| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 5 Aug 2021 10:56:01 -0700
From: Shakeel Butt <shakeelb@...gle.com>
To: Suren Baghdasaryan <surenb@...gle.com>
Cc: David Hildenbrand <david@...hat.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Michal Hocko <mhocko@...nel.org>,
Michal Hocko <mhocko@...e.com>,
David Rientjes <rientjes@...gle.com>,
Matthew Wilcox <willy@...radead.org>,
Johannes Weiner <hannes@...xchg.org>,
Roman Gushchin <guro@...com>, Rik van Riel <riel@...riel.com>,
Minchan Kim <minchan@...nel.org>,
Christian Brauner <christian@...uner.io>,
Christoph Hellwig <hch@...radead.org>,
Oleg Nesterov <oleg@...hat.com>, Jann Horn <jannh@...gle.com>,
Andy Lutomirski <luto@...nel.org>,
Christian Brauner <christian.brauner@...ntu.com>,
Florian Weimer <fweimer@...hat.com>,
Jan Engelhardt <jengelh@...i.de>,
Tim Murray <timmurray@...gle.com>,
Linux API <linux-api@...r.kernel.org>,
linux-mm <linux-mm@...ck.org>,
LKML <linux-kernel@...r.kernel.org>,
kernel-team <kernel-team@...roid.com>
Subject: Re: [PATCH v7 1/2] mm: introduce process_mrelease system call
On Thu, Aug 5, 2021 at 10:50 AM Suren Baghdasaryan <surenb@...gle.com> wrote:
>
> On Thu, Aug 5, 2021 at 10:29 AM David Hildenbrand <david@...hat.com> wrote:
> >
> > On 05.08.21 19:08, Suren Baghdasaryan wrote:
> > > In modern systems it's not unusual to have a system component monitoring
> > > memory conditions of the system and tasked with keeping system memory
> > > pressure under control. One way to accomplish that is to kill
> > > non-essential processes to free up memory for more important ones.
> > > Examples of this are Facebook's OOM killer daemon called oomd and
> > > Android's low memory killer daemon called lmkd.
> > > For such system component it's important to be able to free memory
> > > quickly and efficiently. Unfortunately the time process takes to free
> > > up its memory after receiving a SIGKILL might vary based on the state
> > > of the process (uninterruptible sleep), size and OPP level of the core
> > > the process is running. A mechanism to free resources of the target
> > > process in a more predictable way would improve system's ability to
> > > control its memory pressure.
> > > Introduce process_mrelease system call that releases memory of a dying
> > > process from the context of the caller. This way the memory is freed in
> > > a more controllable way with CPU affinity and priority of the caller.
> > > The workload of freeing the memory will also be charged to the caller.
> > > The operation is allowed only on a dying process.
> > >
> > > After previous discussions [1, 2, 3] the decision was made [4] to introduce
> > > a dedicated system call to cover this use case.
> > >
> > > The API is as follows,
> > >
> > > int process_mrelease(int pidfd, unsigned int flags);
> > >
> > > DESCRIPTION
> > > The process_mrelease() system call is used to free the memory of
> > > an exiting process.
> > >
> > > The pidfd selects the process referred to by the PID file
> > > descriptor.
> > > (See pidfd_open(2) for further information)
> > >
> > > The flags argument is reserved for future use; currently, this
> > > argument must be specified as 0.
> > >
> > > RETURN VALUE
> > > On success, process_mrelease() returns 0. On error, -1 is
> > > returned and errno is set to indicate the error.
> > >
> > > ERRORS
> > > EBADF pidfd is not a valid PID file descriptor.
> > >
> > > EAGAIN Failed to release part of the address space.
> > >
> > > EINTR The call was interrupted by a signal; see signal(7).
> > >
> > > EINVAL flags is not 0.
> > >
> > > EINVAL The memory of the task cannot be released because the
> > > process is not exiting, the address space is shared
> > > with another live process or there is a core dump in
> > > progress.
