From patchwork Fri Dec 1 09:46:30 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13475551 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 4BAEDC10F04 for ; Fri, 1 Dec 2023 09:47:12 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E77366B043E; Fri, 1 Dec 2023 04:47:10 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id E27876B0441; Fri, 1 Dec 2023 04:47:10 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id CF0656B0442; Fri, 1 Dec 2023 04:47:10 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id B1CCD6B0441 for ; Fri, 1 Dec 2023 04:47:10 -0500 (EST) Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 8D6061A011C for ; Fri, 1 Dec 2023 09:47:10 +0000 (UTC) X-FDA: 81517771020.05.B65F78F Received: from mail-pg1-f169.google.com (mail-pg1-f169.google.com [209.85.215.169]) by imf19.hostedemail.com (Postfix) with ESMTP id C8A701A0029 for ; Fri, 1 Dec 2023 09:47:08 +0000 (UTC) Authentication-Results: imf19.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=C7rYB5PY; spf=pass (imf19.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.215.169 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1701424028; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=mmx346GI6fqI6wzgBEPg9Fgvbs5eLVjahXLFcCzrycE=; b=FutRQxl2vGMYKV2GALoeaCqj1obkKUBx6Pww2P+FWMYDWmHfBQEcfJuL0dBIAW5dEebegP fNtWPMI48VmjHZnitoRq7izLMWfH04fVQLVW3aFa0ecyjzhiKCLca60o17jOFOLTq8RL79 //tqW5P+RolNpsSgHsds+DLxHu8YIFM= ARC-Authentication-Results: i=1; imf19.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=C7rYB5PY; spf=pass (imf19.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.215.169 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1701424028; a=rsa-sha256; cv=none; b=MJbziOsbq3Qf3QKRoacMgR+VtB2gjGCipQ03dIQwF1q2Mcvr14CCMeFujMsPT0t7y9xfz3 73g1TWiFdmkkynYrxNf06CoTDm3hxuC01J01myl+Qpju4LODOW//hykMdIoYUTWjJf9EOS EyXDNmV1Eaz4ikW83iU9d0DO/YycEsQ= Received: by mail-pg1-f169.google.com with SMTP id 41be03b00d2f7-5c1f8b0c149so243756a12.3 for ; Fri, 01 Dec 2023 01:47:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701424027; x=1702028827; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=mmx346GI6fqI6wzgBEPg9Fgvbs5eLVjahXLFcCzrycE=; b=C7rYB5PY6h0MOzNy6316JIk88wbgoKPoTAgygPr/GXhRK1nOUpxIis8WvkZDrELfWv dEjqE0UFxeAtpHOV6ZtPlifr4fZbKKBEenp2Anxzm5bfRGpJ8Q93iWS/MDW8JE8Qs6v0 ksG/EWrUXbcpTEK+suIMhHX9xR1s8t+9Gd84FZ1owlt5ZDQ+GsKyRFBxX6kpDZNe39D3 mjndem2tAG65PmYMx7yYjuuFjewrHKS29JSKffE1/oMW5IJ7JHnELA/rr4kgfIlxpmX/ UzqYDoUM4Y40vsGzBlqqOy/mIXY6QCj/gaw2rWk3ibqIEhoD9DKUNHCBM254HIgTAELr XT7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701424027; x=1702028827; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=mmx346GI6fqI6wzgBEPg9Fgvbs5eLVjahXLFcCzrycE=; b=LxYzDRyL+vGtXzb7bMgre3KrqQ93McnpntanvPsG0Q2pRikVZERbSt/5HU0dZJGA7I TqHcHgDBSbb4a5BADcvFlj5uM+B+VbPq3IEh0aCE0Y1AOBHoc5GWiC3jQ6I5nsYFJaU0 NdWGkuL7VaYsjlNobivIxewmAlD+36l8n2yfycvPhzSMGTMVlsYN6fZ1VvgiP3zpjwLY 6qX5E9lhVTydjwRikOTFIFl+03nMz2f01ORqEM/WpiIP0ckoZ/jWuyDZ91IyuYlayK8K NGja9+ftvXfsIKzvnQ2MQ2nQioG94zLfSUcnSVi88968zyaFJHaStsTcC9udOLJH1f9h 3mdA== X-Gm-Message-State: AOJu0YxX2AagjORiRa7t2ahX6o4O7Bq/LoebC7B42ZZdIhksaRaRYoiW wuDrfq1N5Kb1YZFBFAO0xz8= X-Google-Smtp-Source: AGHT+IFigdK8sQwXucIFYeMm2TxPUV3X4nzFGv3uOLyaN6ywOAWNYbjC0TurnvUFhtxnQN/TgABwqA== X-Received: by 2002:a05:6a20:5521:b0:187:f7ac:b8d5 with SMTP id ko33-20020a056a20552100b00187f7acb8d5mr20361920pzb.25.1701424027584; Fri, 01 Dec 2023 01:47:07 -0800 (PST) Received: from vultr.guest ([149.28.194.201]) by smtp.gmail.com with ESMTPSA id e6-20020a170902b78600b001bdd7579b5dsm2875534pls.240.2023.12.01.01.47.06 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 01 Dec 2023 01:47:07 -0800 (PST) From: Yafang Shao To: akpm@linux-foundation.org, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, omosnace@redhat.com, mhocko@suse.com, ying.huang@intel.com Cc: linux-mm@kvack.org, linux-security-module@vger.kernel.org, bpf@vger.kernel.org, ligang.bdlg@bytedance.com, Yafang Shao Subject: [PATCH v3 1/7] mm, doc: Add doc for MPOL_F_NUMA_BALANCING Date: Fri, 1 Dec 2023 09:46:30 +0000 Message-Id: <20231201094636.19770-2-laoar.shao@gmail.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231201094636.19770-1-laoar.shao@gmail.com> References: <20231201094636.19770-1-laoar.shao@gmail.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: C8A701A0029 X-Rspam-User: X-Stat-Signature: 4u5omqsbikqd16bn69hno6ofhe8i88mp X-Rspamd-Server: rspam01 X-HE-Tag: 1701424028-590434 X-HE-Meta: U2FsdGVkX1+02HbU5WypDHdracdK7a0Dhg1q/rAKOtrvXjJrxB0IDndFWtwodEzqMRtNKfO6YfAw8ExPUzgjUTFSW+zzR+KJ4uaFWrBrOhTCrtwQfGiI9WXCwVnK7z+8iDOSi+OnPOhXLGAd2hkaGr8R+hSqAIcswEXOMl93DWrWciObgYb6jwnYMnplzVhbiR2MY5uCqnH7DxrQzFeUWxioeBez9U85usrugz/voFpn6aLKP8qup66RDpF4I5RQ/mFNQljpkh0EhG6rDCvCSjHzWtgyslJGEZmaMsg7xSxqRgslNFv8ACh3bcxLLCbWXn7WKA4BDKOmJEj8vDGXW4SBcC3rfnZVGHcB/8jPaAYcH+wBSVC7SGKhlTS6t42yVv34ZHpoYDFIJ2bHTEizp3GRWq54SXbH48cURDltbdvWyyPwU4EkVIXHEe5kgf+SxUFy9cyzMtUVuKfr5NtAQ8LG44P3RnF8P7ru1GLGSM/Cldwaj5QLzlqX7l7Ng9pV6BBiquJBNaJE5TFHoIjKyLHH+fKRU49rmh6xsZzA7UXFu64SS2QC5cMVD+JUoDdWz8byOj3l4zxW3euTFqAapuDfeIhFaKfGjrp2mrt930Jcc8zcdubhidGy1Cz4FzEC30F78Cibv7W4KM9Sx4/qHJ+qGChr8ZsIpWQcHSw+/3ZTUSPC+aSYFMiMh3nlmYUkcZR5nTuEOn7VtBVnNbf+vYsKBfaDOqpN4T+RQcfoWdwvVm4gGz83/l3/NrYoNexXy+07gQAow9xJ0cvUPT9dfiPevuXXCHV7SyFXBGfwmgbWFPhVNqxtDOprsSBxmrHiFCPT+J+KXFhbR8iMyz2AE6ScIh5aFclPSZ4vbJdjFv4yYurHzIMn4nQ9MhaLrbvye/LP8Kh7VDPJZFt/JVQ7mC2yTb8b1sdQcD7ZIMYrQa755BRhCLWeyCsLerbMWUYuNDBYidAgsyR/2jpTFJp hPdFBNJx XHPr2ie5FGr07/ibA4pwowEVhyT3gfaTL58iHpLEjpMbJCIsjUXIW3Vibf5FShh+Azi1po0vmBNbCFeK4Oz2HJ7mVQUCbIy1jtrwFxsvgmSloIy1eLO2bUC6HZ1By4iX7Rw3v9q/41wB2M42bBq39LDdwZ2SM6zPiXlwacnc68A8AB02kvIp5QC3vmPUhEfBOt0S38l/IHdHR+Q6jh1GH3Y3cB0kTf/AEpTkZG2Joff66HUSFXEMU6N2KYvaQCTnh22b5vT+j6+oqNLTzUnUXz8qQi6t+SnvYoRKa3p1y8k9I6kSIAEZ+O9AY5hIWqkCF7LC3GZPsr4ZfSHRNPg3MUInV8NmIrfO485wrOnikjCQEqDy8r56ISmwXkzxX8BpjTfUfeWj7n0bNFQyxTXfcTLmOWaWHewlYJ1pcvgSg+8L5rtiIrKFHkKXJyKmHopnsA5I56sSl5XKjzGnemdCgZ8tgq885Ul1iWTnMbm42DDsnnfGhQ/KjD8/63HefzfwFGHPizBKELnpc6dqX/ahu6t0IrSCF0qWEvbV7MtFf0Rji194gvoYffTYsGB7TR1BxG5JNww4LatsPvBQB+J2eW9rb93YCxX+UVgTdh8yIal5iC78= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000013, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: The document on MPOL_F_NUMA_BALANCING was missed in the initial commit The MPOL_F_NUMA_BALANCING document was inadvertently omitted from the initial commit bda420b98505 ("numa balancing: migrate on fault among multiple bound nodes") Let's ensure its inclusion. Signed-off-by: Yafang Shao Reviewed-by: "Huang, Ying" --- .../admin-guide/mm/numa_memory_policy.rst | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/Documentation/admin-guide/mm/numa_memory_policy.rst b/Documentation/admin-guide/mm/numa_memory_policy.rst index eca38fa81e0f..19071b71979c 100644 --- a/Documentation/admin-guide/mm/numa_memory_policy.rst +++ b/Documentation/admin-guide/mm/numa_memory_policy.rst @@ -332,6 +332,33 @@ MPOL_F_RELATIVE_NODES MPOL_PREFERRED policies that were created with an empty nodemask (local allocation). +MPOL_F_NUMA_BALANCING (since Linux 5.12) + When operating in MPOL_BIND mode, enables NUMA balancing for tasks, + contingent upon kernel support. This feature optimizes page + placement within the confines of the specified memory binding + policy. The addition of the MPOL_F_NUMA_BALANCING flag augments the + control mechanism for NUMA balancing: + + - The sysctl knob numa_balancing governs global activation or + deactivation