Received: by 2002:a05:6a10:1287:0:0:0:0 with SMTP id d7csp4129858pxv; Mon, 26 Jul 2021 22:37:42 -0700 (PDT) X-Google-Smtp-Source: ABdhPJycHrs47b/8y1LnlHNJea3vLfhkp3BMs5wnQ3pBI9H+nLG+TCNonhZxH6h79VutYU8WEMLR X-Received: by 2002:a05:6402:1657:: with SMTP id s23mr25607642edx.180.1627364261997; Mon, 26 Jul 2021 22:37:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1627364261; cv=none; d=google.com; s=arc-20160816; b=p7Qe/UYmgH+IohqehAL/aIJEJcFiiU6rlHPXOI3tnoWgtZZDzwulNjhIvgrDURbJZW PQeLtkojmrmbXjad4rolxfNHhiY8jtZHQMwPRg6A7kDmSPeH+uJzattIa4qqspZXrOWf vlcynWuOog4kFLXgahfDEeclLggZ/jYW0kuXJDBZ3yRCBbjcS3BcFhX5c825g04YW1bh l1lkU6jTcD9VxJtA5uTyiRxbENO8R0zOqEhMzs4ofr5icOcrkugxrM+jNMkUNHTFw7Aw +7se6EoHcqdtlOggVaQ/S7dukKpPBTJrKMMSwmvMkuJ4tszzntuge6Oc/N/bEVFLTJOv F4BQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:content-language :in-reply-to:mime-version:user-agent:date:message-id:references:cc :to:subject:from:dkim-signature; bh=QOm/SWMV/Asmk/Sj3wEkt1IsJkdhz+j421ZJ6yW2Ajw=; b=j7bxzjBWLKKWN1mMSWZwAT/1xhQ3+zNmG1rFEIJOA+YSbz2rPKlBjgrzwxGjUyu0O7 vzmmxpTC/xmgeR3WZaOIdCGiQeKQNToyaxXb/Ccp0Xd6mJaYgftzLocgVteFZxpd5BEu RUp0Ml9jnYY55o6ao/Ufz8+BsZnllhqGWlNN6Kbp4T0mIahjYSklSdUOM/aY8+WdzfQT tn74PUpdWJv292eI10/deDAVO5UXXnOSba4v6xMzeUDvjVeaOgoVy7LW2AubS1xRvg5h e7ILf8QlXjmRr6VjmoMWjqRxL+b8Nbu2bdKVa+ytMfQUhS1PMi7yGVcQ8mEJ2G867DH5 4jig== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@virtuozzo.com header.s=relay header.b=vhl1qmBi; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=virtuozzo.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id b9si2076149ede.326.2021.07.26.22.37.18; Mon, 26 Jul 2021 22:37:41 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@virtuozzo.com header.s=relay header.b=vhl1qmBi; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=virtuozzo.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235533AbhG0Fe7 (ORCPT + 99 others); Tue, 27 Jul 2021 01:34:59 -0400 Received: from relay.sw.ru ([185.231.240.75]:40398 "EHLO relay.sw.ru" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235396AbhG0FeY (ORCPT ); Tue, 27 Jul 2021 01:34:24 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=virtuozzo.com; s=relay; h=Content-Type:MIME-Version:Date:Message-ID:Subject :From; bh=QOm/SWMV/Asmk/Sj3wEkt1IsJkdhz+j421ZJ6yW2Ajw=; b=vhl1qmBiYUKwAvV9lqD QMCbVBT3bPeLgAL4tCas91WdXWvkx8RMGHbZGanOuOoWB/DMRrRYbWwE21/q7zDJWrSM7vkgzXmSg wLCaGgc1EwknLaQ4Aj+gMMQusELjTBdTXq1iOedLAbvyJt9TxSEm6VtWckDYHy7CqsJEh70TSBo=; Received: from [10.93.0.56] by relay.sw.ru with esmtp (Exim 4.94.2) (envelope-from ) id 1m8FjT-005LZi-RM; Tue, 27 Jul 2021 08:34:23 +0300 From: Vasily Averin Subject: [PATCH v7 10/10] memcg: enable accounting for ldt_struct objects To: Andrew Morton Cc: cgroups@vger.kernel.org, Michal Hocko , Shakeel Butt , Johannes Weiner , Vladimir Davydov , Roman Gushchin , Thomas Gleixner , Ingo Molnar , Borislav Petkov , "H. Peter Anvin" , linux-kernel@vger.kernel.org References: <6f21a0e0-bd36-b6be-1ffa-0dc86c06c470@virtuozzo.com> Message-ID: <38010594-50fe-c06d-7cb0-d1f77ca422f3@virtuozzo.com> Date: Tue, 27 Jul 2021 08:34:23 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Each task can request own LDT and force the kernel to allocate up to 64Kb memory per-mm. There are legitimate workloads with hundreds of processes and there can be hundreds of workloads running on large machines. The unaccounted memory can cause isolation issues between the workloads particularly on highly utilized machines. It makes sense to account for this objects to restrict the host's memory consumption from inside the memcg-limited container. Signed-off-by: Vasily Averin Acked-by: Borislav Petkov --- arch/x86/kernel/ldt.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/arch/x86/kernel/ldt.c b/arch/x86/kernel/ldt.c index aa15132..525876e 100644 --- a/arch/x86/kernel/ldt.c +++ b/arch/x86/kernel/ldt.c @@ -154,7 +154,7 @@ static struct ldt_struct *alloc_ldt_struct(unsigned int num_entries) if (num_entries > LDT_ENTRIES) return NULL; - new_ldt = kmalloc(sizeof(struct ldt_struct), GFP_KERNEL); + new_ldt = kmalloc(sizeof(struct ldt_struct), GFP_KERNEL_ACCOUNT); if (!new_ldt) return NULL; @@ -168,9 +168,9 @@ static struct ldt_struct *alloc_ldt_struct(unsigned int num_entries) * than PAGE_SIZE. */ if (alloc_size > PAGE_SIZE) - new_ldt->entries = vzalloc(alloc_size); + new_ldt->entries = __vmalloc(alloc_size, GFP_KERNEL_ACCOUNT | __GFP_ZERO); else - new_ldt->entries = (void *)get_zeroed_page(GFP_KERNEL); + new_ldt->entries = (void *)get_zeroed_page(GFP_KERNEL_ACCOUNT); if (!new_ldt->entries) { kfree(new_ldt); -- 1.8.3.1