[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ff0e8a95-7395-41b3-b3b4-e0f678a2a581@canonical.com>
Date: Tue, 17 Oct 2023 02:26:35 -0700
From: John Johansen <john.johansen@...onical.com>
To: Sergey Senozhatsky <senozhatsky@...omium.org>
Cc: Anil Altinay <aaltinay@...gle.com>,
Sebastian Andrzej Siewior <bigeasy@...utronix.de>,
LKLM <linux-kernel@...r.kernel.org>,
Peter Zijlstra <peterz@...radead.org>,
Tomasz Figa <tfiga@...omium.org>,
linux-security-module@...r.kernel.org,
John Johansen <john.johansen@...onical.com>
Subject: Re: [PATCH v5 4/4] apparmor: limit the number of buffers in percpu
cache
Force buffers to be returned to the global pool, regardless of contention
when the percpu cache is full. This ensures that the percpu buffer list
never grows longer than needed.
Signed-off-by: John Johansen <john.johansen@...onical.com>
---
security/apparmor/lsm.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/security/apparmor/lsm.c b/security/apparmor/lsm.c
index 52423d88854a..e6765f64f6bf 100644
--- a/security/apparmor/lsm.c
+++ b/security/apparmor/lsm.c
@@ -56,6 +56,7 @@ struct aa_local_cache {
struct list_head head;
};
+#define MAX_LOCAL_COUNT 2
#define RESERVE_COUNT 2
static int reserve_count = RESERVE_COUNT;
static int buffer_count;
@@ -1878,9 +1879,15 @@ void aa_put_buffer(char *buf)
cache = get_cpu_ptr(&aa_local_buffers);
if (!cache->hold) {
+ bool must_lock = cache->count >= MAX_LOCAL_COUNT;
+
put_cpu_ptr(&aa_local_buffers);
- if (spin_trylock(&aa_buffers_lock)) {
+ if (must_lock) {
+ spin_lock(&aa_buffers_lock);
+ goto locked;
+ } else if (spin_trylock(&aa_buffers_lock)) {
+ locked:
/* put back on global list */
list_add(&aa_buf->list, &aa_global_buffers);
buffer_count++;
--
2.34.1
Powered by blists - more mailing lists