On Wed, Feb 09, 2022 at 01:33:03PM +0100, Ingo Rohloff wrote:
> While the existing code code imposes a limit on the used memory, it might be
> over pessimistic (even if this is unlikely).
>
> Example scenario:
> 8 threads running in parallel, all entering
> "usbfs_increase_memory_usage()" at the same time.
> The atomic accesses in "usbfs_increase_memory_usage()" could be
> serialized like this:
> 8 x "atomic64_add"
> 8 x "atomic64_read"
> If the 8 x "atomic64_add" raise "usbfs_memory_usage" above the limit,
> then all 8 calls of "usbfs_increase_memory_usage()" will return with
> -ENOMEM. If you instead serialize over the whole access to
> "usbfs_memory_usage" by using a spinlock, some of these calls will
> succeed.
>
> Signed-off-by: Ingo Rohloff <ingo.rohloff@xxxxxxxxxxxxxx>
> ---
Acked-by: Alan Stern <stern@xxxxxxxxxxxxxxxxxxx>
> drivers/usb/core/devio.c | 32 ++++++++++++++++++++++----------
> 1 file changed, 22 insertions(+), 10 deletions(-)
>
> diff --git a/drivers/usb/core/devio.c b/drivers/usb/core/devio.c
> index fa66e6e58792..6abb7294e919 100644
> --- a/drivers/usb/core/devio.c
> +++ b/drivers/usb/core/devio.c
> @@ -139,30 +139,42 @@ MODULE_PARM_DESC(usbfs_memory_mb,
> /* Hard limit, necessary to avoid arithmetic overflow */
> #define USBFS_XFER_MAX (UINT_MAX / 2 - 1000000)
>
> -static atomic64_t usbfs_memory_usage; /* Total memory currently allocated */
> +static DEFINE_SPINLOCK(usbfs_memory_usage_lock);
> +static u64 usbfs_memory_usage; /* Total memory currently allocated */
>
> /* Check whether it's okay to allocate more memory for a transfer */
> static int usbfs_increase_memory_usage(u64 amount)
> {
> - u64 lim;
> + u64 lim, total_mem;
> + unsigned long flags;
> + int ret;
>
> lim = READ_ONCE(usbfs_memory_mb);
> lim <<= 20;
>
> - atomic64_add(amount, &usbfs_memory_usage);
> -
> - if (lim > 0 && atomic64_read(&usbfs_memory_usage) > lim) {
> - atomic64_sub(amount, &usbfs_memory_usage);
> - return -ENOMEM;
> - }
> + ret = 0;
> + spin_lock_irqsave(&usbfs_memory_usage_lock, flags);
> + total_mem = usbfs_memory_usage + amount;
> + if (lim > 0 && total_mem > lim)
> + ret = -ENOMEM;
> + else
> + usbfs_memory_usage = total_mem;
> + spin_unlock_irqrestore(&usbfs_memory_usage_lock, flags);
>
> - return 0;
> + return ret;
> }
>
> /* Memory for a transfer is being deallocated */
> static void usbfs_decrease_memory_usage(u64 amount)
> {
> - atomic64_sub(amount, &usbfs_memory_usage);
> + unsigned long flags;
> +
> + spin_lock_irqsave(&usbfs_memory_usage_lock, flags);
> + if (amount > usbfs_memory_usage)
> + usbfs_memory_usage = 0;
> + else
> + usbfs_memory_usage -= amount;
> + spin_unlock_irqrestore(&usbfs_memory_usage_lock, flags);
> }
>
> static int connected(struct usb_dev_state *ps)
> --
> 2.17.1
>
