From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <owner-linux-mm@kvack.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 39C37C47258
	for <linux-mm@archiver.kernel.org>; Wed, 17 Jan 2024 16:15:20 +0000 (UTC)
Received: by kanga.kvack.org (Postfix)
	id D8DEA6B0107; Wed, 17 Jan 2024 11:15:14 -0500 (EST)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id D13D46B0108; Wed, 17 Jan 2024 11:15:14 -0500 (EST)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id B654F6B010C; Wed, 17 Jan 2024 11:15:14 -0500 (EST)
X-Delivered-To: linux-mm@kvack.org
Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10])
	by kanga.kvack.org (Postfix) with ESMTP id A34996B0108
	for <linux-mm@kvack.org>; Wed, 17 Jan 2024 11:15:14 -0500 (EST)
Received: from smtpin02.hostedemail.com (a10.router.float.18 [10.200.18.1])
	by unirelay06.hostedemail.com (Postfix) with ESMTP id 53878A0F7F
	for <linux-mm@kvack.org>; Wed, 17 Jan 2024 16:15:14 +0000 (UTC)
X-FDA: 81689302548.02.5032D3C
Received: from sin.source.kernel.org (sin.source.kernel.org [145.40.73.55])
	by imf18.hostedemail.com (Postfix) with ESMTP id F20C11C001B
	for <linux-mm@kvack.org>; Wed, 17 Jan 2024 16:15:11 +0000 (UTC)
Authentication-Results: imf18.hostedemail.com;
	dkim=pass header.d=kernel.org header.s=k20201202 header.b=mQ9qpc6W;
	spf=pass (imf18.hostedemail.com: domain of jpoimboe@kernel.org designates 145.40.73.55 as permitted sender) smtp.mailfrom=jpoimboe@kernel.org;
	dmarc=pass (policy=none) header.from=kernel.org
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com;
	s=arc-20220608; t=1705508112;
	h=from:from:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:references:dkim-signature;
	bh=JxcT8OLYmrukWvHC7PIAAWMd6Msb+zoQnCjFnI91Pd4=;
	b=B7qhYbs838kggt067IcurUnuiWShQ6NS/Ov0D31Ymn0/OZa3oNOvILEh9bJuZ6MBskd7Pq
	L7Cd2hSKCRSDZb3RIE7tLXeeX35mNiLPtD4/Vzhl98Sp0EELvmewcQLAzeojH0U1oTB3nT
	Cy+eWhm4A1CyluTEjyzxCJF1zdvq6ns=
ARC-Authentication-Results: i=1;
	imf18.hostedemail.com;
	dkim=pass header.d=kernel.org header.s=k20201202 header.b=mQ9qpc6W;
	spf=pass (imf18.hostedemail.com: domain of jpoimboe@kernel.org designates 145.40.73.55 as permitted sender) smtp.mailfrom=jpoimboe@kernel.org;
	dmarc=pass (policy=none) header.from=kernel.org
ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1705508112; a=rsa-sha256;
	cv=none;
	b=EIlbb/QD72Ju2cPMm0pN9T/BZqkGZNy72YhHUpEkKD5CEQ1Mk10JLGv5U20P/ctn6O1Hwf
	0qPVO0MWUucC/nN9uL9EOAXPbJ3P8Hmg0hFXM6SSXOtLdZEl2Y33dA+fLhduUubMyuWpNy
	HcDTyxs2B3wMtYqiDjW+jG3dfiYt9GQ=
Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58])
	by sin.source.kernel.org (Postfix) with ESMTP id E278FCE1BE1;
	Wed, 17 Jan 2024 16:15:07 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5E78FC433C7;
	Wed, 17 Jan 2024 16:15:06 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1705508107;
	bh=BZYkK+VlcfDaqw7thRWlJNvcpJwXTCI1POX/7V/Pkpc=;
	h=From:To:Cc:Subject:Date:From;
	b=mQ9qpc6Wfjcm6fMCU0JAECDMfOUrKCVUhADf0b8TUj4xnhb1bSwEzxo4YG7DyELkM
	 rmzD85Oblm6riC0xqfFVZiMlo8Z/CIY0NGDcVHsMny7AHwoCeOmBG6ROUDa3T76Z/0
	 Gc18XY1Sxmzs87DqwgV2okqgnjPD19KNHkUwN6xezCAwOGeOMJ6q+HcPmkHEu4Elqs
	 hsC8/V6yfuErskJ/eSmOG9WCSaDzYqm3esH7z8uWGwgPiKe4BDlMf9oyjPLtreFeE9
	 gBqWqQZgDf6vIKfO1fOtYiAnFvPLcXMMh9QB2Hwpp9d3AqcQsG5jFuZ1FY6Chm3Q4h
	 d7mGJ8JqSRLbQ==
From: Josh Poimboeuf <jpoimboe@kernel.org>
To: Linus Torvalds <torvalds@linux-foundation.org>,
	Jeff Layton <jlayton@kernel.org>,
	Chuck Lever <chuck.lever@oracle.com>,
	Shakeel Butt <shakeelb@google.com>,
	Roman Gushchin <roman.gushchin@linux.dev>,
	Johannes Weiner <hannes@cmpxchg.org>,
	Michal Hocko <mhocko@kernel.org>
Cc: linux-kernel@vger.kernel.org,
	Jens Axboe <axboe@kernel.dk>,
	Tejun Heo <tj@kernel.org>,
	Vasily Averin <vasily.averin@linux.dev>,
	Michal Koutny <mkoutny@suse.com>,
	Waiman Long <longman@redhat.com>,
	Muchun Song <muchun.song@linux.dev>,
	Jiri Kosina <jikos@kernel.org>,
	cgroups@vger.kernel.org,
	linux-mm@kvack.org
Subject: [PATCH RFC 0/4] Fix file lock cache accounting, again
Date: Wed, 17 Jan 2024 08:14:42 -0800
Message-ID: <cover.1705507931.git.jpoimboe@kernel.org>
X-Mailer: git-send-email 2.43.0
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Rspamd-Queue-Id: F20C11C001B
X-Rspam-User: 
X-Stat-Signature: e3mt1pkoph6go5s9oqwsuig58e91tj65
X-Rspamd-Server: rspam01
X-HE-Tag: 1705508111-399858
X-HE-Meta: U2FsdGVkX1+oSP9KSh0AyzFSfZIfdQzOSjpBUcAeNuu+X26FSQzZDmjcgd3wQB3Uxt0trEMdoNzX5z0FcRiYBdMTimehuDzQy0xa4qlXIWidCii9U91xJfjLeSxqGR2bun9EAhBOWBU7geC+iDAoJjEJKsgkrtWEoZkUuwDqIL9sVTBcP0L5qyb5kHiXiSEoxRXk2A+LsOaDNnC6VkIeShzINlhGstYsNu3KGE8pSOtYuRbxZsXUQARw4jLc76R71Zokw/Hx/Fm0GjBEIN6ukPDp73NiTea08Zgv1PrOgbxgcSBWepXgeqCSAmy20WO0tnV4RcfYcol8fkrCepkcHgqYIYzInfZqoOd1d0TvDkaVHzKGeykssGCT1JIxLrxmtimF/ltfvG+xxgEbZhIIqMrnr6XVilJV8vthixsZDYh3KifdCKAZxXzDLflVJK+oHyajMGo4v8basH92H1Ldf1oNcEg2fezE4tqY2Fyyj9TYT+ebJYZ5SWqf8G9JA728PLYv0NSZNrciaOuPluS+c9IhtgFy9uHnsmUbA+b/jLzT2LX7Z8z9rmXMK9igNTLJ6Hq+efMCO3GcVfkkQ9rH5HvyYHxdMNsmO1qFNYgZnYDUww/jYXwwpJ+TOTcT4YR/Im646t8KaBl42EvvTCtiqGU238i0O5/w00jleldNqztvegehqGjDZ3oCn6T9qCAKYSYkm4c2HxJAasn83TAemx1G8Cqq+MgQlSa+/yR9U/y4Jsyp3/G+GJpSRTrL3Gbqj7sAoqVX9RAAxo24QS+WquU5e1Kba9Oi/WiGKmhibQVvtz4QicuL4YoF7gE5rK6gAlHcaS2Md/b+FNEc9ySE8L3d9r9vAl1mzHMBgeVf9/tFaPeVHwtawNiFtPZwDRx2r/dzogU5F9Nd26tPaYbcvDq4rlQff15paaGPGMkQUrmrAnUAkW2CkC3oiaPqQhRg1YqL7F24SwM68ZMW242
 6j6e8pvq
 cTbQiXHXDtJ3mbu7mh4Lz5oiGxU3iZ0X65pPs38K/CaQv2v9qC5S5HGWnDWXll+/R9VP3fsA4Fy3oC++x1Hyr6L9lGM6l6CiK2xB51BuMJKOY503800cTGjItx+vL3QkrSAlSg8u6XWKvPbesQdd710QNd2roq2PhPJR9zsohinvLuxeZwhIkVyaLOrPdikQlqxMRxiksJBufEMCiLxrmY8m5F8vgPSU4zXUfj15hqJD1O1g=
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>
List-Subscribe: <mailto:majordomo@kvack.org>
List-Unsubscribe: <mailto:majordomo@kvack.org>

This is an attempt to fix file lock cache accounting (again).  The bug
was originally reported 2+ years ago [1] but was quickly reverted [2]
for performance reasons.

A few years ago some ideas [3] were floated about how to improve the
performance.  Did any of those ever get implemented?

Testing shows "mm: improve performance of accounted kernel memory
allocations" [4] helping some.  But even with those patches, much of the
original performance regression still remains, at least according to
microbenchmarks.

Despite that regression, this being a security and correctness issue, it
really needs to be fixed by default.  Those who want to live on the edge
(or have trusted user space) can disable it.

Patch 1 enables the fix by default, but allows disabling it at boot
time.

Patch 2 allows disabling it at build time.

Patches 3 and 4 allow disabling it (along with all the CPU mitigations)
using mitigations=off.

[1] 0f12156dff28 ("memcg: enable accounting for file lock caches")
[2] 3754707bcc3e ("Revert "memcg: enable accounting for file lock caches"")
[3] https://lore.kernel.org/lkml/dbc9955d-6c28-1dd5-b842-ef39a762aa3b@kernel.dk/
[4] https://lore.kernel.org/lkml/20231019225346.1822282-1-roman.gushchin@linux.dev/

Josh Poimboeuf (4):
  fs/locks: Fix file lock cache accounting, again
  fs/locks: Add CONFIG_FLOCK_ACCOUNTING
  mitigations: Expand 'mitigations=off' to include optional software
    mitigations
  mitigations: Add flock cache accounting to 'mitigations=off'

 .../admin-guide/kernel-parameters.txt         | 48 ++++++++++++++----
 arch/arm64/kernel/cpufeature.c                |  2 +-
 arch/arm64/kernel/proton-pack.c               |  6 +--
 arch/powerpc/kernel/security.c                | 14 +++---
 arch/s390/kernel/nospec-branch.c              |  2 +-
 arch/x86/kernel/cpu/bugs.c                    | 35 ++++++-------
 arch/x86/kvm/mmu/mmu.c                        |  2 +-
 arch/x86/mm/pti.c                             |  3 +-
 fs/Kconfig                                    | 15 ++++++
 fs/locks.c                                    | 31 +++++++++++-
 include/linux/bpf.h                           |  5 +-
 include/linux/cpu.h                           |  3 --
 include/linux/mitigations.h                   |  4 ++
 kernel/Makefile                               |  3 +-
 kernel/cpu.c                                  | 43 ----------------
 kernel/mitigations.c                          | 50 +++++++++++++++++++
 16 files changed, 174 insertions(+), 92 deletions(-)
 create mode 100644 include/linux/mitigations.h
 create mode 100644 kernel/mitigations.c

-- 
2.43.0