| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aVzjN5z3w114fNB4@tiehlicka>
Date: Tue, 6 Jan 2026 11:25:59 +0100
From: Michal Hocko <mhocko@...e.com>
To: Shakeel Butt <shakeel.butt@...ux.dev>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
Johannes Weiner <hannes@...xchg.org>,
Roman Gushchin <roman.gushchin@...ux.dev>,
Muchun Song <muchun.song@...ux.dev>, SeongJae Park <sj@...nel.org>,
Meta kernel team <kernel-team@...a.com>, linux-mm@...ck.org,
cgroups@...r.kernel.org, damon@...ts.linux.dev,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH 0/8] memcg: separate private and public ID namespaces
On Thu 25-12-25 15:21:08, Shakeel Butt wrote:
> The memory cgroup subsystem maintains a private ID infrastructure that
> is decoupled from the cgroup IDs. This private ID system exists because
> some kernel objects (like swap entries and shadow entries in the
> workingset code) can outlive the cgroup they were associated with.
> The motivation is best described in commit 73f576c04b941 ("mm:
> memcontrol: fix cgroup creation failure after many small jobs").
>
> Unfortunately, some in-kernel users (DAMON, LRU gen debugfs interface,
> shrinker debugfs) started exposing these private IDs to userspace.
> This is problematic because:
>
> 1. The private IDs are internal implementation details that could change
> 2. Userspace already has access to cgroup IDs through the cgroup
> filesystem
> 3. Using different ID namespaces in different interfaces is confusing
>
> This series cleans up the memcg ID infrastructure by:
>
> 1. Explicitly marking the private ID APIs with "private" in their names
> to make it clear they are for internal use only (swap/workingset)
>
> 2. Making the public cgroup ID APIs (mem_cgroup_id/mem_cgroup_get_from_id)
> unconditionally available
>
> 3. Converting DAMON, LRU gen, and shrinker debugfs interfaces to use
> the public cgroup IDs instead of the private IDs
>
> 4. Removing the now-unused wrapper functions and renaming the public
> APIs for clarity
>
> After this series:
> - mem_cgroup_private_id() / mem_cgroup_from_private_id() are used for
> internal kernel objects that outlive their cgroup (swap, workingset)
> - mem_cgroup_id() / mem_cgroup_get_from_id() return the public cgroup ID
> (from cgroup_id()) for use in userspace-facing interfaces
>
> Note: please apply this series after the patch at
> https://lore.kernel.org/20251225002904.139543-1-shakeel.butt@linux.dev/
Makes sense to me. Originally I was not supper happy about the private
interface as this should be really private to memcg proper but then I
have noticed the lru code needs this outside and dealing with that would
be quite messy so an explicit name is probably better in the end.
Feel free to add
Acked-by: Michal Hocko <mhocko@...e.com>
Thanks!
>
> Shakeel Butt (8):
> memcg: introduce private id API for in-kernel users
> memcg: expose mem_cgroup_ino() and mem_cgroup_get_from_ino()
> unconditionally
> memcg: mem_cgroup_get_from_ino() returns NULL on error
> memcg: use cgroup_id() instead of cgroup_ino() for memcg ID
> mm/damon: use cgroup ID instead of private memcg ID
> mm/vmscan: use cgroup ID instead of private memcg ID in lru_gen
> interface
> memcg: remove unused mem_cgroup_id() and mem_cgroup_from_id()
> memcg: rename mem_cgroup_ino() to mem_cgroup_id()
>
> include/linux/damon.h | 4 +--
> include/linux/memcontrol.h | 26 +++++++----------
> mm/damon/core.c | 7 ++---
> mm/damon/sysfs-schemes.c | 6 ++--
> mm/list_lru.c | 2 +-
> mm/memcontrol-v1.c | 6 ++--
> mm/memcontrol-v1.h | 4 +--
> mm/memcontrol.c | 60 ++++++++++++++++++--------------------
> mm/shrinker_debug.c | 13 +++++----
> mm/vmscan.c | 17 ++++-------
> mm/workingset.c | 8 ++---
> 11 files changed, 68 insertions(+), 85 deletions(-)
>
> --
> 2.47.3
--
Michal Hocko
SUSE Labs
Powered by blists - more mailing lists