Received: by 2002:a05:6a10:af89:0:0:0:0 with SMTP id iu9csp1249068pxb; Sat, 15 Jan 2022 06:58:57 -0800 (PST) X-Google-Smtp-Source: ABdhPJyGu4OCXKIOs64DxM8wlnpxL5vBDFUJexeN2vYGCs710fE7Nw042ixlGfpujyJjfGF0vn21 X-Received: by 2002:a05:6a00:24d1:b0:4c1:f8f5:9f9c with SMTP id d17-20020a056a0024d100b004c1f8f59f9cmr11208365pfv.60.1642258737572; Sat, 15 Jan 2022 06:58:57 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1642258737; cv=none; d=google.com; s=arc-20160816; b=URLCcT571X5WmMojDc1TzFJjYM7g57qXuLB3nYLktunijYI7VG4x0oZeoLdr7tKmvQ f4DKA0E5HsUgD8a6js/X6jRk3Zk0eyj+zAZ5ksm3sraqXQ/TPhohyxunDKGjL0m0DXVH W1ethQb8hjsM1N/W07ecjbLEHEEKTPCeG4EiwlW5lOjmvZXa3Fy7fH2CEa2jS9MdpLxJ tptE8RtR7mbFrIav8DKzXbV4tTw1ZxVowkjg+8wI/MsMSwx10+DplO4QuBQiYYpHTTRt qVo01MiiKABQB9bZOgSLupFDMHLCP6pOdmWmTbUCkmeqUKm7rNkk1qFhB0lqAOFyzRNf KazQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=DSUCsXvUq5CC+YLJR6sM+UncKVzG/eChv6GRiJ5ewuo=; b=oc/4E0kdu0fZj01jtGCWDlZxZYGvi2SiKyz49yfFF2GQR77uG0gGAxfmqSiWKr7Z2O oeesDwXJ/ThXba9xQTMi47jABCtLw4SwqL1BbbAZqCOwNT6gxylbReRxASWqxKo5Gahx jSOz5VVicpbS2yiMnldGV6svPq/Tuz9byrBI1kTK2Ga91IC08bGlN6eVx4H5rmMFtvSb omaW+mCwVvNnUsB3DAKR0H9UnAMfDjw7RU6M2GctU0kCsNumlfHjwjartaSc/4FJ65/W qLcHtGaxt8nHEiVi12RlmcKcgyg/kteix+cSPIkcZKBuSag3c8wcho5+dcL+pK89loZt Pp2w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Km7B94yI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id u10si9581904ple.551.2022.01.15.06.58.46; Sat, 15 Jan 2022 06:58:57 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Km7B94yI; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231896AbiAOBR4 (ORCPT + 99 others); Fri, 14 Jan 2022 20:17:56 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57334 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231156AbiAOBRz (ORCPT ); Fri, 14 Jan 2022 20:17:55 -0500 Received: from mail-lf1-x12d.google.com (mail-lf1-x12d.google.com [IPv6:2a00:1450:4864:20::12d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0BDA1C06161C for ; Fri, 14 Jan 2022 17:17:54 -0800 (PST) Received: by mail-lf1-x12d.google.com with SMTP id e3so32873860lfc.9 for ; Fri, 14 Jan 2022 17:17:54 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=DSUCsXvUq5CC+YLJR6sM+UncKVzG/eChv6GRiJ5ewuo=; b=Km7B94yItHq7aVfP1T9NUkUg0CfyYu53x8ocQbPhc+dKDkm2Z3Qdmqq6lhxvM80Pks 16ttYCCVWt7dbiTvfB/TJxujAvsC6cSa06GEpsKkkuaeQlcM8M+t4u99s5lARvhfxInW Ci1oy5mNVTaPwV+2dSBlSscKmvmZ+mg0LMkcK6MV3GSRb+XMtxMOJgcgXRxQrrOziDKZ Bc7zRC9XKZDw0XoE+bVrA4iEkQtZ7fVhKAaqedPN8V6l0oR6BZz+wRBmSzU31XZDthCr spefGhSvdjB+tbrWX7EjLUw/q7lrjUel8Kaldz+FP/57vDBGGjvW2MPQW/bngKKnr/RE IoZg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=DSUCsXvUq5CC+YLJR6sM+UncKVzG/eChv6GRiJ5ewuo=; b=ArNi0I/jRZOe9iFPR3KtZQHZFBFc46bX73uuRrxTSFajNvHo+D3NxQsvzzjQJChnEb FRNdLWLG0KK6rb9tj8A0S+YozJ8N0/+D+0ZPC3K1XXzdOo0VDlYNxxTtzRvME3A3ZDOw KPNeC+or76hhVvmnI0F3W7YvBTZ0oYOhodjylpHO+nFu05W7S+qfZEQz4VFJt5e4+sik tZWnWScECm6A9oiOaeEhJdQT9q4LT8SZn/s3SIbhJJ0GxG04+NV4v0W2B6nEswPyWV9t ylFBoVeYJMFIuknRPYGMQi/jTqN9LBAsieHfdrCibKmcyv4/ZsYjsPsYX5m79j5dv9qz y1/g== X-Gm-Message-State: AOAM532VurwX/qrvzcfHF1Ndu8SnumlHEHPPSgEi9VTb1C/LGpXc4EfI ikEcVeMO9YKliHG7QLfcvhnQh/88Oj97s/i/PcAuxA== X-Received: by 2002:a05:6512:3e1f:: with SMTP id i31mr4004663lfv.661.1642209473081; Fri, 14 Jan 2022 17:17:53 -0800 (PST) MIME-Version: 1.0 References: <20220113123406.11520-1-guangming.cao@mediatek.com> <4f88205c1b344aea8608960e2f85b8f4@intel.com> <24157767-dc29-bbdd-5428-d89ecc6b9606@amd.com> <6b8182a1-7cdc-7369-5c34-e6d0c24efcca@amd.com> <82faa62f1bc946cf2f9ee2f7d15c567162238eab.camel@mediatek.com> In-Reply-To: <82faa62f1bc946cf2f9ee2f7d15c567162238eab.camel@mediatek.com> From: John Stultz Date: Fri, 14 Jan 2022 17:17:39 -0800 Message-ID: Subject: Re: [PATCH v3] dma-buf: dma-heap: Add a size check for allocation To: "Guangming.Cao" Cc: =?UTF-8?Q?Christian_K=C3=B6nig?