public inbox for stable@vger.kernel.org
 help / color / mirror / Atom feed
* [PATCH 4.19 0/1] Fix CVE-2021-3759
@ 2024-08-30  8:20 hsimeliere.opensource
  2024-08-30  8:20 ` [PATCH 4.19 1/1] memcg: enable accounting of ipc resources hsimeliere.opensource
  0 siblings, 1 reply; 3+ messages in thread
From: hsimeliere.opensource @ 2024-08-30  8:20 UTC (permalink / raw)
  To: stable


https://nvd.nist.gov/vuln/detail/cve-2021-3759

^ permalink raw reply	[flat|nested] 3+ messages in thread
* [PATCH 4.19 1/1] memcg: enable accounting of ipc resources
  2024-08-30  8:20 [PATCH 4.19 0/1] Fix CVE-2021-3759 hsimeliere.opensource
@ 2024-08-30  8:20 ` hsimeliere.opensource
  2024-08-30 12:57   ` Greg Kroah-Hartman
  0 siblings, 1 reply; 3+ messages in thread
From: hsimeliere.opensource @ 2024-08-30  8:20 UTC (permalink / raw)
  To: stable
  Cc: Vasily Averin, Shakeel Butt, Alexander Viro, Alexey Dobriyan,
	Andrei Vagin, Borislav Petkov, Borislav Petkov, Christian Brauner,
	Dmitry Safonov, Eric W. Biederman, Greg Kroah-Hartman,
	H. Peter Anvin, Ingo Molnar, J. Bruce Fields, Jeff Layton,
	Jens Axboe, Jiri Slaby, Johannes Weiner, Kirill Tkhai,
	Michal Hocko, Oleg Nesterov, Roman Gushchin, Serge Hallyn,
	Tejun Heo, Thomas Gleixner, Vladimir Davydov, Yutian Yang,
	Zefan Li, Andrew Morton, Linus Torvalds, Hugo SIMELIERE

From: Vasily Averin <vvs@virtuozzo.com>

commit 18319498fdd4cdf8c1c2c48cd432863b1f915d6f upstream.

When user creates IPC objects it forces kernel to allocate memory for
these long-living objects.

It makes sense to account them to restrict the host's memory consumption
from inside the memcg-limited container.

This patch enables accounting for IPC shared memory segments, messages
semaphores and semaphore's undo lists.

Link: https://lkml.kernel.org/r/d6507b06-4df6-78f8-6c54-3ae86e3b5339@virtuozzo.com
Signed-off-by: Vasily Averin <vvs@virtuozzo.com>
Reviewed-by: Shakeel Butt <shakeelb@google.com>
Cc: Alexander Viro <viro@zeniv.linux.org.uk>
Cc: Alexey Dobriyan <adobriyan@gmail.com>
Cc: Andrei Vagin <avagin@gmail.com>
Cc: Borislav Petkov <bp@alien8.de>
Cc: Borislav Petkov <bp@suse.de>
Cc: Christian Brauner <christian.brauner@ubuntu.com>
Cc: Dmitry Safonov <0x7f454c46@gmail.com>
Cc: "Eric W. Biederman" <ebiederm@xmission.com>
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Cc: "H. Peter Anvin" <hpa@zytor.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: "J. Bruce Fields" <bfields@fieldses.org>
Cc: Jeff Layton <jlayton@kernel.org>
Cc: Jens Axboe <axboe@kernel.dk>
Cc: Jiri Slaby <jirislaby@kernel.org>
Cc: Johannes Weiner <hannes@cmpxchg.org>
Cc: Kirill Tkhai <ktkhai@virtuozzo.com>
Cc: Michal Hocko <mhocko@kernel.org>
Cc: Oleg Nesterov <oleg@redhat.com>
Cc: Roman Gushchin <guro@fb.com>
Cc: Serge Hallyn <serge@hallyn.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Vladimir Davydov <vdavydov.dev@gmail.com>
Cc: Yutian Yang <nglaive@gmail.com>
Cc: Zefan Li <lizefan.x@bytedance.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com>
---
 ipc/msg.c |  2 +-
 ipc/sem.c | 10 ++++++----
 ipc/shm.c |  2 +-
 3 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/ipc/msg.c b/ipc/msg.c
index ac4de3f67261..9a1ff5669cfb 100644
--- a/ipc/msg.c
+++ b/ipc/msg.c
@@ -137,7 +137,7 @@ static int newque(struct ipc_namespace *ns, struct ipc_params *params)
 	key_t key = params->key;
 	int msgflg = params->flg;
 