of NUMA balancing. + + - Even if sysctl numa_balancing is enabled, NUMA balancing remains + disabled by default for memory areas or applications utilizing + explicit memory policies. + + - The MPOL_F_NUMA_BALANCING flag facilitates NUMA balancing + activation for applications employing explicit memory policies + (MPOL_BIND). + + This flags enables various optimizations for page placement through + NUMA balancing. For instance, when an application's memory is bound + to multiple nodes (MPOL_BIND), the hint page fault handler attempts + to migrate accessed pages to reduce cross-node access if the + accessing node aligns with the policy nodemask. + + If the flag isn't supported by the kernel, or is used with mode + other than MPOL_BIND, -1 is returned and errno is set to EINVAL. + Memory Policy Reference Counting ================================ From patchwork Fri Dec 1 09:46:31 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13475552 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D665BC4167B for ; Fri, 1 Dec 2023 09:47:14 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 616F66B0446; Fri, 1 Dec 2023 04:47:13 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 43E456B0441; Fri, 1 Dec 2023 04:47:13 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 2B7F76B0445; Fri, 1 Dec 2023 04:47:13 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 15C406B0441 for ; Fri, 1 Dec 2023 04:47:13 -0500 (EST) Received: from smtpin21.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id D1D5FC010D for ; Fri, 1 Dec 2023 09:47:12 +0000 (UTC) X-FDA: 81517771104.21.5C84BFE Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169]) by imf12.hostedemail.com (Postfix) with ESMTP id 17EE540003 for ; Fri, 1 Dec 2023 09:47:09 +0000 (UTC) Authentication-Results: imf12.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=iUsxj9F6; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf12.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.214.169 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1701424030; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=7q7TZ/hQmcOsL5S8ofmt3CfzAuJJI0PuQ5alBSABkro=; b=FPSMUMF6WYJSPL6QDaG97H1JilXf0ynUpARUMl4W/aXBWMoFZ10mFUqee5933L1QdKx1KL bbU7GbN/IlREsdHW2Kv3S5UfRbcaLE4W18Ru4DoZVIkiPpgkVHSvjomh852Fl94eSEROWn YqjwYJpgNmxvIFYP+Ax704e/Mk5A/yE= ARC-Authentication-Results: i=1; imf12.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=iUsxj9F6; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf12.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.214.169 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1701424030; a=rsa-sha256; cv=none; b=8HF6hNlTd7ttR1KfFlHxMAPOPMxWHRiKQCYQDJMSPWjBpMVsUMIHJ76o9qt0Rd2On+zNjN uaonBM5brOtdj/RsPIBwrHS0ysmOwGeyF4yfV6dGahZlFHgr2Z774cqBSMViSioSLaIVSi 8LV/PwDfReLAZjqhaMPKKYFidHz1hQg= Received: by mail-pl1-f169.google.com with SMTP id d9443c01a7336-1d01c45ffebso2937265ad.1 for ; Fri, 01 Dec 2023 01:47:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701424029; x=1702028829; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=7q7TZ/hQmcOsL5S8ofmt3CfzAuJJI0PuQ5alBSABkro=; b=iUsxj9F6ufPjx4PG/87lidFPmKjXsl63/1xt45a9HApA4TawMyoXZuD8pM6W7BORd/ jA3S4BW6Yb6FH1MZf63Xjzii1OwLH4AyGdg4Pjx9PXZ3Dv3O4I5yvqmSmoT0mJVAnHTO /zWSA7aPu2B9TbF8K4MKZowk1MS84F877OSdyg5fBDMfXNi8HpW/u3QfbBrC5liS7zDp P6HkuxaIunW4rnjuRYjYk3ZB/j7tKGkDg9O9zsJycSj4DtIgIYr1Fbh+BIkcZMA7eSMc WcVFhYONrRcDQ+xViHLFl8raLF+HIgHNQYuuUlgv6QM7GgZYwhofOqnFmPP7fYaZpYeP eZVg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701424029; x=1702028829; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=7q7TZ/hQmcOsL5S8ofmt3CfzAuJJI0PuQ5alBSABkro=; b=qXV+5LXS02lEDIoYMHy2vjhKg1lQ5mr0qqJIlR3iLXSu6z/6S78qNOacTbu4c6XXjA hqD9da3R4DyHO2ATCj+JRGPAIqLaCCYzwwa+AIq86OJ/SwtIG1IAWUThbx9QtL1c8uuW k/E5OZmDBXAC09caPhPfaomEwbY24ygDhtkcn/C+jbD2aLSWYK+Ba1SttNIiGAABYpak ijJJdDK93KVfalH7vfuv6VbBY1JmgK+rxVqdQW5t/Vw5t5M42SRaGeZ1eWZCGPgt1ON1 GiIAfIBy3AiDFheFiGXJxCgtH9EJNe5bIK7KUfYp4RSY+YVD04+E4VkLMYx4/VOKX1Lu MzaA== X-Gm-Message-State: AOJu0YxnAaEL2beuKLVaGxlRWOturjmMR3XgoEdOPMLwZ1Y0Vdwz1RBh cmHvHhisO7L11A0jbsKTtFU= X-Google-Smtp-Source: AGHT+IHY7BXr2lrItoDjy9fRRvCLOX0ey7rYRvBq4aXsP/3tg6wFqHDYposNzHDwQ5WVCd/30HQ5Hg== X-Received: by 2002:a17:902:c944:b0:1cf:a2e7:f843 with SMTP id i4-20020a170902c94400b001cfa2e7f843mr32499685pla.23.1701424028951; Fri, 01 Dec 2023 01:47:08 -0800 (PST) Received: from vultr.guest ([149.28.194.201]) by smtp.gmail.com with ESMTPSA id e6-20020a170902b78600b001bdd7579b5dsm2875534pls.240.2023.12.01.01.47.07 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 01 Dec 2023 01:47:08 -0800 (PST) From: Yafang Shao To: akpm@linux-foundation.org, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, omosnace@redhat.com, mhocko@suse.com, ying.huang@intel.com Cc: linux-mm@kvack.org, linux-security-module@vger.kernel.org, bpf@vger.kernel.org, ligang.bdlg@bytedance.com, Yafang Shao , Eric Dumazet Subject: [PATCH v3 2/7] mm: mempolicy: Revise comment regarding mempolicy mode flags Date: Fri, 1 Dec 2023 09:46:31 +0000 Message-Id: <20231201094636.19770-3-laoar.shao@gmail.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231201094636.19770-1-laoar.shao@gmail.com> References: <20231201094636.19770-1-laoar.shao@gmail.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 17EE540003 X-Rspam-User: X-Rspamd-Server: rspam02 X-Stat-Signature: q94qa1kb1raqoaqygbci3hig7iewpjci X-HE-Tag: 1701424029-332705 X-HE-Meta: U2FsdGVkX1+NPFXIpGPDcjj4fsYelfQOqizUEv4mU1KUmngBxNEkYQmUruzPtTOuP47/uE2HZ/QktJ3v09gnPhZePrMZYGbj1w4RGv93GX61/sDQSH/F4TLOgqdANg/+JbvQrx5kaXmt8VmpOZmBctm6AAnPpKnyguw8hr1dIc76YUwquEqahsWOJdTCIXuBn0vn94sM1G6DesKZ8D+zGj6YyVzrjIOnWOOtAqv/7XXT9nP6duQPvXva9Iu+oGp+dxS8aauz2bYfA/2bauQL0j3ZiN4VdwBUCuM7S1BQl3hCUQLSS6ImYWIw3I34L84LAxo3HkooTuiFAWX8OR3qOSW0dghcQXpPqF0RPkLrfv3gDj/fNfbVpnspFQqgqQEf25zS2sq7oXJ6SKg1MhtFPDZ66/tUqhPoB1bPpBLskKBq4rPmIAbpAtuFOJAkqDtoB86zwPOoyp3RCIXcrulloz6M5Qvt2XbIH6iUq3562hjdmkmShAJ91EFtAu2k41ePX70QkUISUtmWm3LLKcuWlQaqlqgZ2TlbwMFxquvhF7tawzgxp8sKIm71wtfAXiUJuuytnyRS9kTItTmZ4bkVm25KQDtJfDcQgRDvv/W4qWHdwol7hrZZ3NKrbAQET6/yDwJhNbxjrMBN3tG11AvJUlKBAsi6zngzgwo3Vw2VxMJn6X1ewS1NQ3IbNJH09N6G4rovyBWYF8AslQ58nYxZqClAlF0KiMDVjR9Qh/yGMOcdfGQVpuoqe7dG+iW3EJCzPgigsQygDbkpv3eQdr3SNwFM7Re2dgwSoV5JUBfLB9aBMZCoXKKgfZeygS2Cjs/Sdc1VQHpvwMaucWhq164CThDhFPafU7p6B7oIQoyLwDvW9EaouRay9tJnGXFrslygSHsVsMdQGoRd3mQ29ElJCWgbPlQyWCJr9yoARE64AQUjPKVKlgIKpH/5MnwpAvjGlA4WR8x13l3JfGYRq6L 05pgynrZ aLn6t7fHuMYs4QszT2/ZZF549q2KYYhRvozj+N6E7ubiC27YngMFQDXH/R949edU+OiwwoUB+NBIKRI5P6CIX2pOKPP4Q5Z7IsNWYyFF9Bnj+3R3YUPW4PLwT+imMvHxOfRbptOgGqP1CV2PjHjrvMKVXONhVVnzqDLcLGJUZcJbHPfH2fa1qGFiCJGk8LJlOWJr4VjPxffkT3gFig+PF2nBy6BO+sIZsvNZcMb1LUj3oskLVLrKkamCDJE3siLjGDaO1AHRQ9hs8f4HDsKjh/UCVx936UHJqRfdMPruCW/b6evmjFSr/UPP9YC/TnOdBvMmev1d87dm2ntNtE+30NNoN+jsf1UPri3obp+QsfCLhSJlOhWh/nOVbO+sS6ZpQAA47UZkkil6O11EUfC482/II/40ZknVMbU4qp+eidZ6YJclp0jkppd6oCSoMsbytX6QW1MyVQJ6i3PqKVQfCVrOL+1GJsIKWympWcfntDnnL+qt/l08iOt6owE/b+sJgWXT0oCky8nBFwGnPTemY/HwagmDoqoRClEmey1HiuUKn7gayv0wyJmgSrNg+JcD+R3JD/tQZBxG9yfADIpelvPGvpw== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: MPOL_F_STATIC_NODES, MPOL_F_RELATIVE_NODES, and MPOL_F_NUMA_BALANCING are mode flags applicable to both set_mempolicy(2) and mbind(2) system calls. It's worth noting that MPOL_F_NUMA_BALANCING was initially introduced in commit bda420b98505 ("numa balancing: migrate on fault among multiple bound nodes") exclusively for set_mempolicy(2). However, it was later made a shared flag for both set_mempolicy(2) and mbind(2) following commit 6d2aec9e123b ("mm/mempolicy: do not allow illegal MPOL_F_NUMA_BALANCING | MPOL_LOCAL in mbind()"). This revised version aims to clarify the details regarding the mode flags. Signed-off-by: Yafang Shao Reviewed-by: "Huang, Ying" Cc: Eric Dumazet --- include/uapi/linux/mempolicy.