tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

kernel / mm / memcontrol.c
at 8eed4e00a370b37b4e5985ed983dccedd555ea9d 8279 lines 219 kB view raw
1// SPDX-License-Identifier: GPL-2.0-or-later 2/* memcontrol.c - Memory Controller 3 * 4 * Copyright IBM Corporation, 2007 5 * Author Balbir Singh <balbir@linux.vnet.ibm.com> 6 * 7 * Copyright 2007 OpenVZ SWsoft Inc 8 * Author: Pavel Emelianov <xemul@openvz.org> 9 * 10 * Memory thresholds 11 * Copyright (C) 2009 Nokia Corporation 12 * Author: Kirill A. Shutemov 13 * 14 * Kernel Memory Controller 15 * Copyright (C) 2012 Parallels Inc. and Google Inc. 16 * Authors: Glauber Costa and Suleiman Souhlal 17 * 18 * Native page reclaim 19 * Charge lifetime sanitation 20 * Lockless page tracking & accounting 21 * Unified hierarchy configuration model 22 * Copyright (C) 2015 Red Hat, Inc., Johannes Weiner 23 * 24 * Per memcg lru locking 25 * Copyright (C) 2020 Alibaba, Inc, Alex Shi 26 */ 27 28#include <linux/page_counter.h> 29#include <linux/memcontrol.h> 30#include <linux/cgroup.h> 31#include <linux/pagewalk.h> 32#include <linux/sched/mm.h> 33#include <linux/shmem_fs.h> 34#include <linux/hugetlb.h> 35#include <linux/pagemap.h> 36#include <linux/vm_event_item.h> 37#include <linux/smp.h> 38#include <linux/page-flags.h> 39#include <linux/backing-dev.h> 40#include <linux/bit_spinlock.h> 41#include <linux/rcupdate.h> 42#include <linux/limits.h> 43#include <linux/export.h> 44#include <linux/mutex.h> 45#include <linux/rbtree.h> 46#include <linux/slab.h> 47#include <linux/swap.h> 48#include <linux/swapops.h> 49#include <linux/spinlock.h> 50#include <linux/eventfd.h> 51#include <linux/poll.h> 52#include <linux/sort.h> 53#include <linux/fs.h> 54#include <linux/seq_file.h> 55#include <linux/vmpressure.h> 56#include <linux/memremap.h> 57#include <linux/mm_inline.h> 58#include <linux/swap_cgroup.h> 59#include <linux/cpu.h> 60#include <linux/oom.h> 61#include <linux/lockdep.h> 62#include <linux/file.h> 63#include <linux/resume_user_mode.h> 64#include <linux/psi.h> 65#include <linux/seq_buf.h> 66#include <linux/sched/isolation.h> 67#include <linux/kmemleak.h> 68#include "internal.h" 69#include <net/sock.h> 70#include <net/ip.h> 71#include "slab.h" 72#include "swap.h" 73 74#include <linux/uaccess.h> 75 76#include <trace/events/vmscan.h> 77 78struct cgroup_subsys memory_cgrp_subsys __read_mostly; 79EXPORT_SYMBOL(memory_cgrp_subsys); 80 81struct mem_cgroup *root_mem_cgroup __read_mostly; 82 83/* Active memory cgroup to use from an interrupt context */ 84DEFINE_PER_CPU(struct mem_cgroup *, int_active_memcg); 85EXPORT_PER_CPU_SYMBOL_GPL(int_active_memcg); 86 87/* Socket memory accounting disabled? */ 88static bool cgroup_memory_nosocket __ro_after_init; 89 90/* Kernel memory accounting disabled? */ 91static bool cgroup_memory_nokmem __ro_after_init; 92 93/* BPF memory accounting disabled? */ 94static bool cgroup_memory_nobpf __ro_after_init; 95 96#ifdef CONFIG_CGROUP_WRITEBACK 97static DECLARE_WAIT_QUEUE_HEAD(memcg_cgwb_frn_waitq); 98#endif 99 100/* Whether legacy memory+swap accounting is active */ 101static bool do_memsw_account(void) 102{ 103 return !cgroup_subsys_on_dfl(memory_cgrp_subsys); 104} 105 106#define THRESHOLDS_EVENTS_TARGET 128 107#define SOFTLIMIT_EVENTS_TARGET 1024 108 109/* 110 * Cgroups above their limits are maintained in a RB-Tree, independent of 111 * their hierarchy representation 112 */ 113 114struct mem_cgroup_tree_per_node { 115 struct rb_root rb_root; 116 struct rb_node *rb_rightmost; 117 spinlock_t lock; 118}; 119 120struct mem_cgroup_tree { 121 struct mem_cgroup_tree_per_node *rb_tree_per_node[MAX_NUMNODES]; 122}; 123 124static struct mem_cgroup_tree soft_limit_tree __read_mostly; 125 126/* for OOM */ 127struct mem_cgroup_eventfd_list { 128 struct list_head list; 129 struct eventfd_ctx *eventfd; 130}; 131 132/* 133 * cgroup_event represents events which userspace want to receive. 134 */ 135struct mem_cgroup_event { 136 /* 137 * memcg which the event belongs to. 138 */ 139 struct mem_cgroup *memcg; 140 /* 141 * eventfd to signal userspace about the event. 142 */ 143 struct eventfd_ctx *eventfd; 144 /* 145 * Each of these stored in a list by the cgroup. 146 */ 147 struct list_head list; 148 /* 149 * register_event() callback will be used to add new userspace 150 * waiter for changes related to this event. Use eventfd_signal() 151 * on eventfd to send notification to userspace. 152 */ 153 int (*register_event)(struct mem_cgroup *memcg, 154 struct eventfd_ctx *eventfd, const char *args); 155 /* 156 * unregister_event() callback will be called when userspace closes 157 * the eventfd or on cgroup removing. This callback must be set, 158 * if you want provide notification functionality. 159 */ 160 void (*unregister_event)(struct mem_cgroup *memcg, 161 struct eventfd_ctx *eventfd); 162 /* 163 * All fields below needed to unregister event when 164 * userspace closes eventfd. 165 */ 166 poll_table pt; 167 wait_queue_head_t *wqh; 168 wait_queue_entry_t wait; 169 struct work_struct remove; 170}; 171 172static void mem_cgroup_threshold(struct mem_cgroup *memcg); 173static void mem_cgroup_oom_notify(struct mem_cgroup *memcg); 174 175/* Stuffs for move charges at task migration. */ 176/* 177 * Types of charges to be moved. 178 */ 179#define MOVE_ANON 0x1U 180#define MOVE_FILE 0x2U 181#define MOVE_MASK (MOVE_ANON | MOVE_FILE) 182 183/* "mc" and its members are protected by cgroup_mutex */ 184static struct move_charge_struct { 185 spinlock_t lock; /* for from, to */ 186 struct mm_struct *mm; 187 struct mem_cgroup *from; 188 struct mem_cgroup *to; 189 unsigned long flags; 190 unsigned long precharge; 191 unsigned long moved_charge; 192 unsigned long moved_swap; 193 struct task_struct *moving_task; /* a task moving charges */ 194 wait_queue_head_t waitq; /* a waitq for other context */ 195} mc = { 196 .lock = __SPIN_LOCK_UNLOCKED(mc.lock), 197 .waitq = __WAIT_QUEUE_HEAD_INITIALIZER(mc.waitq), 198}; 199 200/* 201 * Maximum loops in mem_cgroup_soft_reclaim(), used for soft 202 * limit reclaim to prevent infinite loops, if they ever occur. 203 */ 204#define MEM_CGROUP_MAX_RECLAIM_LOOPS 100 205#define MEM_CGROUP_MAX_SOFT_LIMIT_RECLAIM_LOOPS 2 206 207/* for encoding cft->private value on file */ 208enum res_type { 209 _MEM, 210 _MEMSWAP, 211 _KMEM, 212 _TCP, 213}; 214 215#define MEMFILE_PRIVATE(x, val) ((x) << 16 | (val)) 216#define MEMFILE_TYPE(val) ((val) >> 16 & 0xffff) 217#define MEMFILE_ATTR(val) ((val) & 0xffff) 218 219/* 220 * Iteration constructs for visiting all cgroups (under a tree). If 221 * loops are exited prematurely (break), mem_cgroup_iter_break() must 222 * be used for reference counting. 223 */ 224#define for_each_mem_cgroup_tree(iter, root) \ 225 for (iter = mem_cgroup_iter(root, NULL, NULL); \ 226 iter != NULL; \ 227 iter = mem_cgroup_iter(root, iter, NULL)) 228 229#define for_each_mem_cgroup(iter) \ 230 for (iter = mem_cgroup_iter(NULL, NULL, NULL); \ 231 iter != NULL; \ 232 iter = mem_cgroup_iter(NULL, iter, NULL)) 233 234static inline bool task_is_dying(void) 235{ 236 return tsk_is_oom_victim(current) || fatal_signal_pending(current) || 237 (current->flags & PF_EXITING); 238} 239 240/* Some nice accessors for the vmpressure. */ 241struct vmpressure *memcg_to_vmpressure(struct mem_cgroup *memcg) 242{ 243 if (!memcg) 244 memcg = root_mem_cgroup; 245 return &memcg->vmpressure; 246} 247 248struct mem_cgroup *vmpressure_to_memcg(struct vmpressure *vmpr) 249{ 250 return container_of(vmpr, struct mem_cgroup, vmpressure); 251} 252 253#define CURRENT_OBJCG_UPDATE_BIT 0 254#define CURRENT_OBJCG_UPDATE_FLAG (1UL << CURRENT_OBJCG_UPDATE_BIT) 255 256#ifdef CONFIG_MEMCG_KMEM 257static DEFINE_SPINLOCK(objcg_lock); 258 259bool mem_cgroup_kmem_disabled(void) 260{ 261 return cgroup_memory_nokmem; 262} 263 264static void obj_cgroup_uncharge_pages(struct obj_cgroup *objcg, 265 unsigned int nr_pages); 266 267static void obj_cgroup_release(struct percpu_ref *ref) 268{ 269 struct obj_cgroup *objcg = container_of(ref, struct obj_cgroup, refcnt); 270 unsigned int nr_bytes; 271 unsigned int nr_pages; 272 unsigned long flags; 273 274 /* 275 * At this point all allocated objects are freed, and 276 * objcg->nr_charged_bytes can't have an arbitrary byte value. 277 * However, it can be PAGE_SIZE or (x * PAGE_SIZE). 278 * 279 * The following sequence can lead to it: 280 * 1) CPU0: objcg == stock->cached_objcg 281 * 2) CPU1: we do a small allocation (e.g. 92 bytes), 282 * PAGE_SIZE bytes are charged 283 * 3) CPU1: a process from another memcg is allocating something, 284 * the stock if flushed, 285 * objcg->nr_charged_bytes = PAGE_SIZE - 92 286 * 5) CPU0: we do release this object, 287 * 92 bytes are added to stock->nr_bytes 288 * 6) CPU0: stock is flushed, 289 * 92 bytes are added to objcg->nr_charged_bytes 290 * 291 * In the result, nr_charged_bytes == PAGE_SIZE. 292 * This page will be uncharged in obj_cgroup_release(). 293 */ 294 nr_bytes = atomic_read(&objcg->nr_charged_bytes); 295 WARN_ON_ONCE(nr_bytes & (PAGE_SIZE - 1)); 296 nr_pages = nr_bytes >> PAGE_SHIFT; 297 298 if (nr_pages) 299 obj_cgroup_uncharge_pages(objcg, nr_pages); 300 301 spin_lock_irqsave(&objcg_lock, flags); 302 list_del(&objcg->list); 303 spin_unlock_irqrestore(&objcg_lock, flags); 304 305 percpu_ref_exit(ref); 306 kfree_rcu(objcg, rcu); 307} 308 309static struct obj_cgroup *obj_cgroup_alloc(void) 310{ 311 struct obj_cgroup *objcg; 312 int ret; 313 314 objcg = kzalloc(sizeof(struct obj_cgroup), GFP_KERNEL); 315 if (!objcg) 316 return NULL; 317 318 ret = percpu_ref_init(&objcg->refcnt, obj_cgroup_release, 0, 319 GFP_KERNEL); 320 if (ret) { 321 kfree(objcg); 322 return NULL; 323 } 324 INIT_LIST_HEAD(&objcg->list); 325 return objcg; 326} 327 328static void memcg_reparent_objcgs(struct mem_cgroup *memcg, 329 struct mem_cgroup *parent) 330{ 331 struct obj_cgroup *objcg, *iter; 332 333 objcg = rcu_replace_pointer(memcg->objcg, NULL, true); 334 335 spin_lock_irq(&objcg_lock); 336 337 /* 1) Ready to reparent active objcg. */ 338 list_add(&objcg->list, &memcg->objcg_list); 339 /* 2) Reparent active objcg and already reparented objcgs to parent. */ 340 list_for_each_entry(iter, &memcg->objcg_list, list) 341 WRITE_ONCE(iter->memcg, parent); 342 /* 3) Move already reparented objcgs to the parent's list */ 343 list_splice(&memcg->objcg_list, &parent->objcg_list); 344 345 spin_unlock_irq(&objcg_lock); 346 347 percpu_ref_kill(&objcg->refcnt); 348} 349 350/* 351 * A lot of the calls to the cache allocation functions are expected to be 352 * inlined by the compiler. Since the calls to memcg_slab_pre_alloc_hook() are 353 * conditional to this static branch, we'll have to allow modules that does 354 * kmem_cache_alloc and the such to see this symbol as well 355 */ 356DEFINE_STATIC_KEY_FALSE(memcg_kmem_online_key); 357EXPORT_SYMBOL(memcg_kmem_online_key); 358 359DEFINE_STATIC_KEY_FALSE(memcg_bpf_enabled_key); 360EXPORT_SYMBOL(memcg_bpf_enabled_key); 361#endif 362 363/** 364 * mem_cgroup_css_from_folio - css of the memcg associated with a folio 365 * @folio: folio of interest 366 * 367 * If memcg is bound to the default hierarchy, css of the memcg associated 368 * with @folio is returned. The returned css remains associated with @folio 369 * until it is released. 370 * 371 * If memcg is bound to a traditional hierarchy, the css of root_mem_cgroup 372 * is returned. 373 */ 374struct cgroup_subsys_state *mem_cgroup_css_from_folio(struct folio *folio) 375{ 376 struct mem_cgroup *memcg = folio_memcg(folio); 377 378 if (!memcg || !cgroup_subsys_on_dfl(memory_cgrp_subsys)) 379 memcg = root_mem_cgroup; 380 381 return &memcg->css; 382} 383 384/** 385 * page_cgroup_ino - return inode number of the memcg a page is charged to 386 * @page: the page 387 * 388 * Look up the closest online ancestor of the memory cgroup @page is charged to 389 * and return its inode number or 0 if @page is not charged to any cgroup. It 390 * is safe to call this function without holding a reference to @page. 391 * 392 * Note, this function is inherently racy, because there is nothing to prevent 393 * the cgroup inode from getting torn down and potentially reallocated a moment 394 * after page_cgroup_ino() returns, so it only should be used by callers that 395 * do not care (such as procfs interfaces). 396 */ 397ino_t page_cgroup_ino(struct page *page) 398{ 399 struct mem_cgroup *memcg; 400 unsigned long ino = 0; 401 402 rcu_read_lock(); 403 /* page_folio() is racy here, but the entire function is racy anyway */ 404 memcg = folio_memcg_check(page_folio(page)); 405 406 while (memcg && !