From: <guangming.cao@mediatek.com>
To: <sumit.semwal@linaro.org>
Cc: <benjamin.gaignard@linaro.org>, <bo.song@mediatek.com>,
<brian.starkey@arm.com>, <christian.koenig@amd.com>,
<dri-devel@lists.freedesktop.org>, <guangming.cao@mediatek.com>,
<jianjiao.zeng@mediatek.com>, <john.stultz@linaro.org>,
<labbott@redhat.com>, <libo.kang@mediatek.com>,
<linaro-mm-sig@lists.linaro.org>,
<linux-arm-kernel@lists.infradead.org>,
<linux-kernel@vger.kernel.org>, <linux-media@vger.kernel.org>,
<linux-mediatek@lists.infradead.org>, <lmark@codeaurora.org>,
<matthias.bgg@gmail.com>, <mingyuan.ma@mediatek.com>,
<wsd_upstream@mediatek.com>, <yf.wang@mediatek.com>,
Guangming <Guangming.Cao@mediatek.com>
Subject: [PATCH v3] dma-buf: dma-heap: Add a size check for allocation
Date: Thu, 13 Jan 2022 20:34:06 +0800 [thread overview]
Message-ID: <20220113123406.11520-1-guangming.cao@mediatek.com> (raw)
In-Reply-To: <CAO_48GF=ttKqSOm9GRoA3Mq+-RQOtRjWp449XPcz-wH=kjaTjw@mail.gmail.com>
From: Guangming <Guangming.Cao@mediatek.com>
Add a size check for allocation since the allocation size is
always less than the total DRAM size.
Without this check, once the invalid size allocation runs on a process that
can't be killed by OOM flow(such as "gralloc" on Android devices), it will
cause a kernel exception, and to make matters worse, we can't find who are using
so many memory with "dma_buf_debug_show" since the relevant dma-buf hasn't exported.
To make OOM issue easier, maybe need dma-buf framework to dump the buffer size
under allocating in "dma_buf_debug_show".
Signed-off-by: Guangming <Guangming.Cao@mediatek.com>
Signed-off-by: jianjiao zeng <jianjiao.zeng@mediatek.com>
---
v3: 1. update patch, use right shift to replace division.
2. update patch, add reason in code and commit message.
v2: 1. update size limitation as total_dram page size.
2. update commit message
---
drivers/dma-buf/dma-heap.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/drivers/dma-buf/dma-heap.c b/drivers/dma-buf/dma-heap.c
index 56bf5ad01ad5..1fd382712584 100644
--- a/drivers/dma-buf/dma-heap.c
+++ b/drivers/dma-buf/dma-heap.c
@@ -55,6 +55,16 @@ static int dma_heap_buffer_alloc(struct dma_heap *heap, size_t len,
struct dma_buf *dmabuf;
int fd;
+ /*
+ * Invalid size check. The "len" should be less than totalram.
+ *
+ * Without this check, once the invalid size allocation runs on a process that
+ * can't be killed by OOM flow(such as "gralloc" on Android devices), it will
+ * cause a kernel exception, and to make matters worse, we can't find who are using
+ * so many memory with "dma_buf_debug_show" since the relevant dma-buf hasn't exported.
+ */
+ if (len >> PAGE_SHIFT > totalram_pages())
+ return -EINVAL;
/*
* Allocations from all heaps have to begin
* and end on page boundaries.
--
2.17.1
_______________________________________________
Linux-mediatek mailing list
Linux-mediatek@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-mediatek
next prev parent reply other threads:[~2022-01-13 12:54 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-17 9:41 [PATCH] dma-buf: dma-heap: Add a size limitation for allocation guangming.cao
2021-12-27 9:51 ` [PATCH v2] dma-buf: dma-heap: Add a size check " guangming.cao
2022-01-03 18:57 ` John Stultz
2022-01-04 7:47 ` Christian König
2022-01-04 8:44 ` Guangming.Cao
2022-01-05 6:36 ` guangming.cao
2022-01-13 10:50 ` Sumit Semwal
2022-01-13 12:34 ` guangming.cao [this message]
2022-01-13 12:57 ` [PATCH v3] " Ruhl, Michael J
2022-01-13 13:00 ` Ruhl, Michael J
2022-01-13 13:05 ` Christian König
2022-01-13 23:26 ` John Stultz
2022-01-14 7:16 ` Christian König
2022-01-14 12:05 ` Guangming.Cao
2022-01-15 1:17 ` John Stultz
2022-01-19 9:59 ` Guangming.Cao
2022-01-19 20:37 ` John Stultz
2022-01-20 3:34 ` [PATCH v4] dma-buf: system_heap: " guangming.cao
2022-01-20 3:48 ` John Stultz
2022-01-20 7:08 ` [PATCH v5] " guangming.cao
2022-01-20 8:27 ` Christian König
2022-01-20 8:52 ` [PATCH v6] " guangming.cao
2022-01-20 10:00 ` [PATCH v6 RESEND] " guangming.cao
2022-01-20 10:22 ` Christian König
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220113123406.11520-1-guangming.cao@mediatek.com \
--to=guangming.cao@mediatek.com \
--cc=benjamin.gaignard@linaro.org \
--cc=bo.song@mediatek.com \
--cc=brian.starkey@arm.com \
--cc=christian.koenig@amd.com \
--cc=dri-devel@lists.freedesktop.org \
--cc=jianjiao.zeng@mediatek.com \
--cc=john.stultz@linaro.org \
--cc=labbott@redhat.com \
--cc=libo.kang@mediatek.com \
--cc=linaro-mm-sig@lists.linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-media@vger.kernel.org \
--cc=linux-mediatek@lists.infradead.org \
--cc=lmark@codeaurora.org \
--cc=matthias.bgg@gmail.com \
--cc=mingyuan.ma@mediatek.com \
--cc=sumit.semwal@linaro.org \
--cc=wsd_upstream@mediatek.com \
--cc=yf.wang@mediatek.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).