From: Roman Gushchin <roman.gushchin@linux.dev>
To: Michal Hocko <mhocko@suse.com>
Cc: "Michal Koutný" <mkoutny@suse.com>,
"Vasily Averin" <vvs@openvz.org>,
"Andrew Morton" <akpm@linux-foundation.org>,
kernel@openvz.org, linux-kernel@vger.kernel.org,
linux-mm@kvack.org, "Shakeel Butt" <shakeelb@google.com>,
"Vlastimil Babka" <vbabka@suse.cz>,
"Muchun Song" <songmuchun@bytedance.com>,
cgroups@vger.kernel.org
Subject: Re: [PATCH mm v3 0/9] memcg: accounting for objects allocated by mkdir cgroup
Date: Wed, 1 Jun 2022 07:22:05 -0700 [thread overview]
Message-ID: <Ypd2DW7id4M3KJJW@carbon> (raw)
In-Reply-To: <YpdkHrbT/xkdx+Qb@dhcp22.suse.cz>
On Wed, Jun 01, 2022 at 03:05:34PM +0200, Michal Hocko wrote:
> On Wed 01-06-22 11:32:26, Michal Hocko wrote:
> > On Wed 01-06-22 11:15:43, Michal Koutny wrote:
> > > On Wed, Jun 01, 2022 at 06:43:27AM +0300, Vasily Averin <vvs@openvz.org> wrote:
> > > > CT-901 /# cat /sys/fs/cgroup/memory/cgroup.subgroups_limit
> > > > 512
> > > > CT-901 /# echo 3333 > /sys/fs/cgroup/memory/cgroup.subgroups_limit
> > > > -bash: echo: write error: Operation not permitted
> > > > CT-901 /# echo 333 > /sys/fs/cgroup/memory/cgroup.subgroups_limit
> > > > -bash: echo: write error: Operation not permitted
> > > >
> > > > I doubt this way can be accepted in upstream, however for OpenVz
> > > > something like this it is mandatory because it much better
> > > > than nothing.
> > >
> > > Is this customization of yours something like cgroup.max.descendants on
> > > the unified (v2) hierarchy? (Just curious.)
> > >
> > > (It can be made inaccessible from within the subtree either with cgroup
> > > ns or good old FS permissions.)
> >
> > So we already do have a limit to prevent somebody from running away with
> > the number of cgroups. Nice!
Yes, we do!
> > I was not aware of that and I guess this
> > looks like the right thing to do. So do we need more control and
> > accounting that this?
>
> I have checked the actual implementation and noticed that cgroups are
> uncharged when offlined (rmdir-ed) which means that an adversary could
> still trick the limit and runaway while still consuming resources.
>
> Roman, I guess the reason for this implementation was to avoid limit to
> trigger on setups with memcgs which can take quite some time to die?
> Would it make sense to make the implementation more strict to really act
> as gate against potential cgroups count runways?
The reasoning was that in many cases a user can't do much about dying cgroups,
so it's not clear how they should/would handle getting -EAGAIN on creating a
new cgroup (retrying will not help, obviously). Live cgroups can be easily
deleted, dying cgroups - not always.
I'm not sure about switching the semantics. I'd wait till Muchun's lru page
reparenting will be landed (could be within 1-2 releases, I guess) and then we
can check whether the whole problem is mostly gone. Honestly, I think we might
need to fix few another things, but it might be not that hard (in comparison
to what we already did).
next prev parent reply other threads:[~2022-06-01 14:22 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <Yn6aL3cO7VdrmHHp@carbon>
2022-05-21 16:37 ` [PATCH mm v2 0/9] memcg: accounting for objects allocated by mkdir cgroup Vasily Averin
2022-05-30 11:25 ` [PATCH mm v3 " Vasily Averin
2022-05-30 11:55 ` Michal Hocko
2022-05-30 13:09 ` Vasily Averin
2022-05-30 14:22 ` Michal Hocko
2022-05-30 19:58 ` Vasily Averin
2022-05-31 7:16 ` Michal Hocko
2022-06-01 3:43 ` Vasily Averin
2022-06-01 9:15 ` Michal Koutný
2022-06-01 9:32 ` Michal Hocko
2022-06-01 13:05 ` Michal Hocko
2022-06-01 14:22 ` Roman Gushchin [this message]
2022-06-01 15:24 ` Michal Hocko
2022-06-01 9:26 ` Michal Hocko
2022-06-13 5:34 ` [PATCH mm v4 " Vasily Averin
2022-06-23 14:50 ` [PATCH mm v5 0/9] memcg: accounting for objects allocated by mkdir, cgroup Vasily Averin
2022-06-23 15:03 ` Vasily Averin
2022-06-23 16:07 ` Michal Hocko
2022-06-23 16:55 ` Shakeel Butt
2022-06-24 10:40 ` Vasily Averin
2022-06-24 12:26 ` Michal Koutný
2022-06-24 13:59 ` Michal Hocko
2022-06-25 9:43 ` [PATCH RFC] memcg: avoid idr ids space depletion Vasily Averin
