uNdRlutGNqY17nVexgDvi3L+GpQiXk2Yl46C6OfJ820jUD9KEZB5lVLmOJXOe PyFIQLVtn7yevuxZpHyPHka5n9kmYeRL9VbCUP6hs+QnGh5s4H7ocGg/zZHEAnds/pqy q+STazSmIPNFN/yMkItmpDS5+Cvc7Iy5aQQS1mcNuONkpz9x9cZHA5QQxziQXNN1t9/L 9rEw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:mime-version:message-id:date :dkim-signature; bh=Y+4Q1LkGSotu1XfmzHQ6ryO/eeqhw4mJ1FyIbndgjZg=; b=hxfaFj1DumEnvHqGSi7QIV8hXgVdXI1PUMEXRti7CcCmZxv+odciWAErnYueIb0xFK uaTW4X5OCbZY9XIfNnCv+6lN4q+HTbIoKWn4z04p001yRuPo7Qf230ABB8fK2eQtT84J mC1t0BNYF1hNKIS9czc7kmRsiGXQQZnPtpaoJCtJ02sxY20U+5g7HOiN6N/Cm58jlaxY bIPyNfQRVEANQ5bLWchSVxulmPJr6m+wsSIigPDspfdcDMWVz0wwwnWwqKz2qIVm7xMe oimp5AtU0myr3pmH2e9Mtt4385qWJL99KxNPCmdrPRCtj3ShQdXfRlo1tBu68uIQ7m4V e50g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b="TqWxnT/Z"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id u26si9832243edo.182.2021.07.22.12.09.45; Thu, 22 Jul 2021 12:10:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b="TqWxnT/Z"; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230169AbhGVS1Y (ORCPT + 99 others); Thu, 22 Jul 2021 14:27:24 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54498 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229737AbhGVS1X (ORCPT ); Thu, 22 Jul 2021 14:27:23 -0400 Received: from mail-yb1-xb49.google.com (mail-yb1-xb49.google.com [IPv6:2607:f8b0:4864:20::b49]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7637BC061575 for ; Thu, 22 Jul 2021 12:07:58 -0700 (PDT) Received: by mail-yb1-xb49.google.com with SMTP id h1-20020a255f410000b02905585436b530so8520064ybm.21 for ; Thu, 22 Jul 2021 12:07:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:message-id:mime-version:subject:from:to:cc; bh=Y+4Q1LkGSotu1XfmzHQ6ryO/eeqhw4mJ1FyIbndgjZg=; b=TqWxnT/Z73qrMHnDvvmdUmHFCBG2MowDGm9qbSkEGL5dCyrUWFCjRlmaCwPnwOV+vE felNomI4J14yW6cG4cK8/fe5EmLr6cUafKEfxaLZtrN+y4CuWRbV/1MgW8Oe6G1oUXYe U5/snPPITJfuRauEaIlN2IvmysFsXc4W/reebG3h71BcT4s14CNHFwziy8vhd3JaNZVt vSNZwIv97aznzS4Lk6SBEfxWNAH0IGp4XobMfkNcfnErx0N0/srvH32mvyN9DTsAGx3Z FmvNLWsFRkpdPxysCstLgzcENMdmM//CzmYiJbMaBjzRUoMw5jvq0sqmc91ET7vecjor H7cQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc; bh=Y+4Q1LkGSotu1XfmzHQ6ryO/eeqhw4mJ1FyIbndgjZg=; b=FUjBXr4eAAQr5iTAhMJbBq8shZc0Louw4FVe7o13S357xXFmBnCwB1Zq8P9WDl1zv7 47q1BC1a4qIjSYnF78HH1dNKL9eMuGOPEWd7z08GIdaYaDQ35ddMt2XredMr4H+Lib1I jojG/dru5m4tFNnrPOGvlLctQnpRXTApRMKGb0hZVHINnYrLM/SRI3+zwkG4yio0U8PQ XXCK31HYLEqy/ddYiWSv65AwsmjyG+dZaKv8a6l9zln/+pVZMDYkLHJbKHNIzcLcBepI K/LphIY8KpjH++oH1vPys2GtZmeKVASMHx8+e9avNy2VrMTLQDyahJbWiBmzoRLGLvcm fs0g== X-Gm-Message-State: AOAM5332J+dcmcA8VAY9WqZG9A2mKRySgEs2D7a7gtttki/Kmi2Gv0T/ u+J6C/svW196xkNwkR7Gzp5dIi7wCPA= X-Received: from hridya.mtv.corp.google.com ([2620:15c:211:200:233e:4a37:d5d6:55d7]) (user=hridya job=sendgmr) by 2002:a25:2589:: with SMTP id l131mr1337963ybl.451.1626980877695; Thu, 22 Jul 2021 12:07:57 -0700 (PDT) Date: Thu, 22 Jul 2021 12:07:46 -0700 Message-Id: <20210722190747.1986614-1-hridya@google.com> Mime-Version: 1.0 X-Mailer: git-send-email 2.32.0.432.gabb21c7263-goog Subject: [PATCH] dma-buf: heaps: Set allocation limit for system heap From: Hridya Valsaraju To: Sumit Semwal , Benjamin Gaignard , Liam Mark , Laura Abbott , Brian Starkey , John Stultz , "=?UTF-8?q?Christian=20K=C3=B6nig?=" , linux-media@vger.kernel.org, dri-devel@lists.freedesktop.org, linaro-mm-sig@lists.linaro.org, linux-kernel@vger.kernel.org Cc: kernel-team@android.com, gregkh@linuxfoundation.org, Hridya Valsaraju Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org This patch limits the size of total memory that can be requested in a single allocation from the system heap. This would prevent a buggy/malicious client from depleting system memory by requesting for an extremely large allocation which might destabilize the system. The limit is set to half the size of the device's total RAM which is the same as what was set by the deprecated ION system heap. Signed-off-by: Hridya Valsaraju --- drivers/dma-buf/heaps/system_heap.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/drivers/dma-buf/heaps/system_heap.c b/drivers/dma-buf/heaps/system_heap.c index b7fbce66bcc0..099f5a8304b4 100644 --- a/drivers/dma-buf/heaps/system_heap.c +++ b/drivers/dma-buf/heaps/system_heap.c @@ -371,6 +371,12 @@ static struct dma_buf *system_heap_do_allocate(struct dma_heap *heap, struct page *page, *tmp_page; int i, ret = -ENOMEM; + if (len / PAGE_SIZE > totalram_pages() / 2) { + pr_err("pid %d requested too large an allocation(size %lu) from system heap\n", + current->pid, len); + return ERR_PTR(ret); + } + buffer = kzalloc(sizeof(*buffer), GFP_KERNEL); if (!buffer) return ERR_PTR(-ENOMEM); -- 2.32.0.432.gabb21c7263-goog