-	msq = kvmalloc(sizeof(*msq), GFP_KERNEL);
+	msq = kvmalloc(sizeof(*msq), GFP_KERNEL_ACCOUNT);
 	if (unlikely(!msq))
 		return -ENOMEM;
 
diff --git a/ipc/sem.c b/ipc/sem.c
index cc6af85d1b15..8010cd9d1d7a 100644
--- a/ipc/sem.c
+++ b/ipc/sem.c
@@ -494,7 +494,7 @@ static struct sem_array *sem_alloc(size_t nsems)
 		return NULL;
 
 	size = sizeof(*sma) + nsems * sizeof(sma->sems[0]);
-	sma = kvmalloc(size, GFP_KERNEL);
+	sma = kvmalloc(size, GFP_KERNEL_ACCOUNT);
 	if (unlikely(!sma))
 		return NULL;
 
@@ -1813,7 +1813,7 @@ static inline int get_undo_list(struct sem_undo_list **undo_listp)
 
 	undo_list = current->sysvsem.undo_list;
 	if (!undo_list) {
-		undo_list = kzalloc(sizeof(*undo_list), GFP_KERNEL);
+		undo_list = kzalloc(sizeof(*undo_list), GFP_KERNEL_ACCOUNT);
 		if (undo_list == NULL)
 			return -ENOMEM;
 		spin_lock_init(&undo_list->lock);
@@ -1897,7 +1897,8 @@ static struct sem_undo *find_alloc_undo(struct ipc_namespace *ns, int semid)
 	rcu_read_unlock();
 
 	/* step 2: allocate new undo structure */
-	new = kzalloc(sizeof(struct sem_undo) + sizeof(short)*nsems, GFP_KERNEL);
+	new = kzalloc(sizeof(struct sem_undo) + sizeof(short)*nsems,
+		      GFP_KERNEL_ACCOUNT);
 	if (!new) {
 		ipc_rcu_putref(&sma->sem_perm, sem_rcu_free);
 		return ERR_PTR(-ENOMEM);
@@ -1961,7 +1962,8 @@ static long do_semtimedop(int semid, struct sembuf __user *tsops,
 	if (nsops > ns->sc_semopm)
 		return -E2BIG;
 	if (nsops > SEMOPM_FAST) {
-		sops = kvmalloc_array(nsops, sizeof(*sops), GFP_KERNEL);
+		sops = kvmalloc_array(nsops, sizeof(*sops),
+				      GFP_KERNEL_ACCOUNT);
 		if (sops == NULL)
 			return -ENOMEM;
 	}
diff --git a/ipc/shm.c b/ipc/shm.c
index ba99f48c6e2b..0a5053f5726f 100644
--- a/ipc/shm.c
+++ b/ipc/shm.c
@@ -711,7 +711,7 @@ static int newseg(struct ipc_namespace *ns, struct ipc_params *params)
 			ns->shm_tot + numpages > ns->shm_ctlall)
 		return -ENOSPC;
 
-	shp = kvmalloc(sizeof(*shp), GFP_KERNEL);
+	shp = kvmalloc(sizeof(*shp), GFP_KERNEL_ACCOUNT);
 	if (unlikely(!shp))
 		return -ENOMEM;
 
