[PATCH 1/4] memcg: enable accounting for large allocations in mem_cgroup_css_alloc

From: Vasily Averin
Date: Fri May 13 2022 - 11:51:53 EST

Next message: Manivannan Sadhasivam: "Re: [PATCH v3 1/7] dt-bindings: clock: qcom,gcc-sdm845: add parent power domain"
Previous message: Vasily Averin: "[PATCH 0/4] memcg: accounting for objects allocated by mkdir cgroup"
In reply to: Roman Gushchin: "Re: [PATCH 0/4] memcg: accounting for objects allocated by mkdir cgroup"
Next in thread: Vasily Averin: "[PATCH 2/4] memcg: enable accounting for kernfs nodes and iattrs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

cgroup mkdir can be misused inside memcg limited container. It can allocate
a lot of host memory without memcg accounting, cause global memory shortage
and force OOM to kill random host process.

Below [1] is result of mkdir /sys/fs/cgroup/test tracing on VM with 4 cpus

number bytes $1*$2 sum note call_site
of alloc
allocs
------------------------------------------------------------
1 14448 14448 14448 = percpu_alloc_percpu:
1 8192 8192 22640 (mem_cgroup_css_alloc+0x54)
49 128 6272 28912 (__kernfs_new_node+0x4e)
49 96 4704 33616 (simple_xattr_alloc+0x2c)
49 88 4312 37928 (__kernfs_iattrs+0x56)
1 4096 4096 42024 (cgroup_mkdir+0xc7)
1 3840 3840 45864 = percpu_alloc_percpu:
4 512 2048 47912 (alloc_fair_sched_group+0x166)
4 512 2048 49960 (alloc_fair_sched_group+0x139)
1 2048 2048 52008 (mem_cgroup_css_alloc+0x109)
[smaller objects skipped]
---
Total 61728

'=' -- accounted allocations

This patch enabled accounting for one of the main memory hogs in this
experiment: allocation which are called inside mem_cgroup_css_alloc()

Signed-off-by: Vasily Averin <vvs@xxxxxxxxxx>
Link: [1] https://lore.kernel.org/all/1aa4cd22-fcb6-0e8d-a1c6-23661d618864@xxxxxxxxxx/
---
mm/memcontrol.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/mm/memcontrol.c b/mm/memcontrol.c
index 598fece89e2b..52c6163ba6dc 100644
--- a/mm/memcontrol.c
+++ b/mm/memcontrol.c
@@ -5031,7 +5031,7 @@ static int alloc_mem_cgroup_per_node_info(struct mem_cgroup *memcg, int node)
{
struct mem_cgroup_per_node *pn;

- pn = kzalloc_node(sizeof(*pn), GFP_KERNEL, node);
+ pn = kzalloc_node(sizeof(*pn), GFP_KERNEL_ACCOUNT, node);
if (!pn)
return 1;

@@ -5083,7 +5083,7 @@ static struct mem_cgroup *mem_cgroup_alloc(void)
int __maybe_unused i;
long error = -ENOMEM;

- memcg = kzalloc(struct_size(memcg, nodeinfo, nr_node_ids), GFP_KERNEL);
+ memcg = kzalloc(struct_size(memcg, nodeinfo, nr_node_ids), GFP_KERNEL_ACCOUNT);
if (!memcg)
return ERR_PTR(error);

--
2.31.1

Next message: Manivannan Sadhasivam: "Re: [PATCH v3 1/7] dt-bindings: clock: qcom,gcc-sdm845: add parent power domain"
Previous message: Vasily Averin: "[PATCH 0/4] memcg: accounting for objects allocated by mkdir cgroup"
In reply to: Roman Gushchin: "Re: [PATCH 0/4] memcg: accounting for objects allocated by mkdir cgroup"
Next in thread: Vasily Averin: "[PATCH 2/4] memcg: enable accounting for kernfs nodes and iattrs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]