Hi, On Sat, Jan 03, 2026 at 10:25:29AM -0500, Xiao Kan wrote: > DRM_IOCTL_MODE_CREATEPROPBLOB allows userspace to create property blobs > whose lifetime is scoped to a drm_file. > > Currently, a single drm_file may create an unbounded number of blobs. > Repeated ioctl calls can trigger unbounded kernel memory allocation and > lead to OOM, resulting in a denial-of-service. > > Introduce a per-drm_file limit on the number of user-created property > blobs. The limit is enforced at the point where a blob becomes associated > with a drm_file, matching the existing ownership and lifetime model. > This bounds per-file allocations while the total number of DRM file > descriptors remains constrained by existing kernel limits. > > Signed-off-by: Xiao Kan <[email protected]> > Signed-off-by: Xiao Kan <[email protected]>
Wouldn't it make more sense to account the allocation in memcg by passing GFP_ACCOUNT to the kvzalloc call in drm_property_create_blob? Maxime
signature.asc
Description: PGP signature
