From: Guangming.Cao <guangming.cao@mediatek.com>
To: "Christian König" <christian.koenig@amd.com>,
"John Stultz" <john.stultz@linaro.org>
Cc: "Ruhl, Michael J" <michael.j.ruhl@intel.com>,
"sumit.semwal@linaro.org" <sumit.semwal@linaro.org>,
"linux-arm-kernel@lists.infradead.org"
<linux-arm-kernel@lists.infradead.org>,
"wsd_upstream@mediatek.com" <wsd_upstream@mediatek.com>,
"libo.kang@mediatek.com" <libo.kang@mediatek.com>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"dri-devel@lists.freedesktop.org"
<dri-devel@lists.freedesktop.org>,
"yf.wang@mediatek.com" <yf.wang@mediatek.com>,
"linaro-mm-sig@lists.linaro.org" <linaro-mm-sig@lists.linaro.org>,
"linux-mediatek@lists.infradead.org"
<linux-mediatek@lists.infradead.org>,
"lmark@codeaurora.org" <lmark@codeaurora.org>,
"benjamin.gaignard@linaro.org" <benjamin.gaignard@linaro.org>,
"bo.song@mediatek.com" <bo.song@mediatek.com>,
"matthias.bgg@gmail.com" <matthias.bgg@gmail.com>,
"labbott@redhat.com" <labbott@redhat.com>,
"mingyuan.ma@mediatek.com" <mingyuan.ma@mediatek.com>,
"jianjiao.zeng@mediatek.com" <jianjiao.zeng@mediatek.com>,
"linux-media@vger.kernel.org" <linux-media@vger.kernel.org>
Subject: Re: [PATCH v3] dma-buf: dma-heap: Add a size check for allocation
Date: Fri, 14 Jan 2022 20:05:48 +0800 [thread overview]
Message-ID: <82faa62f1bc946cf2f9ee2f7d15c567162238eab.camel@mediatek.com> (raw)
In-Reply-To: <6b8182a1-7cdc-7369-5c34-e6d0c24efcca@amd.com>
On Fri, 2022-01-14 at 08:16 +0100, Christian König wrote:
> Am 14.01.22 um 00:26 schrieb John Stultz:
> > On Thu, Jan 13, 2022 at 5:05 AM Christian König
> > <christian.koenig@amd.com> wrote:
> > > Am 13.01.22 um 14:00 schrieb Ruhl, Michael J:
> > > > > -----Original Message-----
> > > > > From: dri-devel <dri-devel-bounces@lists.freedesktop.org> On
> > > > > Behalf Of
> > > > > Ruhl, Michael J
> > > > > > -----Original Message-----
> > > > > > From: dri-devel <dri-devel-bounces@lists.freedesktop.org>
> > > > > > On Behalf Of
> > > > > > guangming.cao@mediatek.com
> > > > > > + /*
> > > > > > + * Invalid size check. The "len" should be less than
> > > > > > totalram.
> > > > > > + *
> > > > > > + * Without this check, once the invalid size allocation
> > > > > > runs on a process
> > > > > > that
> > > > > > + * can't be killed by OOM flow(such as "gralloc" on
> > > > > > Android devices), it
> > > > > > will
> > > > > > + * cause a kernel exception, and to make matters worse,
> > > > > > we can't find
> > > > > > who are using
> > > > > > + * so many memory with "dma_buf_debug_show" since the
> > > > > > relevant
> > > > > > dma-buf hasn't exported.
> > > > > > + */
> > > > > > + if (len >> PAGE_SHIFT > totalram_pages())
> > > > >
> > > > > If your "heap" is from cma, is this still a valid check?
> > > >
> > > > And thinking a bit further, if I create a heap from something
> > > > else (say device memory),
> > > > you will need to be able to figure out the maximum allowable
> > > > check for the specific
> > > > heap.
> > > >
> > > > Maybe the heap needs a callback for max size?
Yes, I agree with this solution.
If dma-heap framework support this via adding a callback to support it,
seems it's more clear than adding a limitation in dma-heap framework
since each heap maybe has different limitation.
If you prefer adding callback, I can update this patch and add totalram
limitation to system dma-heap.
Thanks!
Guangming
> > >
> > > Well we currently maintain a separate allocator and don't use
> > > dma-heap,
> > > but yes we have systems with 16GiB device and only 8GiB system
> > > memory so
> > > that check here is certainly not correct.
> >
> > Good point.
> >
> > > In general I would rather let the system run into -ENOMEM or
> > > -EINVAL
> > > from the allocator instead.
For system dma-heap, it doesn't know how memory is avaliable when
allocating memory, so, use totalram_pages() just to prevent cases which
will cause oom definitely.
Just like PAGE align, this check is can be used for all heaps since
there is no dma-heap can alloc memory larger than totalram. Futhermore,
if vendors implement a variety of dma-heap like system heap for special
usages, seems need to add this check to each dma-heap, and I think this
is unnecessary.
If the dma-heap has it's own special limitations for size, and add it
into heap implementation is good.
Thanks!
Guangming
> >
> > Probably the simpler solution is to push the allocation check to
> > the
> > heap driver, rather than doing it at the top level here.
> >
> > For CMA or other contiguous heaps, letting the allocator fail is
> > fast
> > enough. For noncontiguous buffers, like the system heap, the
> > allocation can burn a lot of time and consume a lot of memory
> > (causing
> > other trouble) before a large allocation might naturally fail.
>
> Yeah, letting a alloc_page() loop run for a while is usually not nice
> at
> all :)
>
> You can still do a sanity check here, e.g. the size should never
> have
> the most significant bit set for example.
>
Yes, this is a good solution. But if this a positive value, larger than
totalram, it can also pass this check, and cause OOM after some time.
From dicussion above, seems finding a proper solution that can judge
the size is valid or not for each dma-heap is more important.
Thanks!
Guangming
> Regards,
> Christian.
>
> >
> > thanks
> > -john
>
>
_______________________________________________
Linux-mediatek mailing list
Linux-mediatek@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-mediatek
next prev parent reply other threads:[~2022-01-14 12:05 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-17 9:41 [PATCH] dma-buf: dma-heap: Add a size limitation for allocation guangming.cao
2021-12-27 9:51 ` [PATCH v2] dma-buf: dma-heap: Add a size check " guangming.cao
2022-01-03 18:57 ` John Stultz
2022-01-04 7:47 ` Christian König
2022-01-04 8:44 ` Guangming.Cao
2022-01-05 6:36 ` guangming.cao
2022-01-13 10:50 ` Sumit Semwal
2022-01-13 12:34 ` [PATCH v3] " guangming.cao
2022-01-13 12:57 ` Ruhl, Michael J
2022-01-13 13:00 ` Ruhl, Michael J
2022-01-13 13:05 ` Christian König
2022-01-13 23:26 ` John Stultz
2022-01-14 7:16 ` Christian König
2022-01-14 12:05 ` Guangming.Cao [this message]
2022-01-15 1:17 ` John Stultz
2022-01-19 9:59 ` Guangming.Cao
2022-01-19 20:37 ` John Stultz
2022-01-20 3:34 ` [PATCH v4] dma-buf: system_heap: " guangming.cao
2022-01-20 3:48 ` John Stultz
2022-01-20 7:08 ` [PATCH v5] " guangming.cao
2022-01-20 8:27 ` Christian König
2022-01-20 8:52 ` [PATCH v6] " guangming.cao
2022-01-20 10:00 ` [PATCH v6 RESEND] " guangming.cao
2022-01-20 10:22 ` Christian König
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=82faa62f1bc946cf2f9ee2f7d15c567162238eab.camel@mediatek.com \
--to=guangming.cao@mediatek.com \
--cc=benjamin.gaignard@linaro.org \
--cc=bo.song@mediatek.com \
--cc=christian.koenig@amd.com \
--cc=dri-devel@lists.freedesktop.org \
--cc=jianjiao.zeng@mediatek.com \
--cc=john.stultz@linaro.org \
--cc=labbott@redhat.com \
--cc=libo.kang@mediatek.com \
--cc=linaro-mm-sig@lists.linaro.org \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-media@vger.kernel.org \
--cc=linux-mediatek@lists.infradead.org \
--cc=lmark@codeaurora.org \
--cc=matthias.bgg@gmail.com \
--cc=michael.j.ruhl@intel.com \
--cc=mingyuan.ma@mediatek.com \
--cc=sumit.semwal@linaro.org \
--cc=wsd_upstream@mediatek.com \
--cc=yf.wang@mediatek.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).