-- 
2.43.0


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH 4.19 1/1] memcg: enable accounting of ipc resources
  2024-08-30  8:20 ` [PATCH 4.19 1/1] memcg: enable accounting of ipc resources hsimeliere.opensource
@ 2024-08-30 12:57   ` Greg Kroah-Hartman
  0 siblings, 0 replies; 3+ messages in thread
From: Greg Kroah-Hartman @ 2024-08-30 12:57 UTC (permalink / raw)
  To: hsimeliere.opensource
  Cc: stable, Vasily Averin, Shakeel Butt, Alexander Viro,
	Alexey Dobriyan, Andrei Vagin, Borislav Petkov, Borislav Petkov,
	Christian Brauner, Dmitry Safonov, Eric W. Biederman,
	H. Peter Anvin, Ingo Molnar, J. Bruce Fields, Jeff Layton,
	Jens Axboe, Jiri Slaby, Johannes Weiner, Kirill Tkhai,
	Michal Hocko, Oleg Nesterov, Roman Gushchin, Serge Hallyn,
	Tejun Heo, Thomas Gleixner, Vladimir Davydov, Yutian Yang,
	Zefan Li, Andrew Morton, Linus Torvalds

On Fri, Aug 30, 2024 at 10:20:28AM +0200, hsimeliere.opensource@witekio.com wrote:
> From: Vasily Averin <vvs@virtuozzo.com>
> 
> commit 18319498fdd4cdf8c1c2c48cd432863b1f915d6f upstream.
> 
> When user creates IPC objects it forces kernel to allocate memory for
> these long-living objects.
> 
> It makes sense to account them to restrict the host's memory consumption
> from inside the memcg-limited container.
> 
> This patch enables accounting for IPC shared memory segments, messages
> semaphores and semaphore's undo lists.
> 
> Link: https://lkml.kernel.org/r/d6507b06-4df6-78f8-6c54-3ae86e3b5339@virtuozzo.com
> Signed-off-by: Vasily Averin <vvs@virtuozzo.com>
> Reviewed-by: Shakeel Butt <shakeelb@google.com>
> Cc: Alexander Viro <viro@zeniv.linux.org.uk>
> Cc: Alexey Dobriyan <adobriyan@gmail.com>
> Cc: Andrei Vagin <avagin@gmail.com>
> Cc: Borislav Petkov <bp@alien8.de>
> Cc: Borislav Petkov <bp@suse.de>
> Cc: Christian Brauner <christian.brauner@ubuntu.com>
> Cc: Dmitry Safonov <0x7f454c46@gmail.com>
> Cc: "Eric W. Biederman" <ebiederm@xmission.com>
> Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
> Cc: "H. Peter Anvin" <hpa@zytor.com>
> Cc: Ingo Molnar <mingo@redhat.com>
> Cc: "J. Bruce Fields" <bfields@fieldses.org>
> Cc: Jeff Layton <jlayton@kernel.org>
> Cc: Jens Axboe <axboe@kernel.dk>
> Cc: Jiri Slaby <jirislaby@kernel.org>
> Cc: Johannes Weiner <hannes@cmpxchg.org>
> Cc: Kirill Tkhai <ktkhai@virtuozzo.com>
> Cc: Michal Hocko <mhocko@kernel.org>
> Cc: Oleg Nesterov <oleg@redhat.com>
> Cc: Roman Gushchin <guro@fb.com>
> Cc: Serge Hallyn <serge@hallyn.com>
> Cc: Tejun Heo <tj@kernel.org>
> Cc: Thomas Gleixner <tglx@linutronix.de>
> Cc: Vladimir Davydov <vdavydov.dev@gmail.com>
> Cc: Yutian Yang <nglaive@gmail.com>
> Cc: Zefan Li <lizefan.x@bytedance.com>
> Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
> Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com>
> ---
>  ipc/msg.c |  2 +-
>  ipc/sem.c | 10 ++++++----
>  ipc/shm.c |  2 +-
>  3 files changed, 8 insertions(+), 6 deletions(-)
> 

Now queued up, thanks.

greg k-h

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2024-08-30 12:57 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-08-30  8:20 [PATCH 4.19 0/1] Fix CVE-2021-3759 hsimeliere.opensource
2024-08-30  8:20 ` [PATCH 4.19 1/1] memcg: enable accounting of ipc resources hsimeliere.opensource
2024-08-30 12:57   ` Greg Kroah-Hartman

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox