Re: [PATCH 1/4] mm: mlock: check against vma for actual mlock() size

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, Aug 30, 2016 at 06:59:38PM +0800, wei.guo.simon@xxxxxxxxx wrote:
> From: Simon Guo <wei.guo.simon@xxxxxxxxx>
> 
> In do_mlock(), the check against locked memory limitation
> has a hole which will fail following cases at step 3):
> 1) User has a memory chunk from addressA with 50k, and user
> mem lock rlimit is 64k.
> 2) mlock(addressA, 30k)
> 3) mlock(addressA, 40k)
> 
> The 3rd step should have been allowed since the 40k request
> is intersected with the previous 30k at step 2), and the
> 3rd step is actually for mlock on the extra 10k memory.
> 
> This patch checks vma to caculate the actual "new" mlock
> size, if necessary, and ajust the logic to fix this issue.
> 
> Signed-off-by: Simon Guo <wei.guo.simon@xxxxxxxxx>

Looks reasonable to me. Few nitpicks below.

> ---
>  mm/mlock.c | 49 +++++++++++++++++++++++++++++++++++++++++++++++++
>  1 file changed, 49 insertions(+)
> 
> diff --git a/mm/mlock.c b/mm/mlock.c
> index 14645be..9283187 100644
> --- a/mm/mlock.c
> +++ b/mm/mlock.c
> @@ -617,6 +617,43 @@ static int apply_vma_lock_flags(unsigned long start, size_t len,
>  	return error;
>  }
>  
> +/*
> + * Go through vma areas and sum size of mlocked
> + * vma pages, as return value.
> + * Note deferred memory locking case(mlock2(,,MLOCK_ONFAULT)
> + * is also counted.
> + * Return value: previously mlocked page counts
> + */
> +static int count_mm_mlocked_page_nr(struct mm_struct *mm,
> +		unsigned long start, size_t len)
> +{
> +	struct vm_area_struct *vma;
> +	int count = 0;
> +
> +	if (mm == NULL)
> +		mm = current->mm;
> +
> +	vma = find_vma(mm, start);
> +	if (vma == NULL)
> +		vma = mm->mmap;
> +
> +	for (; vma ; vma = vma->vm_next) {
> +		if (start + len <=  vma->vm_start)
> +			break;

	for (; vma && start + len <= vma->vm_start; vma = vma->vm_next) {

> +		if (vma->vm_flags && VM_LOCKED) {
> +			if (start > vma->vm_start)
> +				count -= (start - vma->vm_start);
> +			if (start + len < vma->vm_end) {
> +				count += start + len - vma->vm_start;
> +				break;
> +			}
> +			count += vma->vm_end - vma->vm_start;
> +		}
> +	}
> +
> +	return (PAGE_ALIGN(count) >> PAGE_SHIFT);

Redundant parenthesis.

And do we need PAGE_ALIGN() here? Caller already aligned 'len', and vma
boundaries are alinged.

> +}
> +
>  static __must_check int do_mlock(unsigned long start, size_t len, vm_flags_t flags)
>  {
>  	unsigned long locked;
> @@ -639,6 +676,18 @@ static __must_check int do_mlock(unsigned long start, size_t len, vm_flags_t fla
>  		return -EINTR;
>  
>  	locked += current->mm->locked_vm;
> +	if ((locked > lock_limit) && (!capable(CAP_IPC_LOCK))) {
> +		/*
> +		 * It is possible that the regions requested
> +		 * intersect with previously mlocked areas,
> +		 * that part area in "mm->locked_vm" should
> +		 * not be counted to new mlock increment
> +		 * count. So check and adjust locked count
> +		 * if necessary.
> +		 */
> +		locked -= count_mm_mlocked_page_nr(current->mm,
> +				start, len);
> +	}
>  
>  	/* check against resource limits */
>  	if ((locked <= lock_limit) || capable(CAP_IPC_LOCK))
> -- 
> 1.8.3.1
> 
> --
> To unsubscribe, send a message with 'unsubscribe linux-mm' in
> the body to majordomo@xxxxxxxxx.  For more info on Linux MM,
> see: http://www.linux-mm.org/ .
> Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>

-- 
 Kirill A. Shutemov

--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx.  For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>



[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]