From patchwork Wed Nov 22 14:15:54 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13464940 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="IcsUGyv3" Received: from mail-pf1-x42d.google.com (mail-pf1-x42d.google.com [IPv6:2607:f8b0:4864:20::42d]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7F92419D; Wed, 22 Nov 2023 06:16:20 -0800 (PST) Received: by mail-pf1-x42d.google.com with SMTP id d2e1a72fcca58-6c431b91b2aso5928761b3a.1; Wed, 22 Nov 2023 06:16:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1700662580; x=1701267380; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=wEKF8LLG6U3WOQ+0Jd5b+JaDhInk2g16roqp0OT/5iQ=; b=IcsUGyv3r72G7slMp6GHDoKK55hqMYE20fFUiAi8OSjJ8/uLEFNZt45bDDUpcWcBvJ 36CenbaP70wYGtrI6iJUGliE4sdqHXKJsS57Hxsd0MGqQTePI03LLRkE9gYBlq7oaL7G Aj5g4B+KG3jPCNhugmjgDlhzNB2Nw+S1dq4AzA1ociIPzQphfsU+7UWXIApRK5DiY9E6 aHTaPat5qyBgIvTSxMtQvzy9T+NjDQG14Tz9h5AbD+pHJfXLGEcrTlaI9h37dO2v9R0I tfsUg9tHIhLldBrGMfZscQgZlMX7TtLfNRLn0CgiUgD7CX9Byq7GEDyKydGJj1lMAP12 qoBA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700662580; x=1701267380; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=wEKF8LLG6U3WOQ+0Jd5b+JaDhInk2g16roqp0OT/5iQ=; b=h4r8Zab0vnwXRZ/34lr8FeKgaDnW5nIivUTEIaWCMqX4tspHhEdpgr5PcSRI5vqPIW H6Kz25LQM29cK/UlaHAVfLawK5rerrZ9ip6lnvu4xWcZ39DQoD0eu2Nq5EXlYN6qe4GU DE4VsbNtsFRwjgQL19zjdxiPhrHb98COzSsefqOEEFDW1F+qhX6dyF9HF3MEylOgOFel to0EztWx6WyHu0DmXmk8zwLM35HrBbO9WEjbAi7jRfAARFCiEDz1n8iCjX6FHaVPLj+g XO37QPB7efTTaYEL0jH9KIF+j8i6U6LzvOCY1pv0mNd/Ay9A1fysulbflhja2hYnL9lL t7OA== X-Gm-Message-State: AOJu0YwPdlsN/+jftZo9U6iHGBO6p/1RFaqlDLcXYzloZs4hqan5dYX0 vFJrXjm6D7d0n1Ip7W0O2/8= X-Google-Smtp-Source: AGHT+IHaW2MTTY6XpXzARVPEMKHa87mJ8Yxq3K7qITmUxY6o2gfygIc8izDK27aA06ZWTKsysRRh+w== X-Received: by 2002:a05:6a20:e126:b0:187:7917:189d with SMTP id kr38-20020a056a20e12600b001877917189dmr2568042pzb.29.1700662579836; Wed, 22 Nov 2023 06:16:19 -0800 (PST) Received: from vultr.guest ([2001:19f0:ac01:a71:5400:4ff:fea8:5687]) by smtp.gmail.com with ESMTPSA id p18-20020a63fe12000000b0058988954686sm9356260pgh.90.2023.11.22.06.16.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 22 Nov 2023 06:16:19 -0800 (PST) From: Yafang Shao To: akpm@linux-foundation.org, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, omosnace@redhat.com, mhocko@suse.com Cc: linux-mm@kvack.org, linux-security-module@vger.kernel.org, bpf@vger.kernel.org, ligang.bdlg@bytedance.com, Yafang Shao , "Huang, Ying" Subject: [RFC PATCH v2 1/6] mm, doc: Add doc for MPOL_F_NUMA_BALANCING Date: Wed, 22 Nov 2023 14:15:54 +0000 Message-Id: <20231122141559.4228-2-laoar.shao@gmail.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231122141559.4228-1-laoar.shao@gmail.com> References: <20231122141559.4228-1-laoar.shao@gmail.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The document on MPOL_F_NUMA_BALANCING was missed in the initial commit The MPOL_F_NUMA_BALANCING document was inadvertently omitted from the initial commit bda420b98505 ("numa balancing: migrate on fault among multiple bound nodes") Let's ensure its inclusion. Signed-off-by: Yafang Shao Cc: "Huang, Ying" Reviewed-by: "Huang, Ying" --- .../admin-guide/mm/numa_memory_policy.rst | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/Documentation/admin-guide/mm/numa_memory_policy.rst b/Documentation/admin-guide/mm/numa_memory_policy.rst index eca38fa81e0f..19071b71979c 100644 --- a/Documentation/admin-guide/mm/numa_memory_policy.rst +++ b/Documentation/admin-guide/mm/numa_memory_policy.rst @@ -332,6 +332,33 @@ MPOL_F_RELATIVE_NODES MPOL_PREFERRED policies that were created with an empty nodemask (local allocation). +MPOL_F_NUMA_BALANCING (since Linux 5.12) + When operating in MPOL_BIND mode, enables NUMA balancing for tasks, + contingent upon kernel support. This feature optimizes page + placement within the confines of the specified memory binding + policy. The addition of the MPOL_F_NUMA_BALANCING flag augments the + control mechanism for NUMA balancing: + + - The sysctl knob numa_balancing governs global activation or + deactivation of NUMA balancing. + + - Even if sysctl numa_balancing is enabled, NUMA balancing remains + disabled by default for memory areas or applications utilizing + explicit memory policies. + + - The MPOL_F_NUMA_BALANCING flag facilitates NUMA balancing + activation for applications employing explicit memory policies + (MPOL_BIND). + + This flags enables various optimizations for page placement through + NUMA balancing. For instance, when an application's memory is bound + to multiple nodes (MPOL_BIND), the hint page fault handler attempts + to migrate accessed pages to reduce cross-node access if the + accessing node aligns with the policy nodemask. + + If the flag isn't supported by the kernel, or is used with mode + other than MPOL_BIND, -1 is returned and errno is set to EINVAL. + Memory Policy Reference Counting ================================ From patchwork Wed Nov 22 14:15:55 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13464942 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="ax5lL78t" Received: from mail-pf1-x42b.google.com (mail-pf1-x42b.google.com [IPv6:2607:f8b0:4864:20::42b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 860C718E; Wed, 22 Nov 2023 06:16:22 -0800 (PST) Received: by mail-pf1-x42b.google.com with SMTP id d2e1a72fcca58-6be0277c05bso6108714b3a.0; Wed, 22 Nov 2023 06:16:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1700662581; x=1701267381; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=a1wPdyu7ENjoKkwP42urAAujwzKPPcBKgK7aJbdTPeE=; b=ax5lL78th+Z22g/QoSweLLbYNQSWAEnGgTrbugudd31M8Pe8dgxUS9Izib712edpTp laj6FClvm6F58PQtRG9TmRwLVy3P+6J5NeR7Fc/SDs3KD0wwggNYTp1ldVaJ7dHPzJbs l6Cr0MUMBX+s85eCvC0Ew1NjIuI1C4doSpDeWZq2B8uyuRnl5YiL2msRw7iHoXG4NdZE RdAAC9tEHSpv0CRvqgzcgv0aCs73O5lcuNvC9J5xpNNcN3jPs+MknjBydJ4qTjhEuZwi aXkTEK8G5N0DNOn9nmtQJfUsV/mqOlzyiC3sLA2AKmg0SbG+15jEmqYZ/jIw/3GhB99C cnCw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700662581; x=1701267381; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=a1wPdyu7ENjoKkwP42urAAujwzKPPcBKgK7aJbdTPeE=; b=P7l/bqth0m0UAhToEbSA8iCA739Jd4Bb2BixOmDm6ee2VyDtXi7Oiojv8C4lcRvdVp nYyEMcb0pizZN/VAGtezlmATEctIsImaTbHMguKoN4C26hMyC4wiazYtQOxwT8QAl9Qu 3FnlCE0dgdv6/3/UBOuZHusykTISbwTAtnyxagVATSrRAsLCU6EvIrJd+Ej9bqRdA6tF MNm8j/sb1nVOZR/LNq4ypXRig8jWuvtxFuQWjh2rDrCAvNU+TnC2NVP3lW7tnyK5hA8H lfs5lcm0ZDqllyJ6ElUEITgdOdfr+YjXtUde3/Yd8V3nUC3uhoOcJOrXfNskGOrpYQMi GhuA== X-Gm-Message-State: AOJu0YyVjVgogNawburcyffpHBwD+ZEFIbsWYLVSOiBgeF5ilp8TAvUb qRZRQcxh0txpvrVq+RVu1GY= X-Google-Smtp-Source: AGHT+IE6MKBa9DH0DLtzNahG0PY3BEbv8SQ3K8eKqp+aMh3wCYdSUNsYu1dxH5w+xaX+5VuH6wLbEA== X-Received: by 2002:a05:6a21:33a4:b0:18b:4a28:6e2d with SMTP id yy36-20020a056a2133a400b0018b4a286e2dmr1310481pzb.22.1700662581452; Wed, 22 Nov 2023 06:16:21 -0800 (PST) Received: from vultr.guest ([2001:19f0:ac01:a71:5400:4ff:fea8:5687]) by smtp.gmail.com with ESMTPSA id p18-20020a63fe12000000b0058988954686sm9356260pgh.90.2023.11.22.06.16.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 22 Nov 2023 06:16:20 -0800 (PST) From: Yafang Shao To: akpm@linux-foundation.org, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, omosnace@redhat.com, mhocko@suse.com Cc: linux-mm@kvack.org, linux-security-module@vger.kernel.org, bpf@vger.kernel.org, ligang.bdlg@bytedance.com, Yafang Shao , Eric Dumazet , "Huang, Ying" Subject: [RFC PATCH v2 2/6] mm: mempolicy: Revise comment regarding mempolicy mode flags Date: Wed, 22 Nov 2023 14:15:55 +0000 Message-Id: <20231122141559.4228-3-laoar.shao@gmail.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231122141559.4228-1-laoar.shao@gmail.com> References: <20231122141559.4228-1-laoar.shao@gmail.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 MPOL_F_STATIC_NODES, MPOL_F_RELATIVE_NODES, and MPOL_F_NUMA_BALANCING are mode flags applicable to both set_mempolicy(2) and mbind(2) system calls. It's worth noting that MPOL_F_NUMA_BALANCING was initially introduced in commit bda420b98505 ("numa balancing: migrate on fault among multiple bound nodes") exclusively for set_mempolicy(2). However, it was later made a shared flag for both set_mempolicy(2) and mbind(2) following commit 6d2aec9e123b ("mm/mempolicy: do not allow illegal MPOL_F_NUMA_BALANCING | MPOL_LOCAL in mbind()"). This revised version aims to clarify the details regarding the mode flags. Signed-off-by: Yafang Shao Cc: Eric Dumazet Cc: "Huang, Ying" Reviewed-by: "Huang, Ying" --- include/uapi/linux/mempolicy.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/uapi/linux/mempolicy.h b/include/uapi/linux/mempolicy.h index a8963f7ef4c2..afed4a45f5b9 100644 --- a/include/uapi/linux/mempolicy.h +++ b/include/uapi/linux/mempolicy.h @@ -26,7 +26,7 @@ enum { MPOL_MAX, /* always last member of enum */ }; -/* Flags for set_mempolicy */ +/* Flags for set_mempolicy() or mbind() */ #define MPOL_F_STATIC_NODES (1 << 15) #define MPOL_F_RELATIVE_NODES (1 << 14) #define MPOL_F_NUMA_BALANCING (1 << 13) /* Optimize with NUMA balancing if possible */ From patchwork Wed Nov 22 14:15:56 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13464943 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Beb4BOiG" Received: from mail-oi1-x232.google.com (mail-oi1-x232.google.com [IPv6:2607:f8b0:4864:20::232]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A8D9F19D; Wed, 22 Nov 2023 06:16:23 -0800 (PST) Received: by mail-oi1-x232.google.com with SMTP id 5614622812f47-3b8382b8f5aso945926b6e.0; Wed, 22 Nov 2023 06:16:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1700662583; x=1701267383; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=jCohkZOlhmClx79gxDRv3lIssVMr2jJPQS/93j1RD9I=; b=Beb4BOiGlbxl5Qv1YG1LmB8pL9Zf5n9nm/FeZpHLFPU2FrPLmCgebrq3/6Nhm7VWy4 S3BBr4q68WSu529hrw1clZfg65K1d7p2lwxTChd+CUgI1G0FSH25mW8pzN5D5pj6oIXA SEGY5/gWnVu9TIjLXSXRd5t3164GoF/TZGsfOLNdkoFW9olUQWWQlhcuxnWV/u2TRhXy K5YMZ5Te/dytc0tBFl/CatKsxQf5765B9p44zAAzHV6TLNYqa8dhiDp5yDLJf4360gOw I9iYyiAN1Mh6dC+SQNoeuPIwx2Aj4pgGEUsTYnV4DKPozZ0OhcRycb+DSkggLDtQVmUM Bcpw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700662583; x=1701267383; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=jCohkZOlhmClx79gxDRv3lIssVMr2jJPQS/93j1RD9I=; b=VmZC4MsZOKN0misPIJaocG3FTtioxJd+xkSQZvYSgJf9FDkBTL8HHKLvXDVdRHG/p/ COVDqRnkZPeuu2La9LalmMe9TUo2FTqf/7jPnVSp8PEOPEQDA+NDHuGN6K7tiijUagco gVNP4Tu8wH234LZnCDuACkq6cmOl8fMbYpYRPxP3zWQagZi8nSKdrFMELko6+RkgFEj6 8XSON8Mo076CtyLKXfFsc7Doxd3BqIKTZxCRsZ/k2m4g0dQnbV5m4q+fD22yPIVbI5PS VFVPmLrmpjyYWuxVEctWQ0POwaBlheHBIdlfkXgl5a+9gkKtbfhRejHvXm/dA27W+DEd GT5Q== X-Gm-Message-State: AOJu0YxldfoQhmNvDkju8QGGAhp8aKp2XmKv8hzBoY16Kswfj5CuBdZu 0ejnzNCyEJElpVtntd1QXzwRU6QM4jMiyg== X-Google-Smtp-Source: AGHT+IFPQzNlhHQv85DvH7rICMBG6EPDsKSzKKxxrGWE7E6Dc9LlipZ3FkuurVVO/TYfDh7rCoO6nw== X-Received: by 2002:a05:6808:f87:b0:3b2:f54b:8b1f with SMTP id o7-20020a0568080f8700b003b2f54b8b1fmr2792746oiw.35.1700662582831; Wed, 22 Nov 2023 06:16:22 -0800 (PST) Received: from vultr.guest ([2001:19f0:ac01:a71:5400:4ff:fea8:5687]) by smtp.gmail.com with ESMTPSA id p18-20020a63fe12000000b0058988954686sm9356260pgh.90.2023.11.22.06.16.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 22 Nov 2023 06:16:22 -0800 (PST) From: Yafang Shao To: akpm@linux-foundation.org, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, omosnace@redhat.com, mhocko@suse.com Cc: linux-mm@kvack.org, linux-security-module@vger.kernel.org, bpf@vger.kernel.org, ligang.bdlg@bytedance.com, Yafang Shao Subject: [RFC PATCH v2 3/6] mm, security: Fix missed security_task_movememory() in mbind(2) Date: Wed, 22 Nov 2023 14:15:56 +0000 Message-Id: <20231122141559.4228-4-laoar.shao@gmail.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231122141559.4228-1-laoar.shao@gmail.com> References: <20231122141559.4228-1-laoar.shao@gmail.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Considering that mbind(2) using either MPOL_MF_MOVE or MPOL_MF_MOVE_ALL is capable of memory movement, it's essential to include security_task_movememory() to cover this functionality as well. It was identified during a code review. Signed-off-by: Yafang Shao --- mm/mempolicy.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/mm/mempolicy.c b/mm/mempolicy.c index 10a590ee1c89..ded2e0e62e24 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -1259,8 +1259,15 @@ static long do_mbind(unsigned long start, unsigned long len, if (!new) flags |= MPOL_MF_DISCONTIG_OK; - if (flags & (MPOL_MF_MOVE | MPOL_MF_MOVE_ALL)) + if (flags & (MPOL_MF_MOVE | MPOL_MF_MOVE_ALL)) { + err = security_task_movememory(current); + if (err) { + mpol_put(new); + return err; + } lru_cache_disable(); + } + { NODEMASK_SCRATCH(scratch); if (scratch) { From patchwork Wed Nov 22 14:15:57 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13464944 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="T+zK/skz" Received: from mail-pf1-x434.google.com (mail-pf1-x434.google.com [IPv6:2607:f8b0:4864:20::434]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D3FCE101; Wed, 22 Nov 2023 06:16:24 -0800 (PST) Received: by mail-pf1-x434.google.com with SMTP id d2e1a72fcca58-6cb9dd2ab56so3026856b3a.3; Wed, 22 Nov 2023 06:16:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1700662584; x=1701267384; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=B/MT70BN3YE30s8hUB70yCLmTZgANuDoSG8Z4XUzLV4=; b=T+zK/skzhDiebKP4Rt3BTLsdRCSKtV8NZ3RNSY1sGbnA0CERKiJ+IVZ1Ul/kHFXbqe Bwz7IySrK6Q/LwHMgyvW8L9CvUKRIo/sZvoaxuOgoAvDfQPiKeKAyueR8z2cg8q7iu63 uUwjojG641ZxDgAFSZB9D1S4ga78cxQt5crhqCh5bJLzoEU50dBWafUpk+L3VZ5IgJlm jLAXyOP3g8zUfugxJHdIy3omzQn8p+99EPbwScSMWMfMlBdrjfagpOU+YeaWZedwMLVi k6Lb4kbcs4b4yKTkOrJ8pXnHIs2b+Xm68AX6eqaT2m6StAdHSYbkmuaToR3DieWoB+sF UEzQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700662584; x=1701267384; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=B/MT70BN3YE30s8hUB70yCLmTZgANuDoSG8Z4XUzLV4=; b=fIo06SHPjQP8g1wFL+wDa2FdrW5xQMS+WzzCNf7k/uomhWmHa7kaCFzAldWXzNns3s WVwjMapOJ6Z+EdXgi4lE4RLFWZwYLQMEnhSxM4wClPUffhivBrMJuJEBkFxQsOtTirEV EvKBTcXXOFQjPbOQdQ9mNQAcfzWjYA/VLzZz5w2HSS+L5+Zo7j7n1MRg+I48TFh5wicI yVTH3JhdTGLaCYTAaEJHyWutgW2fCogbdkgUCgzawQk1TLck8Fbs7ZZUT4ELONNduoZj 10hOthkFxyuhmsT052GxYFq22NE6amnLWE827PuG7hPSkzZm2dcZgqkWg53iDxZxZZFH qSiQ== X-Gm-Message-State: AOJu0YymEXdcdhZWQYMgNMS09XYMCBl4hosm8PxLFO8G6M9c+u35Z99C 2Erx8YKElrqXT+LbMYn5nFk= X-Google-Smtp-Source: AGHT+IHBbCOf8ziLWGyNkSYBub43r5HaSVROiW9/4GVd+5hMyRcAH/fQNAV5DPcevfm6AUJFh0U55A== X-Received: by 2002:a05:6a20:54a4:b0:18b:4c44:d09 with SMTP id i36-20020a056a2054a400b0018b4c440d09mr1612194pzk.0.1700662584215; Wed, 22 Nov 2023 06:16:24 -0800 (PST) Received: from vultr.guest ([2001:19f0:ac01:a71:5400:4ff:fea8:5687]) by smtp.gmail.com with ESMTPSA id p18-20020a63fe12000000b0058988954686sm9356260pgh.90.2023.11.22.06.16.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 22 Nov 2023 06:16:23 -0800 (PST) From: Yafang Shao To: akpm@linux-foundation.org, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, omosnace@redhat.com, mhocko@suse.com Cc: linux-mm@kvack.org, linux-security-module@vger.kernel.org, bpf@vger.kernel.org, ligang.bdlg@bytedance.com, Yafang Shao Subject: [RFC PATCH v2 4/6] mm, security: Add lsm hook for memory policy adjustment Date: Wed, 22 Nov 2023 14:15:57 +0000 Message-Id: <20231122141559.4228-5-laoar.shao@gmail.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231122141559.4228-1-laoar.shao@gmail.com> References: <20231122141559.4228-1-laoar.shao@gmail.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 In a containerized environment, independent memory binding by a user can lead to unexpected system issues or disrupt tasks being run by other users on the same server. If a user genuinely requires memory binding, we will allocate dedicated servers to them by leveraging kubelet deployment. At present, users have the capability to bind their memory to a specific node without explicit agreement or authorization from us. Consequently, a new LSM hook is introduced to mitigate this. This implementation allows us to exercise fine-grained control over memory policy adjustments within our container environment Signed-off-by: Yafang Shao --- include/linux/lsm_hook_defs.h | 3 +++ include/linux/security.h | 9 +++++++++ mm/mempolicy.c | 8 ++++++++ security/security.c | 13 +++++++++++++ 4 files changed, 33 insertions(+) diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index ff217a5ce552..558012719f98 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -419,3 +419,6 @@ LSM_HOOK(int, 0, uring_override_creds, const struct cred *new) LSM_HOOK(int, 0, uring_sqpoll, void) LSM_HOOK(int, 0, uring_cmd, struct io_uring_cmd *ioucmd) #endif /* CONFIG_IO_URING */ + +LSM_HOOK(int, 0, set_mempolicy, unsigned long mode, unsigned short mode_flags, + nodemask_t *nmask, unsigned int flags) diff --git a/include/linux/security.h b/include/linux/security.h index 1d1df326c881..cc4a19a0888c 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -484,6 +484,8 @@ int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen); int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); int security_locked_down(enum lockdown_reason what); +int security_set_mempolicy(unsigned long mode, unsigned short mode_flags, + nodemask_t *nmask, unsigned int flags); #else /* CONFIG_SECURITY */ static inline int call_blocking_lsm_notifier(enum lsm_event event, void *data) @@ -1395,6 +1397,13 @@ static inline int security_locked_down(enum lockdown_reason what) { return 0; } + +static inline int +security_set_mempolicy(unsigned long mode, unsigned short mode_flags, + nodemask_t *nmask, unsigned int flags) +{ + return 0; +} #endif /* CONFIG_SECURITY */ #if defined(CONFIG_SECURITY) && defined(CONFIG_WATCH_QUEUE) diff --git a/mm/mempolicy.c b/mm/mempolicy.c index ded2e0e62e24..aa09198cbd29 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -1490,6 +1490,10 @@ static long kernel_mbind(unsigned long start, unsigned long len, if (err) return err; + err = security_set_mempolicy(lmode, mode_flags, &nodes, flags); + if (err) + return err; + return do_mbind(start, len, lmode, mode_flags, &nodes, flags); } @@ -1584,6 +1588,10 @@ static long kernel_set_mempolicy(int mode, const unsigned long __user *nmask, if (err) return err; + err = security_set_mempolicy(lmode, mode_flags, &nodes, 0); + if (err) + return err; + return do_set_mempolicy(lmode, mode_flags, &nodes); } diff --git a/security/security.c b/security/security.c index dcb3e7014f9b..685ad7993753 100644 --- a/security/security.c +++ b/security/security.c @@ -5337,3 +5337,16 @@ int security_uring_cmd(struct io_uring_cmd *ioucmd) return call_int_hook(uring_cmd, 0, ioucmd); } #endif /* CONFIG_IO_URING */ + +/** + * security_set_mempolicy() - Check if memory policy can be adjusted + * @mode: The memory policy mode to be set + * @mode_flags: optional mode flags + * @nmask: modemask to which the mode applies + * @flags: mode flags for mbind(2) only + */ +int security_set_mempolicy(unsigned long mode, unsigned short mode_flags, + nodemask_t *nmask, unsigned int flags) +{ + return call_int_hook(set_mempolicy, 0, mode, mode_flags, nmask, flags); +} From patchwork Wed Nov 22 14:15:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13464945 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="PvuJnPvR" Received: from mail-pf1-x42b.google.com (mail-pf1-x42b.google.com [IPv6:2607:f8b0:4864:20::42b]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 24D80D45; Wed, 22 Nov 2023 06:16:26 -0800 (PST) Received: by mail-pf1-x42b.google.com with SMTP id d2e1a72fcca58-6c39ad730aaso5573313b3a.0; Wed, 22 Nov 2023 06:16:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1700662585; x=1701267385; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Hrd8Q/aZ94cCzu/B8oHzIUPKN1cXCmsoH2G1FVF6YII=; b=PvuJnPvRDT3dFSPJQEOi0Gni+GO0isWd0WRSvU/ai6tg2xxZ4iZm7S/xl/j1ZSAMsQ syCcURikd+rg575FcwtJdrG48/5pHhC95gSIZPxoK1FL1uI9YTqb/W6Snm4JSG/z0Dvy C+VOMNREwfTrCb96GvK5KAnWMUIUOEvvOoygvu9SR/9FGpQCcsBQyJ7onfHm7S7OHqY8 bRgbltg3bJuYjF9b9k08KGE1K1tHImRaTSPrySwlGQspPj5usqiRnEkwS3VvYhZzCoxL VTF3ec+EvwcfZkEjUsIlYC+0DLfxq3jS4+H8k7TvMAFZKHJNTC+SoDbNQW0ChcEcT+y/ 8qqg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700662585; x=1701267385; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Hrd8Q/aZ94cCzu/B8oHzIUPKN1cXCmsoH2G1FVF6YII=; b=uNlKkdcpHMHt6N4nMbUZZTRcMiWiYdAUhV0T6mve+yWF0nJFMdljrr3pYZA6YSqrPZ zpIkOATAjjLSgpFYbPZ+5uK+7Pm74VE725bJXxYOpA1EM+fD+tLSbAiyC1chW2Jsafqf bJv4zGY8BctCUHAkJ7XDrWhiXYKoQ7haKJT3bP2kr2cQmPGqWhXBU6zUUHt24N+RsoCh msucms1GhK0ZDQdSL+LC6lKmpugieWyhJjVlPJa/+RvthuhcEAQtQfRlrthFZO9EPCr+ UPMuzkfBx+XvpZhsUFW7yubARFtLLecYjwRSDL5hJR0XZY/NFwBTXtwhRlpmh15+RYiq 5q+Q== X-Gm-Message-State: AOJu0YzfR7PqAohyy66nxvcYr6wtoYUETiygcrpkeQU91Ez2KvJpgAk9 1/flSLVArSbw9ebpa2w+yyQ= X-Google-Smtp-Source: AGHT+IGF0KDGd0J4OzHwSICvSyOZwIZbK788qwUREZr+VnXmoQq3XSPFAWg5FrUvb1keh4HsnjevJg== X-Received: by 2002:a05:6a20:e113:b0:18a:db62:6922 with SMTP id kr19-20020a056a20e11300b0018adb626922mr2719249pzb.35.1700662585570; Wed, 22 Nov 2023 06:16:25 -0800 (PST) Received: from vultr.guest ([2001:19f0:ac01:a71:5400:4ff:fea8:5687]) by smtp.gmail.com with ESMTPSA id p18-20020a63fe12000000b0058988954686sm9356260pgh.90.2023.11.22.06.16.24 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 22 Nov 2023 06:16:25 -0800 (PST) From: Yafang Shao To: akpm@linux-foundation.org, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, omosnace@redhat.com, mhocko@suse.com Cc: linux-mm@kvack.org, linux-security-module@vger.kernel.org, bpf@vger.kernel.org, ligang.bdlg@bytedance.com, Yafang Shao Subject: [RFC PATCH v2 5/6] security: selinux: Implement set_mempolicy hook Date: Wed, 22 Nov 2023 14:15:58 +0000 Message-Id: <20231122141559.4228-6-laoar.shao@gmail.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231122141559.4228-1-laoar.shao@gmail.com> References: <20231122141559.4228-1-laoar.shao@gmail.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Add a SELinux access control for the newly introduced set_mempolicy lsm hook. A new permission "setmempolicy" is defined under the "process" class for it. Signed-off-by: Yafang Shao --- security/selinux/hooks.c | 8 ++++++++ security/selinux/include/classmap.h | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index feda711c6b7b..1528d4dcfa03 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -4238,6 +4238,13 @@ static int selinux_userns_create(const struct cred *cred) USER_NAMESPACE__CREATE, NULL); } +static int selinux_set_mempolicy(unsigned long mode, unsigned short mode_flags, + nodemask_t *nmask, unsigned int flags) +{ + return avc_has_perm(current_sid(), task_sid_obj(current), SECCLASS_PROCESS, + PROCESS__SETMEMPOLICY, NULL); +} + /* Returns error only if unable to parse addresses */ static int selinux_parse_skb_ipv4(struct sk_buff *skb, struct common_audit_data *ad, u8 *proto) @@ -7072,6 +7079,7 @@ static struct security_hook_list selinux_hooks[] __ro_after_init = { LSM_HOOK_INIT(task_kill, selinux_task_kill), LSM_HOOK_INIT(task_to_inode, selinux_task_to_inode), LSM_HOOK_INIT(userns_create, selinux_userns_create), + LSM_HOOK_INIT(set_mempolicy, selinux_set_mempolicy), LSM_HOOK_INIT(ipc_permission, selinux_ipc_permission), LSM_HOOK_INIT(ipc_getsecid, selinux_ipc_getsecid), diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h index a3c380775d41..c280d92a409f 100644 --- a/security/selinux/include/classmap.h +++ b/security/selinux/include/classmap.h @@ -51,7 +51,7 @@ const struct security_class_mapping secclass_map[] = { "getattr", "setexec", "setfscreate", "noatsecure", "siginh", "setrlimit", "rlimitinh", "dyntransition", "setcurrent", "execmem", "execstack", "execheap", "setkeycreate", - "setsockcreate", "getrlimit", NULL } }, + "setsockcreate", "getrlimit", "setmempolicy", NULL } }, { "process2", { "nnp_transition", "nosuid_transition", NULL } }, { "system", From patchwork Wed Nov 22 14:15:59 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13464946 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="QH/5+/7z" Received: from mail-pf1-x432.google.com (mail-pf1-x432.google.com [IPv6:2607:f8b0:4864:20::432]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6021019E; Wed, 22 Nov 2023 06:16:27 -0800 (PST) Received: by mail-pf1-x432.google.com with SMTP id d2e1a72fcca58-6c4d06b6ddaso5745887b3a.3; Wed, 22 Nov 2023 06:16:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1700662587; x=1701267387; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=42bpqVzHBF23qzcSwgVCWgOUmb+BqnKFGPkAIPmzQRk=; b=QH/5+/7z752qsHax/mfWb85MHjlveJJAhG1o9yjGOD8WoO5MEdLkkbZ5b4bhgPq2WG ruYninx1erAlGDpHB/LmLWi9qs9X4tX1hDVL2RKm1ZGaa/D6f5UxZUJtKU+v6ciwW0+Y N4emx6OVXSjrEUIEBUmjyMZghAFklUatKqgZSV1rhL8Mb3wmS0NccRRRZFAvOKF2cZkC 6Z4j/wbAviOZwwVUCiglT9KMA35HjOxhjBGpxdO2vNOhbIXk0Rutd0ae4Jmew6tLn2J/ WeoGbsL1pCUvyjMLW5tWvoqY/EXmWXt9nZcYE3mZFPGeFWOHSa2glsawrVqsHXbXD7nn 3pKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1700662587; x=1701267387; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=42bpqVzHBF23qzcSwgVCWgOUmb+BqnKFGPkAIPmzQRk=; b=Tk7yRFTuX99ahkHFjM2mcuUIqRRhoJZDCerLpZqZssVl9XQLzRMYLghuqxHDyanN2g Fsxo48TU0NAXI8xB4GM7XrXkTRpR9+xw/l6vPfRV5P0sBJGKeP1qAlS120rQNxCe9gi4 VL9uLMY8sVl7t1MCCmBL5eeQiL3wSb1Wdc6+uvin9dc4sruk0LoVFZI+0kSMVjv9i6Z7 1zJ6COh1n3VJK5PbgYJW9wyePlRmzA2pwY6mpvy50+hagnejow2fdYD4RoKMoJjssUTC UXkyxSr++Qr4L0mls25HC1U68KBp3NdF0OavzDUV66R956nriqZAteWiqi6lylwpHzQ/ jrYw== X-Gm-Message-State: AOJu0Yy5eBj9hNAMWp0418otTMnOQrmyXtsfyMkizT/kTOMupMLN9sJl 5tWYWLxrxY9CorBXOwjLdMss9o7vJFhtFWDp X-Google-Smtp-Source: AGHT+IH9TJv1IbJvzrwzu5iTZh4KrlS6UUEMOLV3hX6Kk58543Idex8psVvUw1lHrI+Zle6LTEek0A== X-Received: by 2002:a05:6a20:548c:b0:187:ce9f:e1ab with SMTP id i12-20020a056a20548c00b00187ce9fe1abmr2457912pzk.33.1700662586874; Wed, 22 Nov 2023 06:16:26 -0800 (PST) Received: from vultr.guest ([2001:19f0:ac01:a71:5400:4ff:fea8:5687]) by smtp.gmail.com with ESMTPSA id p18-20020a63fe12000000b0058988954686sm9356260pgh.90.2023.11.22.06.16.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 22 Nov 2023 06:16:26 -0800 (PST) From: Yafang Shao To: akpm@linux-foundation.org, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, omosnace@redhat.com, mhocko@suse.com Cc: linux-mm@kvack.org, linux-security-module@vger.kernel.org, bpf@vger.kernel.org, ligang.bdlg@bytedance.com, Yafang Shao Subject: [RFC PATCH v2 6/6] selftests/bpf: Add selftests for set_mempolicy with a lsm prog Date: Wed, 22 Nov 2023 14:15:59 +0000 Message-Id: <20231122141559.4228-7-laoar.shao@gmail.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231122141559.4228-1-laoar.shao@gmail.com> References: <20231122141559.4228-1-laoar.shao@gmail.com> Precedence: bulk X-Mailing-List: linux-security-module@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 The result as follows, #261/1 set_mempolicy/MPOL_BIND_with_lsm:OK #261/2 set_mempolicy/MPOL_DEFAULT_with_lsm:OK #261/3 set_mempolicy/MPOL_BIND_without_lsm:OK #261/4 set_mempolicy/MPOL_DEFAULT_without_lsm:OK #261 set_mempolicy:OK Summary: 1/4 PASSED, 0 SKIPPED, 0 FAILED Signed-off-by: Yafang Shao --- tools/testing/selftests/bpf/Makefile | 2 +- .../selftests/bpf/prog_tests/set_mempolicy.c | 79 +++++++++++++++++++ .../selftests/bpf/progs/test_set_mempolicy.c | 29 +++++++ 3 files changed, 109 insertions(+), 1 deletion(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/set_mempolicy.c create mode 100644 tools/testing/selftests/bpf/progs/test_set_mempolicy.c diff --git a/tools/testing/selftests/bpf/Makefile b/tools/testing/selftests/bpf/Makefile index 9c27b67bc7b1..3c3c3b7d5dcd 100644 --- a/tools/testing/selftests/bpf/Makefile +++ b/tools/testing/selftests/bpf/Makefile @@ -35,7 +35,7 @@ CFLAGS += -g $(OPT_FLAGS) -rdynamic \ -I$(CURDIR) -I$(INCLUDE_DIR) -I$(GENDIR) -I$(LIBDIR) \ -I$(TOOLSINCDIR) -I$(APIDIR) -I$(OUTPUT) LDFLAGS += $(SAN_LDFLAGS) -LDLIBS += -lelf -lz -lrt -lpthread +LDLIBS += -lelf -lz -lrt -lpthread -lnuma ifneq ($(LLVM),) # Silence some warnings when compiled with clang diff --git a/tools/testing/selftests/bpf/prog_tests/set_mempolicy.c b/tools/testing/selftests/bpf/prog_tests/set_mempolicy.c new file mode 100644 index 000000000000..0dc3391b29fb --- /dev/null +++ b/tools/testing/selftests/bpf/prog_tests/set_mempolicy.c @@ -0,0 +1,79 @@ +// SPDX-License-Identifier: GPL-2.0 +/* Copyright (C) 2023 Yafang Shao */ + +#include +#include +#include +#include +#include +#include "test_set_mempolicy.skel.h" + +#define SIZE 4096 + +static void mempolicy_bind(bool success) +{ + unsigned long mask = 1; + char *addr; + int err; + + addr = mmap(NULL, SIZE, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0); + if (!ASSERT_OK_PTR(addr, "mmap")) + return; + + err = mbind(addr, SIZE, MPOL_BIND, &mask, sizeof(mask), 0); + if (success) + ASSERT_OK(err, "mbind_success"); + else + ASSERT_ERR(err, "mbind_fail"); + + munmap(addr, SIZE); +} + +static void mempolicy_default(void) +{ + char *addr; + int err; + + addr = mmap(NULL, SIZE, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0); + if (!ASSERT_OK_PTR(addr, "mmap")) + return; + + err = mbind(addr, SIZE, MPOL_DEFAULT, NULL, 0, 0); + ASSERT_OK(err, "mbind_success"); + + munmap(addr, SIZE); +} +void test_set_mempolicy(void) +{ + struct test_set_mempolicy *skel; + int err; + + skel = test_set_mempolicy__open(); + if (!ASSERT_OK_PTR(skel, "open")) + return; + + skel->bss->target_pid = getpid(); + + err = test_set_mempolicy__load(skel); + if (!ASSERT_OK(err, "load")) + goto destroy; + + /* Attach LSM prog first */ + err = test_set_mempolicy__attach(skel); + if (!ASSERT_OK(err, "attach")) + goto destroy; + + /* syscall to adjust memory policy */ + if (test__start_subtest("MPOL_BIND_with_lsm")) + mempolicy_bind(false); + if (test__start_subtest("MPOL_DEFAULT_with_lsm")) + mempolicy_default(); + +destroy: + test_set_mempolicy__destroy(skel); + + if (test__start_subtest("MPOL_BIND_without_lsm")) + mempolicy_bind(true); + if (test__start_subtest("MPOL_DEFAULT_without_lsm")) + mempolicy_default(); +} diff --git a/tools/testing/selftests/bpf/progs/test_set_mempolicy.c b/tools/testing/selftests/bpf/progs/test_set_mempolicy.c new file mode 100644 index 000000000000..31eeaa580a17 --- /dev/null +++ b/tools/testing/selftests/bpf/progs/test_set_mempolicy.c @@ -0,0 +1,29 @@ +// SPDX-License-Identifier: GPL-2.0 +/* Copyright (C) 2023 Yafang Shao */ + +#include "vmlinux.h" +#include +#include +#include + +int target_pid; + +static int mem_policy_adjustment(u64 mode) +{ + struct task_struct *task = bpf_get_current_task_btf(); + + if (task->pid != target_pid) + return 0; + + if (mode != MPOL_BIND) + return 0; + return -1; +} + +SEC("lsm/set_mempolicy") +int BPF_PROG(setmempolicy, u64 mode, u16 mode_flags, nodemask_t *nmask, u32 flags) +{ + return mem_policy_adjustment(mode); +} + +char _license[] SEC("license") = "GPL";