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/uapi/linux/mempolicy.h b/include/uapi/linux/mempolicy.h index a8963f7ef4c2..afed4a45f5b9 100644 --- a/include/uapi/linux/mempolicy.h +++ b/include/uapi/linux/mempolicy.h @@ -26,7 +26,7 @@ enum { MPOL_MAX, /* always last member of enum */ }; -/* Flags for set_mempolicy */ +/* Flags for set_mempolicy() or mbind() */ #define MPOL_F_STATIC_NODES (1 << 15) #define MPOL_F_RELATIVE_NODES (1 << 14) #define MPOL_F_NUMA_BALANCING (1 << 13) /* Optimize with NUMA balancing if possible */ From patchwork Fri Dec 1 09:46:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13475553 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 64539C07E97 for ; Fri, 1 Dec 2023 09:47:16 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 854026B0441; Fri, 1 Dec 2023 04:47:13 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 613FB6B0442; Fri, 1 Dec 2023 04:47:13 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 3CAB06B0444; Fri, 1 Dec 2023 04:47:13 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 18B826B0442 for ; Fri, 1 Dec 2023 04:47:13 -0500 (EST) Received: from smtpin20.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay01.hostedemail.com (Postfix) with ESMTP id E77211C0113 for ; Fri, 1 Dec 2023 09:47:12 +0000 (UTC) X-FDA: 81517771104.20.A534E3C Received: from mail-pg1-f177.google.com (mail-pg1-f177.google.com [209.85.215.177]) by imf02.hostedemail.com (Postfix) with ESMTP id 2AB2980003 for ; Fri, 1 Dec 2023 09:47:10 +0000 (UTC) Authentication-Results: imf02.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=av4YK05l; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf02.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.215.177 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1701424031; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Dess//0c2Lh04XmQ2u56zFtWMuXDgxNkubc5UfyU5ak=; b=hnEFsRn7J2ZuFZKn27DCZ7QjVPnvrToR6atAUaZnaN4hR3WHi8EpZddKBxV/+3PL2CeMfP aO32+3DpbsYQkpGyt+hHOllHyLU9+ay7qlwxsLH2DGnWhHjBc5qUARTtBc5w/kbvdEK1XP WDDVE5gwxfUmcmf12ZCJ8MEs37AK7Ow= ARC-Authentication-Results: i=1; imf02.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=av4YK05l; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf02.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.215.177 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1701424031; a=rsa-sha256; cv=none; b=6CulsxYkbYv3v5yHnl99HaWTgliu3MF3ghuMM9Cr8wZ2PsXVLhWDtfcSv+XbNXZlSNOqMy aw3O1ZjkX5b4qJ60SYFbamcWOm3pPXFpipqiZNUn88qkX7I8zczhEarPRUsN+Y4V09sjn8 jYYf2S1880eZF26NWb0HAVMf1zpisPg= Received: by mail-pg1-f177.google.com with SMTP id 41be03b00d2f7-5bcfc508d14so245712a12.3 for ; Fri, 01 Dec 2023 01:47:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701424030; x=1702028830; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Dess//0c2Lh04XmQ2u56zFtWMuXDgxNkubc5UfyU5ak=; b=av4YK05l0SFOhTSg5tpEks0kmdOQGFgPLElCEw8cyKn/hkdczNH31EKJJtP9P5NqG3 vP5GhMul4pY4b+4IzxPuIRop/Avysu2iAHBgrzizUGN0m5jizJoTtPiGwScaXi1+BLsK qldbyeub+Z/CyUyWAkjEI71pp6QjEaaTXVnmBMdpVjV4u30kXe//ZnisVeOTblzxl3mS us6SzrXfX7l/7WTutJUfZ72aGtfkZ17AMYqTNGIwkPMp0ej16d4rUIifJFvuD4WJVMOM rHNGBO0/mEl+8MERmccsQrkPpjBlTP/zKwlMb/qZQfnv1kxn2zwxRAUcphxWNgODE3f3 8eSw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701424030; x=1702028830; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Dess//0c2Lh04XmQ2u56zFtWMuXDgxNkubc5UfyU5ak=; b=RAg8DrB/SfZIhCcCWWkxzKMAxsZ45VBF23pWE+muvIbPA6EAK4PmNZHrjedLTr2ZUl tZht0vQ2IVLOkxqBETYwPBP1YRJZ6WEBsIVo8Ru4nGjDJhoZqdYqwHS9KZK/WZO5Lh6k ad7eryiXP74WTtjmIRRYIBcU9PtAANDdS317nw0BjrrXp8Uayr+6a522KXHFOjXSD6Jl MTuGVK29jU6bC3D87j8TmlGILPM31IyeCQdX7jcKWMRK7ru09rakip32VrkZH2qz98ty WKCLJ05yPT5rTaDD5LvvzSyH6K8l4eSn4niRCOyT175SdlZRTuWPi6Y5y5koEJMEQgRl DHpg== X-Gm-Message-State: AOJu0YyYlPF97p+3KJcDjpI9zU/bZPxoZJOYXcaqNOpxsGKJrf0THLcX z1R6rvVAsqk3vK9x59IpJKg= X-Google-Smtp-Source: AGHT+IFKEK9U8bDFol/OVizJQvuY/KulkxmLfMUD7mG6RF1mpjVP4Jnt4qHJlMEuVuE8HB+QA/XgNw== X-Received: by 2002:a05:6a20:9154:b0:18b:5a66:3f70 with SMTP id x20-20020a056a20915400b0018b5a663f70mr30186543pzc.2.1701424030179; Fri, 01 Dec 2023 01:47:10 -0800 (PST) Received: from vultr.guest ([149.28.194.201]) by smtp.gmail.com with ESMTPSA id e6-20020a170902b78600b001bdd7579b5dsm2875534pls.240.2023.12.01.01.47.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 01 Dec 2023 01:47:09 -0800 (PST) From: Yafang Shao To: akpm@linux-foundation.org, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, omosnace@redhat.com, mhocko@suse.com, ying.huang@intel.com Cc: linux-mm@kvack.org, linux-security-module@vger.kernel.org, bpf@vger.kernel.org, ligang.bdlg@bytedance.com, Yafang Shao Subject: [PATCH v3 3/7] mm, security: Fix missed security_task_movememory() Date: Fri, 1 Dec 2023 09:46:32 +0000 Message-Id: <20231201094636.19770-4-laoar.shao@gmail.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231201094636.19770-1-laoar.shao@gmail.com> References: <20231201094636.19770-1-laoar.shao@gmail.com> MIME-Version: 1.0 X-Rspamd-Server: rspam09 X-Rspamd-Queue-Id: 2AB2980003 X-Stat-Signature: t1uoh9j4xzgjtrgmadpmg4u35ageb1ak X-Rspam-User: X-HE-Tag: 1701424030-736636 X-HE-Meta: U2FsdGVkX1+Kq4TBoFLx134XPLYgkBFJHsOxA5kWjEHn/rcvj1jT7+byja90iMpPS1eTbO6hOqtnHSzl1yBoCXVDRydKBTOkSvEE78to8GOAjenrJBsXZQWR46w0NnbFeXWIHgwRHDPDzzdhk6G8d3p1mZxY+ZI9Mjki5BZQIav+Q33bHsK6Q6GOf4d/458uLqmJLmEr8Kr5gPmt5R19cAvSnsZGets22TYr3DwEjc7oMtrHOOlFqgcynMcsmLKSAjBd2E9BB+rzYVqmcgeUheLt3sdajxebyd57xN6dX8b8XJawETwPwDPrj2lQbggS+NdCpccSXEEEK+TZalWDZi+KBfhww+X6JKFV53JQUfK6rokwHosbYgeX202ps2aa9X/azJUU5TBxOh12yyEGEyfMMCU2v3QRrGV27SVP+OwNm2Y265KmBwKHVt2cR22IMf8VF1JhsCAyM7Lu/ciFwvGUqudNHvJbKYUYBsADjdnOVcrLT65MXBrQPcOdWe57jXcimDmVhl7A7uHTVX2KKOmpVDUpwrzOPYLTjmU96eRwQr14N8eWiTqyWSvYnPnLbyCHPEjDNmU6F+y5OZjpYeHXL65Uc5VqfOtZCnazXY9OZdmZJVolCqkmrKWla8X9gJNlP7fTR/L9KWb3EMs9NWtKEdQPUPr3v+Lt2kbgnztqgQX/cDBLGN8Ep3KNgHgyWJRrq8zuk/n/WIsSJTxBtGaQ1F+ttuULYgvai0wrZ7AAf2AD5uS6j5pRjJqxRp+DAzYjn58u+SCUNK5E7rg0jSSvDnQasgDLhraEWsf9CKRndiVmCHlcr/e93yjEdVbOJp6F3kwzgdtD+bdVqpDbbiTI2hQlIUopG9jJVFiXepfBjVCe0KVJrL/dTnP6PRqLtfad7eboCxkyflHImhjvadwuWK8oToEH+oeQL9R2tOyze0UBh1iwTL90nJnYYx69H+LmFUpuvkFZc7W2dRP bcyoLXoG 6KFR3QECrUOcKtNNlcgIjrap3Nps3Pifog+LbnoZJrprwe8EV3r7+Ldpbt7Q52CEaPds+5WynAYELhY5WKg+HeLqHbT5v+JwZzN0V4b3WvIcLUxTlMviR1DR+HDpU4IjaaNUuP4UEHpPQMj+6HlpZ9O6ynS4XZ57UmrJludpjn0WmVJaEdSuaabnO3MITmb1k+E5vyzEEEwyyyCCoGJWxybQLvpBoBl+4US1WV9l4Ct3QP1eoPc7LeT/PfhgoCu4aUD6lnmPASHyt78cLs2FGCskjoZTo0CYpdPM2HPca8Xe2zdi30SLQO8taQr48qf4zlRbAB0DYDvNRbO6oQg83VwMxluqc8VXjhVjR0Rxmd/163VMZBOhTqTYrEer5hKDEnTWC7iCOSZ7LVY8UFVFVVCTwkfgEXIW3qFIycGUEZnRGJfKyU1HR8C4qfifwIWqgUL3f41LIeof/hJVwuCJ8kemMuGqgftJ1FY4dpZ/dY/X0XxxTSVBm39zzx8RvxrwiwRIqyjqr2/wbE+gsXDI/4i1YwUMHS6ZV9sb0kWFb7DxDbftQLivTYFmMelaqXf5mwP93qLxKFQGpbyVjUeDh4LJfrA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000108, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Considering that MPOL_F_NUMA_BALANCING or mbind(2) using either MPOL_MF_MOVE or MPOL_MF_MOVE_ALL are capable of memory movement, it's essential to include security_task_movememory() to cover this functionality as well. It was identified during a code review. Signed-off-by: Yafang Shao --- mm/mempolicy.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/mm/mempolicy.c b/mm/mempolicy.c index 10a590ee1c89..1eafe81d782e 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -1259,8 +1259,15 @@ static long do_mbind(unsigned long start, unsigned long len, if (!new) flags |= MPOL_MF_DISCONTIG_OK; - if (flags & (MPOL_MF_MOVE | MPOL_MF_MOVE_ALL)) + if (flags & (MPOL_MF_MOVE | MPOL_MF_MOVE_ALL)) { + err = security_task_movememory(current); + if (err) { + mpol_put(new); + return err; + } lru_cache_disable(); + } + { NODEMASK_SCRATCH(scratch); if (scratch) { @@ -1450,6 +1457,8 @@ static int copy_nodes_to_user(unsigned long __user *mask, unsigned long maxnode, /* Basic parameter sanity check used by both mbind() and set_mempolicy() */ static inline int sanitize_mpol_flags(int *mode, unsigned short *flags) { + int err; + *flags = *mode & MPOL_MODE_FLAGS; *mode &= ~MPOL_MODE_FLAGS; @@ -1460,6 +1469,9 @@ static inline int sanitize_mpol_flags(int *mode, unsigned short *flags) if (*flags & MPOL_F_NUMA_BALANCING) { if (*mode != MPOL_BIND) return -EINVAL; + err = security_task_movememory(current); + if (err) + return err; *flags |= (MPOL_F_MOF | MPOL_F_MORON); } return 0; From patchwork Fri Dec 1 09:46:33 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13475556 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9E985C4167B for ; Fri, 1 Dec 2023 09:47:22 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 1D6876B0444; Fri, 1 Dec 2023 04:47:17 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 0BD4A6B0452; Fri, 1 Dec 2023 04:47:16 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id C808C6B0447; Fri, 1 Dec 2023 04:47:16 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0013.hostedemail.com [216.40.44.13]) by kanga.kvack.org (Postfix) with ESMTP id B2C006B044D for ; Fri, 1 Dec 2023 04:47:16 -0500 (EST) Received: from smtpin08.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay05.hostedemail.com (Postfix) with ESMTP id 4B34D40186 for ; Fri, 1 Dec 2023 09:47:14 +0000 (UTC) X-FDA: 81517771188.08.420F0A0 Received: from mail-pl1-f180.google.com (mail-pl1-f180.google.com [209.85.214.180]) by imf15.hostedemail.com (Postfix) with ESMTP id 57ED0A001A for ; Fri, 1 Dec 2023 09:47:12 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=lb7UxtTp; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf15.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.214.180 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1701424032; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=+x2gW85qXpDm39JWWNR8xOYWTSjKi1NE52O+Y4CVIzE=; b=W9xIkRwMsWPtf05RBDksdUZ2Jr8iq7tn2HBbidhzKJgvgJLmeuPgr4qWzCV5bJaX/S5pmq vxD6XzJkav1HKgfzLj0HNdR7BZ6DG7hTLB7EBB3YDrTituh6a+S3tqQXhb2TTzc6AT3zeY 3yXJWks98amgRBJ9PE/KX8AdAtkXzZw= ARC-Authentication-Results: i=1; imf15.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=lb7UxtTp; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf15.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.214.180 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1701424032; a=rsa-sha256; cv=none; b=Pkhs8xQXlhkYKe1d7gE6avv5wgYpk1c6PlVcpslWQJfjfztQovwn2tRySTsSCXeLi+lLKI p49ETQjprqv1Q4Ei6rJAC7l3QpO9SdBDdvK6n29XYQFyb751ZntkrcDMg8SkRGo+07c4Dt qju2XAz90jjhIYYCgLeOs8vVnFt1ulk= Received: by mail-pl1-f180.google.com with SMTP id d9443c01a7336-1cfc34b6890so2631195ad.1 for ; Fri, 01 Dec 2023 01:47:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701424031; x=1702028831; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=+x2gW85qXpDm39JWWNR8xOYWTSjKi1NE52O+Y4CVIzE=; b=lb7UxtTphPiY85cl+r+kos3i8apqbWzwuJJGraecm/O2qPJ2wooRkJpVQdyBOsj7ds he1mL+gK6bdLKAiXtPSSPrpM+U7WOe7tA0k4BeKziyDWET80nbOifEgMqKdav/CXE5z5 8KNYW8YC9QMq897jFFrApyJ8s3I9EnjdJrS4Y5S+/gN+tibRpbj0QYdI2EU3CGPS5E+D cX/hxaNICtu8lK2nFzc+7nPnDboQV4/fPIb28mKFHkSSJqXFwGgb2sikhGatP/D95scF PzSPHkKJi6bkGd/EPpjTdUo+l/PY+6FZY2kA/cw0Utth8+AedwOl5yxUnMrFHVyFHH3v Zn1g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701424031; x=1702028831; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=+x2gW85qXpDm39JWWNR8xOYWTSjKi1NE52O+Y4CVIzE=; b=Hi/AkZpA7Top6LBhv4OxDk6KdO7ibQnMu7lWXPjPYk+eTIHab2v373LW/VRmdwqo97 5lsUGz8IluW7gGQqJkky+P+Xpw24mUF0unvIl8jUAxhJu2nd9wIls0dXzXiuLTulU3CL 5awzKSTyIt+L2tLqjl0Ojer4cPoPtnx9UOYVg6pBFxXAIgMXHTO5ijcL1YRVl52awPoa svE0URQ8A4S2VZ3NMYynM6wJt2SJ8joBaLG9SvmMnYZFY81hcIexYcuGWSw8e0mJ0TE4 R25pPZYLDDWMkafD2eGp04EXhdUQmyYiBL1NaT2Lenst3cxalK752tCqwo11kP7sKY24 Wc3A== X-Gm-Message-State: AOJu0YxMyPqoqcfvwfpZItH8LhFRxC4gmDTc/r0MXYIou8AHt3HiBs6L ldL017rljw3FAw8FAgrVQpY= X-Google-Smtp-Source: AGHT+IEfi8CntkWgmrNALbbEki4QUlWGaiYFcUK8uZQCNPbFfdkSpNYq2ORQNXwcZZsO/tOOLRY9fA== X-Received: by 2002:a17:903:447:b0:1d0:5302:4642 with SMTP id iw7-20020a170903044700b001d053024642mr1803858plb.16.1701424031283; Fri, 01 Dec 2023 01:47:11 -0800 (PST) Received: from vultr.guest ([149.28.194.201]) by smtp.gmail.com with ESMTPSA id e6-20020a170902b78600b001bdd7579b5dsm2875534pls.240.2023.12.01.01.47.10 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 01 Dec 2023 01:47:10 -0800 (PST) From: Yafang Shao To: akpm@linux-foundation.org, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, omosnace@redhat.com, mhocko@suse.com, ying.huang@intel.com Cc: linux-mm@kvack.org, linux-security-module@vger.kernel.org, bpf@vger.kernel.org, ligang.bdlg@bytedance.com, Yafang Shao Subject: [PATCH v3 4/7] mm, security: Add lsm hook for memory policy adjustment Date: Fri, 1 Dec 2023 09:46:33 +0000 Message-Id: <20231201094636.19770-5-laoar.shao@gmail.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231201094636.19770-1-laoar.shao@gmail.com> References: <20231201094636.19770-1-laoar.shao@gmail.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 57ED0A001A X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: sshgpsmqu8jezguggohjagqahs9bpknx X-HE-Tag: 1701424032-45221 X-HE-Meta: U2FsdGVkX191jMt2/9Q5fukFNwIpnHKcQvSQ0MF8b238MtotgcMe6EnWTh1zYgYYQqRxV47K+pf0g2MneA1j6XaERVaZ+3aOaPA5yVkbwjJMoerCSVieWK9T2BaR74ufKm6fFF7qnSH/96n5LMf5Cpw7PwCqgfzacvnjWVSBBIIvzgCahTZf2rBAaNuFjziIG98AmFd/2an/QhA/F4ML7H8VKHLWUKstQqE9eTbuPB8YS3TiUKbc/WP+S1SIjxJfHHPF1WEGn4SRebxtRt1n5v/+c7WNJ6D7PfT4J/b4k0lJH+tPX7uBso7yrMQRgzMJwccg+7WR/hpPI3DGVW9mo2r2CgNnsCABmdQ/0+r5vUdRx9/70s3kU06yEhTbf7ATS+dJ1A6WRt8T2yBEXuYkf/67lpU6gVl92a17CZdf+3QT+jMa1qUkRFY+ypV0uGmtyi6ydoyRz4Az7tqHkY2Wz7W30q9nUjHSzbNby7s0+2wIcgmUifpGPpTteV/ZXKK7/XiGGE8BMJ2MS2fcCLVob8uU28FXqgYXmbB1AUGiDhfeSr7EfyPe7xpyrr8bUJ8t5BVzq4jB5mIeth9yMZECuJQ7V8RPSeiyhnFKU76Zd69F+mWm75T1CO8EnAnIxdixXt0eOPoCTtuM30KaAXiZTVVLD5+g04XnlR5t/Q4a9sYvbZi6oXJMBD5Xy+8K7P1wljjAd0WBWzzrCReqSegP17diZffG9iu0L5AsIrk3PiO72xLYfyxZ2pHU6djpzpj8Qf3Zwqn/RH8AWwM+AUKE4zSSnonNyGnZeo5VtAA811ClVlh8EWiSSpj15s/6v6p7UXeRzDMhGAn8kd91ks0sOjyflzJ/7OKtVF5vExaZdQHsm3fKH8FL2S0DiNerHjrzEidUu1Ne9h7zsTi8wUaiLfT2FsZqnExXnkqu4IiC8lgNX3K/m76VJETr18EeYT5zMHtqVlN/mctR3mcqGkd DoFsXxuZ vZswYBJb5+XIX/WDLkeqwmdiRbkNnM4FQshHYCOn+rmXafd6TdNMayYu2p01gPLFOiIJzFhAWM3XGlaUPtZceA5x6sQhGMKrEAY7k9AYHivzZPqzQzFdIKVExD7yAeVZ0ue7rSUnzEJIfMntENfJaj7FxAP+a1DuAd96PT44jVgYULBsyhEr4nhfJeuvbCfnZVFnsqL8Rk+0JOw1n5tI4dCf+oP/DLs+CFZg9yls45ziGLKHQBEZ6GUyWfvCP03+PFCW5Ig7igJMMzQt3Sy5161DNMQ1RjSbqBj+1QjwBNQ3TZX/kKNEs75EQeT15B4Lb8uZe5SlaY1QdNadYGifm9RKOxkLQgMgp7YPTq28GT+VwOwoUGeJ76Kj2bJAqFtf/U8sY5irFdpejG99ckP8bamXPcgysTYgGLuWiwqiW6Oh6VQp6/F1ZldFIjjl590iuz8k2H9extI6UGv1cvOGHEt/tQCHUhOODV5VLI3gyRptTraa1GNIMO0ZbrOxQlgUyVftsoRNMpc7iRfuvT5wrONZ67EVlG1da67AtO2UE+HIazpI= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: In a containerized environment, independent memory binding by a user can lead to unexpected system issues or disrupt tasks being run by other users on the same server. If a user genuinely requires memory binding, we will allocate dedicated servers to them by leveraging kubelet deployment. At present, users have the capability to bind their memory to a specific node without explicit agreement or authorization from us. Consequently, a new LSM hook is introduced to mitigate this. This implementation allows us to exercise fine-grained control over memory policy adjustments within our container environment Signed-off-by: Yafang Shao --- include/linux/lsm_hook_defs.h | 3 +++ include/linux/security.h | 9 +++++++++ mm/mempolicy.c | 8 ++++++++ security/security.c | 13 +++++++++++++ 4 files changed, 33 insertions(+) diff --git a/include/linux/lsm_hook_defs.h b/include/linux/lsm_hook_defs.h index ff217a5ce552..558012719f98 100644 --- a/include/linux/lsm_hook_defs.h +++ b/include/linux/lsm_hook_defs.h @@ -419,3 +419,6 @@ LSM_HOOK(int, 0, uring_override_creds, const struct cred *new) LSM_HOOK(int, 0, uring_sqpoll, void) LSM_HOOK(int, 0, uring_cmd, struct io_uring_cmd *ioucmd) #endif /* CONFIG_IO_URING */ + +LSM_HOOK(int, 0, set_mempolicy, unsigned long mode, unsigned short mode_flags, + nodemask_t *nmask, unsigned int flags) diff --git a/include/linux/security.h b/include/linux/security.h index 1d1df326c881..cc4a19a0888c 100644 --- a/include/linux/security.h +++ b/include/linux/security.h @@ -484,6 +484,8 @@ int security_inode_notifysecctx(struct inode *inode, void *ctx, u32 ctxlen); int security_inode_setsecctx(struct dentry *dentry, void *ctx, u32 ctxlen); int security_inode_getsecctx(struct inode *inode, void **ctx, u32 *ctxlen); int security_locked_down(enum lockdown_reason what); +int security_set_mempolicy(unsigned long mode, unsigned short mode_flags, + nodemask_t *nmask, unsigned int flags); #else /* CONFIG_SECURITY */ static inline int call_blocking_lsm_notifier(enum lsm_event event, void *data) @@ -1395,6 +1397,13 @@ static inline int security_locked_down(enum lockdown_reason what) { return 0; } + +static inline int +security_set_mempolicy(unsigned long mode, unsigned short mode_flags, + nodemask_t *nmask, unsigned int flags) +{ + return 0; +} #endif /* CONFIG_SECURITY */ #if defined(CONFIG_SECURITY) && defined(CONFIG_WATCH_QUEUE) diff --git a/mm/mempolicy.c b/mm/mempolicy.c index 1eafe81d782e..9a260dd24a4b 100644 --- a/mm/mempolicy.c +++ b/mm/mempolicy.c @@ -1495,6 +1495,10 @@ static long kernel_mbind(unsigned long start, unsigned long len, if (err) return err; + err = security_set_mempolicy(lmode, mode_flags, &nodes, flags); + if (err) + return err; + return do_mbind(start, len, lmode, mode_flags, &nodes, flags); } @@ -1589,6 +1593,10 @@ static long kernel_set_mempolicy(int mode, const unsigned long __user *nmask, if (err) return err; + err = security_set_mempolicy(lmode, mode_flags, &nodes, 0); + if (err) + return err; + return do_set_mempolicy(lmode, mode_flags, &nodes); } diff --git a/security/security.c b/security/security.c index dcb3e7014f9b..685ad7993753 100644 --- a/security/security.c +++ b/security/security.c @@ -5337,3 +5337,16 @@ int security_uring_cmd(struct io_uring_cmd *ioucmd) return call_int_hook(uring_cmd, 0, ioucmd); } #endif /* CONFIG_IO_URING */ + +/** + * security_set_mempolicy() - Check if memory policy can be adjusted + * @mode: The memory policy mode to be set + * @mode_flags: optional mode flags + * @nmask: modemask to which the mode applies + * @flags: mode flags for mbind(2) only + */ +int security_set_mempolicy(unsigned long mode, unsigned short mode_flags, + nodemask_t *nmask, unsigned int flags) +{ + return call_int_hook(set_mempolicy, 0, mode, mode_flags, nmask, flags); +} From patchwork Fri Dec 1 09:46:34 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13475554 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 61AC6C4167B for ; Fri, 1 Dec 2023 09:47:18 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 070DD6B0442; Fri, 1 Dec 2023 04:47:16 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id E4FCD6B0444; Fri, 1 Dec 2023 04:47:15 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id CCA196B0445; Fri, 1 Dec 2023 04:47:15 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id B35DB6B0442 for ; Fri, 1 Dec 2023 04:47:15 -0500 (EST) Received: from smtpin27.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 894C9C0179 for ; Fri, 1 Dec 2023 09:47:15 +0000 (UTC) X-FDA: 81517771230.27.4B0BD47 Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com [209.85.210.173]) by imf12.hostedemail.com (Postfix) with ESMTP id A59CD4000F for ; Fri, 1 Dec 2023 09:47:13 +0000 (UTC) Authentication-Results: imf12.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=ihqHSsku; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf12.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.210.173 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1701424033; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Hrd8Q/aZ94cCzu/B8oHzIUPKN1cXCmsoH2G1FVF6YII=; b=YKb4/wWzLzYMOdiZl4W4DlmGgrIZkXsPZGk1sT3EIKT73+TOtZGibZow1pBm7qCapbPDkD XPlo46fwuFMruK9C5h3cZUIBdr9Kkkz7VOUbR8Rzj+1VmUMqISOOzAshKeP3uNGBLzCwm/ SLtRWM4R/Wv6hC/l1AFzF9PdCcbNrIE= ARC-Authentication-Results: i=1; imf12.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=ihqHSsku; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf12.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.210.173 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1701424033; a=rsa-sha256; cv=none; b=N/szP3yrtUQkRmMGMhBPt6ob9+kDZCMfhb0XFexaE+0aVqtp0CyXeA/5WQqlIqRljjNWXs Eojl8yekJGPgCiXx4Rl03GcvuvB+fPxNLnbR18GFu8kKEbzKcrivjeedTM+9jT8pNxBfk6 k968KnyPKblvad8wsQRG390wOQfweLM= Received: by mail-pf1-f173.google.com with SMTP id d2e1a72fcca58-6cdea2f5918so1345882b3a.2 for ; Fri, 01 Dec 2023 01:47:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701424032; x=1702028832; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Hrd8Q/aZ94cCzu/B8oHzIUPKN1cXCmsoH2G1FVF6YII=; b=ihqHSskuejTW5nTPImEUiW7iqDW01v1pYd1/uL6psrkf1bju9BePpdh9cSSp6ik1g/ s+6Wf9F78v8m9Bd+dPuM8FmeifPq6n7JL7a+KUQYQboJfbKTpEE1BXsNuzkaUmbLw69w mB8m2O7TDOw+l3v4ND/UuOyWSHI7KeHxd0L2oyHRsoNTDMPDF6pmzgAJJBEN27tL3xF7 /Pp1SW14+JxwN7B0tpE+e1EhZLgyjuv/aSfyirgNmAyVzjOHo70T45RujarArqmprsDs 7HxYo3mV/qelaXIvn+67RfB5N4Muc57KL5fle5p/5YqB8zYt5DWf+p9DerswFhvRIb1i JWFg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701424032; x=1702028832; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Hrd8Q/aZ94cCzu/B8oHzIUPKN1cXCmsoH2G1FVF6YII=; b=YmZ5Hks53l8b7e206mp0O3AOYgWopRCv8NfNu64XPQ3jTRC8pc9GGKHKYRM+OWgQ04 i2yS+Weoi6EgCNTXeIgRzd3dVcG78UuSH2MB/ApsbQQ79iSxS8N68EFAS96EE756cFAK MtXC9h0vD++G15x2M5Xr2GVTqs0KitzRsqnuy9xsQIRENnpL2dqtY4uizTUUDP8MJ0d7 v2b3iATuDS049jVooXgP9YH5j3xYXwPrY89wISYbOWfXZYEbcLLIAUzyQ7HiXdGk1j6M I4/rndZsLG7oK/c5gg/yY/H5KPKptG50S2ljwL9/f0IXYBSW0r4aqWQXU4ezqF5ICEnA KVZQ== X-Gm-Message-State: AOJu0Yz15SZuYu6BXlzoUrQv02onOGuKFOg+66UkKLj2BznrdNjaHHB0 3KxxEVI8xr9QpijHSm9SXrY= X-Google-Smtp-Source: AGHT+IGTfBMOdaKabUHzgD6/ex7gttFCAVl5dyu04ZCxUj3YMK/ifw1iGQwqNjXNRb2rj7NPqQSuqQ== X-Received: by 2002:a05:6a21:6215:b0:16c:b5ce:50f with SMTP id wm21-20020a056a21621500b0016cb5ce050fmr19689003pzb.32.1701424032510; Fri, 01 Dec 2023 01:47:12 -0800 (PST) Received: from vultr.guest ([149.28.194.201]) by smtp.gmail.com with ESMTPSA id e6-20020a170902b78600b001bdd7579b5dsm2875534pls.240.2023.12.01.01.47.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 01 Dec 2023 01:47:12 -0800 (PST) From: Yafang Shao To: akpm@linux-foundation.org, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, omosnace@redhat.com, mhocko@suse.com, ying.huang@intel.com Cc: linux-mm@kvack.org, linux-security-module@vger.kernel.org, bpf@vger.kernel.org, ligang.bdlg@bytedance.com, Yafang Shao Subject: [PATCH v3 5/7] security: selinux: Implement set_mempolicy hook Date: Fri, 1 Dec 2023 09:46:34 +0000 Message-Id: <20231201094636.19770-6-laoar.shao@gmail.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231201094636.19770-1-laoar.shao@gmail.com> References: <20231201094636.19770-1-laoar.shao@gmail.com> MIME-Version: 1.0 X-Rspam-User: X-Rspamd-Server: rspam12 X-Rspamd-Queue-Id: A59CD4000F X-Stat-Signature: po7ose49krncdurb8hznfs8a7k4mm3u1 X-HE-Tag: 1701424033-582321 X-HE-Meta: U2FsdGVkX18fWFHNUyIkrAb/swLbz0eHaC/Yo7nf7RNZyM8Hv/hRUQIS7aaJtfCc8sT37IIoueaE8ccrkYyv6ZA1Q9Skr2WssQtOmPb3d/TooRPolY0XKmnG3zOPqwMlUCZRl5wqZmx85+2zUOjmp+ISDlJ3CJ8dNnwBUYJJWxguKLZ68Ev8bwazGK8J5Me/dv8DP5qR3DIMmYTXIsasSBGpheiWPvkSIVVVh7duqYaAzCBhGkE9uX5wKdtYzvk02Hk/uaprEs0vlKGelJaVy9jY9w4YaD7xUzidtdfZwDx4Zcb2KY8dV+LvD0TZABCpPnSmic6Hoq5HHIfmF/zAEB8AvQ5aFkf2LGZpxogkvsNpuo87fcVB6TqFp9h6J0DySfzvH2b8JCxbo59o7t2KHwrfoDGXvjZJ/wfxSMsS3X0j/NUJBNzO3q1RP8LSQo0gZhLxQVf7tNVfg28zoQz8aPc1VU0wHjh9CfppsnrT+yQlfxCu4HKzGXQEHDD9ZgRTPcuKarLipzV73sCc/K6iU7cdz+coueQ3NLq3ef+HqZHK92N+Z0CWm2wbOXNuiWyRACWWrqvekt88Mlo+A4ZOS5s0QmpznNCl9TVuXvBjxjY2g8ho1zx31lln9mqgORzrRzX2Dxc3nfZ+/B9uTkpDknDF14LJPba8XPooH6/IyHq9HOZGZqUL79qZIZM1t/zI06ZTs7mvvo718bzzUfxxnqahZKDK+RjiHd89p4KbBDUEjCadm+vdkv4hhF/wvpB6YSAHwm+XVQ0JYrxIuia1cSXVlxyalolZLOqNwhGzKOhIiv6Ii6Nae+OT9aZbgMz/WzKQ4Jy08D73lKoWfV7xv4e8P62knd/ykMkXvvmNr2WBoGP16/GZAoCZZaqZ8GlggGybhsnquH+w3OVxEBkMiVYzr7vt5BBC5MAEWJJBUJR1a5gzruQS+L57W/NpE9xhYVpLIhnU9VZv4sHoVi0 beLiUIsM GQmn91zZEBAhlz0tk7QFQIECyQbPkKM1Plnn5XvJVEz/J6Dbvsmbr3cqvE/5nG7cRnhMeH8gUJO0bPj455BHCFez1PB1GYHmiofUrzRyKeTvGRuS4KCEtHD0D0lxz9qyewciqOhOOTKM2EJ5fsqzD24EYO2KLEaGK1G4NnZ0QM6h5qkV5WyKb8ZZPfmNHarC0OiPsXi4krSHLDDLIiDq0RiwoXtd+uys8vOXvj7MaN0ayRN2sHFVIedO2cf41UqQ2xk+B3KeoDfYjYDeykv27UUcxeKMt9WFZ3mSurgaBTeLk+2U5cpubiFxk9c6BHayy+mAznRtT8tPEef0Dx2rY62eSeeXaYsjJrvcZIiFLUPqO4o5VtFC5+CUUsDLypi8gRckuIpVesipWKRT85nrlsFqrW7z/TVCGAsLcv43qVd2HIeP8QgchA4oF3TpaLIYKYxsDhTyC+gyeZf9gpdJNypTSZZASg/yIlUubsxydo3Tt9uVtMgwYzqqZZ1KOevBqFUmLferNCL9Gs3T1YKbE/ganQop17FXLI9Bh7ZxC7Evo0GliEgta+KyoGMxY0AikQFm6fr956+8EDBwPUvAxnLC2IQ== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Add a SELinux access control for the newly introduced set_mempolicy lsm hook. A new permission "setmempolicy" is defined under the "process" class for it. Signed-off-by: Yafang Shao --- security/selinux/hooks.c | 8 ++++++++ security/selinux/include/classmap.h | 2 +- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index feda711c6b7b..1528d4dcfa03 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -4238,6 +4238,13 @@ static int selinux_userns_create(const struct cred *cred) USER_NAMESPACE__CREATE, NULL); } +static int selinux_set_mempolicy(unsigned long mode, unsigned short mode_flags, + nodemask_t *nmask, unsigned int flags) +{ + return avc_has_perm(current_sid(), task_sid_obj(current), SECCLASS_PROCESS, + PROCESS__SETMEMPOLICY, NULL); +} + /* Returns error only if unable to parse addresses */ static int selinux_parse_skb_ipv4(struct sk_buff *skb, struct common_audit_data *ad, u8 *proto) @@ -7072,6 +7079,7 @@ static struct security_hook_list selinux_hooks[] __ro_after_init = { LSM_HOOK_INIT(task_kill, selinux_task_kill), LSM_HOOK_INIT(task_to_inode, selinux_task_to_inode), LSM_HOOK_INIT(userns_create, selinux_userns_create), + LSM_HOOK_INIT(set_mempolicy, selinux_set_mempolicy), LSM_HOOK_INIT(ipc_permission, selinux_ipc_permission), LSM_HOOK_INIT(ipc_getsecid, selinux_ipc_getsecid), diff --git a/security/selinux/include/classmap.h b/security/selinux/include/classmap.h index a3c380775d41..c280d92a409f 100644 --- a/security/selinux/include/classmap.h +++ b/security/selinux/include/classmap.h @@ -51,7 +51,7 @@ const struct security_class_mapping secclass_map[] = { "getattr", "setexec", "setfscreate", "noatsecure", "siginh", "setrlimit", "rlimitinh", "dyntransition", "setcurrent", "execmem", "execstack", "execheap", "setkeycreate", - "setsockcreate", "getrlimit", NULL } }, + "setsockcreate", "getrlimit", "setmempolicy", NULL } }, { "process2", { "nnp_transition", "nosuid_transition", NULL } }, { "system", From patchwork Fri Dec 1 09:46:35 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13475555 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 43FBCC10F04 for ; Fri, 1 Dec 2023 09:47:20 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id E30926B044D; Fri, 1 Dec 2023 04:47:16 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id DB4E06B0444; Fri, 1 Dec 2023 04:47:16 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id BB88B6B0450; Fri, 1 Dec 2023 04:47:16 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0012.hostedemail.com [216.40.44.12]) by kanga.kvack.org (Postfix) with ESMTP id A21876B0444 for ; Fri, 1 Dec 2023 04:47:16 -0500 (EST) Received: from smtpin19.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id 798061A0163 for ; Fri, 1 Dec 2023 09:47:16 +0000 (UTC) X-FDA: 81517771272.19.D43C8C0 Received: from mail-pl1-f182.google.com (mail-pl1-f182.google.com [209.85.214.182]) by imf22.hostedemail.com (Postfix) with ESMTP id AD43CC001B for ; Fri, 1 Dec 2023 09:47:14 +0000 (UTC) Authentication-Results: imf22.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=HEM0MEtb; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf22.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.214.182 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1701424034; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Bc/JnQzKFnW7sQYk0Nc9Zpaw4UcMe6UJECHeJqeWNU0=; b=G+kE13vX7Aah6rB5ckCh9bBe3vMKtHTt2wyqyuOzmBT0dpKRqDri4Nt/85+qlsz4IbV6HV YzfMMbwjFqywPVT8dVHOZay8bWRrqWQFFaca4iEiq7we4dCOYD/0JxhyrtCf6UYiiBr0KC dCA1/JB7HU/vWIHnrIH2fjsxs8SIGk8= ARC-Authentication-Results: i=1; imf22.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=HEM0MEtb; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (imf22.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.214.182 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1701424034; a=rsa-sha256; cv=none; b=yLtxkiXZ8fDwYfjTPdZ7qdxjvElUxTAaKUusRYoTm+hv7WdEt4BMt2pd51bXAfGcOKBKh3 hFASklxE4iSI1006FL04UWChPh7nJIIbbQPrW/jfbWDUZq8xy0jP0RdM185vyPivXc4qVX wXpdm6hyrUeTT5TN0UjISSwVbUkYIQc= Received: by mail-pl1-f182.google.com with SMTP id d9443c01a7336-1d045097b4cso2938365ad.0 for ; Fri, 01 Dec 2023 01:47:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701424033; x=1702028833; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Bc/JnQzKFnW7sQYk0Nc9Zpaw4UcMe6UJECHeJqeWNU0=; b=HEM0MEtb/Din4rDAMmSyMgAU/lKV5gVQu4LEsliZFOomhlX7mbuX/JP1Hva8SJfP/U Wt98MQ73GGj6qHG1rZsb9AdNocIiit64oQ50N4s0kzQC9A64quhKHpiV6S5GNLtdEYbE knRQRvnI2k9xIjHbqkJcr0IOT7kqqiJfMLIrw2H3t8C1xQg7Xqzse39z9lt83PKDH4G1 smlPqgW255jZvI2G5N8LNoKtxb+we9EUx9v2JhuW2nzT73zd+88whg2XlCyWrLVTG0ua y1wRJ4yoI4CxfooXxwPnuYf9S+0p5ZhTokmWoEhrwIdMj19sC9NyrjRLZDCYTEnCjVuJ WaMA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701424033; x=1702028833; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Bc/JnQzKFnW7sQYk0Nc9Zpaw4UcMe6UJECHeJqeWNU0=; b=cmtmdZF2oAEmEvlw5zpNZSAOFRNRUBpjeN6j08n+x245YZR6pVtvfPC2B4Eg8FlQ55 nuepYsoqTvT0JyhrCUpuQlGwGg8WmgTTuOgmh2E2//JLaifGGQgthPILf5aC5n5wC05d XCeSP5y85uAXh2UWC7ZVGjf/ikAuMfBWRKtRIGzPZuCywV6wUB2qm+p9zivTJncU1nfE 88pkYcrI56f7rdnooSypDT/y73dG6oQqbCifsJ6QoLHApGe6SsHwI/zqDH4+cRQwJMDO 0xNPzfeWIm5aC6UwWGRNQ8MyqReiYcnGIcQuQN0S2IIfbhLqe6/WUECsa5oOoHrd5WfN 0uhg== X-Gm-Message-State: AOJu0YyJ/o6HNcBJCBIrQWJN0o/qh3PP59uhuJZiRiAzhBIa1NKklk8J 9szQr2Nd7zTPcCAWL6Ozvp4yWau8sadGa+Uc X-Google-Smtp-Source: AGHT+IHzDiK6o6MOlN3a1X1HHIiCln1ILc6SVwnXbjY0NMbXK8wHeCruOVe9g11XZtiAGRL7ZsnvhA== X-Received: by 2002:a17:902:e88b:b0:1cf:d404:5e7c with SMTP id w11-20020a170902e88b00b001cfd4045e7cmr20071237plg.42.1701424033643; Fri, 01 Dec 2023 01:47:13 -0800 (PST) Received: from vultr.guest ([149.28.194.201]) by smtp.gmail.com with ESMTPSA id e6-20020a170902b78600b001bdd7579b5dsm2875534pls.240.2023.12.01.01.47.