Re: [PATCH] memcg: enable accounting in keyctl subsys

linux-mm.kvack.org archive mirror
 help / color / mirror / Atom feed

From: Vasily Averin <vasily.averin@linux.dev>
To: Yutian Yang <nglaive@gmail.com>,
	jarkko@kernel.org, Shakeel Butt <shakeelb@google.com>,
	Michal Hocko <mhocko@kernel.org>,
	David Howells <dhowells@redhat.com>,
	Roman Gushchin <roman.gushchin@linux.dev>
Cc: cgroups@vger.kernel.org, linux-mm@kvack.org,
	shenwenbo@zju.edu.cn, Johannes Weiner <hannes@cmpxchg.org>,
	kernel@openvz.org
Subject: Re: [PATCH] memcg: enable accounting in keyctl subsys
Date: Mon, 23 May 2022 12:45:09 +0300	[thread overview]
Message-ID: <0017e4c6-84d8-6d62-2ceb-4851771fec18@linux.dev> (raw)
In-Reply-To: <1626682667-10771-1-git-send-email-nglaive@gmail.com>

On 7/19/21 11:17, Yutian Yang wrote:
> This patch enables accounting for key objects and auth record objects.
> Allocation of the objects are triggerable by syscalls from userspace.
> 
> We have written a PoC to show that the missing-charging objects lead to
> breaking memcg limits. The PoC program takes around 2.2GB unaccounted
> memory, while it is charged for only 24MB memory usage. We evaluate the
> PoC on QEMU x86_64 v5.2.90 + Linux kernel v5.10.19 + Debian buster. All
> the limitations including ulimits and sysctl variables are set as default.
> Specifically, we set kernel.keys.maxbytes = 20000 and 
> kernel.keys.maxkeys = 200.
> 
> /*------------------------- POC code ----------------------------*/
[skipped]
> /*-------------------------- end --------------------------------*/

I experimented with "keyctl request2 user debug: X:Y Z" inside the container
and found that the problem is still relevant and the proposed patch solves it
correctly.

I didn't find any complaints about this patch, could someone explain why
it wasn't applied? If no one objects, I'd like to push it.

> Signed-off-by: Yutian Yang <nglaive@gmail.com>
Reviewed-by: Vasily Averin <vvs@openvz.org>

Thank you,
	Vasily Averin

PS. Should I perhaps resend it?

> ---
>  security/keys/key.c              | 4 ++--
>  security/keys/request_key_auth.c | 4 ++--
>  2 files changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/security/keys/key.c b/security/keys/key.c
> index e282c6179..925d85c2e 100644
> --- a/security/keys/key.c
> +++ b/security/keys/key.c
> @@ -279,7 +279,7 @@ struct key *key_alloc(struct key_type *type, const char *desc,
>  		goto no_memory_2;
>  
>  	key->index_key.desc_len = desclen;
> -	key->index_key.description = kmemdup(desc, desclen + 1, GFP_KERNEL);
> +	key->index_key.description = kmemdup(desc, desclen + 1, GFP_KERNEL_ACCOUNT);
>  	if (!key->index_key.description)
>  		goto no_memory_3;
>  	key->index_key.type = type;
> @@ -1198,7 +1198,7 @@ void __init key_init(void)
>  {
>  	/* allocate a slab in which we can store keys */
>  	key_jar = kmem_cache_create("key_jar", sizeof(struct key),
> -			0, SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
> +			0, SLAB_HWCACHE_ALIGN|SLAB_PANIC|SLAB_ACCOUNT, NULL);
>  
>  	/* add the special key types */
>  	list_add_tail(&key_type_keyring.link, &key_types_list);
> diff --git a/security/keys/request_key_auth.c b/security/keys/request_key_auth.c
> index 41e973500..ed50a100a 100644
> --- a/security/keys/request_key_auth.c
> +++ b/security/keys/request_key_auth.c
> @@ -171,10 +171,10 @@ struct key *request_key_auth_new(struct key *target, const char *op,
>  	kenter("%d,", target->serial);
>  
>  	/* allocate a auth record */
> -	rka = kzalloc(sizeof(*rka), GFP_KERNEL);
> +	rka = kzalloc(sizeof(*rka), GFP_KERNEL_ACCOUNT);
>  	if (!rka)
>  		goto error;
> -	rka->callout_info = kmemdup(callout_info, callout_len, GFP_KERNEL);
> +	rka->callout_info = kmemdup(callout_info, callout_len, GFP_KERNEL_ACCOUNT);
>  	if (!rka->callout_info)
>  		goto error_free_rka;
>  	rka->callout_len = callout_len;

next prev parent reply	other threads:[~2022-05-23  9:45 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-07-19  8:17 [PATCH] memcg: enable accounting in keyctl subsys Yutian Yang
2022-05-23  9:45 ` Vasily Averin [this message]
2022-05-23 20:00   ` Jarkko Sakkinen
2022-05-30  9:38     ` Vasily Averin
2022-05-30 20:38       ` Andrew Morton
2022-06-03  4:23         ` Vasily Averin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=0017e4c6-84d8-6d62-2ceb-4851771fec18@linux.dev \
    --to=vasily.averin@linux.dev \
    --cc=cgroups@vger.kernel.org \
    --cc=dhowells@redhat.com \
    --cc=hannes@cmpxchg.org \
    --cc=jarkko@kernel.org \
    --cc=kernel@openvz.org \
    --cc=linux-mm@kvack.org \
    --cc=mhocko@kernel.org \
    --cc=nglaive@gmail.com \
    --cc=roman.gushchin@linux.dev \
    --cc=shakeelb@google.com \
    --cc=shenwenbo@zju.edu.cn \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).