(memcg->css.flags & CSS_ONLINE)) 407 memcg = parent_mem_cgroup(memcg); 408 if (memcg) 409 ino = cgroup_ino(memcg->css.cgroup); 410 rcu_read_unlock(); 411 return ino; 412} 413 414static void __mem_cgroup_insert_exceeded(struct mem_cgroup_per_node *mz, 415 struct mem_cgroup_tree_per_node *mctz, 416 unsigned long new_usage_in_excess) 417{ 418 struct rb_node **p = &mctz->rb_root.rb_node; 419 struct rb_node *parent = NULL; 420 struct mem_cgroup_per_node *mz_node; 421 bool rightmost = true; 422 423 if (mz->on_tree) 424 return; 425 426 mz->usage_in_excess = new_usage_in_excess; 427 if (!mz->usage_in_excess) 428 return; 429 while (*p) { 430 parent = *p; 431 mz_node = rb_entry(parent, struct mem_cgroup_per_node, 432 tree_node); 433 if (mz->usage_in_excess < mz_node->usage_in_excess) { 434 p = &(*p)->rb_left; 435 rightmost = false; 436 } else { 437 p = &(*p)->rb_right; 438 } 439 } 440 441 if (rightmost) 442 mctz->rb_rightmost = &mz->tree_node; 443 444 rb_link_node(&mz->tree_node, parent, p); 445 rb_insert_color(&mz->tree_node, &mctz->rb_root); 446 mz->on_tree = true; 447} 448 449static void __mem_cgroup_remove_exceeded(struct mem_cgroup_per_node *mz, 450 struct mem_cgroup_tree_per_node *mctz) 451{ 452 if (!mz->on_tree) 453 return; 454 455 if (&mz->tree_node == mctz->rb_rightmost) 456 mctz->rb_rightmost = rb_prev(&mz->tree_node); 457 458 rb_erase(&mz->tree_node, &mctz->rb_root); 459 mz->on_tree = false; 460} 461 462static void mem_cgroup_remove_exceeded(struct mem_cgroup_per_node *mz, 463 struct mem_cgroup_tree_per_node *mctz) 464{ 465 unsigned long flags; 466 467 spin_lock_irqsave(&mctz->lock, flags); 468 __mem_cgroup_remove_exceeded(mz, mctz); 469 spin_unlock_irqrestore(&mctz->lock, flags); 470} 471 472static unsigned long soft_limit_excess(struct mem_cgroup *memcg) 473{ 474 unsigned long nr_pages = page_counter_read(&memcg->memory); 475 unsigned long soft_limit = READ_ONCE(memcg->soft_limit); 476 unsigned long excess = 0; 477 478 if (nr_pages > soft_limit) 479 excess = nr_pages - soft_limit; 480 481 return excess; 482} 483 484static void mem_cgroup_update_tree(struct mem_cgroup *memcg, int nid) 485{ 486 unsigned long excess; 487 struct mem_cgroup_per_node *mz; 488 struct mem_cgroup_tree_per_node *mctz; 489 490 if (lru_gen_enabled()) { 491 if (soft_limit_excess(memcg)) 492 lru_gen_soft_reclaim(memcg, nid); 493 return; 494 } 495 496 mctz = soft_limit_tree.rb_tree_per_node[nid]; 497 if (!mctz) 498 return; 499 /* 500 * Necessary to update all ancestors when hierarchy is used. 501 * because their event counter is not touched. 502 */ 503 for (; memcg; memcg = parent_mem_cgroup(memcg)) { 504 mz = memcg->nodeinfo[nid]; 505 excess = soft_limit_excess(memcg); 506 /* 507 * We have to update the tree if mz is on RB-tree or 508 * mem is over its softlimit. 509 */ 510 if (excess || mz->on_tree) { 511 unsigned long flags; 512 513 spin_lock_irqsave(&mctz->lock, flags); 514 /* if on-tree, remove it */ 515 if (mz->on_tree) 516 __mem_cgroup_remove_exceeded(mz, mctz); 517 /* 518 * Insert again. mz->usage_in_excess will be updated. 519 * If excess is 0, no tree ops. 520 */ 521 __mem_cgroup_insert_exceeded(mz, mctz, excess); 522 spin_unlock_irqrestore(&mctz->lock, flags); 523 } 524 } 525} 526 527static void mem_cgroup_remove_from_trees(struct mem_cgroup *memcg) 528{ 529 struct mem_cgroup_tree_per_node *mctz; 530 struct mem_cgroup_per_node *mz; 531 int nid; 532 533 for_each_node(nid) { 534 mz = memcg->nodeinfo[nid]; 535 mctz = soft_limit_tree.rb_tree_per_node[nid]; 536 if (mctz) 537 mem_cgroup_remove_exceeded(mz, mctz); 538 } 539} 540 541static struct mem_cgroup_per_node * 542__mem_cgroup_largest_soft_limit_node(struct mem_cgroup_tree_per_node *mctz) 543{ 544 struct mem_cgroup_per_node *mz; 545 546retry: 547 mz = NULL; 548 if (!mctz->rb_rightmost) 549 goto done; /* Nothing to reclaim from */ 550 551 mz = rb_entry(mctz->rb_rightmost, 552 struct mem_cgroup_per_node, tree_node); 553 /* 554 * Remove the node now but someone else can add it back, 555 * we will to add it back at the end of reclaim to its correct 556 * position in the tree. 557 */ 558 __mem_cgroup_remove_exceeded(mz, mctz); 559 if (!soft_limit_excess(mz->memcg) || 560 !css_tryget(&mz->memcg->css)) 561 goto retry; 562done: 563 return mz; 564} 565 566static struct mem_cgroup_per_node * 567mem_cgroup_largest_soft_limit_node(struct mem_cgroup_tree_per_node *mctz) 568{ 569 struct mem_cgroup_per_node *mz; 570 571 spin_lock_irq(&mctz->lock); 572 mz = __mem_cgroup_largest_soft_limit_node(mctz); 573 spin_unlock_irq(&mctz->lock); 574 return mz; 575} 576 577/* Subset of vm_event_item to report for memcg event stats */ 578static const unsigned int memcg_vm_event_stat[] = { 579 PGPGIN, 580 PGPGOUT, 581 PGSCAN_KSWAPD, 582 PGSCAN_DIRECT, 583 PGSCAN_KHUGEPAGED, 584 PGSTEAL_KSWAPD, 585 PGSTEAL_DIRECT, 586 PGSTEAL_KHUGEPAGED, 587 PGFAULT, 588 PGMAJFAULT, 589 PGREFILL, 590 PGACTIVATE, 591 PGDEACTIVATE, 592 PGLAZYFREE, 593 PGLAZYFREED, 594#if defined(CONFIG_MEMCG_KMEM) && defined(CONFIG_ZSWAP) 595 ZSWPIN, 596 ZSWPOUT, 597 ZSWPWB, 598#endif 599#ifdef CONFIG_TRANSPARENT_HUGEPAGE 600 THP_FAULT_ALLOC, 601 THP_COLLAPSE_ALLOC, 602 THP_SWPOUT, 603 THP_SWPOUT_FALLBACK, 604#endif 605}; 606 607#define NR_MEMCG_EVENTS ARRAY_SIZE(memcg_vm_event_stat) 608static int mem_cgroup_events_index[NR_VM_EVENT_ITEMS] __read_mostly; 609 610static void init_memcg_events(void) 611{ 612 int i; 613 614 for (i = 0; i < NR_MEMCG_EVENTS; ++i) 615 mem_cgroup_events_index[memcg_vm_event_stat[i]] = i + 1; 616} 617 618static inline int memcg_events_index(enum vm_event_item idx) 619{ 620 return mem_cgroup_events_index[idx] - 1; 621} 622 623struct memcg_vmstats_percpu { 624 /* Local (CPU and cgroup) page state & events */ 625 long state[MEMCG_NR_STAT]; 626 unsigned long events[NR_MEMCG_EVENTS]; 627 628 /* Delta calculation for lockless upward propagation */ 629 long state_prev[MEMCG_NR_STAT]; 630 unsigned long events_prev[NR_MEMCG_EVENTS]; 631 632 /* Cgroup1: threshold notifications & softlimit tree updates */ 633 unsigned long nr_page_events; 634 unsigned long targets[MEM_CGROUP_NTARGETS]; 635 636 /* Stats updates since the last flush */ 637 unsigned int stats_updates; 638}; 639 640struct memcg_vmstats { 641 /* Aggregated (CPU and subtree) page state & events */ 642 long state[MEMCG_NR_STAT]; 643 unsigned long events[NR_MEMCG_EVENTS]; 644 645 /* Non-hierarchical (CPU aggregated) page state & events */ 646 long state_local[MEMCG_NR_STAT]; 647 unsigned long events_local[NR_MEMCG_EVENTS]; 648 649 /* Pending child counts during tree propagation */ 650 long state_pending[MEMCG_NR_STAT]; 651 unsigned long events_pending[NR_MEMCG_EVENTS]; 652 653 /* Stats updates since the last flush */ 654 atomic64_t stats_updates; 655}; 656 657/* 658 * memcg and lruvec stats flushing 659 * 660 * Many codepaths leading to stats update or read are performance sensitive and 661 * adding stats flushing in such codepaths is not desirable. So, to optimize the 662 * flushing the kernel does: 663 * 664 * 1) Periodically and asynchronously flush the stats every 2 seconds to not let 665 * rstat update tree grow unbounded. 666 * 667 * 2) Flush the stats synchronously on reader side only when there are more than 668 * (MEMCG_CHARGE_BATCH * nr_cpus) update events. Though this optimization 669 * will let stats be out of sync by atmost (MEMCG_CHARGE_BATCH * nr_cpus) but 670 * only for 2 seconds due to (1). 671 */ 672static void flush_memcg_stats_dwork(struct work_struct *w); 673static DECLARE_DEFERRABLE_WORK(stats_flush_dwork, flush_memcg_stats_dwork); 674static u64 flush_last_time; 675 676#define FLUSH_TIME (2UL*HZ) 677 678/* 679 * Accessors to ensure that preemption is disabled on PREEMPT_RT because it can 680 * not rely on this as part of an acquired spinlock_t lock. These functions are 681 * never used in hardirq context on PREEMPT_RT and therefore disabling preemtion 682 * is sufficient. 683 */ 684static void memcg_stats_lock(void) 685{ 686 preempt_disable_nested(); 687 VM_WARN_ON_IRQS_ENABLED(); 688} 689 690static void __memcg_stats_lock(void) 691{ 692 preempt_disable_nested(); 693} 694 695static void memcg_stats_unlock(void) 696{ 697 preempt_enable_nested(); 698} 699 700 701static bool memcg_should_flush_stats(struct mem_cgroup *memcg) 702{ 703 return atomic64_read(&memcg->vmstats->stats_updates) > 704 MEMCG_CHARGE_BATCH * num_online_cpus(); 705} 706 707static inline void memcg_rstat_updated(struct mem_cgroup *memcg, int val) 708{ 709 int cpu = smp_processor_id(); 710 unsigned int x; 711 712 if (!val) 713 return; 714 715 cgroup_rstat_updated(memcg->css.cgroup, cpu); 716 717 for (; memcg; memcg = parent_mem_cgroup(memcg)) { 718 x = __this_cpu_add_return(memcg->vmstats_percpu->stats_updates, 719 abs(val)); 720 721 if (x < MEMCG_CHARGE_BATCH) 722 continue; 723 724 /* 725 * If @memcg is already flush-able, increasing stats_updates is 726 * redundant. Avoid the overhead of the atomic update. 727 */ 728 if (!memcg_should_flush_stats(memcg)) 729 atomic64_add(x, &memcg->vmstats->stats_updates); 730 __this_cpu_write(memcg->vmstats_percpu->stats_updates, 0); 731 } 732} 733 734static void do_flush_stats(struct mem_cgroup *memcg) 735{ 736 if (mem_cgroup_is_root(memcg)) 737 WRITE_ONCE(flush_last_time, jiffies_64); 738 739 cgroup_rstat_flush(memcg->css.cgroup); 740} 741 742/* 743 * mem_cgroup_flush_stats - flush the stats of a memory cgroup subtree 744 * @memcg: root of the subtree to flush 745 * 746 * Flushing is serialized by the underlying global rstat lock. There is also a 747 * minimum amount of work to be done even if there are no stat updates to flush. 748 * Hence, we only flush the stats if the updates delta exceeds a threshold. This 749 * avoids unnecessary work and contention on the underlying lock. 750 */ 751void mem_cgroup_flush_stats(struct mem_cgroup *memcg) 752{ 753 if (mem_cgroup_disabled()) 754 return; 755 756 if (!memcg) 757 memcg = root_mem_cgroup; 758 759 if (memcg_should_flush_stats(memcg)) 760 do_flush_stats(memcg); 761} 762 763void mem_cgroup_flush_stats_ratelimited(struct mem_cgroup *memcg) 764{ 765 /* Only flush if the periodic flusher is one full cycle late */ 766 if (time_after64(jiffies_64, READ_ONCE(flush_last_time) + 2*FLUSH_TIME)) 767 mem_cgroup_flush_stats(memcg); 768} 769 770static void flush_memcg_stats_dwork(struct work_struct *w) 771{ 772 /* 773 * Deliberately ignore memcg_should_flush_stats() here so that flushing 774 * in latency-sensitive paths is as cheap as possible. 775 */ 776 do_flush_stats(root_mem_cgroup); 777 queue_delayed_work(system_unbound_wq, &stats_flush_dwork, FLUSH_TIME); 778} 779 780unsigned long memcg_page_state(struct mem_cgroup *memcg, int idx) 781{ 782 long x = READ_ONCE(memcg->vmstats->state[idx]); 783#ifdef CONFIG_SMP 784 if (x < 0) 785 x = 0; 786#endif 787 return x; 788} 789 790static int memcg_page_state_unit(int item); 791 792/* 793 * Normalize the value passed into memcg_rstat_updated() to be in pages. Round 794 * up non-zero sub-page updates to 1 page as zero page updates are ignored. 795 */ 796static int memcg_state_val_in_pages(int idx, int val) 797{ 798 int unit = memcg_page_state_unit(idx); 799 800 if (!val || unit == PAGE_SIZE) 801 return val; 802 else 803 return max(val * unit / PAGE_SIZE, 1UL); 804} 805 806/** 807 * __mod_memcg_state - update cgroup memory statistics 808 * @memcg: the memory cgroup 809 * @idx: the stat item - can be enum memcg_stat_item or enum node_stat_item 810 * @val: delta to add to the counter, can be negative 811 */ 812void __mod_memcg_state(struct mem_cgroup *memcg, int idx, int val) 813{ 814 if (mem_cgroup_disabled()) 815 return; 816 817 __this_cpu_add(memcg->vmstats_percpu->state[idx], val); 818 memcg_rstat_updated(memcg, memcg_state_val_in_pages(idx, val)); 819} 820 821/* idx can be of type enum memcg_stat_item or node_stat_item. */ 822static unsigned long memcg_page_state_local(struct mem_cgroup *memcg, int idx) 823{ 824 long x = READ_ONCE(memcg->vmstats->state_local[idx]); 825 826#ifdef CONFIG_SMP 827 if (x < 0) 828 x = 0; 829#endif 830 return x; 831} 832 833void __mod_memcg_lruvec_state(struct lruvec *lruvec, enum node_stat_item idx, 834 int val) 835{ 836 struct mem_cgroup_per_node *pn; 837 struct mem_cgroup *memcg; 838 839 pn = container_of(lruvec, struct mem_cgroup_per_node, lruvec); 840 memcg = pn->memcg; 841 842 /* 843 * The caller from rmap relies on disabled preemption because they never 844 * update their counter from in-interrupt context. For these two 845 * counters we check that the update is never performed from an 846 * interrupt context while other caller need to have disabled interrupt. 