Commit d1b942b7 authored by Roman Gushchin's avatar Roman Gushchin Committed by Zheng Zengkai
Browse files

mm: memcontrol: Use helpers to read page's memcg data 

mainline inclusion
from mainline-v5.11-rc1
commit bcfe06bf
category: bugfix
bugzilla: https://gitee.com/openeuler/kernel/issues/I4C0GB
CVE: NA

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=bcfe06bf2622f7c4899468e427683aec49070687



----------------------------------------------------------------------

Patch series "mm: allow mapping accounted kernel pages to userspace", v6.

Currently a non-slab kernel page which has been charged to a memory cgroup
can't be mapped to userspace.  The underlying reason is simple: PageKmemcg
flag is defined as a page type (like buddy, offline, etc), so it takes a
bit from a page->mapped counter.  Pages with a type set can't be mapped to
userspace.

But in general the kmemcg flag has nothing to do with mapping to
userspace.  It only means that the page has been accounted by the page
allocator, so it has to be properly uncharged on release.

Some bpf maps are mapping the vmalloc-based memory to userspace, and their
memory can't be accounted because of this implementation detail.

This patchset removes this limitation by moving the PageKmemcg flag into
one of the free bits of the page->mem_cgroup pointer.  Also it formalizes
accesses to the page->mem_cgroup and page->obj_cgroups using new helpers,
adds several checks and removes a couple of obsolete functions.  As the
result the code became more robust with fewer open-coded bit tricks.

This patch (of 4):

Currently there are many open-coded reads of the page->mem_cgroup pointer,
as well as a couple of read helpers, which are barely used.

It creates an obstacle on a way to reuse some bits of the pointer for
storing additional bits of information.  In fact, we already do this for
slab pages, where the last bit indicates that a pointer has an attached
vector of objcg pointers instead of a regular memcg pointer.

This commits uses 2 existing helpers and introduces a new helper to
converts all read sides to calls of these helpers:
  struct mem_cgroup *page_memcg(struct page *page);
  struct mem_cgroup *page_memcg_rcu(struct page *page);
  struct mem_cgroup *page_memcg_check(struct page *page);

page_memcg_check() is intended to be used in cases when the page can be a
slab page and have a memcg pointer pointing at objcg vector.  It does
check the lowest bit, and if set, returns NULL.  page_memcg() contains a
VM_BUG_ON_PAGE() check for the page not being a slab page.

To make sure nobody uses a direct access, struct page's
mem_cgroup/obj_cgroups is converted to unsigned long memcg_data.

Signed-off-by: default avatarRoman Gushchin <guro@fb.com>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
Reviewed-by: default avatarShakeel Butt <shakeelb@google.com>
Acked-by: default avatarJohannes Weiner <hannes@cmpxchg.org>
Acked-by: default avatarMichal Hocko <mhocko@suse.com>
Link: https://lkml.kernel.org/r/20201027001657.3398190-1-guro@fb.com
Link: https://lkml.kernel.org/r/20201027001657.3398190-2-guro@fb.com
Link: https://lore.kernel.org/bpf/20201201215900.3569844-2-guro@fb.com



Conflicts:
	mm/memcontrol.c
Signed-off-by: default avatarChen Huang <chenhuang5@huawei.com>
Reviewed-by: default avatarKefeng Wang <wangkefeng.wang@huawei.com>
Reviewed-by: default avatarChen Wandun <chenwandun@huawei.com>
Signed-off-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
parent dff67aa5

fs/buffer.c

+1 −1
Original line number Diff line number Diff line
@@ -657,7 +657,7 @@ int __set_page_dirty_buffers(struct page *page) 
		} while (bh != head);

	}

	/*

	 * Lock out page->mem_cgroup migration to keep PageDirty

	 * Lock out page's memcg migration to keep PageDirty

	 * synchronized with per-memcg dirty page counters.

