| Message ID | 20190220204058.11676-1-daniel.vetter@ffwll.ch (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
| Series | mm: Don't let userspace spam allocations warnings | expand |
On Wed, Feb 20, 2019 at 12:41 PM Daniel Vetter <daniel.vetter@ffwll.ch> wrote: > > memdump_user usually gets fed unchecked userspace input. Blasting a > full backtrace into dmesg every time is a bit excessive - I'm not sure > on the kernel rule in general, but at least in drm we're trying not to > let unpriviledge userspace spam the logs freely. Definitely not entire > warning backtraces. > > It also means more filtering for our CI, because our testsuite > exercises these corner cases and so hits these a lot. > > Signed-off-by: Daniel Vetter <daniel.vetter@intel.com> Reviewed-by: Kees Cook <keescook@chromium.org> -Kees > Cc: Andrew Morton <akpm@linux-foundation.org> > Cc: Mike Rapoport <rppt@linux.vnet.ibm.com> > Cc: Michal Hocko <mhocko@suse.com> > Cc: Roman Gushchin <guro@fb.com> > Cc: Vlastimil Babka <vbabka@suse.cz> > Cc: Jan Stancek <jstancek@redhat.com> > Cc: Kees Cook <keescook@chromium.org> > Cc: Andrey Ryabinin <aryabinin@virtuozzo.com> > Cc: "Michael S. Tsirkin" <mst@redhat.com> > Cc: Huang Ying <ying.huang@intel.com> > Cc: Bartosz Golaszewski <brgl@bgdev.pl> > Cc: linux-mm@kvack.org > --- > mm/util.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/mm/util.c b/mm/util.c > index 1ea055138043..379319b1bcfd 100644 > --- a/mm/util.c > +++ b/mm/util.c > @@ -150,7 +150,7 @@ void *memdup_user(const void __user *src, size_t len) > { > void *p; > > - p = kmalloc_track_caller(len, GFP_USER); > + p = kmalloc_track_caller(len, GFP_USER | __GFP_NOWARN); > if (!p) > return ERR_PTR(-ENOMEM); > > -- > 2.20.1 >
On Wed 20-02-19 21:40:58, Daniel Vetter wrote: > memdump_user usually gets fed unchecked userspace input. Blasting a > full backtrace into dmesg every time is a bit excessive - I'm not sure > on the kernel rule in general, but at least in drm we're trying not to > let unpriviledge userspace spam the logs freely. Definitely not entire > warning backtraces. Yes, this makes sense to me. This API sounds like an example where returning ENOMEM to the userspace right away is much better than spamming the log for large allocation requests. Smaller allocations simply do not fail and the OOM killer report will be printed regardless of __GFP_NOWARN. > It also means more filtering for our CI, because our testsuite > exercises these corner cases and so hits these a lot. > > Signed-off-by: Daniel Vetter <daniel.vetter@intel.com> > Cc: Andrew Morton <akpm@linux-foundation.org> > Cc: Mike Rapoport <rppt@linux.vnet.ibm.com> > Cc: Michal Hocko <mhocko@suse.com> > Cc: Roman Gushchin <guro@fb.com> > Cc: Vlastimil Babka <vbabka@suse.cz> > Cc: Jan Stancek <jstancek@redhat.com> > Cc: Kees Cook <keescook@chromium.org> > Cc: Andrey Ryabinin <aryabinin@virtuozzo.com> > Cc: "Michael S. Tsirkin" <mst@redhat.com> > Cc: Huang Ying <ying.huang@intel.com> > Cc: Bartosz Golaszewski <brgl@bgdev.pl> > Cc: linux-mm@kvack.org Acked-by: Michal Hocko <mhocko@suse.com> > --- > mm/util.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/mm/util.c b/mm/util.c > index 1ea055138043..379319b1bcfd 100644 > --- a/mm/util.c > +++ b/mm/util.c > @@ -150,7 +150,7 @@ void *memdup_user(const void __user *src, size_t len) > { > void *p; > > - p = kmalloc_track_caller(len, GFP_USER); > + p = kmalloc_track_caller(len, GFP_USER | __GFP_NOWARN); > if (!p) > return ERR_PTR(-ENOMEM); > > -- > 2.20.1 >
diff --git a/mm/util.c b/mm/util.c index 1ea055138043..379319b1bcfd 100644 --- a/mm/util.c +++ b/mm/util.c @@ -150,7 +150,7 @@ void *memdup_user(const void __user *src, size_t len) { void *p; - p = kmalloc_track_caller(len, GFP_USER); + p = kmalloc_track_caller(len, GFP_USER | __GFP_NOWARN); if (!p) return ERR_PTR(-ENOMEM);
memdump_user usually gets fed unchecked userspace input. Blasting a full backtrace into dmesg every time is a bit excessive - I'm not sure on the kernel rule in general, but at least in drm we're trying not to let unpriviledge userspace spam the logs freely. Definitely not entire warning backtraces. It also means more filtering for our CI, because our testsuite exercises these corner cases and so hits these a lot. Signed-off-by: Daniel Vetter <daniel.vetter@intel.com> Cc: Andrew Morton <akpm@linux-foundation.org> Cc: Mike Rapoport <rppt@linux.vnet.ibm.com> Cc: Michal Hocko <mhocko@suse.com> Cc: Roman Gushchin <guro@fb.com> Cc: Vlastimil Babka <vbabka@suse.cz> Cc: Jan Stancek <jstancek@redhat.com> Cc: Kees Cook <keescook@chromium.org> Cc: Andrey Ryabinin <aryabinin@virtuozzo.com> Cc: "Michael S. Tsirkin" <mst@redhat.com> Cc: Huang Ying <ying.huang@intel.com> Cc: Bartosz Golaszewski <brgl@bgdev.pl> Cc: linux-mm@kvack.org --- mm/util.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)