= , "Ruhl, Michael J" , "sumit.semwal@linaro.org" , "linux-arm-kernel@lists.infradead.org" , "wsd_upstream@mediatek.com" , "libo.kang@mediatek.com" , "linux-kernel@vger.kernel.org" , "dri-devel@lists.freedesktop.org" , "yf.wang@mediatek.com" , "linaro-mm-sig@lists.linaro.org" , "linux-mediatek@lists.infradead.org" , "lmark@codeaurora.org" , "benjamin.gaignard@linaro.org" , "bo.song@mediatek.com" , "matthias.bgg@gmail.com" , "labbott@redhat.com" , "mingyuan.ma@mediatek.com" , "jianjiao.zeng@mediatek.com" , "linux-media@vger.kernel.org" Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jan 14, 2022 at 4:04 AM Guangming.Cao wrote: > > On Fri, 2022-01-14 at 08:16 +0100, Christian K=C3=B6nig wrote: > > Am 14.01.22 um 00:26 schrieb John Stultz: > > > On Thu, Jan 13, 2022 at 5:05 AM Christian K=C3=B6nig > > > wrote: > > > > Am 13.01.22 um 14:00 schrieb Ruhl, Michael J: > > > > > > -----Original Message----- > > > > > > From: dri-devel On > > > > > > Behalf Of > > > > > > Ruhl, Michael J > > > > > > > -----Original Message----- > > > > > > > From: dri-devel > > > > > > > On Behalf Of > > > > > > > guangming.cao@mediatek.com > > > > > > > + /* > > > > > > > + * Invalid size check. The "len" should be less than > > > > > > > totalram. > > > > > > > + * > > > > > > > + * Without this check, once the invalid size allocation > > > > > > > runs on a process > > > > > > > that > > > > > > > + * can't be killed by OOM flow(such as "gralloc" on > > > > > > > Android devices), it > > > > > > > will > > > > > > > + * cause a kernel exception, and to make matters worse, > > > > > > > we can't find > > > > > > > who are using > > > > > > > + * so many memory with "dma_buf_debug_show" since the > > > > > > > relevant > > > > > > > dma-buf hasn't exported. > > > > > > > + */ > > > > > > > + if (len >> PAGE_SHIFT > totalram_pages()) > > > > > > > > > > > > If your "heap" is from cma, is this still a valid check? > > > > > > > > > > And thinking a bit further, if I create a heap from something > > > > > else (say device memory), > > > > > you will need to be able to figure out the maximum allowable > > > > > check for the specific > > > > > heap. > > > > > > > > > > Maybe the heap needs a callback for max size? > Yes, I agree with this solution. > If dma-heap framework support this via adding a callback to support it, > seems it's more clear than adding a limitation in dma-heap framework > since each heap maybe has different limitation. > If you prefer adding callback, I can update this patch and add totalram > limitation to system dma-heap. If the max value is per-heap, why not enforce that value in the per-heap allocation function? Moving the check to the heap alloc to me seems simpler to me than adding complexity to the infrastructure to add a heap max_size callback. Is there some other use for the callback that you envision? thanks -john