• Johannes Weiner's avatar
    mm: memcontrol: make swap tracking an integral part of memory control · 2d1c4980
    Johannes Weiner authored
    Without swap page tracking, users that are otherwise memory controlled can
    easily escape their containment and allocate significant amounts of memory
    that they're not being charged for.  That's because swap does readahead,
    but without the cgroup records of who owned the page at swapout, readahead
    pages don't get charged until somebody actually faults them into their
    page table and we can identify an owner task.  This can be maliciously
    exploited with MADV_WILLNEED, which triggers arbitrary readahead
    allocations without charging the pages.
    
    Make swap swap page tracking an integral part of memcg and remove the
    Kconfig options.  In the first place, it was only made configurable to
    allow users to save some memory.  But the overhead of tracking cgroup
    ownership per swap page is minimal - 2 byte per page, or 512k per 1G of
    swap, or 0.04%.  Saving that at the expense of broken containment
    semantics is not something we should present as a coequal option.
    
    The swapaccount=0 boot option will continue to exist, and it will
    eliminate the page_counter overhead and hide the swap control files, but
    it won't disable swap slot ownership tracking.
    
    This patch makes sure we always have the cgroup records at swapin time;
    the next patch will fix the actual bug by charging readahead swap pages at
    swapin time rather than at fault time.
    
    v2: fix double swap charge bug in cgroup1/cgroup2 code gating
    
    [hannes@cmpxchg.org: fix crash with cgroup_disable=memory]
      Link: http://lkml.kernel.org/r/20200521215855.GB815153@cmpxchg.orgSigned-off-by: default avatarJohannes Weiner <hannes@cmpxchg.org>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Reviewed-by: default avatarJoonsoo Kim <iamjoonsoo.kim@lge.com>
    Cc: Alex Shi <alex.shi@linux.alibaba.com>
    Cc: "Kirill A. Shutemov" <kirill@shutemov.name>
    Cc: Roman Gushchin <guro@fb.com>
    Cc: Shakeel Butt <shakeelb@google.com>
    Cc: Balbir Singh <bsingharora@gmail.com>
    Cc: Naresh Kamboju <naresh.kamboju@linaro.org>
    Link: http://lkml.kernel.org/r/20200508183105.225460-16-hannes@cmpxchg.orgDebugged-by: default avatarHugh Dickins <hughd@google.com>
    Debugged-by: default avatarMichal Hocko <mhocko@kernel.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    2d1c4980
swap_cgroup.c 5.15 KB