lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <51F6C00C.5050702@gmail.com>
Date:	Mon, 29 Jul 2013 15:18:36 -0400
From:	KOSAKI Motohiro <kosaki.motohiro@...il.com>
To:	Johannes Weiner <hannes@...xchg.org>
CC:	Andrew Morton <akpm@...ux-foundation.org>,
	Michal Hocko <mhocko@...e.cz>,
	David Rientjes <rientjes@...gle.com>,
	KAMEZAWA Hiroyuki <kamezawa.hiroyu@...fujitsu.com>,
	azurIt <azurit@...ox.sk>, linux-mm@...ck.org,
	cgroups@...r.kernel.org, x86@...nel.org,
	linux-arch@...r.kernel.org, linux-kernel@...r.kernel.org,
	kosaki.motohiro@...il.com
Subject: Re: [patch 5/6] mm: memcg: enable memcg OOM killer only for user
 faults

(7/25/13 6:25 PM), Johannes Weiner wrote:
> System calls and kernel faults (uaccess, gup) can handle an out of
> memory situation gracefully and just return -ENOMEM.
> 
> Enable the memcg OOM killer only for user faults, where it's really
> the only option available.
> 
> Signed-off-by: Johannes Weiner <hannes@...xchg.org>
> ---
>   include/linux/memcontrol.h | 23 +++++++++++++++++++++++
>   include/linux/sched.h      |  3 +++
>   mm/filemap.c               | 11 ++++++++++-
>   mm/memcontrol.c            |  2 +-
>   mm/memory.c                | 40 ++++++++++++++++++++++++++++++----------
>   5 files changed, 67 insertions(+), 12 deletions(-)
> 
> diff --git a/include/linux/memcontrol.h b/include/linux/memcontrol.h
> index 7b4d9d7..9bb5eeb 100644
> --- a/include/linux/memcontrol.h
> +++ b/include/linux/memcontrol.h
> @@ -125,6 +125,24 @@ extern void mem_cgroup_print_oom_info(struct mem_cgroup *memcg,
>   extern void mem_cgroup_replace_page_cache(struct page *oldpage,
>   					struct page *newpage);
>   
> +/**
> + * mem_cgroup_xchg_may_oom - toggle the memcg OOM killer for a task
> + * @p: task
> + * @new: true to enable, false to disable
> + *
> + * Toggle whether a failed memcg charge should invoke the OOM killer
> + * or just return -ENOMEM.  Returns the previous toggle state.
> + */
> +static inline bool mem_cgroup_xchg_may_oom(struct task_struct *p, bool new)
> +{
> +	bool old;
> +
> +	old = p->memcg_oom.may_oom;
> +	p->memcg_oom.may_oom = new;
> +
> +	return old;
> +}

The name of xchg strongly suggest the function use compare-swap op. So, it seems
misleading name. I suggest just use "set_*" or something else. In linux kernel,
many setter functions already return old value. Don't mind.
 
> diff --git a/include/linux/sched.h b/include/linux/sched.h
> index fc09d21..4b3effc 100644
> --- a/include/linux/sched.h
> +++ b/include/linux/sched.h
> @@ -1398,6 +1398,9 @@ struct task_struct {
>   		unsigned long memsw_nr_pages; /* uncharged mem+swap usage */
>   	} memcg_batch;
>   	unsigned int memcg_kmem_skip_account;
> +	struct memcg_oom_info {
> +		unsigned int may_oom:1;
> +	} memcg_oom;

This ":1" makes slower but doesn't diet any memory space, right? I suggest
to use bool. If anybody need to diet in future, he may change it to bit field.
That's ok, let's stop too early and questionable micro optimization.


> diff --git a/mm/filemap.c b/mm/filemap.c
> index a6981fe..2932810 100644
> --- a/mm/filemap.c
> +++ b/mm/filemap.c
> @@ -1617,6 +1617,7 @@ int filemap_fault(struct vm_area_struct *vma, struct vm_fault *vmf)
>   	struct file_ra_state *ra = &file->f_ra;
>   	struct inode *inode = mapping->host;
>   	pgoff_t offset = vmf->pgoff;
> +	unsigned int may_oom;

Why don't you use bool? your mem_cgroup_xchg_may_oom() uses bool and it seems cleaner more.