	 */

	lock_page_memcg(page);

fs/iomap/buffered-io.c

+1 −1
Original line number Diff line number Diff line
@@ -650,7 +650,7 @@ iomap_set_page_dirty(struct page *page) 
		return !TestSetPageDirty(page);



	/*

	 * Lock out page->mem_cgroup migration to keep PageDirty

	 * Lock out page's memcg migration to keep PageDirty

	 * synchronized with per-memcg dirty page counters.

	 */

	lock_page_memcg(page);

include/linux/memcontrol.h

+105 −9
Original line number Diff line number Diff line
@@ -373,6 +373,79 @@ extern int sysctl_memcg_qos_handler(struct ctl_table *table, 


extern struct mem_cgroup *root_mem_cgroup;



/*

 * page_memcg - get the memory cgroup associated with a page

 * @page: a pointer to the page struct

 *

 * Returns a pointer to the memory cgroup associated with the page,

 * or NULL. This function assumes that the page is known to have a

 * proper memory cgroup pointer. It's not safe to call this function

 * against some type of pages, e.g. slab pages or ex-slab pages.

 *

 * Any of the following ensures page and memcg binding stability:

 * - the page lock

 * - LRU isolation

 * - lock_page_memcg()

 * - exclusive reference

 */

static inline struct mem_cgroup *page_memcg(struct page *page)

{

	VM_BUG_ON_PAGE(PageSlab(page), page);

	return (struct mem_cgroup *)page->memcg_data;

}



/*

 * page_memcg_rcu - locklessly get the memory cgroup associated with a page

 * @page: a pointer to the page struct

 *

 * Returns a pointer to the memory cgroup associated with the page,

 * or NULL. This function assumes that the page is known to have a

 * proper memory cgroup pointer. It's not safe to call this function

 * against some type of pages, e.g. slab pages or ex-slab pages.

 */

static inline struct mem_cgroup *page_memcg_rcu(struct page *page)

{

	VM_BUG_ON_PAGE(PageSlab(page), page);

	WARN_ON_ONCE(!rcu_read_lock_held());



	return (struct mem_cgroup *)READ_ONCE(page->memcg_data);

}



/*

 * page_memcg_check - get the memory cgroup associated with a page

 * @page: a pointer to the page struct

 *

 * Returns a pointer to the memory cgroup associated with the page,

 * or NULL. This function unlike page_memcg() can take any  page

 * as an argument. It has to be used in cases when it's not known if a page

 * has an associated memory cgroup pointer or an object cgroups vector.

 *

 * Any of the following ensures page and memcg binding stability:

 * - the page lock

 * - LRU isolation

 * - lock_page_memcg()

 * - exclusive reference

 */

static inline struct mem_cgroup *page_memcg_check(struct page *page)

{

	/*

	 * Because page->memcg_data might be changed asynchronously

	 * for slab pages, READ_ONCE() should be used here.

	 */

	unsigned long memcg_data = READ_ONCE(page->memcg_data);



	/*

	 * The lowest bit set means that memcg isn't a valid

	 * memcg pointer, but a obj_cgroups pointer.

	 * In this case the page is shared and doesn't belong

	 * to any specific memory cgroup.

	 */

	if (memcg_data & 0x1UL)

		return NULL;



	return (struct mem_cgroup *)memcg_data;

}



static __always_inline bool memcg_stat_item_in_bytes(int idx)

{

	if (idx == MEMCG_PERCPU_B)
@@ -802,15 +875,19 @@ static inline void mod_memcg_state(struct mem_cgroup *memcg, 
static inline void __mod_memcg_page_state(struct page *page,

					  int idx, int val)

{

	if (page->mem_cgroup)

		__mod_memcg_state(page->mem_cgroup, idx, val);

	struct mem_cgroup *memcg = page_memcg(page);



	if (memcg)

		__mod_memcg_state(memcg, idx, val);

}



static inline void mod_memcg_page_state(struct page *page,

					int idx, int val)

{

	if (page->mem_cgroup)

		mod_memcg_state(page->mem_cgroup, idx, val);

	struct mem_cgroup *memcg = page_memcg(page);



	if (memcg)

		mod_memcg_state(memcg, idx, val);

}



static inline unsigned long lruvec_page_state(struct lruvec *lruvec,
@@ -893,16 +970,17 @@ static inline void __mod_lruvec_page_state(struct page *page, 
					   enum node_stat_item idx, int val)

{

	struct page *head = compound_head(page); /* rmap on tail pages */

	struct mem_cgroup *memcg = page_memcg(head);

	pg_data_t *pgdat = page_pgdat(page);

	struct lruvec *lruvec;



	/* Untracked pages have no memcg, no lruvec. Update only the node */

	if (!head->mem_cgroup) {

	if (!memcg) {

		__mod_node_page_state(pgdat, idx, val);

		return;

	}



	lruvec = mem_cgroup_lruvec(head->mem_cgroup, pgdat);

	lruvec = mem_cgroup_lruvec(memcg, pgdat);

	__mod_lruvec_state(lruvec, idx, val);

}
@@ -937,8 +1015,10 @@ static inline void count_memcg_events(struct mem_cgroup *memcg, 
static inline void count_memcg_page_event(struct page *page,

					  enum vm_event_item idx)

{

	if (page->mem_cgroup)

		count_memcg_events(page->mem_cgroup, idx, 1);

	struct mem_cgroup *memcg = page_memcg(page);



	if (memcg)

		count_memcg_events(memcg, idx, 1);

}



static inline void count_memcg_event_mm(struct mm_struct *mm,
@@ -1005,6 +1085,22 @@ void split_page_memcg(struct page *head, unsigned int nr); 


struct mem_cgroup;



static inline struct mem_cgroup *page_memcg(struct page *page)

{

	return NULL;

}



static inline struct mem_cgroup *page_memcg_rcu(struct page *page)

{

	WARN_ON_ONCE(!rcu_read_lock_held());

	return NULL;

}



static inline struct mem_cgroup *page_memcg_check(struct page *page)

{

	return NULL;

}



static inline bool mem_cgroup_is_root(struct mem_cgroup *memcg)

{

	return true;
@@ -1576,7 +1672,7 @@ static inline void mem_cgroup_track_foreign_dirty(struct page *page, 
	if (mem_cgroup_disabled())

		return;



	if (unlikely(&page->mem_cgroup->css != wb->memcg_css))

	if (unlikely(&page_memcg(page)->css != wb->memcg_css))

		mem_cgroup_track_foreign_dirty_slowpath(page, wb);

}

include/linux/mm.h

+0 −22
Original line number Diff line number Diff line
@@ -1504,28 +1504,6 @@ static inline void set_page_links(struct page *page, enum zone_type zone, 
#endif

}



#ifdef CONFIG_MEMCG

static inline struct mem_cgroup *page_memcg(struct page *page)

{

	return page->mem_cgroup;

}

static inline struct mem_cgroup *page_memcg_rcu(struct page *page)

{

	WARN_ON_ONCE(!rcu_read_lock_held());

	return READ_ONCE(page->mem_cgroup);

}

#else

static inline struct mem_cgroup *page_memcg(struct page *page)

{

	return NULL;

}

static inline struct mem_cgroup *page_memcg_rcu(struct page *page)

{

	WARN_ON_ONCE(!rcu_read_lock_held());

	return NULL;

}

#endif



/*

 * Some inline functions in vmstat.h depend on page_zone()

 */

include/linux/mm_types.h

+1 −4
Original line number Diff line number Diff line
@@ -201,10 +201,7 @@ struct page { 
	atomic_t _refcount;



#ifdef CONFIG_MEMCG

	union {

		struct mem_cgroup *mem_cgroup;

		struct obj_cgroup **obj_cgroups;

	};

	unsigned long memcg_data;

#endif



	/*