Re: [PATCH] mm: Check for SIGKILL inside dup_mmap() loop.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 19 Apr 2018 10:54:44 +0900 Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx> wrote:

> Andrew Morton wrote:
> > On Sat, 7 Apr 2018 19:38:28 +0900 Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx> wrote:
> > 
> > > >From 31c863e57a4ab7dfb491b2860fe3653e1e8f593b Mon Sep 17 00:00:00 2001
> > > From: Tetsuo Handa <penguin-kernel@xxxxxxxxxxxxxxxxxxx>
> > > Date: Sat, 7 Apr 2018 19:29:30 +0900
> > > Subject: [PATCH] mm: Check for SIGKILL inside dup_mmap() loop.
> > > 
> > > As a theoretical problem, an mm_struct with 60000+ vmas can loop with
> > > potentially allocating memory, with mm->mmap_sem held for write by current
> > > thread. This is bad if current thread was selected as an OOM victim, for
> > > current thread will continue allocations using memory reserves while OOM
> > > reaper is unable to reclaim memory.
> > > 
> > > As an actually observable problem, it is not difficult to make OOM reaper
> > > unable to reclaim memory if the OOM victim is blocked at
> > > i_mmap_lock_write() in this loop. Unfortunately, since nobody can explain
> > > whether it is safe to use killable wait there, let's check for SIGKILL
> > > before trying to allocate memory. Even without an OOM event, there is no
> > > point with continuing the loop from the beginning if current thread is
> > > killed.
> > > 
> > > ...
> > >
> > > --- a/kernel/fork.c
> > > +++ b/kernel/fork.c
> > > @@ -441,6 +441,10 @@ static __latent_entropy int dup_mmap(struct mm_struct *mm,
> > >  			continue;
> > >  		}
> > >  		charge = 0;
> > > +		if (fatal_signal_pending(current)) {
> > > +			retval = -EINTR;
> > > +			goto out;
> > > +		}
> > >  		if (mpnt->vm_flags & VM_ACCOUNT) {
> > >  			unsigned long len = vma_pages(mpnt);
> > 
> > Seems sane.  Has this been runtime tested?
> > 
> 
> Yes, I tested with debug printk(). This patch should be safe
> because we already fail if security_vm_enough_memory_mm() or
> kmem_cache_alloc(GFP_KERNEL) fails and exit_mmap() handles it.
> 
> [  417.030691] ***** Aborting dup_mmap() due to SIGKILL *****
> [  417.036129] ***** Aborting dup_mmap() due to SIGKILL *****
> [  417.044544] ***** Aborting dup_mmap() due to SIGKILL *****
> [  419.116445] ***** Aborting dup_mmap() due to SIGKILL *****
> [  419.118401] ***** Aborting exit_mmap() due to NULL mmap *****
> [  419.168917] ***** Aborting dup_mmap() due to SIGKILL *****
> [  419.169064] ***** Aborting dup_mmap() due to SIGKILL *****
> [  419.170913] ***** Aborting exit_mmap() due to NULL mmap *****
> [  419.171411] ***** Aborting dup_mmap() due to SIGKILL *****
> [  419.171417] ***** Aborting exit_mmap() due to NULL mmap *****
> [  419.172804] ***** Aborting exit_mmap() due to NULL mmap *****
> [  419.176253] ***** Aborting dup_mmap() due to SIGKILL *****
> [  419.182676] ***** Aborting exit_mmap() due to NULL mmap *****

OK, thanks.

> > I would like to see a comment here explaining why we're testing for
> > this at this particualr place.
> > 
> Such comment goes to patch description.

I know.  I'm suggesting that it be in the code itself.  Making people
putz around with git to understand the code is unfriendly.

I'll add something in there tomorrow.




[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux