[tip: perf/urgent] perf/core: Fix mlock accounting in perf_mmap()
From: tip-bot2 for Song Liu
Date: Wed Jan 29 2020 - 06:33:08 EST
The following commit has been merged into the perf/urgent branch of tip:
Commit-ID: 003461559ef7a9bd0239bae35a22ad8924d6e9ad
Gitweb: https://git.kernel.org/tip/003461559ef7a9bd0239bae35a22ad8924d6e9ad
Author: Song Liu <songliubraving@xxxxxx>
AuthorDate: Thu, 23 Jan 2020 10:11:46 -08:00
Committer: Ingo Molnar <mingo@xxxxxxxxxx>
CommitterDate: Tue, 28 Jan 2020 21:20:18 +01:00
perf/core: Fix mlock accounting in perf_mmap()
Decreasing sysctl_perf_event_mlock between two consecutive perf_mmap()s of
a perf ring buffer may lead to an integer underflow in locked memory
accounting. This may lead to the undesired behaviors, such as failures in
BPF map creation.
Address this by adjusting the accounting logic to take into account the
possibility that the amount of already locked memory may exceed the
current limit.
Fixes: c4b75479741c ("perf/core: Make the mlock accounting simple again")
Suggested-by: Alexander Shishkin <alexander.shishkin@xxxxxxxxxxxxxxx>
Signed-off-by: Song Liu <songliubraving@xxxxxx>
Signed-off-by: Peter Zijlstra (Intel) <peterz@xxxxxxxxxxxxx>
Signed-off-by: Ingo Molnar <mingo@xxxxxxxxxx>
Cc: <stable@xxxxxxxxxxxxxxx>
Acked-by: Alexander Shishkin <alexander.shishkin@xxxxxxxxxxxxxxx>
Link: https://lkml.kernel.org/r/20200123181146.2238074-1-songliubraving@xxxxxx
---
kernel/events/core.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/kernel/events/core.c b/kernel/events/core.c
index 2173c23..2d9aeba 100644
--- a/kernel/events/core.c
+++ b/kernel/events/core.c
@@ -5916,7 +5916,15 @@ accounting:
*/
user_lock_limit *= num_online_cpus();
- user_locked = atomic_long_read(&user->locked_vm) + user_extra;
+ user_locked = atomic_long_read(&user->locked_vm);
+
+ /*
+ * sysctl_perf_event_mlock may have changed, so that
+ * user->locked_vm > user_lock_limit
+ */
+ if (user_locked > user_lock_limit)
+ user_locked = user_lock_limit;
+ user_locked += user_extra;
if (user_locked > user_lock_limit) {
/*