From patchwork Sat Aug 17 06:24:49 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Barry Song <21cnbao@gmail.com> X-Patchwork-Id: 13767005 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id B0B33C531DC for ; Sat, 17 Aug 2024 06:25:42 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 411996B0169; Sat, 17 Aug 2024 02:25:42 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 3C1C76B016D; Sat, 17 Aug 2024 02:25:42 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 263D86B016F; Sat, 17 Aug 2024 02:25:42 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id 03EDE6B0169 for ; Sat, 17 Aug 2024 02:25:41 -0400 (EDT) Received: from smtpin29.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay02.hostedemail.com (Postfix) with ESMTP id 7F3F01204E5 for ; Sat, 17 Aug 2024 06:25:41 +0000 (UTC) X-FDA: 82460751282.29.8E0C192 Received: from mail-pf1-f172.google.com (mail-pf1-f172.google.com [209.85.210.172]) by imf19.hostedemail.com (Postfix) with ESMTP id 937801A0002 for ; Sat, 17 Aug 2024 06:25:39 +0000 (UTC) Authentication-Results: imf19.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=EBusAfaJ; spf=pass (imf19.hostedemail.com: domain of 21cnbao@gmail.com designates 209.85.210.172 as permitted sender) smtp.mailfrom=21cnbao@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1723875880; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=2X4VWKinXEGDbq8ESQflLvHDAModiFDrwO/8XuMbq2s=; b=PD9ixTW3kKVHKl142CLbWcjMsjZLzoAld67oEKqIbUYa3ULkPbWR7ddhSXrb+XZcNdZRQv UzLFbIFkMVEKZikGyUBzmnHN+X2EC4PNhLW1ZebTRuJ2/E1V57FC5G/6N3enGAOHMffnx/ cTLvuAf5JAkpt/XQtl+AcxF/LADSH2w= ARC-Authentication-Results: i=1; imf19.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=EBusAfaJ; spf=pass (imf19.hostedemail.com: domain of 21cnbao@gmail.com designates 209.85.210.172 as permitted sender) smtp.mailfrom=21cnbao@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1723875880; a=rsa-sha256; cv=none; b=RHwqyT3hGk69Pk20zhzdSCcde/9xnI09UyMqlAmIOKxUqlfCPdKOJMt2XHhPXdACvkG1WG 2d7vOcGJSGsxFsXtxIzO1N6yxctsjnJsXOF32f5T+whsl/GHkY66YJ1CMFN9ew79SSuOlV BRfEqRYdBVKPELgVz8Rkph8e4SC3HOc= Received: by mail-pf1-f172.google.com with SMTP id d2e1a72fcca58-70d399da0b5so2287748b3a.3 for ; Fri, 16 Aug 2024 23:25:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1723875938; x=1724480738; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=2X4VWKinXEGDbq8ESQflLvHDAModiFDrwO/8XuMbq2s=; b=EBusAfaJMNXi5uJjOGzdTPIH7vjU4eWHGP7hhVyMkFrMJnhAkql4mSBCkVSQiG+bxw 8CMpYjwVVbViHzKCGCOR4qwvFcw0RZQmLaBvkuCgIl/ELC8e6Y0ZSBiBcLIDytERlHZC JixMrKKcrlJIdPE7LkQ9HmPFOcVZ81HCtztWJ5ClvGTfZBidwMKn88t/6Kq9rWN8EqMl ZtKFijXugcbyna3DeuJdnw73I9+vbQEgMhJj3FlKJjQSa8exnzH+oxardNhJD8vnDVm9 dqzmpi4dCrhhJ/RJvFLWaubFmX7a/XwKKN0zORoiYudOiiAKwsiGmkb3EOa9Q3nP/gPu zRUA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723875938; x=1724480738; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=2X4VWKinXEGDbq8ESQflLvHDAModiFDrwO/8XuMbq2s=; b=dR1YapnJZEIPbFcvnqmp9AviP+le53AO4s3pmz6efGEzL3h39NZyfbmNI7ITJQYYuu Z3jJAwkpBszgsgZjBMARIdAymL9asKTSgZ+B7su5C22tC9fiqgSiMsxrt/9oUTIOcCtq fewS6pBGYT5WyNGBnPQ+l0uqboE3pVBbsQog6hbE7puCopkT+Kc89rd1iUzVOI4adsys PRfyAfUIQ1ciz4oXtb9sG+sKuFOsu8ZCY4SEMLT8nFgybkicClPb4NXMnJPySmZydn+H