847 */ 848 __memcg_stats_lock(); 849 if (IS_ENABLED(CONFIG_DEBUG_VM)) { 850 switch (idx) { 851 case NR_ANON_MAPPED: 852 case NR_FILE_MAPPED: 853 case NR_ANON_THPS: 854 case NR_SHMEM_PMDMAPPED: 855 case NR_FILE_PMDMAPPED: 856 WARN_ON_ONCE(!in_task()); 857 break; 858 default: 859 VM_WARN_ON_IRQS_ENABLED(); 860 } 861 } 862 863 /* Update memcg */ 864 __this_cpu_add(memcg->vmstats_percpu->state[idx], val); 865 866 /* Update lruvec */ 867 __this_cpu_add(pn->lruvec_stats_percpu->state[idx], val); 868 869 memcg_rstat_updated(memcg, memcg_state_val_in_pages(idx, val)); 870 memcg_stats_unlock(); 871} 872 873/** 874 * __mod_lruvec_state - update lruvec memory statistics 875 * @lruvec: the lruvec 876 * @idx: the stat item 877 * @val: delta to add to the counter, can be negative 878 * 879 * The lruvec is the intersection of the NUMA node and a cgroup. This 880 * function updates the all three counters that are affected by a 881 * change of state at this level: per-node, per-cgroup, per-lruvec. 882 */ 883void __mod_lruvec_state(struct lruvec *lruvec, enum node_stat_item idx, 884 int val) 885{ 886 /* Update node */ 887 __mod_node_page_state(lruvec_pgdat(lruvec), idx, val); 888 889 /* Update memcg and lruvec */ 890 if (!mem_cgroup_disabled()) 891 __mod_memcg_lruvec_state(lruvec, idx, val); 892} 893 894void __lruvec_stat_mod_folio(struct folio *folio, enum node_stat_item idx, 895 int val) 896{ 897 struct mem_cgroup *memcg; 898 pg_data_t *pgdat = folio_pgdat(folio); 899 struct lruvec *lruvec; 900 901 rcu_read_lock(); 902 memcg = folio_memcg(folio); 903 /* Untracked pages have no memcg, no lruvec. Update only the node */ 904 if (!memcg) { 905 rcu_read_unlock(); 906 __mod_node_page_state(pgdat, idx, val); 907 return; 908 } 909 910 lruvec = mem_cgroup_lruvec(memcg, pgdat); 911 __mod_lruvec_state(lruvec, idx, val); 912 rcu_read_unlock(); 913} 914EXPORT_SYMBOL(__lruvec_stat_mod_folio); 915 916void __mod_lruvec_kmem_state(void *p, enum node_stat_item idx, int val) 917{ 918 pg_data_t *pgdat = page_pgdat(virt_to_page(p)); 919 struct mem_cgroup *memcg; 920 struct lruvec *lruvec; 921 922 rcu_read_lock(); 923 memcg = mem_cgroup_from_slab_obj(p); 924 925 /* 926 * Untracked pages have no memcg, no lruvec. Update only the 927 * node. If we reparent the slab objects to the root memcg, 928 * when we free the slab object, we need to update the per-memcg 929 * vmstats to keep it correct for the root memcg. 930 */ 931 if (!memcg) { 932 __mod_node_page_state(pgdat, idx, val); 933 } else { 934 lruvec = mem_cgroup_lruvec(memcg, pgdat); 935 __mod_lruvec_state(lruvec, idx, val); 936 } 937 rcu_read_unlock(); 938} 939 940/** 941 * __count_memcg_events - account VM events in a cgroup 942 * @memcg: the memory cgroup 943 * @idx: the event item 944 * @count: the number of events that occurred 945 */ 946void __count_memcg_events(struct mem_cgroup *memcg, enum vm_event_item idx, 947 unsigned long count) 948{ 949 int index = memcg_events_index(idx); 950 951 if (mem_cgroup_disabled() || index < 0) 952 return; 953 954 memcg_stats_lock(); 955 __this_cpu_add(memcg->vmstats_percpu->events[index], count); 956 memcg_rstat_updated(memcg, count); 957 memcg_stats_unlock(); 958} 959 960static unsigned long memcg_events(struct mem_cgroup *memcg, int event) 961{ 962 int index = memcg_events_index(event); 963 964 if (index < 0) 965 return 0; 966 return READ_ONCE(memcg->vmstats->events[index]); 967} 968 969static unsigned long memcg_events_local(struct mem_cgroup *memcg, int event) 970{ 971 int index = memcg_events_index(event); 972 973 if (index < 0) 974 return 0; 975 976 return READ_ONCE(memcg->vmstats->events_local[index]); 977} 978 979static void mem_cgroup_charge_statistics(struct mem_cgroup *memcg, 980 int nr_pages) 981{ 982 /* pagein of a big page is an event. So, ignore page size */ 983 if (nr_pages > 0) 984 __count_memcg_events(memcg, PGPGIN, 1); 985 else { 986 __count_memcg_events(memcg, PGPGOUT, 1); 987 nr_pages = -nr_pages; /* for event */ 988 } 989 990 __this_cpu_add(memcg->vmstats_percpu->nr_page_events, nr_pages); 991} 992 993static bool mem_cgroup_event_ratelimit(struct mem_cgroup *memcg, 994 enum mem_cgroup_events_target target) 995{ 996 unsigned long val, next; 997 998 val = __this_cpu_read(memcg->vmstats_percpu->nr_page_events); 999 next = __this_cpu_read(memcg->vmstats_percpu->targets[target]); 1000 /* from time_after() in jiffies.h */ 1001 if ((long)(next - val) < 0) { 1002 switch (target) { 1003 case MEM_CGROUP_TARGET_THRESH: 1004 next = val + THRESHOLDS_EVENTS_TARGET; 1005 break; 1006 case MEM_CGROUP_TARGET_SOFTLIMIT: 1007 next = val + SOFTLIMIT_EVENTS_TARGET; 1008 break; 1009 default: 1010 break; 1011 } 1012 __this_cpu_write(memcg->vmstats_percpu->targets[target], next); 1013 return true; 1014 } 1015 return false; 1016} 1017 1018/* 1019 * Check events in order. 1020 * 1021 */ 1022static void memcg_check_events(struct mem_cgroup *memcg, int nid) 1023{ 1024 if (IS_ENABLED(CONFIG_PREEMPT_RT)) 1025 return; 1026 1027 /* threshold event is triggered in finer grain than soft limit */ 1028 if (unlikely(mem_cgroup_event_ratelimit(memcg, 1029 MEM_CGROUP_TARGET_THRESH))) { 1030 bool do_softlimit; 1031 1032 do_softlimit = mem_cgroup_event_ratelimit(memcg, 1033 MEM_CGROUP_TARGET_SOFTLIMIT); 1034 mem_cgroup_threshold(memcg); 1035 if (unlikely(do_softlimit)) 1036 mem_cgroup_update_tree(memcg, nid); 1037 } 1038} 1039 1040struct mem_cgroup *mem_cgroup_from_task(struct task_struct *p) 1041{ 1042 /* 1043 * mm_update_next_owner() may clear mm->owner to NULL 1044 * if it races with swapoff, page migration, etc. 1045 * So this can be called with p == NULL. 1046 */ 1047 if (unlikely(!p)) 1048 return NULL; 1049 1050 return mem_cgroup_from_css(task_css(p, memory_cgrp_id)); 1051} 1052EXPORT_SYMBOL(mem_cgroup_from_task); 1053 1054static __always_inline struct mem_cgroup *active_memcg(void) 1055{ 1056 if (!in_task()) 1057 return this_cpu_read(int_active_memcg); 1058 else 1059 return current->active_memcg; 1060} 1061 1062/** 1063 * get_mem_cgroup_from_mm: Obtain a reference on given mm_struct's memcg. 1064 * @mm: mm from which memcg should be extracted. It can be NULL. 1065 * 1066 * Obtain a reference on mm->memcg and returns it if successful. If mm 1067 * is NULL, then the memcg is chosen as follows: 1068 * 1) The active memcg, if set. 1069 * 2) current->mm->memcg, if available 1070 * 3) root memcg 1071 * If mem_cgroup is disabled, NULL is returned. 1072 */ 1073struct mem_cgroup *get_mem_cgroup_from_mm(struct mm_struct *mm) 1074{ 1075 struct mem_cgroup *memcg; 1076 1077 if (mem_cgroup_disabled()) 1078 return NULL; 1079 1080 /* 1081 * Page cache insertions can happen without an 1082 * actual mm context, e.g. during disk probing 1083 * on boot, loopback IO, acct() writes etc. 1084 * 1085 * No need to css_get on root memcg as the reference 1086 * counting is disabled on the root level in the 1087 * cgroup core. See CSS_NO_REF. 1088 */ 1089 if (unlikely(!mm)) { 1090 memcg = active_memcg(); 1091 if (unlikely(memcg)) { 1092 /* remote memcg must hold a ref */ 1093 css_get(&memcg->css); 1094 return memcg; 1095 } 1096 mm = current->mm; 1097 if (unlikely(!mm)) 1098 return root_mem_cgroup; 1099 } 1100 1101 rcu_read_lock(); 1102 do { 1103 memcg = mem_cgroup_from_task(rcu_dereference(mm->owner)); 1104 if (unlikely(!memcg)) 1105 memcg = root_mem_cgroup; 1106 } while (!css_tryget(&memcg->css)); 1107 rcu_read_unlock(); 1108 return memcg; 1109} 1110EXPORT_SYMBOL(get_mem_cgroup_from_mm); 1111 1112/** 1113 * get_mem_cgroup_from_current - Obtain a reference on current task's memcg. 1114 */ 1115struct mem_cgroup *get_mem_cgroup_from_current(void) 1116{ 1117 struct mem_cgroup *memcg; 1118 1119 if (mem_cgroup_disabled()) 1120 return NULL; 1121 1122again: 1123 rcu_read_lock(); 1124 memcg = mem_cgroup_from_task(current); 1125 if (!css_tryget(&memcg->css)) { 1126 rcu_read_unlock(); 1127 goto again; 1128 } 1129 rcu_read_unlock(); 1130 return memcg; 1131} 1132 1133/** 1134 * mem_cgroup_iter - iterate over memory cgroup hierarchy 1135 * @root: hierarchy root 1136 * @prev: previously returned memcg, NULL on first invocation 1137 * @reclaim: cookie for shared reclaim walks, NULL for full walks 1138 * 1139 * Returns references to children of the hierarchy below @root, or 1140 * @root itself, or %NULL after a full round-trip. 1141 * 1142 * Caller must pass the return value in @prev on subsequent 1143 * invocations for reference counting, or use mem_cgroup_iter_break() 1144 * to cancel a hierarchy walk before the round-trip is complete. 1145 * 1146 * Reclaimers can specify a node in @reclaim to divide up the memcgs 1147 * in the hierarchy among all concurrent reclaimers operating on the 1148 * same node. 1149 */ 1150struct mem_cgroup *mem_cgroup_iter(struct mem_cgroup *root, 1151 struct mem_cgroup *prev, 1152 struct mem_cgroup_reclaim_cookie *reclaim) 1153{ 1154 struct mem_cgroup_reclaim_iter *iter; 1155 struct cgroup_subsys_state *css = NULL; 1156 struct mem_cgroup *memcg = NULL; 1157 struct mem_cgroup *pos = NULL; 1158 1159 if (mem_cgroup_disabled()) 1160 return NULL; 1161 1162 if (!root) 1163 root = root_mem_cgroup; 1164 1165 rcu_read_lock(); 1166 1167 if (reclaim) { 1168 struct mem_cgroup_per_node *mz; 1169 1170 mz = root->nodeinfo[reclaim->pgdat->node_id]; 1171 iter = &mz->iter; 1172 1173 /* 1174 * On start, join the current reclaim iteration cycle. 1175 * Exit when a concurrent walker completes it. 1176 */ 1177 if (!prev) 1178 reclaim->generation = iter->generation; 1179 else if (reclaim->generation != iter->generation) 1180 goto out_unlock; 1181 1182 while (1) { 1183 pos = READ_ONCE(iter->position); 1184 if (!pos || css_tryget(&pos->css)) 1185 break; 1186 /* 1187 * css reference reached zero, so iter->position will 1188 * be cleared by ->css_released. However, we should not 1189 * rely on this happening soon, because ->css_released 1190 * is called from a work queue, and by busy-waiting we 1191 * might block it. So we clear iter->position right 1192 * away. 1193 */ 1194 (void)cmpxchg(&iter->position, pos, NULL); 1195 } 1196 } else if (prev) { 1197 pos = prev; 1198 } 1199 1200 if (pos) 1201 css = &pos->css; 1202 1203 for (;;) { 1204 css = css_next_descendant_pre(css, &root->css); 1205 if (!css) { 1206 /* 1207 * Reclaimers share the hierarchy walk, and a 1208 * new one might jump in right at the end of 1209 * the hierarchy - make sure they see at least 1210 * one group and restart from the beginning. 1211 */ 1212 if (!prev) 1213 continue; 1214 break; 1215 } 1216 1217 /* 1218 * Verify the css and acquire a reference. The root 1219 * is provided by the caller, so we know it's alive 1220 * and kicking, and don't take an extra reference. 1221 */ 1222 if (css == &root->css || css_tryget(css)) { 1223 memcg = mem_cgroup_from_css(css); 1224 break; 1225 } 1226 } 1227 1228 if (reclaim) { 1229 /* 1230 * The position could have already been updated by a competing 1231 * thread, so check that the value hasn't changed since we read 1232 * it to avoid reclaiming from the same cgroup twice. 1233 */ 1234 (void)cmpxchg(&iter->position, pos, memcg); 1235 1236 if (pos) 1237 css_put(&pos->css); 1238 1239 if (!memcg) 1240 iter->generation++; 1241 } 1242 1243out_unlock: 1244 rcu_read_unlock(); 1245 if (prev && prev != root) 1246 css_put(&prev->css); 1247 1248 return memcg; 1249} 1250 1251/** 1252 * mem_cgroup_iter_break - abort a hierarchy walk prematurely 1253 * @root: hierarchy root 1254 * @prev: last visited hierarchy member as returned by mem_cgroup_iter() 1255 */ 1256void mem_cgroup_iter_break(struct mem_cgroup *root, 1257 struct mem_cgroup *prev) 1258{ 1259 if (!root) 1260 root = root_mem_cgroup; 1261 if (prev && prev != root) 1262 css_put(&prev->css); 1263} 1264 1265static void __invalidate_reclaim_iterators(struct mem_cgroup *from, 1266 struct mem_cgroup *dead_memcg) 1267{ 1268 struct mem_cgroup_reclaim_iter *iter; 1269 struct mem_cgroup_per_node *mz; 1270 int nid; 1271 1272 for_each_node(nid) { 1273 mz = from->nodeinfo[nid]; 1274 iter = &mz->iter; 1275 cmpxchg(&iter->position, dead_memcg, NULL); 1276 } 1277} 1278 1279static void invalidate_reclaim_iterators(struct mem_cgroup *dead_memcg) 1280{ 1281 struct mem_cgroup *memcg = dead_memcg; 1282 struct mem_cgroup *last; 1283 1284 do { 1285 __invalidate_reclaim_iterators(memcg, dead_memcg); 1286 last = memcg; 1287 } while ((memcg = parent_mem_cgroup(memcg))); 1288 1289 /* 1290 * When cgroup1 non-hierarchy mode is used, 1291 * parent_mem_cgroup() does not walk all the way up to the 1292 * cgroup root (root_mem_cgroup). So we have to handle 1293 * dead_memcg from cgroup root separately. 1294 */ 1295 if (!mem_cgroup_is_root(last)) 1296 __invalidate_reclaim_iterators(root_mem_cgroup, 1297 dead_memcg); 1298} 1299 1300/** 1301 * mem_cgroup_scan_tasks - iterate over tasks of a memory cgroup hierarchy 1302 * @memcg: hierarchy root 1303 * @fn: function to call for each task 1304 * @arg: argument passed to @fn 1305 * 1306 * This function iterates over tasks attached to @memcg or to any of its 1307 * descendants and calls @fn for each task. If @fn returns a non-zero 1308 * value, the function breaks the iteration loop. Otherwise, it will iterate 1309 * over all tasks and return 0. 