From: Vasily Averin <vasily.averin@linux.dev>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Yutian Yang <nglaive@gmail.com>,
Shakeel Butt <shakeelb@google.com>,
Michal Hocko <mhocko@kernel.org>,
David Howells <dhowells@redhat.com>,
Roman Gushchin <roman.gushchin@linux.dev>,
cgroups@vger.kernel.org, linux-mm@kvack.org,
shenwenbo@zju.edu.cn, Johannes Weiner <hannes@cmpxchg.org>,
kernel@openvz.org, Jarkko Sakkinen <jarkko@kernel.org>
Subject: Re: [PATCH] memcg: enable accounting in keyctl subsys
Date: Mon, 30 May 2022 12:38:28 +0300 [thread overview]
Message-ID: <ca0ba233-ed09-5dce-5f38-2e05b1114610@linux.dev> (raw)
In-Reply-To: <YovnzLqXqEHY6SAC@kernel.org>
Dear Andrew,
could you please pick up this patch too?
Thank you,
Vasily Averin
On 5/23/22 23:00, Jarkko Sakkinen wrote:
> On Mon, May 23, 2022 at 12:45:09PM +0300, Vasily Averin wrote:
>> On 7/19/21 11:17, Yutian Yang wrote:
>>> This patch enables accounting for key objects and auth record objects.
>>> Allocation of the objects are triggerable by syscalls from userspace.
>>>
>>> We have written a PoC to show that the missing-charging objects lead to
>>> breaking memcg limits. The PoC program takes around 2.2GB unaccounted
>>> memory, while it is charged for only 24MB memory usage. We evaluate the
>>> PoC on QEMU x86_64 v5.2.90 + Linux kernel v5.10.19 + Debian buster. All
>>> the limitations including ulimits and sysctl variables are set as default.
>>> Specifically, we set kernel.keys.maxbytes = 20000 and
>>> kernel.keys.maxkeys = 200.
>>>
>>> /*------------------------- POC code ----------------------------*/
>> [skipped]
>>> /*-------------------------- end --------------------------------*/
>>
>> I experimented with "keyctl request2 user debug: X:Y Z" inside the container
>> and found that the problem is still relevant and the proposed patch solves it
>> correctly.
>>
>> I didn't find any complaints about this patch, could someone explain why
>> it wasn't applied? If no one objects, I'd like to push it.
>>
>>> Signed-off-by: Yutian Yang <nglaive@gmail.com>
>> Reviewed-by: Vasily Averin <vvs@openvz.org>
>>
>> Thank you,
>> Vasily Averin
>>
>> PS. Should I perhaps resend it?
>>
>>> ---
>>> security/keys/key.c | 4 ++--
>>> security/keys/request_key_auth.c | 4 ++--
>>> 2 files changed, 4 insertions(+), 4 deletions(-)
>>>
>>> diff --git a/security/keys/key.c b/security/keys/key.c
>>> index e282c6179..925d85c2e 100644
>>> --- a/security/keys/key.c
>>> +++ b/security/keys/key.c
>>> @@ -279,7 +279,7 @@ struct key *key_alloc(struct key_type *type, const char *desc,
>>> goto no_memory_2;
>>>
>>> key->index_key.desc_len = desclen;
>>> - key->index_key.description = kmemdup(desc, desclen + 1, GFP_KERNEL);
>>> + key->index_key.description = kmemdup(desc, desclen + 1, GFP_KERNEL_ACCOUNT);
>>> if (!key->index_key.description)
>>> goto no_memory_3;
>>> key->index_key.type = type;
>>> @@ -1198,7 +1198,7 @@ void __init key_init(void)
>>> {
>>> /* allocate a slab in which we can store keys */
>>> key_jar = kmem_cache_create("key_jar", sizeof(struct key),
>>> - 0, SLAB_HWCACHE_ALIGN|SLAB_PANIC, NULL);
>>> + 0, SLAB_HWCACHE_ALIGN|SLAB_PANIC|SLAB_ACCOUNT, NULL);
>>>
>>> /* add the special key types */
>>> list_add_tail(&key_type_keyring.link, &key_types_list);
>>> diff --git a/security/keys/request_key_auth.c b/security/keys/request_key_auth.c
>>> index 41e973500..ed50a100a 100644
>>> --- a/security/keys/request_key_auth.c
>>> +++ b/security/keys/request_key_auth.c
>>> @@ -171,10 +171,10 @@ struct key *request_key_auth_new(struct key *target, const char *op,
>>> kenter("%d,", target->serial);
>>>
>>> /* allocate a auth record */
>>> - rka = kzalloc(sizeof(*rka), GFP_KERNEL);
>>> + rka = kzalloc(sizeof(*rka), GFP_KERNEL_ACCOUNT);
>>> if (!rka)
>>> goto error;
>>> - rka->callout_info = kmemdup(callout_info, callout_len, GFP_KERNEL);
>>> + rka->callout_info = kmemdup(callout_info, callout_len, GFP_KERNEL_ACCOUNT);
>>> if (!rka->callout_info)
>>> goto error_free_rka;
>>> rka->callout_len = callout_len;
>>
>
>
> Acked-by: Jarkko Sakkinen <jarkko@kernel.org>
>
> BR, Jarkko
next prev parent reply other threads:[~2022-05-30 9:38 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-07-19 8:17 [PATCH] memcg: enable accounting in keyctl subsys Yutian Yang
2022-05-23 9:45 ` Vasily Averin
2022-05-23 20:00 ` Jarkko Sakkinen
2022-05-30 9:38 ` Vasily Averin [this message]
2022-05-30 20:38 ` Andrew Morton
2022-06-03 4:23 ` Vasily Averin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ca0ba233-ed09-5dce-5f38-2e05b1114610@linux.dev \
--to=vasily.averin@linux.dev \
--cc=akpm@linux-foundation.org \
--cc=cgroups@vger.kernel.org \
--cc=dhowells@redhat.com \
--cc=hannes@cmpxchg.org \
--cc=jarkko@kernel.org \
--cc=kernel@openvz.org \
--cc=linux-mm@kvack.org \
--cc=mhocko@kernel.org \
--cc=nglaive@gmail.com \
--cc=roman.gushchin@linux.dev \
--cc=shakeelb@google.com \
--cc=shenwenbo@zju.edu.cn \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).