> > >
> > > ENOSYS This system call is not supported, for example, without
> > > MMU support built into Linux.
> > >
> > > ESRCH The target process does not exist (i.e., it has terminated
> > > and been waited on).
> > >
> > > [1] https://lore.kernel.org/lkml/20190411014353.113252-3-surenb@google.com/
> > > [2] https://lore.kernel.org/linux-api/20201113173448.1863419-1-surenb@google.com/
> > > [3] https://lore.kernel.org/linux-api/20201124053943.1684874-3-surenb@google.com/
> > > [4] https://lore.kernel.org/linux-api/20201223075712.GA4719@lst.de/
> > >
> > > Signed-off-by: Suren Baghdasaryan <surenb@...gle.com>
> > > ---
> > > changes in v7:
> > > - Fixed pidfd_open misspelling, per Andrew Morton
> > > - Fixed wrong task pinning after find_lock_task_mm() issue, per Michal Hocko
> > > - Moved MMF_OOM_SKIP check before task_will_free_mem(), per Michal Hocko
> > >
> > > mm/oom_kill.c | 73 +++++++++++++++++++++++++++++++++++++++++++++++++++
> > > 1 file changed, 73 insertions(+)
> > >
> > > diff --git a/mm/oom_kill.c b/mm/oom_kill.c
> > > index c729a4c4a1ac..a4d917b43c73 100644
> > > --- a/mm/oom_kill.c
> > > +++ b/mm/oom_kill.c
> > > @@ -28,6 +28,7 @@
> > > #include <linux/sched/task.h>
> > > #include <linux/sched/debug.h>
> > > #include <linux/swap.h>
> > > +#include <linux/syscalls.h>
> > > #include <linux/timex.h>
> > > #include <linux/jiffies.h>
> > > #include <linux/cpuset.h>
> > > @@ -1141,3 +1142,75 @@ void pagefault_out_of_memory(void)
> > > out_of_memory(&oc);
> > > mutex_unlock(&oom_lock);
> > > }
> > > +
> > > +SYSCALL_DEFINE2(process_mrelease, int, pidfd, unsigned int, flags)
> > > +{
> > > +#ifdef CONFIG_MMU
> > > + struct mm_struct *mm = NULL;
> > > + struct task_struct *task;
> > > + struct task_struct *p;
> > > + unsigned int f_flags;
> > > + struct pid *pid;
> > > + long ret = 0;
> > > +
> > > + if (flags)
> > > + return -EINVAL;
> > > +
> > > + pid = pidfd_get_pid(pidfd, &f_flags);
> > > + if (IS_ERR(pid))
> > > + return PTR_ERR(pid);
> > > +
> > > + task = get_pid_task(pid, PIDTYPE_PID);
> > > + if (!task) {
> > > + ret = -ESRCH;
> > > + goto put_pid;
> > > + }
> > > +
> > > + /*
> > > + * If the task is dying and in the process of releasing its memory
> > > + * then get its mm.
> > > + */
> > > + p = find_lock_task_mm(task);
> > > + if (!p) {
> > > + ret = -ESRCH;
> > > + goto put_pid;
> > > + }
> > > + if (task != p) {
> > > + get_task_struct(p);
> >
> >
> > Wouldn't we want to obtain the mm from p ? I thought that was the whole
> > exercise of going via find_lock_task_mm().
>
> Yes, that's what we do after checking task_will_free_mem().
> task_will_free_mem() requires us to hold task_lock and
> find_lock_task_mm() achieves that ensuring that mm is still valid, but
> it might return a task other than the original one. That's why we do
> this dance with pinning the new task and unpinning the original one.
> The same dance is performed in __oom_kill_process(). I was
> contemplating adding a parameter to find_lock_task_mm() to request
> this unpin/pin be done within that function but then decided to keep
> it simple for now.
> Did I address your question or did I misunderstand it?
>
One question I have is why mmget() and not mmgrab()? I see mmgrab() in
oom_kill.c.
Powered by blists - more mailing lists