1310 * 1311 * This function must not be called for the root memory cgroup. 1312 */ 1313void mem_cgroup_scan_tasks(struct mem_cgroup *memcg, 1314 int (*fn)(struct task_struct *, void *), void *arg) 1315{ 1316 struct mem_cgroup *iter; 1317 int ret = 0; 1318 1319 BUG_ON(mem_cgroup_is_root(memcg)); 1320 1321 for_each_mem_cgroup_tree(iter, memcg) { 1322 struct css_task_iter it; 1323 struct task_struct *task; 1324 1325 css_task_iter_start(&iter->css, CSS_TASK_ITER_PROCS, &it); 1326 while (!ret && (task = css_task_iter_next(&it))) 1327 ret = fn(task, arg); 1328 css_task_iter_end(&it); 1329 if (ret) { 1330 mem_cgroup_iter_break(memcg, iter); 1331 break; 1332 } 1333 } 1334} 1335 1336#ifdef CONFIG_DEBUG_VM 1337void lruvec_memcg_debug(struct lruvec *lruvec, struct folio *folio) 1338{ 1339 struct mem_cgroup *memcg; 1340 1341 if (mem_cgroup_disabled()) 1342 return; 1343 1344 memcg = folio_memcg(folio); 1345 1346 if (!memcg) 1347 VM_BUG_ON_FOLIO(!mem_cgroup_is_root(lruvec_memcg(lruvec)), folio); 1348 else 1349 VM_BUG_ON_FOLIO(lruvec_memcg(lruvec) != memcg, folio); 1350} 1351#endif 1352 1353/** 1354 * folio_lruvec_lock - Lock the lruvec for a folio. 1355 * @folio: Pointer to the folio. 1356 * 1357 * These functions are safe to use under any of the following conditions: 1358 * - folio locked 1359 * - folio_test_lru false 1360 * - folio_memcg_lock() 1361 * - folio frozen (refcount of 0) 1362 * 1363 * Return: The lruvec this folio is on with its lock held. 1364 */ 1365struct lruvec *folio_lruvec_lock(struct folio *folio) 1366{ 1367 struct lruvec *lruvec = folio_lruvec(folio); 1368 1369 spin_lock(&lruvec->lru_lock); 1370 lruvec_memcg_debug(lruvec, folio); 1371 1372 return lruvec; 1373} 1374 1375/** 1376 * folio_lruvec_lock_irq - Lock the lruvec for a folio. 1377 * @folio: Pointer to the folio. 1378 * 1379 * These functions are safe to use under any of the following conditions: 1380 * - folio locked 1381 * - folio_test_lru false 1382 * - folio_memcg_lock() 1383 * - folio frozen (refcount of 0) 1384 * 1385 * Return: The lruvec this folio is on with its lock held and interrupts 1386 * disabled. 1387 */ 1388struct lruvec *folio_lruvec_lock_irq(struct folio *folio) 1389{ 1390 struct lruvec *lruvec = folio_lruvec(folio); 1391 1392 spin_lock_irq(&lruvec->lru_lock); 1393 lruvec_memcg_debug(lruvec, folio); 1394 1395 return lruvec; 1396} 1397 1398/** 1399 * folio_lruvec_lock_irqsave - Lock the lruvec for a folio. 1400 * @folio: Pointer to the folio. 1401 * @flags: Pointer to irqsave flags. 1402 * 1403 * These functions are safe to use under any of the following conditions: 1404 * - folio locked 1405 * - folio_test_lru false 1406 * - folio_memcg_lock() 1407 * - folio frozen (refcount of 0) 1408 * 1409 * Return: The lruvec this folio is on with its lock held and interrupts 1410 * disabled. 1411 */ 1412struct lruvec *folio_lruvec_lock_irqsave(struct folio *folio, 1413 unsigned long *flags) 1414{ 1415 struct lruvec *lruvec = folio_lruvec(folio); 1416 1417 spin_lock_irqsave(&lruvec->lru_lock, *flags); 1418 lruvec_memcg_debug(lruvec, folio); 1419 1420 return lruvec; 1421} 1422 1423/** 1424 * mem_cgroup_update_lru_size - account for adding or removing an lru page 1425 * @lruvec: mem_cgroup per zone lru vector 1426 * @lru: index of lru list the page is sitting on 1427 * @zid: zone id of the accounted pages 1428 * @nr_pages: positive when adding or negative when removing 1429 * 1430 * This function must be called under lru_lock, just before a page is added 1431 * to or just after a page is removed from an lru list. 1432 */ 1433void mem_cgroup_update_lru_size(struct lruvec *lruvec, enum lru_list lru, 1434 int zid, int nr_pages) 1435{ 1436 struct mem_cgroup_per_node *mz; 1437 unsigned long *lru_size; 1438 long size; 1439 1440 if (mem_cgroup_disabled()) 1441 return; 1442 1443 mz = container_of(lruvec, struct mem_cgroup_per_node, lruvec); 1444 lru_size = &mz->lru_zone_size[zid][lru]; 1445 1446 if (nr_pages < 0) 1447 *lru_size += nr_pages; 1448 1449 size = *lru_size; 1450 if (WARN_ONCE(size < 0, 1451 "%s(%p, %d, %d): lru_size %ld\n", 1452 __func__, lruvec, lru, nr_pages, size)) { 1453 VM_BUG_ON(1); 1454 *lru_size = 0; 1455 } 1456 1457 if (nr_pages > 0) 1458 *lru_size += nr_pages; 1459} 1460 1461/** 1462 * mem_cgroup_margin - calculate chargeable space of a memory cgroup 1463 * @memcg: the memory cgroup 1464 * 1465 * Returns the maximum amount of memory @mem can be charged with, in 1466 * pages. 1467 */ 1468static unsigned long mem_cgroup_margin(struct mem_cgroup *memcg) 1469{ 1470 unsigned long margin = 0; 1471 unsigned long count; 1472 unsigned long limit; 1473 1474 count = page_counter_read(&memcg->memory); 1475 limit = READ_ONCE(memcg->memory.max); 1476 if (count < limit) 1477 margin = limit - count; 1478 1479 if (do_memsw_account()) { 1480 count = page_counter_read(&memcg->memsw); 1481 limit = READ_ONCE(memcg->memsw.max); 1482 if (count < limit) 1483 margin = min(margin, limit - count); 1484 else 1485 margin = 0; 1486 } 1487 1488 return margin; 1489} 1490 1491/* 1492 * A routine for checking "mem" is under move_account() or not. 1493 * 1494 * Checking a cgroup is mc.from or mc.to or under hierarchy of 1495 * moving cgroups. This is for waiting at high-memory pressure 1496 * caused by "move". 1497 */ 1498static bool mem_cgroup_under_move(struct mem_cgroup *memcg) 1499{ 1500 struct mem_cgroup *from; 1501 struct mem_cgroup *to; 1502 bool ret = false; 1503 /* 1504 * Unlike task_move routines, we access mc.to, mc.from not under 1505 * mutual exclusion by cgroup_mutex. Here, we take spinlock instead. 1506 */ 1507 spin_lock(&mc.lock); 1508 from = mc.from; 1509 to = mc.to; 1510 if (!from) 1511 goto unlock; 1512 1513 ret = mem_cgroup_is_descendant(from, memcg) || 1514 mem_cgroup_is_descendant(to, memcg); 1515unlock: 1516 spin_unlock(&mc.lock); 1517 return ret; 1518} 1519 1520static bool mem_cgroup_wait_acct_move(struct mem_cgroup *memcg) 1521{ 1522 if (mc.moving_task && current != mc.moving_task) { 1523 if (mem_cgroup_under_move(memcg)) { 1524 DEFINE_WAIT(wait); 1525 prepare_to_wait(&mc.waitq, &wait, TASK_INTERRUPTIBLE); 1526 /* moving charge context might have finished. */ 1527 if (mc.moving_task) 1528 schedule(); 1529 finish_wait(&mc.waitq, &wait); 1530 return true; 1531 } 1532 } 1533 return false; 1534} 1535 1536struct memory_stat { 1537 const char *name; 1538 unsigned int idx; 1539}; 1540 1541static const struct memory_stat memory_stats[] = { 1542 { "anon", NR_ANON_MAPPED }, 1543 { "file", NR_FILE_PAGES }, 1544 { "kernel", MEMCG_KMEM }, 1545 { "kernel_stack", NR_KERNEL_STACK_KB }, 1546 { "pagetables", NR_PAGETABLE }, 1547 { "sec_pagetables", NR_SECONDARY_PAGETABLE }, 1548 { "percpu", MEMCG_PERCPU_B }, 1549 { "sock", MEMCG_SOCK }, 1550 { "vmalloc", MEMCG_VMALLOC }, 1551 { "shmem", NR_SHMEM }, 1552#if defined(CONFIG_MEMCG_KMEM) && defined(CONFIG_ZSWAP) 1553 { "zswap", MEMCG_ZSWAP_B }, 1554 { "zswapped", MEMCG_ZSWAPPED }, 1555#endif 1556 { "file_mapped", NR_FILE_MAPPED }, 1557 { "file_dirty", NR_FILE_DIRTY }, 1558 { "file_writeback", NR_WRITEBACK }, 1559#ifdef CONFIG_SWAP 1560 { "swapcached", NR_SWAPCACHE }, 1561#endif 1562#ifdef CONFIG_TRANSPARENT_HUGEPAGE 1563 { "anon_thp", NR_ANON_THPS }, 1564 { "file_thp", NR_FILE_THPS }, 1565 { "shmem_thp", NR_SHMEM_THPS }, 1566#endif 1567 { "inactive_anon", NR_INACTIVE_ANON }, 1568 { "active_anon", NR_ACTIVE_ANON }, 1569 { "inactive_file", NR_INACTIVE_FILE }, 1570 { "active_file", NR_ACTIVE_FILE }, 1571 { "unevictable", NR_UNEVICTABLE }, 1572 { "slab_reclaimable", NR_SLAB_RECLAIMABLE_B }, 1573 { "slab_unreclaimable", NR_SLAB_UNRECLAIMABLE_B }, 1574 1575 /* The memory events */ 1576 { "workingset_refault_anon", WORKINGSET_REFAULT_ANON }, 1577 { "workingset_refault_file", WORKINGSET_REFAULT_FILE }, 1578 { "workingset_activate_anon", WORKINGSET_ACTIVATE_ANON }, 1579 { "workingset_activate_file", WORKINGSET_ACTIVATE_FILE }, 1580 { "workingset_restore_anon", WORKINGSET_RESTORE_ANON }, 1581 { "workingset_restore_file", WORKINGSET_RESTORE_FILE }, 1582 { "workingset_nodereclaim", WORKINGSET_NODERECLAIM }, 1583}; 1584 1585/* The actual unit of the state item, not the same as the output unit */ 1586static int memcg_page_state_unit(int item) 1587{ 1588 switch (item) { 1589 case MEMCG_PERCPU_B: 1590 case MEMCG_ZSWAP_B: 1591 case NR_SLAB_RECLAIMABLE_B: 1592 case NR_SLAB_UNRECLAIMABLE_B: 1593 return 1; 1594 case NR_KERNEL_STACK_KB: 1595 return SZ_1K; 1596 default: 1597 return PAGE_SIZE; 1598 } 1599} 1600 1601/* Translate stat items to the correct unit for memory.stat output */ 1602static int memcg_page_state_output_unit(int item) 1603{ 1604 /* 1605 * Workingset state is actually in pages, but we export it to userspace 1606 * as a scalar count of events, so special case it here. 1607 */ 1608 switch (item) { 1609 case WORKINGSET_REFAULT_ANON: 1610 case WORKINGSET_REFAULT_FILE: 1611 case WORKINGSET_ACTIVATE_ANON: 1612 case WORKINGSET_ACTIVATE_FILE: 1613 case WORKINGSET_RESTORE_ANON: 1614 case WORKINGSET_RESTORE_FILE: 1615 case WORKINGSET_NODERECLAIM: 1616 return 1; 1617 default: 1618 return memcg_page_state_unit(item); 1619 } 1620} 1621 1622static inline unsigned long memcg_page_state_output(struct mem_cgroup *memcg, 1623 int item) 1624{ 1625 return memcg_page_state(memcg, item) * 1626 memcg_page_state_output_unit(item); 1627} 1628 1629static inline unsigned long memcg_page_state_local_output( 1630 struct mem_cgroup *memcg, int item) 1631{ 1632 return memcg_page_state_local(memcg, item) * 1633 memcg_page_state_output_unit(item); 1634} 1635 1636static void memcg_stat_format(struct mem_cgroup *memcg, struct seq_buf *s) 1637{ 1638 int i; 1639 1640 /* 1641 * Provide statistics on the state of the memory subsystem as 1642 * well as cumulative event counters that show past behavior. 1643 * 1644 * This list is ordered following a combination of these gradients: 1645 * 1) generic big picture -> specifics and details 1646 * 2) reflecting userspace activity -> reflecting kernel heuristics 1647 * 1648 * Current memory state: 1649 */ 1650 mem_cgroup_flush_stats(memcg); 1651 1652 for (i = 0; i < ARRAY_SIZE(memory_stats); i++) { 1653 u64 size; 1654 1655 size = memcg_page_state_output(memcg, memory_stats[i].idx); 1656 seq_buf_printf(s, "%s %llu\n", memory_stats[i].name, size); 1657 1658 if (unlikely(memory_stats[i].idx == NR_SLAB_UNRECLAIMABLE_B)) { 1659 size += memcg_page_state_output(memcg, 1660 NR_SLAB_RECLAIMABLE_B); 1661 seq_buf_printf(s, "slab %llu\n", size); 1662 } 1663 } 1664 1665 /* Accumulated memory events */ 1666 seq_buf_printf(s, "pgscan %lu\n", 1667 memcg_events(memcg, PGSCAN_KSWAPD) + 1668 memcg_events(memcg, PGSCAN_DIRECT) + 1669 memcg_events(memcg, PGSCAN_KHUGEPAGED)); 1670 seq_buf_printf(s, "pgsteal %lu\n", 1671 memcg_events(memcg, PGSTEAL_KSWAPD) + 1672 memcg_events(memcg, PGSTEAL_DIRECT) + 1673 memcg_events(memcg, PGSTEAL_KHUGEPAGED)); 1674 1675 for (i = 0; i < ARRAY_SIZE(memcg_vm_event_stat); i++) { 1676 if (memcg_vm_event_stat[i] == PGPGIN || 1677 memcg_vm_event_stat[i] == PGPGOUT) 1678 continue; 1679 1680 seq_buf_printf(s, "%s %lu\n", 1681 vm_event_name(memcg_vm_event_stat[i]), 1682 memcg_events(memcg, memcg_vm_event_stat[i])); 1683 } 1684 1685 /* The above should easily fit into one page */ 1686 WARN_ON_ONCE(seq_buf_has_overflowed(s)); 1687} 1688 1689static void memcg1_stat_format(struct mem_cgroup *memcg, struct seq_buf *s); 1690 1691static void memory_stat_format(struct mem_cgroup *memcg, struct seq_buf *s) 1692{ 1693 if (cgroup_subsys_on_dfl(memory_cgrp_subsys)) 1694 memcg_stat_format(memcg, s); 1695 else 1696 memcg1_stat_format(memcg, s); 1697 WARN_ON_ONCE(seq_buf_has_overflowed(s)); 1698} 1699 1700/** 1701 * mem_cgroup_print_oom_context: Print OOM information relevant to 1702 * memory controller. 1703 * @memcg: The memory cgroup that went over limit 1704 * @p: Task that is going to be killed 1705 * 1706 * NOTE: @memcg and @p's mem_cgroup can be different when hierarchy is 1707 * enabled 1708 */ 1709void mem_cgroup_print_oom_context(struct mem_cgroup *memcg, struct task_struct *p) 1710{ 1711 rcu_read_lock(); 1712 1713 if (memcg) { 1714 pr_cont(",oom_memcg="); 1715 pr_cont_cgroup_path(memcg->css.cgroup); 1716 } else 1717 pr_cont(",global_oom"); 1718 if (p) { 1719 pr_cont(",task_memcg="); 1720 pr_cont_cgroup_path(task_cgroup(p, memory_cgrp_id)); 1721 } 1722 rcu_read_unlock(); 1723} 1724 1725/** 1726 * mem_cgroup_print_oom_meminfo: Print OOM memory information relevant to 1727 * memory controller. 