| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 13 May 2022 18:51:41 +0300
From: Vasily Averin <vvs@...nvz.org>
To: Roman Gushchin <roman.gushchin@...ux.dev>,
Shakeel Butt <shakeelb@...gle.com>,
Michal Koutný <mkoutny@...e.com>
Cc: kernel@...nvz.org, linux-kernel@...r.kernel.org,
Vlastimil Babka <vbabka@...e.cz>,
Michal Hocko <mhocko@...e.com>, cgroups@...r.kernel.org
Subject: [PATCH 1/4] memcg: enable accounting for large allocations in
mem_cgroup_css_alloc
cgroup mkdir can be misused inside memcg limited container. It can allocate
a lot of host memory without memcg accounting, cause global memory shortage
and force OOM to kill random host process.
Below [1] is result of mkdir /sys/fs/cgroup/test tracing on VM with 4 cpus
number bytes $1*$2 sum note call_site
of alloc
allocs
------------------------------------------------------------
1 14448 14448 14448 = percpu_alloc_percpu:
1 8192 8192 22640 (mem_cgroup_css_alloc+0x54)
49 128 6272 28912 (__kernfs_new_node+0x4e)
49 96 4704 33616 (simple_xattr_alloc+0x2c)
49 88 4312 37928 (__kernfs_iattrs+0x56)
1 4096 4096 42024 (cgroup_mkdir+0xc7)
1 3840 3840 45864 = percpu_alloc_percpu:
4 512 2048 47912 (alloc_fair_sched_group+0x166)
4 512 2048 49960 (alloc_fair_sched_group+0x139)
1 2048 2048 52008 (mem_cgroup_css_alloc+0x109)
[smaller objects skipped]
---
Total 61728
'=' -- accounted allocations
This patch enabled accounting for one of the main memory hogs in this
experiment: allocation which are called inside mem_cgroup_css_alloc()
Signed-off-by: Vasily Averin <vvs@...nvz.org>
Link: [1] https://lore.kernel.org/all/1aa4cd22-fcb6-0e8d-a1c6-23661d618864@openvz.org/
---
mm/memcontrol.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/mm/memcontrol.c b/mm/memcontrol.c
index 598fece89e2b..52c6163ba6dc 100644
--- a/mm/memcontrol.c
+++ b/mm/memcontrol.c
@@ -5031,7 +5031,7 @@ static int alloc_mem_cgroup_per_node_info(struct mem_cgroup *memcg, int node)
{
struct mem_cgroup_per_node *pn;
- pn = kzalloc_node(sizeof(*pn), GFP_KERNEL, node);
+ pn = kzalloc_node(sizeof(*pn), GFP_KERNEL_ACCOUNT, node);
if (!pn)
return 1;
@@ -5083,7 +5083,7 @@ static struct mem_cgroup *mem_cgroup_alloc(void)
int __maybe_unused i;
long error = -ENOMEM;
- memcg = kzalloc(struct_size(memcg, nodeinfo, nr_node_ids), GFP_KERNEL);
+ memcg = kzalloc(struct_size(memcg, nodeinfo, nr_node_ids), GFP_KERNEL_ACCOUNT);
if (!memcg)
return ERR_PTR(error);
--
2.31.1
Powered by blists - more mailing lists