Received: by 10.223.185.116 with SMTP id b49csp2008932wrg; Thu, 22 Feb 2018 06:50:19 -0800 (PST) X-Google-Smtp-Source: AH8x224u/FIKQ55YGCduo3Yphu3+sQgWIGBPs31MqqLK9EAcyT2Q2Wm09ivYuBL/tD3jbtwLP/dg X-Received: by 10.99.143.69 with SMTP id r5mr5824172pgn.160.1519311019702; Thu, 22 Feb 2018 06:50:19 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1519311019; cv=none; d=google.com; s=arc-20160816; b=OhuICocwxRK9KcXvrkAtxpX2D1Mv0bkvrp3JAxe81oFGLNpUHcXcSpaNhsaiUuAldN 8SST9A5E2p7XsEI78lmJkurLW+zTYFWSVl+o6mFlXuDkUkEwrPLLDiWiIU07i4rFibD8 TmB5iHsKTmypa/13QMG8VY6j2QZnE27BMK4+PPYAeN0Lderkbuuswjnjq9HHidWHXrkb fJmS6JVYuNs7p+YjYERNugGC6HuQNvSOz36MK0g0lt1uyVDFQRp7UBRjgQowH4reFAbD AudP0UNN+QaDXTCQU7LSlcjoAUIIs/Y+NJNf2cu7rGwcljeEzei6sfAMU63mrQ6IR6WV EIgA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:arc-authentication-results; bh=nUH5s/2rG//4JIW/wXCyDZoCp0MmqesgJ05OWgaEvZI=; b=CAAV2VncTYOCrzZILGm3roRdh7IUIa7lFymWyv2Re3H4LiQN3GiOzNlPc3LFsAKZYD 1qKsDx/PWdSCXUXTiWLQVXSwyf6333xNq/eII1WFug37C6jVv4NQkYDogd3MxtTtFsdl xiq05g0BMSxcyF6db1yNCWBYQfdyXUclxbAmt03FoypONLgoTb7Kzuu7mSaFa5lih3L6 Ej2nTJgogKPBP/lHinfhfoaUwpnu8y/WGwJ6bGyo03bozT2ddRtlUO4DirrK5u+EY5lo /lZlEHwCFqt+dY+Wp5LYTmLk+IqFxQrNN2mrwLD7Plzm2XI6/A2j1Lgiv77gMI6To7ZG if1w== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n7si147065pfa.62.2018.02.22.06.49.41; Thu, 22 Feb 2018 06:50:19 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S932759AbeBVOsw (ORCPT + 99 others); Thu, 22 Feb 2018 09:48:52 -0500 Received: from mx2.suse.de ([195.135.220.15]:59484 "EHLO mx2.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753785AbeBVOsu (ORCPT ); Thu, 22 Feb 2018 09:48:50 -0500 X-Virus-Scanned: by amavisd-new at test-mx.suse.de Received: from relay1.suse.de (charybdis-ext.suse.de [195.135.220.254]) by mx2.suse.de (Postfix) with ESMTP id F39D1AE79; Thu, 22 Feb 2018 14:48:47 +0000 (UTC) Received: by quack2.suse.cz (Postfix, from userid 1000) id AAC3A1E04D6; Thu, 22 Feb 2018 15:48:44 +0100 (CET) Date: Thu, 22 Feb 2018 15:48:44 +0100 From: Jan Kara To: Michal Hocko Cc: Shakeel Butt , Jan Kara , Amir Goldstein , Christoph Lameter , Pekka Enberg , David Rientjes , Joonsoo Kim , Andrew Morton , Greg Thelen , Johannes Weiner , Vladimir Davydov , Mel Gorman , Vlastimil Babka , linux-fsdevel@vger.kernel.org, linux-mm@kvack.org, cgroups@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v2 3/3] fs: fsnotify: account fsnotify metadata to kmemcg Message-ID: <20180222144844.g4p2diu3cnbr7sx3@quack2.suse.cz> References: <20180221030101.221206-1-shakeelb@google.com> <20180221030101.221206-4-shakeelb@google.com> <20180222134944.GK30681@dhcp22.suse.cz> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20180222134944.GK30681@dhcp22.suse.cz> User-Agent: NeoMutt/20170421 (1.8.2) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu 22-02-18 14:49:44, Michal Hocko wrote: > On Tue 20-02-18 19:01:01, Shakeel Butt wrote: > > A lot of memory can be consumed by the events generated for the huge or > > unlimited queues if there is either no or slow listener. This can cause > > system level memory pressure or OOMs. So, it's better to account the > > fsnotify kmem caches to the memcg of the listener. > > How much memory are we talking about here? 32 bytes per event (on 64-bit) which is small but the number of events is not limited in any way (if the creator uses a special flag and has CAP_SYS_ADMIN). In the thread [1] a guy from Alibaba wanted this feature so among cloud people there is apparently some demand to have a way to limit memory usage of such application... > > There are seven fsnotify kmem caches and among them allocations from > > dnotify_struct_cache, dnotify_mark_cache, fanotify_mark_cache and > > inotify_inode_mark_cachep happens in the context of syscall from the > > listener. So, SLAB_ACCOUNT is enough for these caches. > > > > The objects from fsnotify_mark_connector_cachep are not accounted as > > they are small compared to the notification mark or events and it is > > unclear whom to account connector to since it is shared by all events > > attached to the inode. > > > > The allocations from the event caches happen in the context of the event > > producer. For such caches we will need to remote charge the allocations > > to the listener's memcg. Thus we save the memcg reference in the > > fsnotify_group structure of the listener. > > Is it typical that the listener lives in a different memcg and if yes > then cannot this cause one memcg to OOM/DoS the one with the listener? We have been through these discussions already in [1] back in November :). I can understand the wish to limit memory usage of an application using unlimited fanotify queues. And yes, it may mean that it will be easier for an attacker to get it oom-killed (currently the malicious app would drive the whole system oom which will presumably take a bit more effort as there is more memory to consume). But then I expect this is what admin prefers when he limits memory usage of fanotify listener. I cannot tell how common it is for producer and listener to be in different memcgs. From Alibaba request it seems it happens... Honza [1] https://lkml.org/lkml/2017/10/27/523 -- Jan Kara SUSE Labs, CR