Re: [PATCH net-next] page_pool: disable direct recycling based on pool->cpuid on destroy

From: Toke Høiland-Jørgensen
Date: Thu Feb 15 2024 - 07:05:44 EST

Next message: Devarsh Thakkar: "[PATCH v4 0/2] Add common1 region for AM62, AM62A & AM65x"
Previous message: Greg Kroah-Hartman: "Re: [PATCH v3] Documentation: Document the Linux Kernel CVE process"
In reply to: Alexander Lobakin: "[PATCH net-next] page_pool: disable direct recycling based on pool->cpuid on destroy"
Next in thread: Alexander Lobakin: "Re: [PATCH net-next] page_pool: disable direct recycling based on pool->cpuid on destroy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Alexander Lobakin <aleksander.lobakin@xxxxxxxxx> writes:

> Now that direct recycling is performed basing on pool->cpuid when set,
> memory leaks are possible:
>
> 1. A pool is destroyed.
> 2. Alloc cache is emptied (it's done only once).
> 3. pool->cpuid is still set.
> 4. napi_pp_put_page() does direct recycling basing on pool->cpuid.
> 5. Now alloc cache is not empty, but it won't ever be freed.

Did you actually manage to trigger this? pool->cpuid is only set for the
system page pool instance which is never destroyed; so this seems a very
theoretical concern?

I guess we could still do this in case we find other uses for setting
the cpuid; I don't think the addition of the READ_ONCE() will have any
measurable overhead on the common arches?

-Toke

Next message: Devarsh Thakkar: "[PATCH v4 0/2] Add common1 region for AM62, AM62A & AM65x"
Previous message: Greg Kroah-Hartman: "Re: [PATCH v3] Documentation: Document the Linux Kernel CVE process"
In reply to: Alexander Lobakin: "[PATCH net-next] page_pool: disable direct recycling based on pool->cpuid on destroy"
Next in thread: Alexander Lobakin: "Re: [PATCH net-next] page_pool: disable direct recycling based on pool->cpuid on destroy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]