Received: by 2002:a05:6a10:1287:0:0:0:0 with SMTP id d7csp3787431pxv; Mon, 26 Jul 2021 12:04:02 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwnNp7VqAbus5Y9KOCN0j3Z54T8ZVTQdRxX6g+yR1z3kGScL25gs+Pax2JkNk9V7kFIs2EB X-Received: by 2002:a05:6e02:1c0b:: with SMTP id l11mr14156528ilh.126.1627326242590; Mon, 26 Jul 2021 12:04:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1627326242; cv=none; d=google.com; s=arc-20160816; b=u33n2btfSzm7+k6pmz+UCAGm8DjclAguOiVfcpyGTPER2tvTGrLwuD3r67eWmxR5se /PWAA1lROcNNHcL3w7Z04jlq+CGbqElVoLqbleTJKmVW5VYlyvrfyr2EHzMnBsBLo77h Ey5CPVHc70ByRF88Yn2H085SInXNO+h8UsaqmpQz74g6xJrP+DDvoqGRGbwTVwM6d5uk Ay1dPFRFjk4T/cC5B2FRJfUG1//eQq9sxRJGft87+9WL3c1fXRSHUIBcXG6YOCZJ8VlW JD5yDa+JZkbdxXccpS2aPRt8IwuIz8uuDYNmgQZcBIBjq5qKwXxaDuoY3s1mCmVffVmG qUbA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:references:cc :to:subject:from:dkim-signature; bh=QOm/SWMV/Asmk/Sj3wEkt1IsJkdhz+j421ZJ6yW2Ajw=; b=G82v34cYnxE9TVFEo3rrLsmKA8660V532pkcAO7VJWoV2xFp5OfL1ek5q8aYGmUSGD v/NbUz4URNtZlzgRwGBDpOu6EffxD/HRX75yHksR8m6/v42f0q/YjgwKM109Zg8tVtXe tScaxvzDehGCylHw6bLJLYChitZROK5FqcGDOgb0BFNj+sRWKkafoHOO40shJQQSRM56 bGCo9KFVh2OwuIh2EakExujbm/CCU8vLgcQ3mulNl/E8Ws3N47aAcgyTCvL4XPHyb3sD LfhJrRA1L4IQWfidBcKIh2q8OG2Xc7M45ij4CABwr4DfzfMx129Tvz32k8mQHsLAxGgk 0S/g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@virtuozzo.com header.s=relay header.b=IvYBrKFs; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=virtuozzo.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id v11si693144jal.79.2021.07.26.12.03.51; Mon, 26 Jul 2021 12:04:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@virtuozzo.com header.s=relay header.b=IvYBrKFs; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=virtuozzo.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233113AbhGZSVl (ORCPT + 99 others); Mon, 26 Jul 2021 14:21:41 -0400 Received: from relay.sw.ru ([185.231.240.75]:55516 "EHLO relay.sw.ru" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S233510AbhGZSVa (ORCPT ); Mon, 26 Jul 2021 14:21:30 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=virtuozzo.com; s=relay; h=Content-Type:MIME-Version:Date:Message-ID:Subject :From; bh=QOm/SWMV/Asmk/Sj3wEkt1IsJkdhz+j421ZJ6yW2Ajw=; b=IvYBrKFsc8n6cSTBBlf WEDW0dZk1gvP67pT3J+ySKTvyxzpKi9mqoKizqq9iXQzbEcOlDju7o3q8EKdGuXByrf+r8EXpv3l+ 5GWiCL3yw1mCHuSM8A+JAjcFPPeXIJNEqo/DSHvUy7Y6GU0pGiQeBf+8Rft9GPj3fI00PefjF8E=; Received: from [10.93.0.56] by relay.sw.ru with esmtp (Exim 4.94.2) (envelope-from ) id 1m85rP-005JXm-OR; Mon, 26 Jul 2021 22:01:55 +0300 From: Vasily Averin Subject: [PATCH v6 16/16] memcg: enable accounting for ldt_struct objects To: Andrew Morton Cc: cgroups@vger.kernel.org, Michal Hocko , Shakeel Butt , Johannes Weiner , Vladimir Davydov , Roman Gushchin , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , linux-kernel@vger.kernel.org References: <9bf9d9bd-03b1-2adb-17b4-5d59a86a9394@virtuozzo.com> Message-ID: <765aa723-34f3-2b30-323a-b281ad32d5e4@virtuozzo.com> Date: Mon, 26 Jul 2021 22:01:55 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Each task can request own LDT and force the kernel to allocate up to 64Kb memory per-mm. There are legitimate workloads with hundreds of processes and there can be hundreds of workloads running on large machines. The unaccounted memory can cause isolation issues between the workloads particularly on highly utilized machines. It makes sense to account for this objects to restrict the host's memory consumption from inside the memcg-limited container. Signed-off-by: Vasily Averin Acked-by: Borislav Petkov --- arch/x86/kernel/ldt.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/arch/x86/kernel/ldt.c b/arch/x86/kernel/ldt.c index aa15132..525876e 100644 --- a/arch/x86/kernel/ldt.c +++ b/arch/x86/kernel/ldt.c @@ -154,7 +154,7 @@ static struct ldt_struct *alloc_ldt_struct(unsigned int num_entries) if (num_entries > LDT_ENTRIES) return NULL; - new_ldt = kmalloc(sizeof(struct ldt_struct), GFP_KERNEL); + new_ldt = kmalloc(sizeof(struct ldt_struct), GFP_KERNEL_ACCOUNT); if (!new_ldt) return NULL; @@ -168,9 +168,9 @@ static struct ldt_struct *alloc_ldt_struct(unsigned int num_entries) * than PAGE_SIZE. */ if (alloc_size > PAGE_SIZE) - new_ldt->entries = vzalloc(alloc_size); + new_ldt->entries = __vmalloc(alloc_size, GFP_KERNEL_ACCOUNT | __GFP_ZERO); else - new_ldt->entries = (void *)get_zeroed_page(GFP_KERNEL); + new_ldt->entries = (void *)get_zeroed_page(GFP_KERNEL_ACCOUNT); if (!new_ldt->entries) { kfree(new_ldt); -- 1.8.3.1