[PATCH 2/2] drm/msm/gem: Demote allocations to __GFP_NOWARN

Linux ARM-MSM sub-architecture
 help / color / mirror / Atom feed

From: Rob Clark <robdclark@gmail.com>
To: dri-devel@lists.freedesktop.org
Cc: freedreno@lists.freedesktop.org, linux-arm-msm@vger.kernel.org,
	Rob Clark <robdclark@chromium.org>,
	Rob Clark <robdclark@gmail.com>,
	Abhinav Kumar <quic_abhinavk@quicinc.com>,
	Dmitry Baryshkov <dmitry.baryshkov@linaro.org>,
	Sean Paul <sean@poorly.run>,
	Marijn Suijten <marijn.suijten@somainline.org>,
	David Airlie <airlied@gmail.com>, Daniel Vetter <daniel@ffwll.ch>,
	linux-kernel@vger.kernel.org (open list)
Subject: [PATCH 2/2] drm/msm/gem: Demote allocations to __GFP_NOWARN
Date: Tue, 24 Oct 2023 10:08:05 -0700	[thread overview]
Message-ID: <20231024170806.194563-2-robdclark@gmail.com> (raw)
In-Reply-To: <20231024170806.194563-1-robdclark@gmail.com>

From: Rob Clark <robdclark@chromium.org>

For allocations with userspace controlled size, we should not warn on
allocation failure.  Fixes KASAN splat:

   WARNING: CPU: 6 PID: 29557 at mm/page_alloc.c:5398 __alloc_pages+0x160c/0x2204
   Modules linked in: bridge stp llc hci_vhci tun veth xt_cgroup uinput xt_MASQUERADE rfcomm ip6table_nat fuse 8021q r8153_ecm cdc_ether usbnet r8152 mii venus_enc venus_dec uvcvideo algif_hash algif_skcipher af_alg qcom_spmi_adc_tm5 qcom_spmi_adc5 qcom_vadc_common qcom_spmi_temp_alarm cros_ec_typec typec hci_uart btqca qcom_stats snd_soc_sc7180 venus_core ath10k_snoc ath10k_core ath coresight_tmc coresight_replicator coresight_etm4x coresight_funnel snd_soc_lpass_sc7180 mac80211 coresight bluetooth ecdh_generic ecc cfg80211 cros_ec_sensorhub lzo_rle lzo_compress zram joydev
   CPU: 6 PID: 29557 Comm: syz-executor Not tainted 5.15.110-lockdep-19320-g89d010b0a9df #1 45bdd400697a78353f2927c116615abba810e5dd
   Hardware name: Google Kingoftown (DT)
   pstate: 20400009 (nzCv daif +PAN -UAO -TCO -DIT -SSBS BTYPE=--)
   pc : __alloc_pages+0x160c/0x2204
   lr : __alloc_pages+0x58/0x2204
   sp : ffffffc0214176c0
   x29: ffffffc0214178a0 x28: ffffff801f7b4000 x27: 0000000000000000
   x26: ffffff808a4fa000 x25: 1ffffff011290781 x24: ffffff808a59c000
   x23: 0000000000000010 x22: ffffffc0080e6980 x21: 0000000000000010
   x20: 0000000000000000 x19: 00000000080001f8 x18: 0000000000000000
   x17: 0000000000000000 x16: 0000000000000000 x15: 0000000020000500
   x14: 0000000000000000 x13: 0000000000000000 x12: 0000000000000001
   x11: 0000000000000000 x10: 1ffffff804282f06 x9 : 0000000000000000
   x8 : ffffffc021417848 x7 : 0000000000000000 x6 : ffffffc0082ac788
   x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000010
   x2 : 0000000000000008 x1 : 0000000000000000 x0 : ffffffc021417830
   Call trace:
   __alloc_pages+0x160c/0x2204
   kmalloc_order+0x50/0xf4
   kmalloc_order_trace+0x38/0x18c
   __kmalloc+0x300/0x45c
   msm_ioctl_gem_submit+0x284/0x5988
   drm_ioctl_kernel+0x270/0x418
   drm_ioctl+0x5e0/0xbf8
   __arm64_sys_ioctl+0x154/0x1d0
   invoke_syscall+0x98/0x278
   el0_svc_common+0x214/0x274
   do_el0_svc+0x9c/0x19c
   el0_svc+0x5c/0xc0
   el0t_64_sync_handler+0x78/0x108
   el0t_64_sync+0x1a4/0x1a8

Signed-off-by: Rob Clark <robdclark@chromium.org>
---
 drivers/gpu/drm/msm/msm_gem_submit.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/drivers/gpu/drm/msm/msm_gem_submit.c b/drivers/gpu/drm/msm/msm_gem_submit.c
index 9f16af761bf0..6d8ec1337e8b 100644
--- a/drivers/gpu/drm/msm/msm_gem_submit.c
+++ b/drivers/gpu/drm/msm/msm_gem_submit.c
@@ -43,7 +43,7 @@ static struct msm_gem_submit *submit_create(struct drm_device *dev,
 	if (sz > SIZE_MAX)
 		return ERR_PTR(-ENOMEM);
 
-	submit = kzalloc(sz, GFP_KERNEL);
+	submit = kzalloc(sz, GFP_KERNEL | __GFP_NOWARN);
 	if (!submit)
 		return ERR_PTR(-ENOMEM);
 
@@ -234,7 +234,7 @@ static int submit_lookup_cmds(struct msm_gem_submit *submit,
 			ret = -ENOMEM;
 			goto out;
 		}
-		submit->cmd[i].relocs = kmalloc(sz, GFP_KERNEL);
+		submit->cmd[i].relocs = kmalloc(sz, GFP_KERNEL | __GFP_NOWARN);
 		if (!submit->cmd[i].relocs) {
 			ret = -ENOMEM;
 			goto out;
-- 
2.41.0

     prev parent reply	other threads:[~2023-10-24 17:08 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-10-24 17:08 [PATCH 1/2] drm/msm/gem: Demote userspace errors to DRM_UT_DRIVER Rob Clark
2023-10-24 17:08 ` Rob Clark [this message]

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:9f16af761bf dfblob:6d8ec1337e8 )
 OR (
bs:"[PATCH 2/2] drm/msm/gem: Demote allocations to __GFP_NOWARN" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20231024170806.194563-2-robdclark@gmail.com \
    --to=robdclark@gmail.com \
    --cc=airlied@gmail.com \
    --cc=daniel@ffwll.ch \
    --cc=dmitry.baryshkov@linaro.org \
    --cc=dri-devel@lists.freedesktop.org \
    --cc=freedreno@lists.freedesktop.org \
    --cc=linux-arm-msm@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=marijn.suijten@somainline.org \
    --cc=quic_abhinavk@quicinc.com \
    --cc=robdclark@chromium.org \
    --cc=sean@poorly.run \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox