From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=5Rx3=Z5=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-0.8 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED,
	DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,
	SPF_PASS autolearn=no autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id A4869C2D0C1
	for <linux-mm@archiver.kernel.org>; Sat,  7 Dec 2019 00:13:24 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id 445082245C
	for <linux-mm@archiver.kernel.org>; Sat,  7 Dec 2019 00:13:24 +0000 (UTC)
Authentication-Results: mail.kernel.org;
	dkim=pass (1024-bit key) header.d=kernel.org header.i=@kernel.org header.b="0NLnKdpq"
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 445082245C
Authentication-Results: mail.kernel.org; dmarc=none (p=none dis=none) header.from=linux-foundation.org
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id 92C1D6B1888; Fri,  6 Dec 2019 19:13:23 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 8DC816B1889; Fri,  6 Dec 2019 19:13:23 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 7F3566B188A; Fri,  6 Dec 2019 19:13:23 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0060.hostedemail.com [216.40.44.60])
	by kanga.kvack.org (Postfix) with ESMTP id 664946B1888
	for <linux-mm@kvack.org>; Fri,  6 Dec 2019 19:13:23 -0500 (EST)
Received: from smtpin25.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay02.hostedemail.com (Postfix) with SMTP id 1D4BC1EF3
	for <linux-mm@kvack.org>; Sat,  7 Dec 2019 00:13:23 +0000 (UTC)
X-FDA: 76236421086.25.pets52_57ba4ad0c5c4c
X-HE-Tag: pets52_57ba4ad0c5c4c
X-Filterd-Recvd-Size: 2299
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by imf02.hostedemail.com (Postfix) with ESMTP
	for <linux-mm@kvack.org>; Sat,  7 Dec 2019 00:13:22 +0000 (UTC)
Received: from localhost.localdomain (c-73-231-172-41.hsd1.ca.comcast.net [73.231.172.41])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mail.kernel.org (Postfix) with ESMTPSA id AEDBC21835;
	Sat,  7 Dec 2019 00:13:21 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=default; t=1575677601;
	bh=cRJyhwcrWWoggU0a/DQMLsTC6qlKaCboNpZR+V9cItk=;
	h=Date:From:To:Cc:Subject:In-Reply-To:References:From;
	b=0NLnKdpqGtCiPZQVLL8zg+mDF5bzkCi2vuMbjbTJ48EwR9W0cjwchH9j4Il96rQBo
	 /rX8rPzKURxZY4272i9kUur/ez97JpHvQrLTvtdzm/zFl+20Q2dRanUDw6zxEAx6A8
	 WktX4tWKdP6+H9fkVTlV9ZoUNJ6RxJ5wrEOeEZ08=
Date: Fri, 6 Dec 2019 16:13:21 -0800
From: Andrew Morton <akpm@linux-foundation.org>
To: Shakeel Butt <shakeelb@google.com>
Cc: Roman Gushchin <guro@fb.com>, linux-mm@kvack.org, Johannes Weiner
 <hannes@cmpxchg.org>, Michal Hocko <mhocko@suse.com>,
 linux-kernel@vger.kernel.org
Subject: Re: [PATCH] memcg: account security cred as well to kmemcg
Message-Id: <20191206161321.35ec9a9dc0ed50222a06fee3@linux-foundation.org>
In-Reply-To: <20191205223721.40034-1-shakeelb@google.com>
References: <20191205223721.40034-1-shakeelb@google.com>
X-Mailer: Sylpheed 3.5.1 (GTK+ 2.24.31; x86_64-pc-linux-gnu)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Thu,  5 Dec 2019 14:37:21 -0800 Shakeel Butt <shakeelb@google.com> wrote:

> The cred_jar kmem_cache is already memcg accounted in the current
> kernel but cred->security is not. Account cred->security to kmemcg.
> 
> Recently we saw high root slab usage on our production and on further
> inspection, we found a buggy application leaking processes. Though that
> buggy application was contained within its memcg but we observe much
> more system memory overhead, couple of GiBs, during that period. This
> overhead can adversely impact the isolation on the system. One of source
> of high overhead, we found was cred->secuity objects.

A bit of an oversight and the fix is simple.  Is it worth a cc:stable?