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 01 Dec 2023 01:47:13 -0800 (PST) From: Yafang Shao To: akpm@linux-foundation.org, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, omosnace@redhat.com, mhocko@suse.com, ying.huang@intel.com Cc: linux-mm@kvack.org, linux-security-module@vger.kernel.org, bpf@vger.kernel.org, ligang.bdlg@bytedance.com, Yafang Shao Subject: [PATCH v3 6/7] selftests/bpf: Add selftests for set_mempolicy with a lsm prog Date: Fri, 1 Dec 2023 09:46:35 +0000 Message-Id: <20231201094636.19770-7-laoar.shao@gmail.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231201094636.19770-1-laoar.shao@gmail.com> References: <20231201094636.19770-1-laoar.shao@gmail.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: AD43CC001B X-Rspam-User: X-Rspamd-Server: rspam05 X-Stat-Signature: sxheoih6sg59nsiwc4yeia1ezry9kgew X-HE-Tag: 1701424034-50915 X-HE-Meta: U2FsdGVkX1+/bLR1dxoMG26G1+dmJPx02+PHPqQxbkXGWjmPCVd3VozBgBnOCtgSp96sKKEaL57WymteS3Kt2x5zSJ1FxtuHtU4NvxoePApdBkdhjIrZG2Uoeokq649hdjniA0xQNc48hJRyABzucAT2vofSEQzkCbEqskeMmOm6kXJm3PnfTV1WzWti1f1m5S8z32Uu2Pukra/+iELbRwnLddxHTbTizqK6rjmPWNlqMGXn/NrJb13fVQNB4pjnwSv3H26Ib7UmDFd1/v/VjYNiEll9fw0ZXsmwRfcIMlIz/QKJyqbVXMrgZYqGlqUXBiroWsHdLD1Lp+CeSpfh+WPnRwDfkw53/OjPoVGaAAargZRzwO19W9vnaM5HQFPVafz267yqChpwbbhRGn8oo0Lh7kpxpSlUwBkBGoX5N5wfc4CNUfx/RrpnSamHtkzSLGzfnF6hlcjOJpg+rpDrqGQiQpKjUGM2S6gPSgJ6c1Sr9Wy1TtVFnyaBnhgzBV/XWy+t332nRYSUmR4Nl67WAKKlFkiCCViHtNCat+yiTAaAtH1HBMAuB9yDJMU/V2FBiBXz+oT4lTCN4YGz+XyXA61lGgwCAzZb0TxYv8Dbl48IMJI05DbJBDnsKDso232IxZfrU/XTlYX2ed6sA45fvudNPI/82UtC9mqGQM6yR1647g2VaICCIUku2qVs2UPqCojb+6rZ13Y17XTgH5JlRgUKXSRWmlDz2gbQF9AGhWtkynH06KI4pu0HSXbEsKTHsLSV69KsY1Qg/FAMDYdWp9RcyO3JCtq3FUZ0iqUuQ0ZFjsrdi2mbIgys+EoLWSBrLVRGyDKQUZlgtut4rCj5lgs6VIsxzOk536YhDn3xv2lzD5OvhdmmqjLwZHo8F/QuZmdDysZgyfALar/AJsg/f1dN6BOBd+cZluRtgWCzg7c2w9KZQGBoVuGLMfJCSjxEKon+iyLncfvHr9efdL0 Jo//ls4S T9k//GoaeD65W4/T5JMaVfufec/SFMWsxpqtsZ3IZXOvGTe9j/GwzA+GBpEk1KGo8g1/tvofCG40EVMf/nmjsVk6JsARUnyDxReFKIc5JzFXxZomKuSyZyI100I85oT+hP31X+DZs1XPzhgufoTthDTFH15PbxcERHbNYJz8j41AdsZxQnOCbI51vLuHu/3uaNaKEPUNlPCPy0eZTesKZ59w96L1c8Eoc7L2Ip5r0C6vtiGIyxVNYzTZfxgjKxnafMk6PvtXenGGLYqzbT9qPUdircJd8gYbImV7T4drHcVuoycRw76893wdreUDZxBvtm+9Hg28K/zDctehJzYkq6gEjLfB6dYNf4Wt7E0Phv8RVTISNB0HdTRGjUc7Ky1IAGf+WLzlqUq51EDdwJ60RMKdV9OoQWswox9Gzqp3i1c9tGZ09UibOM5T/TWGo62Kvh6Dp6heMT6xYOudUUEAeDBz/W3ydA9E4pKyqEjNNEfYHr85LrnoOlHWyPU1SAnZgLTgip5BmReA/cFkuOMDIsbSZHoRp7pl64BGvxiBSwKUbTuBZGNh76uiU0UxIgQNiwu6Ex6F0yH1r/9MATwAU5uMrOagLR+bDVG3JMlFAppbSsi+2RZFe6yY86r43ktoMKjio X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: The result as follows, #261/1 set_mempolicy/MPOL_BIND_with_lsm:OK #261/2 set_mempolicy/MPOL_DEFAULT_with_lsm:OK #261/3 set_mempolicy/MPOL_BIND_without_lsm:OK #261/4 set_mempolicy/MPOL_DEFAULT_without_lsm:OK #261 set_mempolicy:OK Summary: 1/4 PASSED, 0 SKIPPED, 0 FAILED Signed-off-by: Yafang Shao --- .../selftests/bpf/prog_tests/set_mempolicy.c | 81 +++++++++++++++++++ .../selftests/bpf/progs/test_set_mempolicy.c | 28 +++++++ 2 files changed, 109 insertions(+) create mode 100644 tools/testing/selftests/bpf/prog_tests/set_mempolicy.c create mode 100644 tools/testing/selftests/bpf/progs/test_set_mempolicy.c diff --git a/tools/testing/selftests/bpf/prog_tests/set_mempolicy.c b/tools/testing/selftests/bpf/prog_tests/set_mempolicy.c new file mode 100644 index 000000000000..6d115ecedb10 --- /dev/null +++ b/tools/testing/selftests/bpf/prog_tests/set_mempolicy.c @@ -0,0 +1,81 @@ +// SPDX-License-Identifier: GPL-2.0 +/* Copyright (C) 2023 Yafang Shao */ + +#include +#include +#include +#include +#include +#include "test_set_mempolicy.skel.h" + +#define SIZE 4096 + +static void mempolicy_bind(bool success) +{ + unsigned long mask = 1; + char *addr; + int err; + + addr = mmap(NULL, SIZE, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0); + if (!ASSERT_OK_PTR(addr, "mmap")) + return; + + /* -lnuma is required by mbind(2), so use __NR_mbind to avoid the dependency. */ + err = syscall(__NR_mbind, addr, SIZE, MPOL_BIND, &mask, sizeof(mask), 0); + if (success) + ASSERT_OK(err, "mbind_success"); + else + ASSERT_ERR(err, "mbind_fail"); + + munmap(addr, SIZE); +} + +static void mempolicy_default(void) +{ + char *addr; + int err; + + addr = mmap(NULL, SIZE, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0); + if (!ASSERT_OK_PTR(addr, "mmap")) + return; + + err = syscall(__NR_mbind, addr, SIZE, MPOL_DEFAULT, NULL, 0, 0); + ASSERT_OK(err, "mbind_success"); + + munmap(addr, SIZE); +} + +void test_set_mempolicy(void) +{ + struct test_set_mempolicy *skel; + int err; + + skel = test_set_mempolicy__open(); + if (!ASSERT_OK_PTR(skel, "open")) + return; + + skel->bss->target_pid = getpid(); + + err = test_set_mempolicy__load(skel); + if (!ASSERT_OK(err, "load")) + goto destroy; + + /* Attach LSM prog first */ + err = test_set_mempolicy__attach(skel); + if (!ASSERT_OK(err, "attach")) + goto destroy; + + /* syscall to adjust memory policy */ + if (test__start_subtest("MPOL_BIND_with_lsm")) + mempolicy_bind(false); + if (test__start_subtest("MPOL_DEFAULT_with_lsm")) + mempolicy_default(); + +destroy: + test_set_mempolicy__destroy(skel); + + if (test__start_subtest("MPOL_BIND_without_lsm")) + mempolicy_bind(true); + if (test__start_subtest("MPOL_DEFAULT_without_lsm")) + mempolicy_default(); +} diff --git a/tools/testing/selftests/bpf/progs/test_set_mempolicy.c b/tools/testing/selftests/bpf/progs/test_set_mempolicy.c new file mode 100644 index 000000000000..b5356d5fcb8b --- /dev/null +++ b/tools/testing/selftests/bpf/progs/test_set_mempolicy.c @@ -0,0 +1,28 @@ +// SPDX-License-Identifier: GPL-2.0 +/* Copyright (C) 2023 Yafang Shao */ + +#include "vmlinux.h" +#include +#include + +int target_pid; + +static int mem_policy_adjustment(u64 mode) +{ + struct task_struct *task = bpf_get_current_task_btf(); + + if (task->pid != target_pid) + return 0; + + if (mode != MPOL_BIND) + return 0; + return -1; +} + +SEC("lsm/set_mempolicy") +int BPF_PROG(setmempolicy, u64 mode, u16 mode_flags, nodemask_t *nmask, u32 flags) +{ + return mem_policy_adjustment(mode); +} + +char _license[] SEC("license") = "GPL"; From patchwork Fri Dec 1 09:46:36 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Yafang Shao X-Patchwork-Id: 13475557 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 20819C07E97 for ; Fri, 1 Dec 2023 09:47:25 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6B3046B0450; Fri, 1 Dec 2023 04:47:18 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 614676B0452; Fri, 1 Dec 2023 04:47:18 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 468626B0455; Fri, 1 Dec 2023 04:47:18 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 2E1EB6B0450 for ; Fri, 1 Dec 2023 04:47:18 -0500 (EST) Received: from smtpin11.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay07.hostedemail.com (Postfix) with ESMTP id 10D59160147 for ; Fri, 1 Dec 2023 09:47:18 +0000 (UTC) X-FDA: 81517771356.11.C303BDD Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176]) by imf27.hostedemail.com (Postfix) with ESMTP id 20E524001F for ; Fri, 1 Dec 2023 09:47:15 +0000 (UTC) Authentication-Results: imf27.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=LkZVKWOm; spf=pass (imf27.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.214.176 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com; dmarc=pass (policy=none) header.from=gmail.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1701424036; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=KGCoJREXvSOAbrJphjZNhFQw16aaUKi1TbhunSAnqyc=; b=sX7cYG+7MeMMRl/DNzQl6iwSMBth+/gcK0T3QWmreSSVBTpVD+eaq1jVefOfCzdnM4wsA8 hBuIhuDcFues9NWPfXgO7OXRtktfrL7QQNMES92yops9YEo97KLu8fRRLCnBlt+b7OWU4k EY0rOSt2zCxADBxP8eYony5IqwYCzs0= ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1701424036; a=rsa-sha256; cv=none; b=cuphSWiq7bdagcjbTGV71DQs3vX8Y05hWjHfNseuB/1x9TfN+CF3AOu8ZHdjJUbWl4f1RY zIRq5XHxKKE6Ivh5eSqtTUeKqvKcBq1j2BCoHBB17XdRzbO2DGi6QXL9EWvaTwmnKHagv1 P6dq1SAaLl5wMiSdh9hBKlxN1Csf+GU= ARC-Authentication-Results: i=1; imf27.hostedemail.com; dkim=pass header.d=gmail.com header.s=20230601 header.b=LkZVKWOm; spf=pass (imf27.hostedemail.com: domain of laoar.shao@gmail.com designates 209.85.214.176 as permitted sender) smtp.mailfrom=laoar.shao@gmail.com; dmarc=pass (policy=none) header.from=gmail.com Received: by mail-pl1-f176.google.com with SMTP id d9443c01a7336-1cfc34b6890so2631545ad.1 for ; Fri, 01 Dec 2023 01:47:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1701424035; x=1702028835; darn=kvack.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=KGCoJREXvSOAbrJphjZNhFQw16aaUKi1TbhunSAnqyc=; b=LkZVKWOmQDUzX7D293XCxikbpbXi9BTLLDm0w6f9+7wGRZVhROs+Xar3kJNtWSf1ml BN/QUIB6LvP5o9p5k63s52BTxi+26vM8w719HPEl8kHkrRj9PTo+nBlY1gl+tHswzxMK IUdg4q9h/ACNuywYTISVBxzaFEb3Z+WRaxmku3KYDbULzDJc+0PsNHDpB7R0nDlcgtp/ nkeP+HhNPToQVL99jynEdaWSSEl3g9LKEDmsX6EvNXsCEyJWbmIecTCHeqZX2rP3z9uC KUaJWxRtKMFxLzAl0/MrYuRX9HDST6vCnweY9uXqRfeL1JfXGUD5v49KycbpbC95YdZu z48Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1701424035; x=1702028835; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=KGCoJREXvSOAbrJphjZNhFQw16aaUKi1TbhunSAnqyc=; b=G5ilWzfGSuTL8hOednlMAHF11X05TchGLHNLL6PzTAXJvsVgtuebsBP8dhSuC3/JdA zzbv03MRDIScDvcjq0qR3LAiCjOTUSpHW6AWPlIqbztvrSHy8WrgPoamKGNTmSy5BYsd WeYsVCpS/qBShPJ+WQyCrXTZaPjU/d+d5CcjfJ5JsEY3NTY24rLlN9uZbpVdX8AWPCo2 YRDgMWpsPso9xEZs/PSe3hCW+zJRucm/Oo7TKYLgKByj1N3azPHl4lVQqwGV1BjL9Osa cgE82rvvbeNpGK7D6reqX/kL3SasQFIcqBs+KubwElXxJr1/iSdYRUNu1q0CHp0S48jf VQww== X-Gm-Message-State: AOJu0YwLSZHNOrFQnyrS7X9mbbZ1d/RViSQ7gCu8j4pFzaMH2EYcahIX RRrnSfuaIT9kFSfyBDB78es= X-Google-Smtp-Source: AGHT+IGzXU9LrPgZca13IbQFWnu/fiFk9usQfcwA1GinqIP6YmUaY32WZLHTprYh2c8I8vSS8VEDvA== X-Received: by 2002:a17:902:f805:b0:1cf:5806:564f with SMTP id ix5-20020a170902f80500b001cf5806564fmr27316532plb.10.1701424034967; Fri, 01 Dec 2023 01:47:14 -0800 (PST) Received: from vultr.guest ([149.28.194.201]) by smtp.gmail.com with ESMTPSA id e6-20020a170902b78600b001bdd7579b5dsm2875534pls.240.2023.12.01.01.47.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 01 Dec 2023 01:47:14 -0800 (PST) From: Yafang Shao To: akpm@linux-foundation.org, paul@paul-moore.com, jmorris@namei.org, serge@hallyn.com, omosnace@redhat.com, mhocko@suse.com, ying.huang@intel.com Cc: linux-mm@kvack.org, linux-security-module@vger.kernel.org, bpf@vger.kernel.org, ligang.bdlg@bytedance.com, Yafang Shao , Alejandro Colomar , Michael Kerrisk Subject: [PATCH v3 7/7] NOT kernel/man2/mbind.2: Add mode flag MPOL_F_NUMA_BALANCING Date: Fri, 1 Dec 2023 09:46:36 +0000 Message-Id: <20231201094636.19770-8-laoar.shao@gmail.com> X-Mailer: git-send-email 2.39.3 In-Reply-To: <20231201094636.19770-1-laoar.shao@gmail.com> References: <20231201094636.19770-1-laoar.shao@gmail.com> MIME-Version: 1.0 X-Rspamd-Queue-Id: 20E524001F X-Rspam-User: X-Rspamd-Server: rspam11 X-Stat-Signature: bwawoxfmstm1gnq7gbeoyei35y8b7a4x X-HE-Tag: 1701424035-403215 X-HE-Meta: U2FsdGVkX1/lnh/X2h4rfHJPG807fHJAI9lDxIgbwLFR9TCe45zt0KtSnvJAwJB8QLEgnPfz3Pw+1Kb173vkdo2vREZTwtoeMDDZp9nygR7E63cnODj+P5XGe5xWWvFLBjEVnlt8uR2w4D322b1rWR/XIRxwgSXUbGH+ymPIMIyR2UJZz5zaDvjRSj1bzaP7JJoMVs/mD1mw7zCe/2Nx2hPvAmMCy8jl21XSnH2GsRV4s/3pH97eReEK3ZYzibalmzLomYQBjkN9DlOnH7e3EL8RLaoKLCQJvcI68zzN2XMXDZ6JUVwq1J6GwgRlXfUInK1yDNvcb+H6SRLiI6CfpfPQfctFre2rx1tp7bGg8GVt6C2+aDui5X2Gd9ccpbPeao3gYaPSO+Zy9LQ+ymRm1WfNg707RmNMv1RPwGgKxDGd2EmEs9S5k1YTr8Cxbzj9tZJwZ0wg4MdiYM9Xk2M+FW6QARUoa2ePS9tmeJKGztvEpp++ppMtGxvz/N3NAmrqDqTnMaOWuY3Lqf3g/5O0XRgw6nh9EuEYOv1YgXHdLqpoj3jcTxAMFM07dW44CkLHbpyhtZYhEmylRCzFMPPdVtIMibAczfTrvAJ02Eyc7TAoB8PUN8bP4CIBl/EJ6zzL6p+51iS9JNbyqdxSUar1A5ipJvBqOr6G20bEm1iV5F0xylebcWNCQTg9fQzT3+gNl5fDn/ugR6/ocDTTbWuiL/2QF+PMyO9wJ2Yz8JnU6OJMhZaxiDoerqwrT6oqp0/BlSaLlkmzhhSwPsUcsLcWEYlcFPkj96YM852cqbdzs3WQeapqgtPEJ77DrzLUwhoTP5CplqDWJm9dcWB1T8l8geBHUQ1LzKsVG7Y0CPMnyQBB3wxzDMxWaYJynyGqwTT6kCUE2ds8Gcrmg3xk5H+8eFjw37iBU3cHS3yGXHe8NfjpH9/1ywEgBvVHZfnJF9UVFI/MCcQJPNn+UHrViRp lKMPcKh3 zUddNuCXIM7mQk3zf5VhWOmAwP8IVr26aXfFdx6nnjAC8CMmkjQxPEjmo0u4e6CbEc9iMnrihVzvyWi4uRQ3uvUemACIXWdAUXyzzLjd+3Z23m9EnLiDCojI8oakPN0I+TB1gs8Alhx/w9XOgDdghM+aO+8dPJr6KIti/vLTYh0YGJLUI31bdYUR4OPkXOSrMWYmymg918DaZanR68Px9Tsr/cD3qsyWHknilLyhi+mg1KmSdnmjQvJqY/cyt/aMK7dOMgPqq977uzt2HrTvmCcTyZv7vMWUR6XqglIO+BBNHcefoB7aiAnb45GgJE511JsP7h9KEraPFvCgyU6roYe/VnHrxQrH74Mtrzms6oz7qXf/3q2+a3ebNWoFdl4hNIkdekPskVzdxadRp/+lR+g0WxtgKgQFpuO2AKIqHUOvasCM7/aRmIJG3Aja1FpciUkPxN7BHWccuvKJsPNWUT0u+Vbpc6KhQRoS0SNb/95E41i+kYe5/u3z+yYF7bWIG5qPQzFEa9j43YvG4S7W4W9FIdc1BUdt+iUq9kNmkwFb7MR5Mxgk35dWMs2Skk3z2Q3kAUh7bP4A4whUEMgwHpSPiU0/9uYYNeA64GX+oiReVlsw= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: In Linux Kernel 5.12, a new mode flag, MPOL_F_NUMA_BALANCING, was added to set_mempolicy() to optimize the page placement among the NUMA nodes with the NUMA balancing mechanism even if the memory of the applications is bound with MPOL_BIND. In Linux Kernel 5.15, this mode flag was extended to mbind(2). Let's also add man-page for mbind(2). It is copied from set_mempoicy(2) man-page with subtle modifications. Related kernel commits: bda420b985054a3badafef23807c4b4fa38a3dff 6d2aec9e123bb9c49cb5c7fc654f25f81e688e8c Signed-off-by: Yafang Shao Cc: "Huang, Ying" Cc: Alejandro Colomar Cc: Michael Kerrisk --- man2/mbind.2 | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/man2/mbind.2 b/man2/mbind.2 index ba1b81ae9..dac784389 100644 --- a/man2/mbind.2 +++ b/man2/mbind.2 @@ -142,6 +142,23 @@ The supported .I "mode flags" are: .TP +.BR MPOL_F_NUMA_BALANCING " (since Linux 5.15)" +.\" commit bda420b985054a3badafef23807c4b4fa38a3dff +.\" commit 6d2aec9e123bb9c49cb5c7fc654f25f81e688e8c +When +.I mode +is +.BR MPOL_BIND , +enable the kernel NUMA balancing for the task if it is supported by the kernel. +If the flag isn't supported by the kernel, or is used with +.I mode +other than +.BR MPOL_BIND , +\-1 is returned and +.I errno +is set to +.BR EINVAL . +.TP .BR MPOL_F_STATIC_NODES " (since Linux-2.6.26)" A nonempty .I nodemask