ETgDvfc0o9RwbKZ167XQBW87IcZBk4c5Mq0hnk7WkZEV1iaf3xITQkUaAC3w53PXRXMu +I9g== X-Forwarded-Encrypted: i=1; AJvYcCUjCX+H0ES7PoLEIwO3x6NzTqF8OOIyjxZNWnpUrXKGGpwHCVx8tgf/48tkrl3/WpQCLMfU0m0nkvNAj6pB+wXGIbk= X-Gm-Message-State: AOJu0YwGAzoSdMx9MZzVxSAXYwh93G1Rs5yVtMvnPGuKy0RRy+qFQl+M CDz8aFfH2db5T8kIrUwpNIF1ccVGz4u1r81tUiCnQZEzM0C7b/BI X-Google-Smtp-Source: AGHT+IH03FdwAIY4AWVv/BXRCCz7Wo0n+PGDGc1GL3fnHropqxkM8zstDmcU8MGBFc9GOZQKQEX2Iw== X-Received: by 2002:a05:6a21:2d84:b0:1c6:a680:ef3d with SMTP id adf61e73a8af0-1c904fb55c8mr7273628637.28.1723875938269; Fri, 16 Aug 2024 23:25:38 -0700 (PDT) Received: from Barrys-MBP.hub ([2407:7000:8942:5500:fd84:292a:c6d0:8b67]) by smtp.gmail.com with ESMTPSA id 98e67ed59e1d1-2d3ac854f3bsm6768404a91.51.2024.08.16.23.25.29 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Fri, 16 Aug 2024 23:25:37 -0700 (PDT) From: Barry Song <21cnbao@gmail.com> To: akpm@linux-foundation.org, linux-mm@kvack.org Cc: 42.hyeyoo@gmail.com, cl@linux.com, hailong.liu@oppo.com, hch@infradead.org, iamjoonsoo.kim@lge.com, mhocko@suse.com, penberg@kernel.org, rientjes@google.com, roman.gushchin@linux.dev, torvalds@linux-foundation.org, urezki@gmail.com, v-songbaohua@oppo.com, vbabka@suse.cz, virtualization@lists.linux.dev, Lorenzo Stoakes , Kees Cook , =?utf-8?q?Eugenio_P=C3=A9rez?= , Jason Wang , Maxime Coquelin , "Michael S. Tsirkin" , Xuan Zhuo Subject: [PATCH v3 4/4] mm: prohibit NULL deference exposed for unsupported non-blockable __GFP_NOFAIL Date: Sat, 17 Aug 2024 18:24:49 +1200 Message-Id: <20240817062449.21164-5-21cnbao@gmail.com> X-Mailer: git-send-email 2.39.3 (Apple Git-146) In-Reply-To: <20240817062449.21164-1-21cnbao@gmail.com> References: <20240817062449.21164-1-21cnbao@gmail.com> MIME-Version: 1.0 X-Stat-Signature: ktcco8kuo8xbsfjij8zytp37yt44s4j8 X-Rspam-User: X-Rspamd-Queue-Id: 937801A0002 X-Rspamd-Server: rspam02 X-HE-Tag: 1723875939-983273 X-HE-Meta: U2FsdGVkX181TkD1xox8eqlYAs8LE+NqCfaebiJzfrXLgWmPeWgJ2wFhE7250oSJ/+qQpQz/XNmaI4lbk4lFFuXx+ARTbV4Cn/0crZiM6ZXi4amE4zzW4lYOBrLEjQ7g4Fw67oliCDZJ164cVOPREscUCyebaMwBjdpV6Ss8NWSY6e1oaC7Ne2iJIbyTKpujld6RuOESVfzGFpwFMzBcrvFvgG97Ova/G+GcvM93eaL2jBqj5eAWPlGxoNn+R6Jl3RAS/b0SvJbsy+LPNNq6MSmcdGRXLtNPRc0hpPJWIzAVhqdOaM3rOV0k88bnu9fcJoZAsgGRx8HxopQSrPQoEcuja4NdorZ3Mq3t8mso6t5OOz8nxiL1CfT37EKOMPl2WABvuhXUvrOxTDrbwqoNzdHMhFoKw+QI0udl7fKBBPR53p/9fylPWuZutmSqwuQLTk+53wbb75GYD7MGAi9iH74/84kKm70cofpij+On1MF3StqzCIzXnVFYgq8CMFxHpiwQ4r319iU1tXEHZ7H8h9MndQqV0RJbC4nI3/cYpazedN3OVVfqGn669EKsDSvSOjUzjxj99LLrKaYz039AqtBDxlRO0MZQPYOC43iht4+bqapWLfEYaey9oyt+Xwo1Ipe2gjsbrrqtLzncZzhRvp8MNaGB75wyyuODcCZvSGeAdyfcdeNuERh3InAoBuTaSIdUcsJsFq+RqISUHkSY1ZEjbcS6I+a9HrI6e4ctfVi+F4fH2Fy57JurWjWvOxx/Vja6s2osnESVzbd5vUxtoM4LXRR3McrLXH/HHI1qHzoLQm+b1RsP4TtTWJXbLjGfUuTjAthMbvSeKXFWzkj/DHYU7+A4wTY9nbLt100F5WLunK7h/K0cKaZ9eOfow4EP6Zce4Q46SS+vnhDNLY/DU6DQlHnQKwGq5Dc3G2BQJyhkpUQr1KdwVn940TD3nA14YYZfqw3M0aGauNZyRDT kCz7q3dh 