[not found] ` <c53e1df0-5174-66de-23cc-18797f0b512d@openvz.org>
2022-06-26 1:56 ` [PATCH RFC] memcg: notify about global mem_cgroup_id " Roman Gushchin
[not found] ` <97bed1fd-f230-c2ea-1cb6-8230825a9a64@openvz.org>
2022-06-27 3:23 ` [PATCH mm v2] " Muchun Song
[not found] ` <f3e4059c-69ea-eccd-a22f-9f6c6780f33a@openvz.org>
2022-06-28 1:11 ` Roman Gushchin
2022-06-28 9:08 ` Michal Koutný
2022-06-27 16:37 ` [PATCH mm v5 0/9] memcg: accounting for objects allocated by mkdir, cgroup Shakeel Butt
2022-07-01 11:03 ` Michal Hocko
2022-07-10 18:53 ` Vasily Averin
2022-07-11 16:24 ` Michal Hocko
2022-06-23 14:50 ` [PATCH mm v5 1/9] memcg: enable accounting for struct cgroup Vasily Averin
2022-06-23 14:50 ` [PATCH mm v5 2/9] memcg: enable accounting for kernfs nodes Vasily Averin
2022-06-23 14:51 ` [PATCH mm v5 3/9] memcg: enable accounting for kernfs iattrs Vasily Averin
2022-06-13 5:34 ` [PATCH mm v4 1/9] memcg: enable accounting for struct cgroup Vasily Averin
2022-06-13 5:34 ` [PATCH mm v4 2/9] memcg: enable accounting for kernfs nodes Vasily Averin
2022-06-13 5:34 ` [PATCH mm v4 3/9] memcg: enable accounting for kernfs iattrs Vasily Averin
[not found] ` <cover.1653899364.git.vvs@openvz.org>
2022-05-30 11:25 ` [PATCH mm v3 1/9] memcg: enable accounting for struct cgroup Vasily Averin
2022-05-30 11:26 ` [PATCH mm v3 2/9] memcg: enable accounting for kernfs nodes Vasily Averin
2022-05-30 11:26 ` [PATCH mm v3 3/9] memcg: enable accounting for kernfs iattrs Vasily Averin
2022-05-30 11:26 ` [PATCH mm v3 4/9] memcg: enable accounting for struct simple_xattr Vasily Averin
2022-05-30 11:26 ` [PATCH mm v3 5/9] memcg: enable accounting for percpu allocation of struct psi_group_cpu Vasily Averin
2022-05-30 11:26 ` [PATCH mm v3 6/9] memcg: enable accounting for percpu allocation of struct cgroup_rstat_cpu Vasily Averin
2022-05-30 15:04 ` Muchun Song
[not found] ` <a1fcdab2-a208-0fad-3f4e-233317ab828f@openvz.org>
2022-05-30 15:06 ` [PATCH mm v3 9/9] memcg: enable accounting for perpu allocation of struct rt_rq Muchun Song
2022-05-21 16:37 ` [PATCH mm v2 1/9] memcg: enable accounting for struct cgroup Vasily Averin
2022-05-22 6:37 ` Muchun Song
2022-05-21 16:37 ` [PATCH mm v2 2/9] memcg: enable accounting for kernfs nodes Vasily Averin
2022-05-22 6:37 ` Muchun Song
2022-05-21 16:37 ` [PATCH mm v2 3/9] memcg: enable accounting for kernfs iattrs Vasily Averin
2022-05-22 6:38 ` Muchun Song
2022-05-21 16:38 ` [PATCH mm v2 4/9] memcg: enable accounting for struct simple_xattr Vasily Averin
2022-05-22 6:38 ` Muchun Song
2022-05-21 16:38 ` [PATCH mm v2 5/9] memcg: enable accounting for percpu allocation of struct psi_group_cpu Vasily Averin
2022-05-21 21:34 ` Shakeel Butt
2022-05-22 6:40 ` Muchun Song
2022-05-25 1:30 ` Roman Gushchin
[not found] ` <d7094aa2-1cd0-835c-9fb7-d76003c47dad@openvz.org>
2022-05-21 21:37 ` [PATCH mm v2 9/9] memcg: enable accounting for percpu allocation of struct rt_rq Shakeel Butt
2022-05-25 1:31 ` Roman Gushchin
[not found] ` <9925d0ba-40d7-e3a8-1fef-054968b26ce6@openvz.org>
2022-05-22 6:47 ` [PATCH mm v2 7/9] memcg: enable accounting for large allocations in mem_cgroup_css_alloc Muchun Song
[not found] ` <46bbde64-7290-cabb-8fef-6f4a30263d8c@openvz.org>
2022-05-22 6:49 ` [PATCH mm v2 8/9] memcg: enable accounting for allocations in alloc_fair_sched_group Muchun Song
[not found] ` <c0d01d6e-530c-9be3-1c9b-67a7f8ea09be@openvz.org>
2022-05-21 17:58 ` [PATCH mm v2 6/9] memcg: enable accounting for percpu allocation of struct cgroup_rstat_cpu Vasily Averin
2022-05-21 21:35 ` Shakeel Butt
2022-05-21 22:05 ` kernel test robot
2022-05-25 1:31 ` Roman Gushchin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Ypd2DW7id4M3KJJW@carbon \
--to=roman.gushchin@linux.dev \
--cc=akpm@linux-foundation.org \
--cc=cgroups@vger.kernel.org \
--cc=kernel@openvz.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mhocko@suse.com \
--cc=mkoutny@suse.com \
--cc=shakeelb@google.com \
--cc=songmuchun@bytedance.com \
--cc=vbabka@suse.cz \
--cc=vvs@openvz.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).