From: "Michael S. Tsirkin" <mst@redhat.com>
To: Jason Wang <jasowang@redhat.com>
Cc: netdev@vger.kernel.org
Subject: Re: [PATCH net V3 2/2] ptr_ring: fail on large queue size (>64K)
Date: Thu, 8 Feb 2018 06:52:39 +0200 [thread overview]
Message-ID: <20180208064602-mutt-send-email-mst@kernel.org> (raw)
In-Reply-To: <1518062365-8596-2-git-send-email-jasowang@redhat.com>
On Thu, Feb 08, 2018 at 11:59:25AM +0800, Jason Wang wrote:
> We need limit the maximum size of queue, otherwise it may cause
> several side effects e.g slab will warn when the size exceeds
> KMALLOC_MAX_SIZE. Using KMALLOC_MAX_SIZE still looks too so this patch
> tries to limit it to 64K. This value could be revisited if we found a
> real case that needs more.
>
> Reported-by: syzbot+e4d4f9ddd4295539735d@syzkaller.appspotmail.com
> Fixes: 2e0ab8ca83c12 ("ptr_ring: array based FIFO for pointers")
> Signed-off-by: Jason Wang <jasowang@redhat.com>
> ---
> include/linux/ptr_ring.h | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/include/linux/ptr_ring.h b/include/linux/ptr_ring.h
> index 2af71a7..5858d48 100644
> --- a/include/linux/ptr_ring.h
> +++ b/include/linux/ptr_ring.h
> @@ -44,6 +44,8 @@ struct ptr_ring {
> void **queue;
> };
>
Seems like a weird location for a define. Either put defines on
top of the file, or near where they are used. I prefer the
second option.
> +#define PTR_RING_MAX_ALLOC 65536
> +
I guess it's an arbitrary number. Seems like a sufficiently large one,
but pls add a comment so readers don't wonder. And please explain what
it does:
/* Callers can create ptr_ring structures with userspace-supplied
* parameters. This sets a limit on the size to make that usecase
* safe. If you ever change this, make sure to audit all callers.
*/
Also I think we should generally use either hex 0x10000 or (1 << 16).
> /* Note: callers invoking this in a loop must use a compiler barrier,
> * for example cpu_relax().
> *
> @@ -466,6 +468,8 @@ static inline int ptr_ring_consume_batched_bh(struct ptr_ring *r,
>
> static inline void **__ptr_ring_init_queue_alloc(unsigned int size, gfp_t gfp)
> {
> + if (size > PTR_RING_MAX_ALLOC)
> + return NULL;
> return kvmalloc_array(size, sizeof(void *), gfp | __GFP_ZERO);
> }
>
> --
> 2.7.4
next prev parent reply other threads:[~2018-02-08 4:52 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-08 3:59 [PATCH net V3 1/2] ptr_ring: try vmalloc() when kmalloc() fails Jason Wang
2018-02-08 3:59 ` [PATCH net V3 2/2] ptr_ring: fail on large queue size (>64K) Jason Wang
2018-02-08 4:52 ` Michael S. Tsirkin [this message]
2018-02-08 7:11 ` Jason Wang
2018-02-08 15:50 ` Michael S. Tsirkin
2018-02-09 3:50 ` Jason Wang
2018-02-08 19:09 ` David Miller
2018-02-09 3:51 ` Jason Wang
2018-02-08 4:45 ` [PATCH net V3 1/2] ptr_ring: try vmalloc() when kmalloc() fails Michael S. Tsirkin
2018-02-08 6:58 ` Jason Wang
2018-02-08 19:17 ` Michael S. Tsirkin
2018-02-09 3:49 ` Jason Wang
2018-02-09 3:56 ` Michael S. Tsirkin
2018-02-09 4:04 ` Jason Wang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180208064602-mutt-send-email-mst@kernel.org \
--to=mst@redhat.com \
--cc=jasowang@redhat.com \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.