9c37SMzZmCKmNmTtZ1zjZYeF+jCUonkiaHXeUhnU26uaul+t7xChSQJ0kRKO//n+fJnpT1clDs9I0zkc4G2gJStOWU6o4Lt1yvJO4LEy3dawnebr37RfxdkDWaV0IIgLZ/O4O9SzkPKpUB9Q93x+igpiex31F6bAvLrqreEtcrjDsU80ysWWej9o2w5U5z1vC+tbQ1TZ+OyE0cOQlqDZbNOJ0hMxjffHuZqF6JLAmQFqOe+d2QvRDfkchJm0IZSsM1/EZWi1bh9utqePotZBbgMnHjjH+rBPfQEVON86S/g+55IKQyLxsl6qN2MW6bF4FHwFW0FeoFn47TWaxFb/y+QuWKDzKG4YVhU9Ochh1JZI4zh0BYereUl+78Ma/GkR6jUVaF+b9NvFO7CSOj1gfrQu6ferFoKeZ/w5iNC27ZbJZluiFbyKiY6YFLHiYCa9U1FRkGRO/8ZtsnXIG2LBWNbMsRbP98qzU8NxhPzBtaGeoOQglbWmVdFw3To1tgyI9P1SZ2CNNgsmtOQRBZ/h8FxCzfwJfHJR90U/YdfSNOzAxYqATPMBkF/OEDx02aJb4uSLMXGVO4UQagLD/5AJsIvuCVmVtDK5SfLcfGUrPFszl/RD/PQFeWG1OjYS2GeEWIPDyXb/66TZk5pHwzx7moppwzw88RIczH6PBinG8lpEKr8xg/f/VmplcI2iaxGMRDaPdr0UV62CiAStUd3SKa2TdNhc7mp53Vf/szJ44qUX305uphNqzmyNiQCBsXfUOesab1L0UVNevfaYGLTl61jkPUlrZzAPpEKs1fKCXB/9+XFjd/sZk3Z3aBlOq61N+cKUcI4VEu6L+k9CkLN35K0mondY7hOJEUuxhrlQUFsxQ5nLDmEZCen8SqeahvQHrnRjEZzOwvbBdfqfH/Qr4eZE3X6HV+N8bWhRaL4T8ow1o+iDdK5o2/vtFcnVhl4r0HsrUWqz3RhkI55kFhniNcT+OYsQi xQQElxO4 O+2/h389EMWoZlarNxduEpYbhQDfDVqDSJqzFgI9IYo= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Barry Song When users allocate memory with the __GFP_NOFAIL flag, they might incorrectly use it alongside GFP_ATOMIC, GFP_NOWAIT, etc. This kind of non-blockable __GFP_NOFAIL is not supported and is pointless. If we attempt and still fail to allocate memory for these users, we have two choices: 1. We could busy-loop and hope that some other direct reclamation or kswapd rescues the current process. However, this is unreliable and could ultimately lead to hard or soft lockups, which might not be well supported by some architectures. 2. We could use BUG_ON to trigger a reliable system crash, avoiding exposing NULL dereference. Neither option is ideal, but both are improvements over the existing code. This patch selects the second option because, with the introduction of scoped API and GFP_NOFAIL—capable of enforcing direct reclamation for nofail users(which is in my plan), non-blockable nofail allocations will no longer be possible. Signed-off-by: Barry Song Cc: Michal Hocko Cc: Uladzislau Rezki (Sony) Cc: Christoph Hellwig Cc: Lorenzo Stoakes Cc: Christoph Lameter Cc: Pekka Enberg Cc: David Rientjes Cc: Joonsoo Kim Cc: Vlastimil Babka Cc: Roman Gushchin Cc: Hyeonggon Yoo <42.hyeyoo@gmail.com> Cc: Linus Torvalds Cc: Kees Cook Cc: "Eugenio Pérez" Cc: Hailong.Liu Cc: Jason Wang Cc: Maxime Coquelin Cc: "Michael S. Tsirkin" Cc: Xuan Zhuo --- mm/page_alloc.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/mm/page_alloc.c b/mm/page_alloc.c index d2c37f8f8d09..fb5850ecd3ae 100644 --- a/mm/page_alloc.c +++ b/mm/page_alloc.c @@ -4399,11 +4399,11 @@ __alloc_pages_slowpath(gfp_t gfp_mask, unsigned int order, */ if (gfp_mask & __GFP_NOFAIL) { /* - * All existing users of the __GFP_NOFAIL are blockable, so warn - * of any new users that actually require GFP_NOWAIT + * All existing users of the __GFP_NOFAIL are blockable + * otherwise we introduce a busy loop with inside the page + * allocator from non-sleepable contexts */ - if (WARN_ON_ONCE_GFP(!can_direct_reclaim, gfp_mask)) - goto fail; + BUG_ON(!can_direct_reclaim); /* * PF_MEMALLOC request from this context is rather bizarre @@ -4434,7 +4434,7 @@ __alloc_pages_slowpath(gfp_t gfp_mask, unsigned int order, cond_resched(); goto retry; } -fail: + warn_alloc(gfp_mask, ac->nodemask, "page allocation failure: order:%u", order); got_pg: