From patchwork Mon Feb 28 07:17:16 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vasily Averin X-Patchwork-Id: 12762474 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D7826C433F5 for ; Mon, 28 Feb 2022 07:17:26 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6CB5A8D0003; Mon, 28 Feb 2022 02:17:26 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 6547B8D0001; Mon, 28 Feb 2022 02:17:26 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 4CF118D0003; Mon, 28 Feb 2022 02:17:26 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (relay.hostedemail.com [64.99.140.25]) by kanga.kvack.org (Postfix) with ESMTP id 3A9A68D0001 for ; Mon, 28 Feb 2022 02:17:26 -0500 (EST) Received: from smtpin14.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay11.hostedemail.com (Postfix) with ESMTP id 0E62180532 for ; Mon, 28 Feb 2022 07:17:26 +0000 (UTC) X-FDA: 79191332892.14.80811BB Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2139.outbound.protection.outlook.com [40.107.20.139]) by imf05.hostedemail.com (Postfix) with ESMTP id 5C255100006 for ; Mon, 28 Feb 2022 07:17:22 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nakv115kWYRChxgP9zFEAaQRTLlhPtQY+R0lKnbUGQXr+icFPEZxUmxGKIsS2ILNE6drKlJxbcPzFtBPEz7RwPlG8HEpLo83yiGeAocO4VgKkfe9SlgCDmIoSlruDVUfpJdpuzUzRqynBzvvMD+VJBghgLxw8tZb4KlqaEve+hpcupcDsJkD6lwi6DT8MSj7NtyRMEWJUW0O0cEJlKzbzKirebIvA9Dfu5BVyLcFGQS5Xd21M6XN4m8gPQdUiuLl5r4wB0M2r0XKffpJ9TOjiQRQvZkfshxGNxfXpFVzJzaNmQ/GFupKOwjFfORwhdFfkhu5jzB5HnheWwvOOqs6Ag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ItXo0edaAv26vpZ+c5d9S5dAsoAp0gsx5xRh9gs3tZI=; b=cMgFMGYIRTBkNRfPver5SORxzSDuw+COTEpvKUhpcP25zj4SG+qqFCWiDFKtEMqSQsLYhRDM4LJslMffXM8Qkg/fqJWj4WXpp+/iYuUmyElMRdVoA+aJY7gC4xzvJ4NZH7zB7CeZ9lNnS3GqqF9xFz8vMBIeY9YnIsYU6KzEA5LGTTah405ndsFEhGdyJaTCPuKv9SlS4acSofqvZ50LJTlHzkniQ12XvMpwZSxRwSLe0jJ6KQGBCp7DLNYkR0hMA0lkDVTiz1dsjAgyyDqFc615uCfq37baHCPt4rYYl2+3OWXDwvjcwlDvWRN56cjrDSDPQPYJ6Vz5Brpkq0c7Fw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=virtuozzo.com; dmarc=pass action=none header.from=virtuozzo.com; dkim=pass header.d=virtuozzo.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=virtuozzo.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ItXo0edaAv26vpZ+c5d9S5dAsoAp0gsx5xRh9gs3tZI=; b=vWA1EarnVyIcW4osm3ThjUvh9q7NTUlX1zlnYiXPTnself3vyd/RfeYBJFGpG4Dmt6oJF5H9GsmiI9jMDq2cESME5gqe/yG6KTM1qu5XQ+OqTRs9lM7o9imkU59acS6azkaxwFsqAiM0hpFjFt858fqc+DzvPxJRl0XVHPQ4K9s= Received: from VI1PR08MB3245.eurprd08.prod.outlook.com (2603:10a6:803:48::20) by DB8PR08MB4123.eurprd08.prod.outlook.com (2603:10a6:10:b2::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5017.26; Mon, 28 Feb 2022 07:17:18 +0000 Received: from VI1PR08MB3245.eurprd08.prod.outlook.com ([fe80::4007:6de5:a0b9:1533]) by VI1PR08MB3245.eurprd08.prod.outlook.com ([fe80::4007:6de5:a0b9:1533%6]) with mapi id 15.20.5017.026; Mon, 28 Feb 2022 07:17:18 +0000 Message-ID: Date: Mon, 28 Feb 2022 10:17:16 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.5.0 From: Vasily Averin Subject: [PATCH RFC] net: memcg accounting for veth devices To: Roman Gushchin , Linux MM Cc: netdev@vger.kernel.org, "David S. Miller" , Jakub Kicinski , Tejun Heo , Greg Kroah-Hartman , Eric Dumazet , Luis Chamberlain , Kees Cook , Hideaki YOSHIFUJI , David Ahern , linux-kernel@vger.kernel.org, kernel@openvz.org Content-Language: en-US X-ClientProxiedBy: VI1PR0302CA0017.eurprd03.prod.outlook.com (2603:10a6:800:e9::27) To VI1PR08MB3245.eurprd08.prod.outlook.com (2603:10a6:803:48::20) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 691d39cd-5fbe-4d1e-b297-08d9fa8a5a6a X-MS-TrafficTypeDiagnostic: DB8PR08MB4123:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 6SLawBQvtRVU6As9MDg5cHH7Ou/LLJ7wZema49uJ7N5MlxZyY5iakegmGvrD1OoDhBa6qnonrl/f9SkcvnuEqOtjzOHCGGrh7d2JkOaNrypz/LtTA/3+PDKlxTmSS5m4bIyyQUBIVCor9SnapYxiOSkErJ1TI0CrsTjJumz1ZGgnFhEZ5NCGI7y8Kf3Kp2MpRbLw4JbONhPE4L5zmd8GfeKgQHbSVC5dCboLBqXHUKMA0bsEh2jQOv/mg3Ye5xY45AiHLizYV90Dn3DUeRy5XeUzLxrmp68FGCJrGZAKcbW2Z44NPjs31gkbnhTb3n/jst+8ic054SMGmPZi/11jRi1DviPPSCtFDww2VVrJTOgcke2moFzq092MHWfMqDuy4QRMajOwLskjHLg5hBEnfDEvLykX9hdZLAjA+uSuqsgndSJQIvBY5mwgHrST3pq5kyTyyg6jWl2o7NQ5LeKqrTmWDwkd8lek5ecbQGiKy4nrLbcfZ19Iw9BXqCRPJJhT/TsjbcJ6CCpYDyxe+i3XFGxTAnK0gcwKJIi682vMr8qth4sH7g1RNf18HaqcD3X7PC4/8mBewn3aNRID6z0TdT74XxWEKE5dJ8KlX0cMaOvMbm7zzpLfp35UPK9OgE7WJw6w4J4jPp7kthJdDDxZQ9X0OsLa5VDma9HM3A9xgzv03+QW8GLx/oJFowAODQgp9YTJgPoRZGqYE6W/EN60pLaoZZ/oaelytOspdWxuIzHXd1O0l7hUVkxV0y0N+lu45A7N1gAXeP86+Cau5iL9vBbQ7eY/BsaYsK1z6n/dhgE= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:VI1PR08MB3245.eurprd08.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230001)(4636009)(366004)(6486002)(54906003)(110136005)(83380400001)(38100700002)(8676002)(8936002)(4326008)(66476007)(66556008)(36756003)(66946007)(31686004)(508600001)(5660300002)(316002)(7416002)(2616005)(26005)(186003)(6506007)(52116002)(15650500001)(2906002)(31696002)(107886003)(38350700002)(6512007)(86362001)(21314003)(43740500002)(45980500001);DIR:OUT;SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?q?hqNQBQOOL1kVNlOlISlg3goSviTu?= =?utf-8?q?PZYTgL8d1Z6ngfMJCa/gxZFobs/lnnOY6YbxVstbs9egIuPhB0TGY3a20olRs2XB1?= =?utf-8?q?XGUnQGN21y6S1sdrtnDW750aU++VZw4Oz6D+0MNjjomMs8KDikj6zP27LelOV/koa?= =?utf-8?q?5PvVj/Y023YLiMqMl8HATnpmwLGuO2bmxIy9+UWnGPrNjiq5qjlANRs3mIjzV5Q66?= =?utf-8?q?k8B3F1t8Jt29Y+PnY7OKqoUzJ1wjFFdvCbM/JkKsOrvPOv8sxt516gr23IBGAFIaN?= =?utf-8?q?HxmSBPw2eCX7eG6AHD6ApFpyKSv3jMTWHXYtORvaXH3PInrHurNRJMXzIrD2P1ZsO?= =?utf-8?q?ddt0h02eTyXs8Nd1b8saFBC0kZ0gL0tY3oAfNln1dK9iFBeKrsEGbiRo2MalOn80d?= =?utf-8?q?nOhMYe0Jbxi27G0NynIXDukxVgHORea4BVWndPBHwN7rmEqi0M1jhaFQIy1b+UG1r?= =?utf-8?q?V3Pyp8auSLKe2cMmJwIDzzVn/yv6DPm6/Bh2QvwxayNND9RxRjBVCKR79LABxVd3t?= =?utf-8?q?JvhNy46WYWQ56RTxAzMmVYC0wrVSYsK6OCeqWCL2PzWCSfMsQEBBPPca3HcQXI5z1?= =?utf-8?q?zcFAcIfupfaBd2l2qZSBF/4R/apTagJp2cOpUJHCCq07b2WOxh8RwPD64e1pIc/t3?= =?utf-8?q?9dxtpccBOKvphFcDlSegrRkVzSmWqJs1R3HhgPUcQwvEGzahbzLyQvrz2SJlnIVrl?= =?utf-8?q?0uTVNpIxF8ApCprtLYJ4yDs1MGnGIgsXvH+s2mTgxde8B8uKrgol+RP13hc57fA9B?= =?utf-8?q?v8irPXbvZojYkat1XSnOml3X086Hij3Yj1Ama3qP6qFHwfQRrM5Bnwx/+dj4Uvk7s?= =?utf-8?q?fHMrDHCWvP1KxXGTnfzybkOlkeThqn4Wo1CteAbwPGq/vduZHiSWCpPz0ef0F9PM9?= =?utf-8?q?7zJthVBtYwn23IpjVAUSY7/9PbZz9AAGgMxhZgTs1AjREzYankWfq66gsbbM/ayy6?= =?utf-8?q?XBHVzyq6qQcbJhPAhcfMG8YmuiTEMT8RAx/EMQh8o/TYCUFyWy8qkcyURnshOT5xP?= =?utf-8?q?HAGmNvhDmpuY8xhjdvPyFoCk529RDdk5FeH/oXQ+QHb4X+WLafhmq3uj84VoFy1ww?= =?utf-8?q?nORLp2qnaIOi1rXXvPBDTfL0jmf32VApor0SfRuvTlHT3T3mpJWjperDwBUjikA54?= =?utf-8?q?pR9Tf6HX0LYu7ojqncMBMX3+U9R/oIjM9FuXvdvk4o1PxWeQq4tZ/C1HOkHCo5Q4N?= =?utf-8?q?gbArK8J4L5zOerHwCvX5xLUH0xj5qHHN1WGSButj4SU0MJvjV1qnGgORMcki6vin6?= =?utf-8?q?IDKbxTqPfQdkJDc5H0sWEFGf6sdhM+kHyLA74spUxYqo3VcYP5YvIzUCtKgFyD5qy?= =?utf-8?q?jv3zf+R+njVJPzf8HiCwETu3Iikj36Io0peyJyAP58EZY2RLLUu7H/4wmrrTJM/hs?= =?utf-8?q?S7YPJ9Z9H7y+XRfm0TaSVu6g69rU6oE+bA0cxIoNRHUnm75LQs2fAPbnH/n5YJX9v?= =?utf-8?q?4zMC0sMXwv2it6Em5i6DqFMB5csbqpTK+SknkRfWRqFWu61+AN2eVkIYZb9XvomPT?= =?utf-8?q?BskIVZo2cL+9Ok5aoVlHXsAx+Scs9c2V963RTUsGhdCZ8mMd58ZA4sI=3D?= X-OriginatorOrg: virtuozzo.com X-MS-Exchange-CrossTenant-Network-Message-Id: 691d39cd-5fbe-4d1e-b297-08d9fa8a5a6a X-MS-Exchange-CrossTenant-AuthSource: VI1PR08MB3245.eurprd08.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Feb 2022 07:17:18.2289 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 0bc7f26d-0264-416e-a6fc-8352af79c58f X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: sJOrNIwZNnEv9imavIqVUn++9kgdDUOkAiwuOMnDQPc1foPVM9pRZsfAJ652v3tioDF1P/ehbySXNl1HcUT+uA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB8PR08MB4123 X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 5C255100006 X-Rspam-User: Authentication-Results: imf05.hostedemail.com; dkim=pass header.d=virtuozzo.com header.s=selector2 header.b=vWA1Earn; spf=none (imf05.hostedemail.com: domain of vvs@virtuozzo.com has no SPF policy when checking 40.107.20.139) smtp.mailfrom=vvs@virtuozzo.com; dmarc=pass (policy=quarantine) header.from=virtuozzo.com X-Stat-Signature: 7nnp9o7yqfy8j93jp9swkuj55wq9wr8w X-HE-Tag: 1646032642-501644 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: Following one-liner running inside memcg-limited container consumes huge number of host memory and can trigger global OOM. for i in `seq 1 xxx` ; do ip l a v$i type veth peer name vp$i ; done Patch accounts most part of these allocations and can protect host. ---[cut]--- It is not polished, and perhaps should be splitted. obviously it affects other kind of netdevices too. Unfortunately I'm not sure that I will have enough time to handle it properly and decided to publish current patch version as is. OpenVz workaround it by using per-container limit for number of available netdevices, but upstream does not have any kind of per-container configuration. ------ Signed-off-by: Vasily Averin --- drivers/net/veth.c | 2 +- fs/kernfs/mount.c | 2 +- fs/proc/proc_sysctl.c | 3 ++- net/core/neighbour.c | 4 ++-- net/ipv4/devinet.c | 2 +- net/ipv6/addrconf.c | 6 +++--- 6 files changed, 10 insertions(+), 9 deletions(-) diff --git a/drivers/net/veth.c b/drivers/net/veth.c index 354a963075c5..6e0b4a9d0843 100644 --- a/drivers/net/veth.c +++ b/drivers/net/veth.c @@ -1307,7 +1307,7 @@ static int veth_alloc_queues(struct net_device *dev) struct veth_priv *priv = netdev_priv(dev); int i; - priv->rq = kcalloc(dev->num_rx_queues, sizeof(*priv->rq), GFP_KERNEL); + priv->rq = kcalloc(dev->num_rx_queues, sizeof(*priv->rq), GFP_KERNEL_ACCOUNT); if (!priv->rq) return -ENOMEM; diff --git a/fs/kernfs/mount.c b/fs/kernfs/mount.c index cfa79715fc1a..2881aeeaa880 100644 --- a/fs/kernfs/mount.c +++ b/fs/kernfs/mount.c @@ -391,7 +391,7 @@ void __init kernfs_init(void) { kernfs_node_cache = kmem_cache_create("kernfs_node_cache", sizeof(struct kernfs_node), - 0, SLAB_PANIC, NULL); + 0, SLAB_PANIC | SLAB_ACCOUNT, NULL); /* Creates slab cache for kernfs inode attributes */ kernfs_iattrs_cache = kmem_cache_create("kernfs_iattrs_cache", diff --git a/fs/proc/proc_sysctl.c b/fs/proc/proc_sysctl.c index 7d9cfc730bd4..e20ce8198a44 100644 --- a/fs/proc/proc_sysctl.c +++ b/fs/proc/proc_sysctl.c @@ -1333,7 +1333,8 @@ struct ctl_table_header *__register_sysctl_table( nr_entries++; header = kzalloc(sizeof(struct ctl_table_header) + - sizeof(struct ctl_node)*nr_entries, GFP_KERNEL); + sizeof(struct ctl_node)*nr_entries, + GFP_KERNEL_ACCOUNT); if (!header) return NULL; diff --git a/net/core/neighbour.c b/net/core/neighbour.c index ec0bf737b076..66a4445421f1 100644 --- a/net/core/neighbour.c +++ b/net/core/neighbour.c @@ -1665,7 +1665,7 @@ struct neigh_parms *neigh_parms_alloc(struct net_device *dev, struct net *net = dev_net(dev); const struct net_device_ops *ops = dev->netdev_ops; - p = kmemdup(&tbl->parms, sizeof(*p), GFP_KERNEL); + p = kmemdup(&tbl->parms, sizeof(*p), GFP_KERNEL_ACCOUNT); if (p) { p->tbl = tbl; refcount_set(&p->refcnt, 1); @@ -3728,7 +3728,7 @@ int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p, char neigh_path[ sizeof("net//neigh/") + IFNAMSIZ + IFNAMSIZ ]; char *p_name; - t = kmemdup(&neigh_sysctl_template, sizeof(*t), GFP_KERNEL); + t = kmemdup(&neigh_sysctl_template, sizeof(*t), GFP_KERNEL_ACCOUNT); if (!t) goto err; diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c index fba2bffd65f7..47523fe5b891 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c @@ -2566,7 +2566,7 @@ static int __devinet_sysctl_register(struct net *net, char *dev_name, struct devinet_sysctl_table *t; char path[sizeof("net/ipv4/conf/") + IFNAMSIZ]; - t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL); + t = kmemdup(&devinet_sysctl, sizeof(*t), GFP_KERNEL_ACCOUNT); if (!t) goto out; diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c index f927c199a93c..9d903342bc41 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c @@ -358,7 +358,7 @@ static int snmp6_alloc_dev(struct inet6_dev *idev) if (!idev->stats.icmpv6dev) goto err_icmp; idev->stats.icmpv6msgdev = kzalloc(sizeof(struct icmpv6msg_mib_device), - GFP_KERNEL); + GFP_KERNEL_ACCOUNT); if (!idev->stats.icmpv6msgdev) goto err_icmpmsg; @@ -382,7 +382,7 @@ static struct inet6_dev *ipv6_add_dev(struct net_device *dev) if (dev->mtu < IPV6_MIN_MTU) return ERR_PTR(-EINVAL); - ndev = kzalloc(sizeof(struct inet6_dev), GFP_KERNEL); + ndev = kzalloc(sizeof(struct inet6_dev), GFP_KERNEL_ACCOUNT); if (!ndev) return ERR_PTR(err); @@ -7023,7 +7023,7 @@ static int __addrconf_sysctl_register(struct net *net, char *dev_name, struct ctl_table *table; char path[sizeof("net/ipv6/conf/") + IFNAMSIZ]; - table = kmemdup(addrconf_sysctl, sizeof(addrconf_sysctl), GFP_KERNEL); + table = kmemdup(addrconf_sysctl, sizeof(addrconf_sysctl), GFP_KERNEL_ACCOUNT); if (!table) goto out;