From mboxrd@z Thu Jan  1 00:00:00 1970
From: Alexey Kardashevskiy <aik@ozlabs.ru>
Subject: Re: [PATCH kernel 5/9] KVM: PPC: Account TCE-containing pages in
 locked_vm
Date: Mon, 30 Nov 2015 16:09:27 +1100
Message-ID: <565BDA07.8050302@ozlabs.ru>
References: <1442314179-9706-1-git-send-email-aik@ozlabs.ru>
 <1442314179-9706-6-git-send-email-aik@ozlabs.ru>
 <20151130020600.GB8991@fergus.ozlabs.ibm.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=koi8-r; format=flowed
Content-Transfer-Encoding: 7bit
Cc: linuxppc-dev@lists.ozlabs.org, Alexander Graf <agraf@suse.com>,
	David Gibson <david@gibson.dropbear.id.au>,
	kvm-ppc@vger.kernel.org, kvm@vger.kernel.org
To: Paul Mackerras <paulus@ozlabs.org>
Return-path: <kvm-owner@vger.kernel.org>
Received: from mail-pa0-f47.google.com ([209.85.220.47]:35879 "EHLO
	mail-pa0-f47.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1750917AbbK3FJe (ORCPT <rfc822;kvm@vger.kernel.org>);
	Mon, 30 Nov 2015 00:09:34 -0500
Received: by pacdm15 with SMTP id dm15so172353462pac.3
        for <kvm@vger.kernel.org>; Sun, 29 Nov 2015 21:09:34 -0800 (PST)
In-Reply-To: <20151130020600.GB8991@fergus.ozlabs.ibm.com>
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

On 11/30/2015 01:06 PM, Paul Mackerras wrote:
> On Tue, Sep 15, 2015 at 08:49:35PM +1000, Alexey Kardashevskiy wrote:
>> At the moment pages used for TCE tables (in addition to pages addressed
>> by TCEs) are not counted in locked_vm counter so a malicious userspace
>> tool can call ioctl(KVM_CREATE_SPAPR_TCE) as many times as RLIMIT_NOFILE and
>> lock a lot of memory.
>>
>> This adds counting for pages used for TCE tables.
>>
>> This counts the number of pages required for a table plus pages for
>> the kvmppc_spapr_tce_table struct (TCE table descriptor) itself.
>>
>> This does not change the amount of (de)allocated memory.
>>
>> Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
>> ---
>>   arch/powerpc/kvm/book3s_64_vio.c | 51 +++++++++++++++++++++++++++++++++++++++-
>>   1 file changed, 50 insertions(+), 1 deletion(-)
>>
>> diff --git a/arch/powerpc/kvm/book3s_64_vio.c b/arch/powerpc/kvm/book3s_64_vio.c
>> index 9526c34..b70787d 100644
>> --- a/arch/powerpc/kvm/book3s_64_vio.c
>> +++ b/arch/powerpc/kvm/book3s_64_vio.c
>> @@ -45,13 +45,56 @@ static long kvmppc_stt_npages(unsigned long window_size)
>>   		     * sizeof(u64), PAGE_SIZE) / PAGE_SIZE;
>>   }
>>
>> +static long kvmppc_account_memlimit(long npages, bool inc)
>> +{
>> +	long ret = 0;
>> +	const long bytes = sizeof(struct kvmppc_spapr_tce_table) +
>> +			(abs(npages) * sizeof(struct page *));
>
> Why abs(npages)?  Can npages be negative?  If so, what does that mean?


Leftover from older versions when there was one shared 
account_memlimit(long npages). It does not make sense here, I need to 
remove it.


-- 
Alexey

From mboxrd@z Thu Jan  1 00:00:00 1970
From: Alexey Kardashevskiy <aik@ozlabs.ru>
Date: Mon, 30 Nov 2015 05:09:27 +0000
Subject: Re: [PATCH kernel 5/9] KVM: PPC: Account TCE-containing pages in locked_vm
Message-Id: <565BDA07.8050302@ozlabs.ru>
List-Id: <kvm-ppc.vger.kernel.org>
References: <1442314179-9706-1-git-send-email-aik@ozlabs.ru>
 <1442314179-9706-6-git-send-email-aik@ozlabs.ru>
 <20151130020600.GB8991@fergus.ozlabs.ibm.com>
In-Reply-To: <20151130020600.GB8991@fergus.ozlabs.ibm.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
To: Paul Mackerras <paulus@ozlabs.org>
Cc: linuxppc-dev@lists.ozlabs.org, Alexander Graf <agraf@suse.com>, David Gibson <david@gibson.dropbear.id.au>, kvm-ppc@vger.kernel.org, kvm@vger.kernel.org

On 11/30/2015 01:06 PM, Paul Mackerras wrote:
> On Tue, Sep 15, 2015 at 08:49:35PM +1000, Alexey Kardashevskiy wrote:
>> At the moment pages used for TCE tables (in addition to pages addressed
>> by TCEs) are not counted in locked_vm counter so a malicious userspace
>> tool can call ioctl(KVM_CREATE_SPAPR_TCE) as many times as RLIMIT_NOFILE and
>> lock a lot of memory.
>>
>> This adds counting for pages used for TCE tables.
>>
>> This counts the number of pages required for a table plus pages for
>> the kvmppc_spapr_tce_table struct (TCE table descriptor) itself.
>>
>> This does not change the amount of (de)allocated memory.
>>
>> Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
>> ---
>>   arch/powerpc/kvm/book3s_64_vio.c | 51 +++++++++++++++++++++++++++++++++++++++-
>>   1 file changed, 50 insertions(+), 1 deletion(-)
>>
>> diff --git a/arch/powerpc/kvm/book3s_64_vio.c b/arch/powerpc/kvm/book3s_64_vio.c
>> index 9526c34..b70787d 100644
>> --- a/arch/powerpc/kvm/book3s_64_vio.c
>> +++ b/arch/powerpc/kvm/book3s_64_vio.c
>> @@ -45,13 +45,56 @@ static long kvmppc_stt_npages(unsigned long window_size)
>>   		     * sizeof(u64), PAGE_SIZE) / PAGE_SIZE;
>>   }
>>
>> +static long kvmppc_account_memlimit(long npages, bool inc)
>> +{
>> +	long ret = 0;
>> +	const long bytes = sizeof(struct kvmppc_spapr_tce_table) +
>> +			(abs(npages) * sizeof(struct page *));
>
> Why abs(npages)?  Can npages be negative?  If so, what does that mean?


Leftover from older versions when there was one shared 
account_memlimit(long npages). It does not make sense here, I need to 
remove it.


-- 
Alexey