From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id B42E0C433EF
	for <linux-mm@archiver.kernel.org>; Sat, 18 Jun 2022 07:11:01 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id 3B96A6B0071; Sat, 18 Jun 2022 03:11:01 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id 3423C6B0072; Sat, 18 Jun 2022 03:11:01 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id 1BBC46B0073; Sat, 18 Jun 2022 03:11:01 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0017.hostedemail.com [216.40.44.17])
	by kanga.kvack.org (Postfix) with ESMTP id 0977E6B0071
	for <linux-mm@kvack.org>; Sat, 18 Jun 2022 03:11:01 -0400 (EDT)
Received: from smtpin20.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay12.hostedemail.com (Postfix) with ESMTP id CC2C7120C43
	for <linux-mm@kvack.org>; Sat, 18 Jun 2022 07:11:00 +0000 (UTC)
X-FDA: 79590484680.20.11CDB6F
Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124])
	by imf15.hostedemail.com (Postfix) with ESMTP id F0CDAA008D
	for <linux-mm@kvack.org>; Sat, 18 Jun 2022 07:10:59 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1655536259;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=3149uVzRocbxaxAqir48oOLcGTAbi4K048Ex/Bn/8OQ=;
	b=JE2lBkrsRlEIrACpEFnLLo3YFAxPuFKOW4QpZT3uPZBsCLlbTEyXXvRbZLnVFLpKTPHAqI
	XWudfjlAg3DxCwbic78Wx9SwN3GM6kPawoYZbtTWaLzWPp0nZKoqFNNDGEbctLh2B6nEYI
	kK1Pwm9bbn1HVb8ObbteJpmUltzJPOs=
Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com
 [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 us-mta-456-2X-M6cCJNwy08KNbv9i5LA-1; Sat, 18 Jun 2022 03:10:57 -0400
X-MC-Unique: 2X-M6cCJNwy08KNbv9i5LA-1
Received: by mail-wm1-f70.google.com with SMTP id m22-20020a7bcb96000000b0039c4f6ade4dso2104462wmi.8
        for <linux-mm@kvack.org>; Sat, 18 Jun 2022 00:10:57 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:message-id:date:mime-version:user-agent:subject
         :content-language:to:cc:references:from:organization:in-reply-to
         :content-transfer-encoding;
        bh=3149uVzRocbxaxAqir48oOLcGTAbi4K048Ex/Bn/8OQ=;
        b=AQ6AlE4EXlsOif3F6Zk6uYDFq+hLFcGTpCvCbdonl7JMGsu1411WGS2+UsHnF6jJGM
         WKOgvLyzgCVXbTDHpgRfLwe83LwClFE5ngE7nO4A99ASfSBPdt1ytSP+li3as1qmErVA
         5/S59QptwDIyPfvYJKjZ3B65NvBR/iJI48YFUlUtLinPtkMnKYs71V6H3tb/w/0y3eEL
         L8udGb8tSume3yTQXgnGdXPf0MEbgOaoZaNWGtWyPPi3CfC1lZxWXuSg3YPYgQn63sQH
         Cjj+BtNfg+m7NRRvGmpuBungVOi0TGV4W054HhueMQFDkZM+SSXuQ+Ocsc4C6Z1SdLI5
         mmtA==
X-Gm-Message-State: AJIora8Dp0zmH0f9bzYVEPyeVDs5t+AD/vZ5mo+gDt8vU/zEAAYqazxv
	Qg6FUWGNmNczLcQrF2iCoMwvBvvSBf4nZ15DiN0Hhd2H6LseRL4B3ri5C+rC8wCnJaiy+KAnHqP
	KifzO8kM2OjY=
X-Received: by 2002:a05:6000:147:b0:214:7d6e:cb1d with SMTP id r7-20020a056000014700b002147d6ecb1dmr12393512wrx.650.1655536256659;
        Sat, 18 Jun 2022 00:10:56 -0700 (PDT)
X-Google-Smtp-Source: AGRyM1vrRuJwSp8aqKDGBROF8vdma/TXYjyesDiLAmNqZAKXd3mH1xxa4KIbb0ZZ/KCt1NyfunNVBg==
X-Received: by 2002:a05:6000:147:b0:214:7d6e:cb1d with SMTP id r7-20020a056000014700b002147d6ecb1dmr12393487wrx.650.1655536256366;
        Sat, 18 Jun 2022 00:10:56 -0700 (PDT)
Received: from ?IPV6:2003:cb:c71e:5000:9bb2:aead:a175:9777? (p200300cbc71e50009bb2aeada1759777.dip0.t-ipconnect.de. [2003:cb:c71e:5000:9bb2:aead:a175:9777])
        by smtp.gmail.com with ESMTPSA id bg26-20020a05600c3c9a00b0039c45fc58c4sm8022592wmb.21.2022.06.18.00.10.55
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Sat, 18 Jun 2022 00:10:55 -0700 (PDT)
Message-ID: <24fd3f78-f7e5-a1dc-cad0-15ff826744a9@redhat.com>
Date: Sat, 18 Jun 2022 09:10:55 +0200
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101
 Thunderbird/91.9.0
Subject: Re: [PATCH v2 1/3] mm/swapfile: make security_vm_enough_memory_mm()
 work as expected
To: Miaohe Lin <linmiaohe@huawei.com>, akpm@linux-foundation.org
Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org
References: <20220608144031.829-1-linmiaohe@huawei.com>
 <20220608144031.829-2-linmiaohe@huawei.com>
 <76e468b4-c6ac-426c-7ec9-99c620e08cda@redhat.com>
 <a4b6b2bd-f56c-4f28-6fcc-7ce2f741dd4a@huawei.com>
From: David Hildenbrand <david@redhat.com>
Organization: Red Hat
In-Reply-To: <a4b6b2bd-f56c-4f28-6fcc-7ce2f741dd4a@huawei.com>
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Content-Language: en-US
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1655536260;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references:dkim-signature;
	bh=3149uVzRocbxaxAqir48oOLcGTAbi4K048Ex/Bn/8OQ=;
	b=qLMdpo7AYddDoLchJMlGTEVguIDUJ0ZOYEoakZ5cRzJMNKamncNw1dNx0RT2dp4L7WjnzY
	2eJjcXImCI1x58o2TLpwOeZenGfxhx7IokMRuWWKXMmQB7IpHOALpKamv/pbj6MTLEueP4
	B32e5J9uLX07ZBOIXpeVIjq+5Sqn47E=
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1655536260; a=rsa-sha256;
	cv=none;
	b=F11S88s4spl+ODNKDehNUEf780ZpbWDXIIJftaqYQSCHRiS9IJ/1UL0hCJyOxCGBGi/CRr
	Vt4joz8SYE7OboQ6xo786AjoAglUVBJuawjAsKZa0K3OqCfDRB8IdHliPc2nTW92fADft4
	+VZcj/HOKd7zSNpZccYaPpN00rM0rJA=
ARC-Authentication-Results: i=1;
	imf15.hostedemail.com;
	dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=JE2lBkrs;
	dmarc=pass (policy=none) header.from=redhat.com;
	spf=none (imf15.hostedemail.com: domain of david@redhat.com has no SPF policy when checking 170.10.133.124) smtp.mailfrom=david@redhat.com
Authentication-Results: imf15.hostedemail.com;
	dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=JE2lBkrs;
	dmarc=pass (policy=none) header.from=redhat.com;
	spf=none (imf15.hostedemail.com: domain of david@redhat.com has no SPF policy when checking 170.10.133.124) smtp.mailfrom=david@redhat.com
X-Rspam-User: 
X-Rspamd-Server: rspam03
X-Rspamd-Queue-Id: F0CDAA008D
X-Stat-Signature: a188wen6fycskjdqwohfhsoqfgntsuzy
X-HE-Tag: 1655536259-549782
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On 18.06.22 04:43, Miaohe Lin wrote:
> On 2022/6/17 15:33, David Hildenbrand wrote:
>> On 08.06.22 16:40, Miaohe Lin wrote:
>>> security_vm_enough_memory_mm() checks whether a process has enough memory
>>> to allocate a new virtual mapping. And total_swap_pages is considered as
>>> available memory while swapoff tries to make sure there's enough memory
>>> that can hold the swapped out memory. But total_swap_pages contains the
>>> swap space that is being swapoff. So security_vm_enough_memory_mm() will
>>> success even if there's no memory to hold the swapped out memory because
>>
>> s/success/succeed/
> 
> OK. Thanks.
> 
>>
>>> total_swap_pages always greater than or equal to p->pages.
>>>
>>> In order to fix it, p->pages should be retracted from total_swap_pages
>>
>> s/retracted/subtracted/
> 
> OK. Thanks.
> 
>>
>>> first and then check whether there's enough memory for inuse swap pages.
>>>
>>> Signed-off-by: Miaohe Lin <linmiaohe@huawei.com>
>>> ---
>>>  mm/swapfile.c | 10 +++++++---
>>>  1 file changed, 7 insertions(+), 3 deletions(-)
>>>
>>> diff --git a/mm/swapfile.c b/mm/swapfile.c
>>> index ec4c1b276691..d2bead7b8b70 100644
>>> --- a/mm/swapfile.c
>>> +++ b/mm/swapfile.c
>>> @@ -2398,6 +2398,7 @@ SYSCALL_DEFINE1(swapoff, const char __user *, specialfile)
>>>  	struct filename *pathname;
>>>  	int err, found = 0;
>>>  	unsigned int old_block_size;
>>> +	unsigned int inuse_pages;
>>>  
>>>  	if (!capable(CAP_SYS_ADMIN))
>>>  		return -EPERM;
>>> @@ -2428,9 +2429,13 @@ SYSCALL_DEFINE1(swapoff, const char __user *, specialfile)
>>>  		spin_unlock(&swap_lock);
>>>  		goto out_dput;
>>>  	}
>>> -	if (!security_vm_enough_memory_mm(current->mm, p->pages))
>>> -		vm_unacct_memory(p->pages);
>>> +
>>> +	total_swap_pages -= p->pages;
>>> +	inuse_pages = READ_ONCE(p->inuse_pages);
>>> +	if (!security_vm_enough_memory_mm(current->mm, inuse_pages))
>>> +		vm_unacct_memory(inuse_pages);
>>>  	else {
>>> +		total_swap_pages += p->pages;
>>
>> That implies that whenever we fail in security_vm_enough_memory_mm(),
>> that other concurrent users might see a wrong total_swap_pages.
>>
>> Assume 4 GiB memory and 8 GiB swap. Let's assume 10 GiB are in use.
>>
>> Temporarily, we'd have
>>
>> CommitLimit    4 GiB
>> Committed_AS  10 GiB
> 
> IIUC, even if without this change, the other concurrent users if come after vm_acct_memory()
> is done in __vm_enough_memory(), they might see
> 
> CommitLimit   12 GiB (4 GiB memory + 8GiB total swap)
> Committed_AS  18 GiB (10 GiB in use + 8GiB swap space to swapoff)
> 
> Or am I miss something?
> 

I think you are right!

Reviewed-by: David Hildenbrand <david@redhat.com>


-- 
Thanks,

David / dhildenb