From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id B5D5AC433EF for ; Sat, 18 Jun 2022 07:48:20 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 28E766B0071; Sat, 18 Jun 2022 03:48:20 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 23EBD6B0072; Sat, 18 Jun 2022 03:48:20 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 106AE6B0073; Sat, 18 Jun 2022 03:48:20 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id F20956B0071 for ; Sat, 18 Jun 2022 03:48:19 -0400 (EDT) Received: from smtpin15.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay13.hostedemail.com (Postfix) with ESMTP id C534D60BF0 for ; Sat, 18 Jun 2022 07:48:19 +0000 (UTC) X-FDA: 79590578718.15.2BA998E Received: from szxga02-in.huawei.com (szxga02-in.huawei.com [45.249.212.188]) by imf04.hostedemail.com (Postfix) with ESMTP id B5EF140025 for ; Sat, 18 Jun 2022 07:48:18 +0000 (UTC) Received: from canpemm500002.china.huawei.com (unknown [172.30.72.54]) by szxga02-in.huawei.com (SkyGuard) with ESMTP id 4LQ6vJ1T85zBsWl; Sat, 18 Jun 2022 15:27:56 +0800 (CST) Received: from [10.174.177.76] (10.174.177.76) by canpemm500002.china.huawei.com (7.192.104.244) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2375.24; Sat, 18 Jun 2022 15:31:16 +0800 Subject: Re: [PATCH v2 1/3] mm/swapfile: make security_vm_enough_memory_mm() work as expected To: David Hildenbrand , CC: , References: <20220608144031.829-1-linmiaohe@huawei.com> <20220608144031.829-2-linmiaohe@huawei.com> <76e468b4-c6ac-426c-7ec9-99c620e08cda@redhat.com> <24fd3f78-f7e5-a1dc-cad0-15ff826744a9@redhat.com> From: Miaohe Lin Message-ID: Date: Sat, 18 Jun 2022 15:31:16 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.6.0 MIME-Version: 1.0 In-Reply-To: <24fd3f78-f7e5-a1dc-cad0-15ff826744a9@redhat.com> Content-Type: text/plain; charset="utf-8" Content-Language: en-US Content-Transfer-Encoding: 7bit X-Originating-IP: [10.174.177.76] X-ClientProxiedBy: dggems704-chm.china.huawei.com (10.3.19.181) To canpemm500002.china.huawei.com (7.192.104.244) X-CFilter-Loop: Reflected ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1655538499; a=rsa-sha256; cv=none; b=l6Wmw1JxLtpImVvRoVWQIq6ZGx7mGIdgZ7APv4PrF6TuPmH2s70J0yML/JoHdihB75uEFP epkVow6aokVIiTcLPNtkwdvCvcDv4yge/rY20HHUsMH6ePUh+3lP/k1GcQ782DyoAiMAKj wKs9+mIgNyApAXDORw2IhPBLWiLwa/A= ARC-Authentication-Results: i=1; imf04.hostedemail.com; dkim=none; spf=pass (imf04.hostedemail.com: domain of linmiaohe@huawei.com designates 45.249.212.188 as permitted sender) smtp.mailfrom=linmiaohe@huawei.com; dmarc=pass (policy=quarantine) header.from=huawei.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1655538499; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=uQqM9LQGvodvBIx3lVML0KpeXHQSHPr+GSlQNM9qoO8=; b=ayEA+2fv/1phILtG+9b7Z9OXLj9pOqjCgedQnseEtXnu9jDDb8V6mPfdIA52zQSJiAy2s/ tP82Vy8ZCgvoq5WmgXW/3KUEJ79a8TVbq+dYAyC5+j+hkxdntXQwhDn8JGOiOwFMc5fv0L NomzUQezGz8wg2Yxyoc99enGmFEpvMQ= X-Rspamd-Server: rspam04 X-Rspamd-Queue-Id: B5EF140025 X-Stat-Signature: wjzsspq8adjezxk1udumn5ij4pd1puk8 Authentication-Results: imf04.hostedemail.com; dkim=none; spf=pass (imf04.hostedemail.com: domain of linmiaohe@huawei.com designates 45.249.212.188 as permitted sender) smtp.mailfrom=linmiaohe@huawei.com; dmarc=pass (policy=quarantine) header.from=huawei.com X-Rspam-User: X-HE-Tag: 1655538498-983230 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 2022/6/18 15:10, David Hildenbrand wrote: > On 18.06.22 04:43, Miaohe Lin wrote: >> On 2022/6/17 15:33, David Hildenbrand wrote: >>> On 08.06.22 16:40, Miaohe Lin wrote: >>>> security_vm_enough_memory_mm() checks whether a process has enough memory >>>> to allocate a new virtual mapping. And total_swap_pages is considered as >>>> available memory while swapoff tries to make sure there's enough memory >>>> that can hold the swapped out memory. But total_swap_pages contains the >>>> swap space that is being swapoff. So security_vm_enough_memory_mm() will >>>> success even if there's no memory to hold the swapped out memory because >>> >>> s/success/succeed/ >> >> OK. Thanks. >> >>> >>>> total_swap_pages always greater than or equal to p->pages. >>>> >>>> In order to fix it, p->pages should be retracted from total_swap_pages >>> >>> s/retracted/subtracted/ >> >> OK. Thanks. >> >>> >>>> first and then check whether there's enough memory for inuse swap pages. >>>> >>>> Signed-off-by: Miaohe Lin >>>> --- >>>> mm/swapfile.c | 10 +++++++--- >>>> 1 file changed, 7 insertions(+), 3 deletions(-) >>>> >>>> diff --git a/mm/swapfile.c b/mm/swapfile.c >>>> index ec4c1b276691..d2bead7b8b70 100644 >>>> --- a/mm/swapfile.c >>>> +++ b/mm/swapfile.c >>>> @@ -2398,6 +2398,7 @@ SYSCALL_DEFINE1(swapoff, const char __user *, specialfile) >>>> struct filename *pathname; >>>> int err, found = 0; >>>> unsigned int old_block_size; >>>> + unsigned int inuse_pages; >>>> >>>> if (!capable(CAP_SYS_ADMIN)) >>>> return -EPERM; >>>> @@ -2428,9 +2429,13 @@ SYSCALL_DEFINE1(swapoff, const char __user *, specialfile) >>>> spin_unlock(&swap_lock); >>>> goto out_dput; >>>> } >>>> - if (!security_vm_enough_memory_mm(current->mm, p->pages)) >>>> - vm_unacct_memory(p->pages); >>>> + >>>> + total_swap_pages -= p->pages; >>>> + inuse_pages = READ_ONCE(p->inuse_pages); >>>> + if (!security_vm_enough_memory_mm(current->mm, inuse_pages)) >>>> + vm_unacct_memory(inuse_pages); >>>> else { >>>> + total_swap_pages += p->pages; >>> >>> That implies that whenever we fail in security_vm_enough_memory_mm(), >>> that other concurrent users might see a wrong total_swap_pages. >>> >>> Assume 4 GiB memory and 8 GiB swap. Let's assume 10 GiB are in use. >>> >>> Temporarily, we'd have >>> >>> CommitLimit 4 GiB >>> Committed_AS 10 GiB >> >> IIUC, even if without this change, the other concurrent users if come after vm_acct_memory() >> is done in __vm_enough_memory(), they might see >> >> CommitLimit 12 GiB (4 GiB memory + 8GiB total swap) >> Committed_AS 18 GiB (10 GiB in use + 8GiB swap space to swapoff) >> >> Or am I miss something? >> > > I think you are right! > > Reviewed-by: David Hildenbrand Thanks a lot! > >