> @@ -1626,7 +1627,11 @@ int filemap_fault(struct vm_area_struct *vma, struct vm_fault *vmf)
>   		return VM_FAULT_SIGBUS;
>   
>   	/*
> -	 * Do we have something in the page cache already?
> +	 * Do we have something in the page cache already?  Either
> +	 * way, try readahead, but disable the memcg OOM killer for it
> +	 * as readahead is optional and no errors are propagated up
> +	 * the fault stack.  The OOM killer is enabled while trying to
> +	 * instantiate the faulting page individually below.
>   	 */
>   	page = find_get_page(mapping, offset);
>   	if (likely(page) && !(vmf->flags & FAULT_FLAG_TRIED)) {
> @@ -1634,10 +1639,14 @@ int filemap_fault(struct vm_area_struct *vma, struct vm_fault *vmf)
>   		 * We found the page, so try async readahead before
>   		 * waiting for the lock.
>   		 */
> +		may_oom = mem_cgroup_xchg_may_oom(current, 0);
>   		do_async_mmap_readahead(vma, ra, file, page, offset);
> +		mem_cgroup_xchg_may_oom(current, may_oom);
>   	} else if (!page) {
>   		/* No page in the page cache at all */
> +		may_oom = mem_cgroup_xchg_may_oom(current, 0);
>   		do_sync_mmap_readahead(vma, ra, file, offset);
> +		mem_cgroup_xchg_may_oom(current, may_oom);
>   		count_vm_event(PGMAJFAULT);
>   		mem_cgroup_count_vm_event(vma->vm_mm, PGMAJFAULT);
>   		ret = VM_FAULT_MAJOR;
> diff --git a/mm/memcontrol.c b/mm/memcontrol.c
> index 00a7a66..30ae46a 100644
> --- a/mm/memcontrol.c
> +++ b/mm/memcontrol.c
> @@ -2614,7 +2614,7 @@ static int mem_cgroup_do_charge(struct mem_cgroup *memcg, gfp_t gfp_mask,
>   		return CHARGE_RETRY;
>   
>   	/* If we don't need to call oom-killer at el, return immediately */
> -	if (!oom_check)
> +	if (!oom_check || !current->memcg_oom.may_oom)
>   		return CHARGE_NOMEM;
>   	/* check OOM */
>   	if (!mem_cgroup_handle_oom(mem_over_limit, gfp_mask, get_order(csize)))
> diff --git a/mm/memory.c b/mm/memory.c
> index f2ab2a8..5ea7b47 100644
> --- a/mm/memory.c
> +++ b/mm/memory.c
> @@ -3752,22 +3752,14 @@ unlock:
>   /*
>    * By the time we get here, we already hold the mm semaphore
>    */
> -int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma,
> -		unsigned long address, unsigned int flags)
> +static int __handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma,
> +			     unsigned long address, unsigned int flags)
>   {
>   	pgd_t *pgd;
>   	pud_t *pud;
>   	pmd_t *pmd;
>   	pte_t *pte;
>   
> -	__set_current_state(TASK_RUNNING);
> -
> -	count_vm_event(PGFAULT);
> -	mem_cgroup_count_vm_event(mm, PGFAULT);
> -
> -	/* do counter updates before entering really critical section. */
> -	check_sync_rss_stat(current);
> -
>   	if (unlikely(is_vm_hugetlb_page(vma)))
>   		return hugetlb_fault(mm, vma, address, flags);
>   
> @@ -3851,6 +3843,34 @@ retry:
>   	return handle_pte_fault(mm, vma, address, pte, pmd, flags);
>   }
>   
> +int handle_mm_fault(struct mm_struct *mm, struct vm_area_struct *vma,
> +		    unsigned long address, unsigned int flags)
> +{
> +	int ret;
> +
> +	__set_current_state(TASK_RUNNING);
> +
> +	count_vm_event(PGFAULT);
> +	mem_cgroup_count_vm_event(mm, PGFAULT);
> +
> +	/* do counter updates before entering really critical section. */
> +	check_sync_rss_stat(current);
> +
> +	/*
> +	 * Enable the memcg OOM handling for faults triggered in user
> +	 * space.  Kernel faults are handled more gracefully.
> +	 */
> +	if (flags & FAULT_FLAG_USER)
> +		WARN_ON(mem_cgroup_xchg_may_oom(current, true) == true);

Please don't assume WARN_ON never erase any code. I'm not surprised if embedded
guys replace WARN_ON with nop in future.

Thanks.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