1728 * @memcg: The memory cgroup that went over limit 1729 */ 1730void mem_cgroup_print_oom_meminfo(struct mem_cgroup *memcg) 1731{ 1732 /* Use static buffer, for the caller is holding oom_lock. */ 1733 static char buf[PAGE_SIZE]; 1734 struct seq_buf s; 1735 1736 lockdep_assert_held(&oom_lock); 1737 1738 pr_info("memory: usage %llukB, limit %llukB, failcnt %lu\n", 1739 K((u64)page_counter_read(&memcg->memory)), 1740 K((u64)READ_ONCE(memcg->memory.max)), memcg->memory.failcnt); 1741 if (cgroup_subsys_on_dfl(memory_cgrp_subsys)) 1742 pr_info("swap: usage %llukB, limit %llukB, failcnt %lu\n", 1743 K((u64)page_counter_read(&memcg->swap)), 1744 K((u64)READ_ONCE(memcg->swap.max)), memcg->swap.failcnt); 1745 else { 1746 pr_info("memory+swap: usage %llukB, limit %llukB, failcnt %lu\n", 1747 K((u64)page_counter_read(&memcg->memsw)), 1748 K((u64)memcg->memsw.max), memcg->memsw.failcnt); 1749 pr_info("kmem: usage %llukB, limit %llukB, failcnt %lu\n", 1750 K((u64)page_counter_read(&memcg->kmem)), 1751 K((u64)memcg->kmem.max), memcg->kmem.failcnt); 1752 } 1753 1754 pr_info("Memory cgroup stats for "); 1755 pr_cont_cgroup_path(memcg->css.cgroup); 1756 pr_cont(":"); 1757 seq_buf_init(&s, buf, sizeof(buf)); 1758 memory_stat_format(memcg, &s); 1759 seq_buf_do_printk(&s, KERN_INFO); 1760} 1761 1762/* 1763 * Return the memory (and swap, if configured) limit for a memcg. 1764 */ 1765unsigned long mem_cgroup_get_max(struct mem_cgroup *memcg) 1766{ 1767 unsigned long max = READ_ONCE(memcg->memory.max); 1768 1769 if (do_memsw_account()) { 1770 if (mem_cgroup_swappiness(memcg)) { 1771 /* Calculate swap excess capacity from memsw limit */ 1772 unsigned long swap = READ_ONCE(memcg->memsw.max) - max; 1773 1774 max += min(swap, (unsigned long)total_swap_pages); 1775 } 1776 } else { 1777 if (mem_cgroup_swappiness(memcg)) 1778 max += min(READ_ONCE(memcg->swap.max), 1779 (unsigned long)total_swap_pages); 1780 } 1781 return max; 1782} 1783 1784unsigned long mem_cgroup_size(struct mem_cgroup *memcg) 1785{ 1786 return page_counter_read(&memcg->memory); 1787} 1788 1789static bool mem_cgroup_out_of_memory(struct mem_cgroup *memcg, gfp_t gfp_mask, 1790 int order) 1791{ 1792 struct oom_control oc = { 1793 .zonelist = NULL, 1794 .nodemask = NULL, 1795 .memcg = memcg, 1796 .gfp_mask = gfp_mask, 1797 .order = order, 1798 }; 1799 bool ret = true; 1800 1801 if (mutex_lock_killable(&oom_lock)) 1802 return true; 1803 1804 if (mem_cgroup_margin(memcg) >= (1 << order)) 1805 goto unlock; 1806 1807 /* 1808 * A few threads which were not waiting at mutex_lock_killable() can 1809 * fail to bail out. Therefore, check again after holding oom_lock. 1810 */ 1811 ret = task_is_dying() || out_of_memory(&oc); 1812 1813unlock: 1814 mutex_unlock(&oom_lock); 1815 return ret; 1816} 1817 1818static int mem_cgroup_soft_reclaim(struct mem_cgroup *root_memcg, 1819 pg_data_t *pgdat, 1820 gfp_t gfp_mask, 1821 unsigned long *total_scanned) 1822{ 1823 struct mem_cgroup *victim = NULL; 1824 int total = 0; 1825 int loop = 0; 1826 unsigned long excess; 1827 unsigned long nr_scanned; 1828 struct mem_cgroup_reclaim_cookie reclaim = { 1829 .pgdat = pgdat, 1830 }; 1831 1832 excess = soft_limit_excess(root_memcg); 1833 1834 while (1) { 1835 victim = mem_cgroup_iter(root_memcg, victim, &reclaim); 1836 if (!victim) { 1837 loop++; 1838 if (loop >= 2) { 1839 /* 1840 * If we have not been able to reclaim 1841 * anything, it might because there are 1842 * no reclaimable pages under this hierarchy 1843 */ 1844 if (!total) 1845 break; 1846 /* 1847 * We want to do more targeted reclaim. 1848 * excess >> 2 is not to excessive so as to 1849 * reclaim too much, nor too less that we keep 1850 * coming back to reclaim from this cgroup 1851 */ 1852 if (total >= (excess >> 2) || 1853 (loop > MEM_CGROUP_MAX_RECLAIM_LOOPS)) 1854 break; 1855 } 1856 continue; 1857 } 1858 total += mem_cgroup_shrink_node(victim, gfp_mask, false, 1859 pgdat, &nr_scanned); 1860 *total_scanned += nr_scanned; 1861 if (!soft_limit_excess(root_memcg)) 1862 break; 1863 } 1864 mem_cgroup_iter_break(root_memcg, victim); 1865 return total; 1866} 1867 1868#ifdef CONFIG_LOCKDEP 1869static struct lockdep_map memcg_oom_lock_dep_map = { 1870 .name = "memcg_oom_lock", 1871}; 1872#endif 1873 1874static DEFINE_SPINLOCK(memcg_oom_lock); 1875 1876/* 1877 * Check OOM-Killer is already running under our hierarchy. 1878 * If someone is running, return false. 1879 */ 1880static bool mem_cgroup_oom_trylock(struct mem_cgroup *memcg) 1881{ 1882 struct mem_cgroup *iter, *failed = NULL; 1883 1884 spin_lock(&memcg_oom_lock); 1885 1886 for_each_mem_cgroup_tree(iter, memcg) { 1887 if (iter->oom_lock) { 1888 /* 1889 * this subtree of our hierarchy is already locked 1890 * so we cannot give a lock. 1891 */ 1892 failed = iter; 1893 mem_cgroup_iter_break(memcg, iter); 1894 break; 1895 } else 1896 iter->oom_lock = true; 1897 } 1898 1899 if (failed) { 1900 /* 1901 * OK, we failed to lock the whole subtree so we have 1902 * to clean up what we set up to the failing subtree 1903 */ 1904 for_each_mem_cgroup_tree(iter, memcg) { 1905 if (iter == failed) { 1906 mem_cgroup_iter_break(memcg, iter); 1907 break; 1908 } 1909 iter->oom_lock = false; 1910 } 1911 } else 1912 mutex_acquire(&memcg_oom_lock_dep_map, 0, 1, _RET_IP_); 1913 1914 spin_unlock(&memcg_oom_lock); 1915 1916 return !failed; 1917} 1918 1919static void mem_cgroup_oom_unlock(struct mem_cgroup *memcg) 1920{ 1921 struct mem_cgroup *iter; 1922 1923 spin_lock(&memcg_oom_lock); 1924 mutex_release(&memcg_oom_lock_dep_map, _RET_IP_); 1925 for_each_mem_cgroup_tree(iter, memcg) 1926 iter->oom_lock = false; 1927 spin_unlock(&memcg_oom_lock); 1928} 1929 1930static void mem_cgroup_mark_under_oom(struct mem_cgroup *memcg) 1931{ 1932 struct mem_cgroup *iter; 1933 1934 spin_lock(&memcg_oom_lock); 1935 for_each_mem_cgroup_tree(iter, memcg) 1936 iter->under_oom++; 1937 spin_unlock(&memcg_oom_lock); 1938} 1939 1940static void mem_cgroup_unmark_under_oom(struct mem_cgroup *memcg) 1941{ 1942 struct mem_cgroup *iter; 1943 1944 /* 1945 * Be careful about under_oom underflows because a child memcg 1946 * could have been added after mem_cgroup_mark_under_oom. 1947 */ 1948 spin_lock(&memcg_oom_lock); 1949 for_each_mem_cgroup_tree(iter, memcg) 1950 if (iter->under_oom > 0) 1951 iter->under_oom--; 1952 spin_unlock(&memcg_oom_lock); 1953} 1954 1955static DECLARE_WAIT_QUEUE_HEAD(memcg_oom_waitq); 1956 1957struct oom_wait_info { 1958 struct mem_cgroup *memcg; 1959 wait_queue_entry_t wait; 1960}; 1961 1962static int memcg_oom_wake_function(wait_queue_entry_t *wait, 1963 unsigned mode, int sync, void *arg) 1964{ 1965 struct mem_cgroup *wake_memcg = (struct mem_cgroup *)arg; 1966 struct mem_cgroup *oom_wait_memcg; 1967 struct oom_wait_info *oom_wait_info; 1968 1969 oom_wait_info = container_of(wait, struct oom_wait_info, wait); 1970 oom_wait_memcg = oom_wait_info->memcg; 1971 1972 if (!mem_cgroup_is_descendant(wake_memcg, oom_wait_memcg) && 1973 !mem_cgroup_is_descendant(oom_wait_memcg, wake_memcg)) 1974 return 0; 1975 return autoremove_wake_function(wait, mode, sync, arg); 1976} 1977 1978static void memcg_oom_recover(struct mem_cgroup *memcg) 1979{ 1980 /* 1981 * For the following lockless ->under_oom test, the only required 1982 * guarantee is that it must see the state asserted by an OOM when 1983 * this function is called as a result of userland actions 1984 * triggered by the notification of the OOM. This is trivially 1985 * achieved by invoking mem_cgroup_mark_under_oom() before 1986 * triggering notification. 1987 */ 1988 if (memcg && memcg->under_oom) 1989 __wake_up(&memcg_oom_waitq, TASK_NORMAL, 0, memcg); 1990} 1991 1992/* 1993 * Returns true if successfully killed one or more processes. Though in some 1994 * corner cases it can return true even without killing any process. 1995 */ 1996static bool mem_cgroup_oom(struct mem_cgroup *memcg, gfp_t mask, int order) 1997{ 1998 bool locked, ret; 1999 2000 if (order > PAGE_ALLOC_COSTLY_ORDER) 2001 return false; 2002 2003 memcg_memory_event(memcg, MEMCG_OOM); 2004 2005 /* 2006 * We are in the middle of the charge context here, so we 2007 * don't want to block when potentially sitting on a callstack 2008 * that holds all kinds of filesystem and mm locks. 2009 * 2010 * cgroup1 allows disabling the OOM killer and waiting for outside 2011 * handling until the charge can succeed; remember the context and put 2012 * the task to sleep at the end of the page fault when all locks are 2013 * released. 2014 * 2015 * On the other hand, in-kernel OOM killer allows for an async victim 2016 * memory reclaim (oom_reaper) and that means that we are not solely 2017 * relying on the oom victim to make a forward progress and we can 2018 * invoke the oom killer here. 2019 * 2020 * Please note that mem_cgroup_out_of_memory might fail to find a 2021 * victim and then we have to bail out from the charge path. 2022 */ 2023 if (READ_ONCE(memcg->oom_kill_disable)) { 2024 if (current->in_user_fault) { 2025 css_get(&memcg->css); 2026 current->memcg_in_oom = memcg; 2027 current->memcg_oom_gfp_mask = mask; 2028 current->memcg_oom_order = order; 2029 } 2030 return false; 2031 } 2032 2033 mem_cgroup_mark_under_oom(memcg); 2034 2035 locked = mem_cgroup_oom_trylock(memcg); 2036 2037 if (locked) 2038 mem_cgroup_oom_notify(memcg); 2039 2040 mem_cgroup_unmark_under_oom(memcg); 2041 ret = mem_cgroup_out_of_memory(memcg, mask, order); 2042 2043 if (locked) 2044 mem_cgroup_oom_unlock(memcg); 2045 2046 return ret; 2047} 2048 2049/** 2050 * mem_cgroup_oom_synchronize - complete memcg OOM handling 2051 * @handle: actually kill/wait or just clean up the OOM state 2052 * 2053 * This has to be called at the end of a page fault if the memcg OOM 2054 * handler was enabled. 2055 * 2056 * Memcg supports userspace OOM handling where failed allocations must 2057 * sleep on a waitqueue until the userspace task resolves the 2058 * situation. Sleeping directly in the charge context with all kinds 2059 * of locks held is not a good idea, instead we remember an OOM state 2060 * in the task and mem_cgroup_oom_synchronize() has to be called at 2061 * the end of the page fault to complete the OOM handling. 2062 * 2063 * Returns %true if an ongoing memcg OOM situation was detected and 2064 * completed, %false otherwise. 2065 */ 2066bool mem_cgroup_oom_synchronize(bool handle) 2067{ 2068 struct mem_cgroup *memcg = current->memcg_in_oom; 2069 struct oom_wait_info owait; 2070 bool locked; 2071 2072 /* OOM is global, do not handle */ 2073 if (!memcg) 2074 return false; 2075 2076 if (!handle) 2077 goto cleanup; 2078 2079 owait.memcg = memcg; 2080 owait.wait.flags = 0; 2081 owait.wait.func = memcg_oom_wake_function; 2082 owait.wait.private = current; 2083 INIT_LIST_HEAD(&owait.wait.entry); 2084 2085 prepare_to_wait(&memcg_oom_waitq, &owait.wait, TASK_KILLABLE); 2086 mem_cgroup_mark_under_oom(memcg); 2087 2088 locked = mem_cgroup_oom_trylock(memcg); 2089 2090 if (locked) 2091 mem_cgroup_oom_notify(memcg); 2092 2093 schedule(); 2094 mem_cgroup_unmark_under_oom(memcg); 2095 finish_wait(&memcg_oom_waitq, &owait.wait); 2096 2097 if (locked) 2098 mem_cgroup_oom_unlock(memcg); 2099cleanup: 2100 current->memcg_in_oom = NULL; 2101 css_put(&memcg->css); 2102 return true; 2103} 2104 2105/** 2106 * mem_cgroup_get_oom_group - get a memory cgroup to clean up after OOM 2107 * @victim: task to be killed by the OOM killer 2108 * @oom_domain: memcg in case of memcg OOM, NULL in case of system-wide OOM 2109 * 2110 * Returns a pointer to a memory cgroup, which has to be cleaned up 2111 * by killing all belonging OOM-killable tasks. 2112 * 2113 * Caller has to call mem_cgroup_put() on the returned non-NULL memcg. 2114 */ 2115struct mem_cgroup *mem_cgroup_get_oom_group(struct task_struct *victim, 2116 struct mem_cgroup *oom_domain) 2117{ 2118 struct mem_cgroup *oom_group = NULL; 2119 struct mem_cgroup *memcg; 2120 2121 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys)) 2122 return NULL; 2123 2124 if (!oom_domain) 2125 oom_domain = root_mem_cgroup; 2126 2127 rcu_read_lock(); 2128 2129 memcg = mem_cgroup_from_task(victim); 2130 if (mem_cgroup_is_root(memcg)) 2131 goto out; 2132 2133 /* 2134 * If the victim task has been asynchronously moved to a different 2135 * memory cgroup, we might end up killing tasks outside oom_domain. 2136 * In this case it's better to ignore memory.group.oom. 2137 */ 2138 if (unlikely(!mem_cgroup_is_descendant(memcg, oom_domain))) 2139 goto out; 2140 2141 /* 2142 * Traverse the memory cgroup hierarchy from the victim task's 2143 * cgroup up to the OOMing cgroup (or root) to find the 2144 * highest-level memory cgroup with oom.group set. 2145 */ 2146 for (; memcg; memcg = parent_mem_cgroup(memcg)) { 2147 if (READ_ONCE(memcg->oom_group)) 2148 oom_group = memcg; 2149 2150 if (memcg == oom_domain) 2151 break; 2152 } 2153 2154 if (oom_group) 2155 css_get(&oom_group->css); 2156out: 2157 rcu_read_unlock(); 2158 2159 return oom_group; 2160} 2161 2162void mem_cgroup_print_oom_group(struct mem_cgroup *memcg) 2163{ 2164 pr_info("Tasks in "); 2165 pr_cont_cgroup_path(memcg->css.cgroup); 2166 pr_cont(" are going to be killed due to memory.oom.group set\n"); 2167} 2168 2169/** 2170 * folio_memcg_lock - Bind a folio to its memcg. 2171 * @folio: The folio. 2172 * 2173 * This function prevents unlocked LRU folios from being moved to 2174 * another cgroup. 2175 * 2176 * It ensures lifetime of the bound memcg. The caller is responsible 2177 * for the lifetime of the folio. 2178 */ 2179void folio_memcg_lock(struct folio *folio) 2180{ 2181 struct mem_cgroup *memcg; 2182 unsigned long flags; 2183 2184 /* 2185 * The RCU lock is held throughout the transaction. The fast 2186 * path can get away without acquiring the memcg->move_lock 2187 * because page moving starts with an RCU grace period. 2188 */ 2189 rcu_read_lock(); 2190 2191 if (mem_cgroup_disabled()) 2192 return; 2193again: 2194 memcg = folio_memcg(folio); 2195 if (unlikely(!memcg)) 2196 return; 2197 2198#ifdef CONFIG_PROVE_LOCKING 2199 local_irq_save(flags); 2200 might_lock(&memcg->move_lock); 2201 local_irq_restore(flags); 2202#endif 2203 2204 if (atomic_read(&memcg->moving_account) <= 0) 2205 return; 2206 2207 spin_lock_irqsave(&memcg->move_lock, flags); 2208 if (memcg != folio_memcg(folio)) { 2209 spin_unlock_irqrestore(&memcg->move_lock, flags); 2210 goto again; 2211 } 2212 2213 /* 2214 * When charge migration first begins, we can have multiple 2215 * critical sections holding the fast-path RCU lock and one 2216 * holding the slowpath move_lock. Track the task who has the 2217 * move_lock for folio_memcg_unlock(). 2218 */ 2219 memcg->move_lock_task = current; 2220 memcg->move_lock_flags = flags; 2221} 2222 2223static void __folio_memcg_unlock(struct mem_cgroup *memcg) 2224{ 2225 if (memcg && memcg->move_lock_task == current) { 2226 unsigned long flags = memcg->move_lock_flags; 2227 2228 memcg->move_lock_task = NULL; 2229 memcg->move_lock_flags = 0; 2230 2231 spin_unlock_irqrestore(&memcg->move_lock, flags); 2232 } 2233 2234 rcu_read_unlock(); 2235} 2236 2237/** 2238 * folio_memcg_unlock - Release the binding between a folio and its memcg. 2239 * @folio: The folio. 2240 * 2241 * This releases the binding created by folio_memcg_lock(). This does 2242 * not change the accounting of this folio to its memcg, but it does 2243 * permit others to change it. 2244 */ 2245void folio_memcg_unlock(struct folio *folio) 2246{ 2247 __folio_memcg_unlock(folio_memcg(folio)); 2248} 2249 2250struct memcg_stock_pcp { 2251 local_lock_t stock_lock; 2252 struct mem_cgroup *cached; /* this never be root cgroup */ 2253 unsigned int nr_pages; 2254 2255#ifdef CONFIG_MEMCG_KMEM 2256 struct obj_cgroup *cached_objcg; 2257 struct pglist_data *cached_pgdat; 2258 unsigned int nr_bytes; 2259 int nr_slab_reclaimable_b; 2260 int nr_slab_unreclaimable_b; 2261#endif 2262 2263 struct work_struct work; 2264 unsigned long flags; 2265#define FLUSHING_CACHED_CHARGE 0 2266}; 2267static DEFINE_PER_CPU(struct memcg_stock_pcp, memcg_stock) = { 2268 .stock_lock = INIT_LOCAL_LOCK(stock_lock), 2269}; 2270static DEFINE_MUTEX(percpu_charge_mutex); 2271 2272#ifdef CONFIG_MEMCG_KMEM 2273static struct obj_cgroup *drain_obj_stock(struct memcg_stock_pcp *stock); 2274static bool obj_stock_flush_required(struct memcg_stock_pcp *stock, 2275 struct mem_cgroup *root_memcg); 2276static void memcg_account_kmem(struct mem_cgroup *memcg, int nr_pages); 2277 2278#else 2279static inline struct obj_cgroup *drain_obj_stock(struct memcg_stock_pcp *stock) 2280{ 2281 return NULL; 2282} 2283static bool obj_stock_flush_required(struct memcg_stock_pcp *stock, 2284 struct mem_cgroup *root_memcg) 2285{ 2286 return false; 2287} 2288static void memcg_account_kmem(struct mem_cgroup *memcg, int nr_pages) 2289{ 2290} 2291#endif 2292 2293/** 2294 * consume_stock: Try to consume stocked charge on this cpu. 2295 * @memcg: memcg to consume from. 2296 * @nr_pages: how many pages to charge. 2297 * 2298 * The charges will only happen if @memcg matches the current cpu's memcg 2299 * stock, and at least @nr_pages are available in that stock. Failure to 2300 * service an allocation will refill the stock. 2301 * 2302 * returns true if successful, false otherwise. 2303 */ 2304static bool consume_stock(struct mem_cgroup *memcg, unsigned int nr_pages) 2305{ 2306 struct memcg_stock_pcp *stock; 2307 unsigned long flags; 2308 bool ret = false; 2309 2310 if (nr_pages > MEMCG_CHARGE_BATCH) 2311 return ret; 2312 2313 local_lock_irqsave(&memcg_stock.stock_lock, flags); 2314 2315 stock = this_cpu_ptr(&memcg_stock); 2316 if (memcg == READ_ONCE(stock->cached) && stock->nr_pages >= nr_pages) { 2317 stock->nr_pages -= nr_pages; 2318 ret = true; 2319 } 2320 2321 local_unlock_irqrestore(&memcg_stock.stock_lock, flags); 2322 2323 return ret; 2324} 2325 2326/* 2327 * Returns stocks cached in percpu and reset cached information. 2328 */ 2329static void drain_stock(struct memcg_stock_pcp *stock) 2330{ 2331 struct mem_cgroup *old = READ_ONCE(stock->cached); 2332 2333 if (!old) 2334 return; 2335 2336 if (stock->nr_pages) { 2337 page_counter_uncharge(&old->memory, stock->nr_pages); 2338 if (do_memsw_account()) 2339 page_counter_uncharge(&old->memsw, stock->nr_pages); 2340 stock->nr_pages = 0; 2341 } 2342 2343 css_put(&old->css); 2344 WRITE_ONCE(stock->cached, NULL); 2345} 2346 2347static void drain_local_stock(struct work_struct *dummy) 2348{ 2349 struct memcg_stock_pcp *stock; 2350 struct obj_cgroup *old = NULL; 2351 unsigned long flags; 2352 2353 /* 2354 * The only protection from cpu hotplug (memcg_hotplug_cpu_dead) vs. 2355 * drain_stock races is that we always operate on local CPU stock 2356 * here with IRQ disabled 2357 */ 2358 local_lock_irqsave(&memcg_stock.stock_lock, flags); 2359 2360 stock = this_cpu_ptr(&memcg_stock); 2361 old = drain_obj_stock(stock); 2362 drain_stock(stock); 2363 clear_bit(FLUSHING_CACHED_CHARGE, &stock->flags); 2364 2365 local_unlock_irqrestore(&memcg_stock.stock_lock, flags); 2366 if (old) 2367 obj_cgroup_put(old); 2368} 2369 2370/* 2371 * Cache charges(val) to local per_cpu area. 2372 * This will be consumed by consume_stock() function, later. 2373 */ 2374static void __refill_stock(struct mem_cgroup *memcg, unsigned int nr_pages) 2375{ 2376 struct memcg_stock_pcp *stock; 2377 2378 stock = this_cpu_ptr(&memcg_stock); 2379 if (READ_ONCE(stock->cached) != memcg) { /* reset if necessary */ 2380 drain_stock(stock); 2381 css_get(&memcg->css); 2382 WRITE_ONCE(stock->cached, memcg); 2383 } 2384 stock->nr_pages += nr_pages; 2385 2386 if (stock->nr_pages > MEMCG_CHARGE_BATCH) 2387 drain_stock(stock); 2388} 2389 2390static void refill_stock(struct mem_cgroup *memcg, unsigned int nr_pages) 2391{ 2392 unsigned long flags; 2393 2394 local_lock_irqsave(&memcg_stock.stock_lock, flags); 2395 __refill_stock(memcg, nr_pages); 2396 local_unlock_irqrestore(&memcg_stock.stock_lock, flags); 2397} 2398 2399/* 2400 * Drains all per-CPU charge caches for given root_memcg resp. subtree 2401 * of the hierarchy under it. 2402 */ 2403static void drain_all_stock(struct mem_cgroup *root_memcg) 2404{ 2405 int cpu, curcpu; 2406 2407 /* If someone's already draining, avoid adding running more workers. */ 2408 if (!mutex_trylock(&percpu_charge_mutex)) 2409 return; 2410 /* 2411 * Notify other cpus that system-wide "drain" is running 2412 * We do not care about races with the cpu hotplug because cpu down 2413 * as well as workers from this path always operate on the local 2414 * per-cpu data. CPU up doesn't touch memcg_stock at all. 2415 */ 2416 migrate_disable(); 2417 curcpu = smp_processor_id(); 2418 for_each_online_cpu(cpu) { 2419 struct memcg_stock_pcp *stock = &per_cpu(memcg_stock, cpu); 2420 struct mem_cgroup *memcg; 2421 bool flush = false; 2422 2423 rcu_read_lock(); 2424 memcg = READ_ONCE(stock->cached); 2425 if (memcg && stock->nr_pages && 2426 mem_cgroup_is_descendant(memcg, root_memcg)) 2427 flush = true; 2428 else if (obj_stock_flush_required(stock, root_memcg)) 2429 flush = true; 2430 rcu_read_unlock(); 2431 2432 if (flush && 2433 !test_and_set_bit(FLUSHING_CACHED_CHARGE, &stock->flags)) { 2434 if (cpu == curcpu) 2435 drain_local_stock(&stock->work); 2436 else if (!cpu_is_isolated(cpu)) 2437 schedule_work_on(cpu, &stock->work); 2438 } 2439 } 2440 migrate_enable(); 2441 mutex_unlock(&percpu_charge_mutex); 2442} 2443 2444static int memcg_hotplug_cpu_dead(unsigned int cpu) 2445{ 2446 struct memcg_stock_pcp *stock; 2447 2448 stock = &per_cpu(memcg_stock, cpu); 2449 drain_stock(stock); 2450 2451 return 0; 2452} 2453 2454static unsigned long reclaim_high(struct mem_cgroup *memcg, 2455 unsigned int nr_pages, 2456 gfp_t gfp_mask) 2457{ 2458 unsigned long nr_reclaimed = 0; 2459 2460 do { 2461 unsigned long pflags; 2462 2463 if (page_counter_read(&memcg->memory) <= 2464 READ_ONCE(memcg->memory.high)) 2465 continue; 2466 2467 memcg_memory_event(memcg, MEMCG_HIGH); 2468 2469 psi_memstall_enter(&pflags); 2470 nr_reclaimed += try_to_free_mem_cgroup_pages(memcg, nr_pages, 2471 gfp_mask, 2472 MEMCG_RECLAIM_MAY_SWAP); 2473 psi_memstall_leave(&pflags); 2474 } while ((memcg = parent_mem_cgroup(memcg)) && 2475 !mem_cgroup_is_root(memcg)); 2476 2477 return nr_reclaimed; 2478} 2479 2480static void high_work_func(struct work_struct *work) 2481{ 2482 struct mem_cgroup *memcg; 2483 2484 memcg = container_of(work, struct mem_cgroup, high_work); 2485 reclaim_high(memcg, MEMCG_CHARGE_BATCH, GFP_KERNEL); 2486} 2487 2488/* 2489 * Clamp the maximum sleep time per allocation batch to 2 seconds. This is 2490 * enough to still cause a significant slowdown in most cases, while still 2491 * allowing diagnostics and tracing to proceed without becoming stuck. 2492 */ 2493#define MEMCG_MAX_HIGH_DELAY_JIFFIES (2UL*HZ) 2494 2495/* 2496 * When calculating the delay, we use these either side of the exponentiation to 2497 * maintain precision and scale to a reasonable number of jiffies (see the table 2498 * below. 2499 * 2500 * - MEMCG_DELAY_PRECISION_SHIFT: Extra precision bits while translating the 2501 * overage ratio to a delay. 2502 * - MEMCG_DELAY_SCALING_SHIFT: The number of bits to scale down the 2503 * proposed penalty in order to reduce to a reasonable number of jiffies, and 2504 * to produce a reasonable delay curve. 2505 * 2506 * MEMCG_DELAY_SCALING_SHIFT just happens to be a number that produces a 2507 * reasonable delay curve compared to precision-adjusted overage, not 2508 * penalising heavily at first, but still making sure that growth beyond the 2509 * limit penalises misbehaviour cgroups by slowing them down exponentially. For 2510 * example, with a high of 100 megabytes: 2511 * 2512 * +-------+------------------------+ 2513 * | usage | time to allocate in ms | 2514 * +-------+------------------------+ 2515 * | 100M | 0 | 2516 * | 101M | 6 | 2517 * | 102M | 25 | 2518 * | 103M | 57 | 2519 * | 104M | 102 | 2520 * | 105M | 159 | 2521 * | 106M | 230 | 2522 * | 107M | 313 | 2523 * | 108M | 409 | 2524 * | 109M | 518 | 2525 * | 110M | 639 | 2526 * | 111M | 774 | 2527 * | 112M | 921 | 2528 * | 113M | 1081 | 2529 * | 114M | 1254 | 2530 * | 115M | 1439 | 2531 * | 116M | 1638 | 2532 * | 117M | 1849 | 2533 * | 118M | 2000 | 2534 * | 119M | 2000 | 2535 * | 120M | 2000 | 2536 * +-------+------------------------+ 2537 */ 2538 #define MEMCG_DELAY_PRECISION_SHIFT 20 2539 #define MEMCG_DELAY_SCALING_SHIFT 14 2540 2541static u64 calculate_overage(unsigned long usage, unsigned long high) 2542{ 2543 u64 overage; 2544 2545 if (usage <= high) 2546 return 0; 2547 2548 /* 2549 * Prevent division by 0 in overage calculation by acting as if 2550 * it was a threshold of 1 page 2551 */ 2552 high = max(high, 1UL); 2553 2554 overage = usage - high; 2555 overage <<= MEMCG_DELAY_PRECISION_SHIFT; 2556 return div64_u64(overage, high); 2557} 2558 2559static u64 mem_find_max_overage(struct mem_cgroup *memcg) 2560{ 2561 u64 overage, max_overage = 0; 2562 2563 do { 2564 overage = calculate_overage(page_counter_read(&memcg->memory), 2565 READ_ONCE(memcg->memory.high)); 2566 max_overage = max(overage, max_overage); 2567 } while ((memcg = parent_mem_cgroup(memcg)) && 2568 !mem_cgroup_is_root(memcg)); 2569 2570 return max_overage; 2571} 2572 2573static u64 swap_find_max_overage(struct mem_cgroup *memcg) 2574{ 2575 u64 overage, max_overage = 0; 2576 2577 do { 2578 overage = calculate_overage(page_counter_read(&memcg->swap), 2579 READ_ONCE(memcg->swap.high)); 2580 if (overage) 2581 memcg_memory_event(memcg, MEMCG_SWAP_HIGH); 2582 max_overage = max(overage, max_overage); 2583 } while ((memcg = parent_mem_cgroup(memcg)) && 2584 !mem_cgroup_is_root(memcg)); 2585 2586 return max_overage; 2587} 2588 2589/* 2590 * Get the number of jiffies that we should penalise a mischievous cgroup which 2591 * is exceeding its memory.high by checking both it and its ancestors. 2592 */ 2593static unsigned long calculate_high_delay(struct mem_cgroup *memcg, 2594 unsigned int nr_pages, 2595 u64 max_overage) 2596{ 2597 unsigned long penalty_jiffies; 2598 2599 if (!max_overage) 2600 return 0; 2601 2602 /* 2603 * We use overage compared to memory.high to calculate the number of 2604 * jiffies to sleep (penalty_jiffies). Ideally this value should be 2605 * fairly lenient on small overages, and increasingly harsh when the 2606 * memcg in question makes it clear that it has no intention of stopping 2607 * its crazy behaviour, so we exponentially increase the delay based on 2608 * overage amount. 2609 */ 2610 penalty_jiffies = max_overage * max_overage * HZ; 2611 penalty_jiffies >>= MEMCG_DELAY_PRECISION_SHIFT; 2612 penalty_jiffies >>= MEMCG_DELAY_SCALING_SHIFT; 2613 2614 /* 2615 * Factor in the task's own contribution to the overage, such that four 2616 * N-sized allocations are throttled approximately the same as one 2617 * 4N-sized allocation. 2618 * 2619 * MEMCG_CHARGE_BATCH pages is nominal, so work out how much smaller or 2620 * larger the current charge patch is than that. 2621 */ 2622 return penalty_jiffies * nr_pages / MEMCG_CHARGE_BATCH; 2623} 2624 2625/* 2626 * Scheduled by try_charge() to be executed from the userland return path 2627 * and reclaims memory over the high limit. 2628 */ 2629void mem_cgroup_handle_over_high(gfp_t gfp_mask) 2630{ 2631 unsigned long penalty_jiffies; 2632 unsigned long pflags; 2633 unsigned long nr_reclaimed; 2634 unsigned int nr_pages = current->memcg_nr_pages_over_high; 2635 int nr_retries = MAX_RECLAIM_RETRIES; 2636 struct mem_cgroup *memcg; 2637 bool in_retry = false; 2638 2639 if (likely(!nr_pages)) 2640 return; 2641 2642 memcg = get_mem_cgroup_from_mm(current->mm); 2643 current->memcg_nr_pages_over_high = 0; 2644 2645retry_reclaim: 2646 /* 2647 * The allocating task should reclaim at least the batch size, but for 2648 * subsequent retries we only want to do what's necessary to prevent oom 2649 * or breaching resource isolation. 2650 * 2651 * This is distinct from memory.max or page allocator behaviour because 2652 * memory.high is currently batched, whereas memory.max and the page 2653 * allocator run every time an allocation is made. 2654 */ 2655 nr_reclaimed = reclaim_high(memcg, 2656 in_retry ? SWAP_CLUSTER_MAX : nr_pages, 2657 gfp_mask); 2658 2659 /* 2660 * memory.high is breached and reclaim is unable to keep up. Throttle 2661 * allocators proactively to slow down excessive growth. 2662 */ 2663 penalty_jiffies = calculate_high_delay(memcg, nr_pages, 2664 mem_find_max_overage(memcg)); 2665 2666 penalty_jiffies += calculate_high_delay(memcg, nr_pages, 2667 swap_find_max_overage(memcg)); 2668 2669 /* 2670 * Clamp the max delay per usermode return so as to still keep the 2671 * application moving forwards and also permit diagnostics, albeit 2672 * extremely slowly. 2673 */ 2674 penalty_jiffies = min(penalty_jiffies, MEMCG_MAX_HIGH_DELAY_JIFFIES); 2675 2676 /* 2677 * Don't sleep if the amount of jiffies this memcg owes us is so low 2678 * that it's not even worth doing, in an attempt to be nice to those who 2679 * go only a small amount over their memory.high value and maybe haven't 2680 * been aggressively reclaimed enough yet. 2681 */ 2682 if (penalty_jiffies <= HZ / 100) 2683 goto out; 2684 2685 /* 2686 * If reclaim is making forward progress but we're still over 2687 * memory.high, we want to encourage that rather than doing allocator 2688 * throttling. 2689 */ 2690 if (nr_reclaimed || nr_retries--) { 2691 in_retry = true; 2692 goto retry_reclaim; 2693 } 2694 2695 /* 2696 * If we exit early, we're guaranteed to die (since 2697 * schedule_timeout_killable sets TASK_KILLABLE). This means we don't 2698 * need to account for any ill-begotten jiffies to pay them off later. 2699 */ 2700 psi_memstall_enter(&pflags); 2701 schedule_timeout_killable(penalty_jiffies); 2702 psi_memstall_leave(&pflags); 2703 2704out: 2705 css_put(&memcg->css); 2706} 2707 2708static int try_charge_memcg(struct mem_cgroup *memcg, gfp_t gfp_mask, 2709 unsigned int nr_pages) 2710{ 2711 unsigned int batch = max(MEMCG_CHARGE_BATCH, nr_pages); 2712 int nr_retries = MAX_RECLAIM_RETRIES; 2713 struct mem_cgroup *mem_over_limit; 2714 struct page_counter *counter; 2715 unsigned long nr_reclaimed; 2716 bool passed_oom = false; 2717 unsigned int reclaim_options = MEMCG_RECLAIM_MAY_SWAP; 2718 bool drained = false; 2719 bool raised_max_event = false; 2720 unsigned long pflags; 2721 2722retry: 2723 if (consume_stock(memcg, nr_pages)) 2724 return 0; 2725 2726 if (!do_memsw_account() || 2727 page_counter_try_charge(&memcg->memsw, batch, &counter)) { 2728 if (page_counter_try_charge(&memcg->memory, batch, &counter)) 2729 goto done_restock; 2730 if (do_memsw_account()) 2731 page_counter_uncharge(&memcg->memsw, batch); 2732 mem_over_limit = mem_cgroup_from_counter(counter, memory); 2733 } else { 2734 mem_over_limit = mem_cgroup_from_counter(counter, memsw); 2735 reclaim_options &= ~MEMCG_RECLAIM_MAY_SWAP; 2736 } 2737 2738 if (batch > nr_pages) { 2739 batch = nr_pages; 2740 goto retry; 2741 } 2742 2743 /* 2744 * Prevent unbounded recursion when reclaim operations need to 2745 * allocate memory. This might exceed the limits temporarily, 2746 * but we prefer facilitating memory reclaim and getting back 2747 * under the limit over triggering OOM kills in these cases. 2748 */ 2749 if (unlikely(current->flags & PF_MEMALLOC)) 2750 goto force; 2751 2752 if (unlikely(task_in_memcg_oom(current))) 2753 goto nomem; 2754 2755 if (!gfpflags_allow_blocking(gfp_mask)) 2756 goto nomem; 2757 2758 memcg_memory_event(mem_over_limit, MEMCG_MAX); 2759 raised_max_event = true; 2760 2761 psi_memstall_enter(&pflags); 2762 nr_reclaimed = try_to_free_mem_cgroup_pages(mem_over_limit, nr_pages, 2763 gfp_mask, reclaim_options); 2764 psi_memstall_leave(&pflags); 2765 2766 if (mem_cgroup_margin(mem_over_limit) >= nr_pages) 2767 goto retry; 2768 2769 if (!drained) { 2770 drain_all_stock(mem_over_limit); 2771 drained = true; 2772 goto retry; 2773 } 2774 2775 if (gfp_mask & __GFP_NORETRY) 2776 goto nomem; 2777 /* 2778 * Even though the limit is exceeded at this point, reclaim 2779 * may have been able to free some pages. Retry the charge 2780 * before killing the task. 2781 * 2782 * Only for regular pages, though: huge pages are rather 2783 * unlikely to succeed so close to the limit, and we fall back 2784 * to regular pages anyway in case of failure. 2785 */ 2786 if (nr_reclaimed && nr_pages <= (1 << PAGE_ALLOC_COSTLY_ORDER)) 2787 goto retry; 2788 /* 2789 * At task move, charge accounts can be doubly counted. So, it's 2790 * better to wait until the end of task_move if something is going on. 2791 */ 2792 if (mem_cgroup_wait_acct_move(mem_over_limit)) 2793 goto retry; 2794 2795 if (nr_retries--) 2796 goto retry; 2797 2798 if (gfp_mask & __GFP_RETRY_MAYFAIL) 2799 goto nomem; 2800 2801 /* Avoid endless loop for tasks bypassed by the oom killer */ 2802 if (passed_oom && task_is_dying()) 2803 goto nomem; 2804 2805 /* 2806 * keep retrying as long as the memcg oom killer is able to make 2807 * a forward progress or bypass the charge if the oom killer 2808 * couldn't make any progress. 2809 */ 2810 if (mem_cgroup_oom(mem_over_limit, gfp_mask, 2811 get_order(nr_pages * PAGE_SIZE))) { 2812 passed_oom = true; 2813 nr_retries = MAX_RECLAIM_RETRIES; 2814 goto retry; 2815 } 2816nomem: 2817 /* 2818 * Memcg doesn't have a dedicated reserve for atomic 2819 * allocations. But like the global atomic pool, we need to 2820 * put the burden of reclaim on regular allocation requests 2821 * and let these go through as privileged allocations. 2822 */ 2823 if (!(gfp_mask & (__GFP_NOFAIL | __GFP_HIGH))) 2824 return -ENOMEM; 2825force: 2826 /* 2827 * If the allocation has to be enforced, don't forget to raise 2828 * a MEMCG_MAX event. 2829 */ 2830 if (!raised_max_event) 2831 memcg_memory_event(mem_over_limit, MEMCG_MAX); 2832 2833 /* 2834 * The allocation either can't fail or will lead to more memory 2835 * being freed very soon. Allow memory usage go over the limit 2836 * temporarily by force charging it. 2837 */ 2838 page_counter_charge(&memcg->memory, nr_pages); 2839 if (do_memsw_account()) 2840 page_counter_charge(&memcg->memsw, nr_pages); 2841 2842 return 0; 2843 2844done_restock: 2845 if (batch > nr_pages) 2846 refill_stock(memcg, batch - nr_pages); 2847 2848 /* 2849 * If the hierarchy is above the normal consumption range, schedule 2850 * reclaim on returning to userland. We can perform reclaim here 2851 * if __GFP_RECLAIM but let's always punt for simplicity and so that 2852 * GFP_KERNEL can consistently be used during reclaim. @memcg is 2853 * not recorded as it most likely matches current's and won't 2854 * change in the meantime. As high limit is checked again before 2855 * reclaim, the cost of mismatch is negligible. 2856 */ 2857 do { 2858 bool mem_high, swap_high; 2859 2860 mem_high = page_counter_read(&memcg->memory) > 2861 READ_ONCE(memcg->memory.high); 2862 swap_high = page_counter_read(&memcg->swap) > 2863 READ_ONCE(memcg->swap.high); 2864 2865 /* Don't bother a random interrupted task */ 2866 if (!in_task()) { 2867 if (mem_high) { 2868 schedule_work(&memcg->high_work); 2869 break; 2870 } 2871 continue; 2872 } 2873 2874 if (mem_high || swap_high) { 2875 /* 2876 * The allocating tasks in this cgroup will need to do 2877 * reclaim or be throttled to prevent further growth 2878 * of the memory or swap footprints. 2879 * 2880 * Target some best-effort fairness between the tasks, 2881 * and distribute reclaim work and delay penalties 2882 * based on how much each task is actually allocating. 2883 */ 2884 current->memcg_nr_pages_over_high += batch; 2885 set_notify_resume(current); 2886 break; 2887 } 2888 } while ((memcg = parent_mem_cgroup(memcg))); 2889 2890 if (current->memcg_nr_pages_over_high > MEMCG_CHARGE_BATCH && 2891 !(current->flags & PF_MEMALLOC) && 2892 gfpflags_allow_blocking(gfp_mask)) { 2893 mem_cgroup_handle_over_high(gfp_mask); 2894 } 2895 return 0; 2896} 2897 2898static inline int try_charge(struct mem_cgroup *memcg, gfp_t gfp_mask, 2899 unsigned int nr_pages) 2900{ 2901 if (mem_cgroup_is_root(memcg)) 2902 return 0; 2903 2904 return try_charge_memcg(memcg, gfp_mask, nr_pages); 2905} 2906 2907/** 2908 * mem_cgroup_cancel_charge() - cancel an uncommitted try_charge() call. 2909 * @memcg: memcg previously charged. 2910 * @nr_pages: number of pages previously charged. 2911 */ 2912void mem_cgroup_cancel_charge(struct mem_cgroup *memcg, unsigned int nr_pages) 2913{ 2914 if (mem_cgroup_is_root(memcg)) 2915 return; 2916 2917 page_counter_uncharge(&memcg->memory, nr_pages); 2918 if (do_memsw_account()) 2919 page_counter_uncharge(&memcg->memsw, nr_pages); 2920} 2921 2922static void commit_charge(struct folio *folio, struct mem_cgroup *memcg) 2923{ 2924 VM_BUG_ON_FOLIO(folio_memcg(folio), folio); 2925 /* 2926 * Any of the following ensures page's memcg stability: 2927 * 2928 * - the page lock 2929 * - LRU isolation 2930 * - folio_memcg_lock() 2931 * - exclusive reference 2932 * - mem_cgroup_trylock_pages() 2933 */ 2934 folio->memcg_data = (unsigned long)memcg; 2935} 2936 2937/** 2938 * mem_cgroup_commit_charge - commit a previously successful try_charge(). 2939 * @folio: folio to commit the charge to. 2940 * @memcg: memcg previously charged. 2941 */ 2942void mem_cgroup_commit_charge(struct folio *folio, struct mem_cgroup *memcg) 2943{ 2944 css_get(&memcg->css); 2945 commit_charge(folio, memcg); 2946 2947 local_irq_disable(); 2948 mem_cgroup_charge_statistics(memcg, folio_nr_pages(folio)); 2949 memcg_check_events(memcg, folio_nid(folio)); 2950 local_irq_enable(); 2951} 2952 2953#ifdef CONFIG_MEMCG_KMEM 2954/* 2955 * The allocated objcg pointers array is not accounted directly. 2956 * Moreover, it should not come from DMA buffer and is not readily 2957 * reclaimable. So those GFP bits should be masked off. 2958 */ 2959#define OBJCGS_CLEAR_MASK (__GFP_DMA | __GFP_RECLAIMABLE | \ 2960 __GFP_ACCOUNT | __GFP_NOFAIL) 2961 2962/* 2963 * mod_objcg_mlstate() may be called with irq enabled, so 2964 * mod_memcg_lruvec_state() should be used. 2965 */ 2966static inline void mod_objcg_mlstate(struct obj_cgroup *objcg, 2967 struct pglist_data *pgdat, 2968 enum node_stat_item idx, int nr) 2969{ 2970 struct mem_cgroup *memcg; 2971 struct lruvec *lruvec; 2972 2973 rcu_read_lock(); 2974 memcg = obj_cgroup_memcg(objcg); 2975 lruvec = mem_cgroup_lruvec(memcg, pgdat); 2976 mod_memcg_lruvec_state(lruvec, idx, nr); 2977 rcu_read_unlock(); 2978} 2979 2980int memcg_alloc_slab_cgroups(struct slab *slab, struct kmem_cache *s, 2981 gfp_t gfp, bool new_slab) 2982{ 2983 unsigned int objects = objs_per_slab(s, slab); 2984 unsigned long memcg_data; 2985 void *vec; 2986 2987 gfp &= ~OBJCGS_CLEAR_MASK; 2988 vec = kcalloc_node(objects, sizeof(struct obj_cgroup *), gfp, 2989 slab_nid(slab)); 2990 if (!vec) 2991 return -ENOMEM; 2992 2993 memcg_data = (unsigned long) vec | MEMCG_DATA_OBJCGS; 2994 if (new_slab) { 2995 /* 2996 * If the slab is brand new and nobody can yet access its 2997 * memcg_data, no synchronization is required and memcg_data can 2998 * be simply assigned. 2999 */ 3000 slab->memcg_data = memcg_data; 3001 } else if (cmpxchg(&slab->memcg_data, 0, memcg_data)) { 3002 /* 3003 * If the slab is already in use, somebody can allocate and 3004 * assign obj_cgroups in parallel. In this case the existing 3005 * objcg vector should be reused. 3006 */ 3007 kfree(vec); 3008 return 0; 3009 } 3010 3011 kmemleak_not_leak(vec); 3012 return 0; 3013} 3014 3015static __always_inline 3016struct mem_cgroup *mem_cgroup_from_obj_folio(struct folio *folio, void *p) 3017{ 3018 /* 3019 * Slab objects are accounted individually, not per-page. 3020 * Memcg membership data for each individual object is saved in 3021 * slab->memcg_data. 3022 */ 3023 if (folio_test_slab(folio)) { 3024 struct obj_cgroup **objcgs; 3025 struct slab *slab; 3026 unsigned int off; 3027 3028 slab = folio_slab(folio); 3029 objcgs = slab_objcgs(slab); 3030 if (!objcgs) 3031 return NULL; 3032 3033 off = obj_to_index(slab->slab_cache, slab, p); 3034 if (objcgs[off]) 3035 return obj_cgroup_memcg(objcgs[off]); 3036 3037 return NULL; 3038 } 3039 3040 /* 3041 * folio_memcg_check() is used here, because in theory we can encounter 3042 * a folio where the slab flag has been cleared already, but 3043 * slab->memcg_data has not been freed yet 3044 * folio_memcg_check() will guarantee that a proper memory 3045 * cgroup pointer or NULL will be returned. 3046 */ 3047 return folio_memcg_check(folio); 3048} 3049 3050/* 3051 * Returns a pointer to the memory cgroup to which the kernel object is charged. 3052 * 3053 * A passed kernel object can be a slab object, vmalloc object or a generic 3054 * kernel page, so different mechanisms for getting the memory cgroup pointer 3055 * should be used. 3056 * 3057 * In certain cases (e.g. kernel stacks or large kmallocs with SLUB) the caller 3058 * can not know for sure how the kernel object is implemented. 3059 * mem_cgroup_from_obj() can be safely used in such cases. 3060 * 3061 * The caller must ensure the memcg lifetime, e.g. by taking rcu_read_lock(), 3062 * cgroup_mutex, etc. 3063 */ 3064struct mem_cgroup *mem_cgroup_from_obj(void *p) 3065{ 3066 struct folio *folio; 3067 3068 if (mem_cgroup_disabled()) 3069 return NULL; 3070 3071 if (unlikely(is_vmalloc_addr(p))) 3072 folio = page_folio(vmalloc_to_page(p)); 3073 else 3074 folio = virt_to_folio(p); 3075 3076 return mem_cgroup_from_obj_folio(folio, p); 3077} 3078 3079/* 3080 * Returns a pointer to the memory cgroup to which the kernel object is charged. 3081 * Similar to mem_cgroup_from_obj(), but faster and not suitable for objects, 3082 * allocated using vmalloc(). 3083 * 3084 * A passed kernel object must be a slab object or a generic kernel page. 3085 * 3086 * The caller must ensure the memcg lifetime, e.g. by taking rcu_read_lock(), 3087 * cgroup_mutex, etc. 3088 */ 3089struct mem_cgroup *mem_cgroup_from_slab_obj(void *p) 3090{ 3091 if (mem_cgroup_disabled()) 3092 return NULL; 3093 3094 return mem_cgroup_from_obj_folio(virt_to_folio(p), p); 3095} 3096 3097static struct obj_cgroup *__get_obj_cgroup_from_memcg(struct mem_cgroup *memcg) 3098{ 3099 struct obj_cgroup *objcg = NULL; 3100 3101 for (; !mem_cgroup_is_root(memcg); memcg = parent_mem_cgroup(memcg)) { 3102 objcg = rcu_dereference(memcg->objcg); 3103 if (likely(objcg && obj_cgroup_tryget(objcg))) 3104 break; 3105 objcg = NULL; 3106 } 3107 return objcg; 3108} 3109 3110static struct obj_cgroup *current_objcg_update(void) 3111{ 3112 struct mem_cgroup *memcg; 3113 struct obj_cgroup *old, *objcg = NULL; 3114 3115 do { 3116 /* Atomically drop the update bit. */ 3117 old = xchg(&current->objcg, NULL); 3118 if (old) { 3119 old = (struct obj_cgroup *) 3120 ((unsigned long)old & ~CURRENT_OBJCG_UPDATE_FLAG); 3121 if (old) 3122 obj_cgroup_put(old); 3123 3124 old = NULL; 3125 } 3126 3127 /* If new objcg is NULL, no reason for the second atomic update. */ 3128 if (!current->mm || (current->flags & PF_KTHREAD)) 3129 return NULL; 3130 3131 /* 3132 * Release the objcg pointer from the previous iteration, 3133 * if try_cmpxcg() below fails. 3134 */ 3135 if (unlikely(objcg)) { 3136 obj_cgroup_put(objcg); 3137 objcg = NULL; 3138 } 3139 3140 /* 3141 * Obtain the new objcg pointer. The current task can be 3142 * asynchronously moved to another memcg and the previous 3143 * memcg can be offlined. So let's get the memcg pointer 3144 * and try get a reference to objcg under a rcu read lock. 3145 */ 3146 3147 rcu_read_lock(); 3148 memcg = mem_cgroup_from_task(current); 3149 objcg = __get_obj_cgroup_from_memcg(memcg); 3150 rcu_read_unlock(); 3151 3152 /* 3153 * Try set up a new objcg pointer atomically. If it 3154 * fails, it means the update flag was set concurrently, so 3155 * the whole procedure should be repeated. 3156 */ 3157 } while (!try_cmpxchg(&current->objcg, &old, objcg)); 3158 3159 return objcg; 3160} 3161 3162__always_inline struct obj_cgroup *current_obj_cgroup(void) 3163{ 3164 struct mem_cgroup *memcg; 3165 struct obj_cgroup *objcg; 3166 3167 if (in_task()) { 3168 memcg = current->active_memcg; 3169 if (unlikely(memcg)) 3170 goto from_memcg; 3171 3172 objcg = READ_ONCE(current->objcg); 3173 if (unlikely((unsigned long)objcg & CURRENT_OBJCG_UPDATE_FLAG)) 3174 objcg = current_objcg_update(); 3175 /* 3176 * Objcg reference is kept by the task, so it's safe 3177 * to use the objcg by the current task. 3178 */ 3179 return objcg; 3180 } 3181 3182 memcg = this_cpu_read(int_active_memcg); 3183 if (unlikely(memcg)) 3184 goto from_memcg; 3185 3186 return NULL; 3187 3188from_memcg: 3189 objcg = NULL; 3190 for (; !mem_cgroup_is_root(memcg); memcg = parent_mem_cgroup(memcg)) { 3191 /* 3192 * Memcg pointer is protected by scope (see set_active_memcg()) 3193 * and is pinning the corresponding objcg, so objcg can't go 3194 * away and can be used within the scope without any additional 3195 * protection. 3196 */ 3197 objcg = rcu_dereference_check(memcg->objcg, 1); 3198 if (likely(objcg)) 3199 break; 3200 } 3201 3202 return objcg; 3203} 3204 3205struct obj_cgroup *get_obj_cgroup_from_folio(struct folio *folio) 3206{ 3207 struct obj_cgroup *objcg; 3208 3209 if (!memcg_kmem_online()) 3210 return NULL; 3211 3212 if (folio_memcg_kmem(folio)) { 3213 objcg = __folio_objcg(folio); 3214 obj_cgroup_get(objcg); 3215 } else { 3216 struct mem_cgroup *memcg; 3217 3218 rcu_read_lock(); 3219 memcg = __folio_memcg(folio); 3220 if (memcg) 3221 objcg = __get_obj_cgroup_from_memcg(memcg); 3222 else 3223 objcg = NULL; 3224 rcu_read_unlock(); 3225 } 3226 return objcg; 3227} 3228 3229static void memcg_account_kmem(struct mem_cgroup *memcg, int nr_pages) 3230{ 3231 mod_memcg_state(memcg, MEMCG_KMEM, nr_pages); 3232 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys)) { 3233 if (nr_pages > 0) 3234 page_counter_charge(&memcg->kmem, nr_pages); 3235 else 3236 page_counter_uncharge(&memcg->kmem, -nr_pages); 3237 } 3238} 3239 3240 3241/* 3242 * obj_cgroup_uncharge_pages: uncharge a number of kernel pages from a objcg 3243 * @objcg: object cgroup to uncharge 3244 * @nr_pages: number of pages to uncharge 3245 */ 3246static void obj_cgroup_uncharge_pages(struct obj_cgroup *objcg, 3247 unsigned int nr_pages) 3248{ 3249 struct mem_cgroup *memcg; 3250 3251 memcg = get_mem_cgroup_from_objcg(objcg); 3252 3253 memcg_account_kmem(memcg, -nr_pages); 3254 refill_stock(memcg, nr_pages); 3255 3256 css_put(&memcg->css); 3257} 3258 3259/* 3260 * obj_cgroup_charge_pages: charge a number of kernel pages to a objcg 3261 * @objcg: object cgroup to charge 3262 * @gfp: reclaim mode 3263 * @nr_pages: number of pages to charge 3264 * 3265 * Returns 0 on success, an error code on failure. 3266 */ 3267static int obj_cgroup_charge_pages(struct obj_cgroup *objcg, gfp_t gfp, 3268 unsigned int nr_pages) 3269{ 3270 struct mem_cgroup *memcg; 3271 int ret; 3272 3273 memcg = get_mem_cgroup_from_objcg(objcg); 3274 3275 ret = try_charge_memcg(memcg, gfp, nr_pages); 3276 if (ret) 3277 goto out; 3278 3279 memcg_account_kmem(memcg, nr_pages); 3280out: 3281 css_put(&memcg->css); 3282 3283 return ret; 3284} 3285 3286/** 3287 * __memcg_kmem_charge_page: charge a kmem page to the current memory cgroup 3288 * @page: page to charge 3289 * @gfp: reclaim mode 3290 * @order: allocation order 3291 * 3292 * Returns 0 on success, an error code on failure. 3293 */ 3294int __memcg_kmem_charge_page(struct page *page, gfp_t gfp, int order) 3295{ 3296 struct obj_cgroup *objcg; 3297 int ret = 0; 3298 3299 objcg = current_obj_cgroup(); 3300 if (objcg) { 3301 ret = obj_cgroup_charge_pages(objcg, gfp, 1 << order); 3302 if (!ret) { 3303 obj_cgroup_get(objcg); 3304 page->memcg_data = (unsigned long)objcg | 3305 MEMCG_DATA_KMEM; 3306 return 0; 3307 } 3308 } 3309 return ret; 3310} 3311 3312/** 3313 * __memcg_kmem_uncharge_page: uncharge a kmem page 3314 * @page: page to uncharge 3315 * @order: allocation order 3316 */ 3317void __memcg_kmem_uncharge_page(struct page *page, int order) 3318{ 3319 struct folio *folio = page_folio(page); 3320 struct obj_cgroup *objcg; 3321 unsigned int nr_pages = 1 << order; 3322 3323 if (!folio_memcg_kmem(folio)) 3324 return; 3325 3326 objcg = __folio_objcg(folio); 3327 obj_cgroup_uncharge_pages(objcg, nr_pages); 3328 folio->memcg_data = 0; 3329 obj_cgroup_put(objcg); 3330} 3331 3332void mod_objcg_state(struct obj_cgroup *objcg, struct pglist_data *pgdat, 3333 enum node_stat_item idx, int nr) 3334{ 3335 struct memcg_stock_pcp *stock; 3336 struct obj_cgroup *old = NULL; 3337 unsigned long flags; 3338 int *bytes; 3339 3340 local_lock_irqsave(&memcg_stock.stock_lock, flags); 3341 stock = this_cpu_ptr(&memcg_stock); 3342 3343 /* 3344 * Save vmstat data in stock and skip vmstat array update unless 3345 * accumulating over a page of vmstat data or when pgdat or idx 3346 * changes. 3347 */ 3348 if (READ_ONCE(stock->cached_objcg) != objcg) { 3349 old = drain_obj_stock(stock); 3350 obj_cgroup_get(objcg); 3351 stock->nr_bytes = atomic_read(&objcg->nr_charged_bytes) 3352 ? atomic_xchg(&objcg->nr_charged_bytes, 0) : 0; 3353 WRITE_ONCE(stock->cached_objcg, objcg); 3354 stock->cached_pgdat = pgdat; 3355 } else if (stock->cached_pgdat != pgdat) { 3356 /* Flush the existing cached vmstat data */ 3357 struct pglist_data *oldpg = stock->cached_pgdat; 3358 3359 if (stock->nr_slab_reclaimable_b) { 3360 mod_objcg_mlstate(objcg, oldpg, NR_SLAB_RECLAIMABLE_B, 3361 stock->nr_slab_reclaimable_b); 3362 stock->nr_slab_reclaimable_b = 0; 3363 } 3364 if (stock->nr_slab_unreclaimable_b) { 3365 mod_objcg_mlstate(objcg, oldpg, NR_SLAB_UNRECLAIMABLE_B, 3366 stock->nr_slab_unreclaimable_b); 3367 stock->nr_slab_unreclaimable_b = 0; 3368 } 3369 stock->cached_pgdat = pgdat; 3370 } 3371 3372 bytes = (idx == NR_SLAB_RECLAIMABLE_B) ? &stock->nr_slab_reclaimable_b 3373 : &stock->nr_slab_unreclaimable_b; 3374 /* 3375 * Even for large object >= PAGE_SIZE, the vmstat data will still be 3376 * cached locally at least once before pushing it out. 3377 */ 3378 if (!*bytes) { 3379 *bytes = nr; 3380 nr = 0; 3381 } else { 3382 *bytes += nr; 3383 if (abs(*bytes) > PAGE_SIZE) { 3384 nr = *bytes; 3385 *bytes = 0; 3386 } else { 3387 nr = 0; 3388 } 3389 } 3390 if (nr) 3391 mod_objcg_mlstate(objcg, pgdat, idx, nr); 3392 3393 local_unlock_irqrestore(&memcg_stock.stock_lock, flags); 3394 if (old) 3395 obj_cgroup_put(old); 3396} 3397 3398static bool consume_obj_stock(struct obj_cgroup *objcg, unsigned int nr_bytes) 3399{ 3400 struct memcg_stock_pcp *stock; 3401 unsigned long flags; 3402 bool ret = false; 3403 3404 local_lock_irqsave(&memcg_stock.stock_lock, flags); 3405 3406 stock = this_cpu_ptr(&memcg_stock); 3407 if (objcg == READ_ONCE(stock->cached_objcg) && stock->nr_bytes >= nr_bytes) { 3408 stock->nr_bytes -= nr_bytes; 3409 ret = true; 3410 } 3411 3412 local_unlock_irqrestore(&memcg_stock.stock_lock, flags); 3413 3414 return ret; 3415} 3416 3417static struct obj_cgroup *drain_obj_stock(struct memcg_stock_pcp *stock) 3418{ 3419 struct obj_cgroup *old = READ_ONCE(stock->cached_objcg); 3420 3421 if (!old) 3422 return NULL; 3423 3424 if (stock->nr_bytes) { 3425 unsigned int nr_pages = stock->nr_bytes >> PAGE_SHIFT; 3426 unsigned int nr_bytes = stock->nr_bytes & (PAGE_SIZE - 1); 3427 3428 if (nr_pages) { 3429 struct mem_cgroup *memcg; 3430 3431 memcg = get_mem_cgroup_from_objcg(old); 3432 3433 memcg_account_kmem(memcg, -nr_pages); 3434 __refill_stock(memcg, nr_pages); 3435 3436 css_put(&memcg->css); 3437 } 3438 3439 /* 3440 * The leftover is flushed to the centralized per-memcg value. 3441 * On the next attempt to refill obj stock it will be moved 3442 * to a per-cpu stock (probably, on an other CPU), see 3443 * refill_obj_stock(). 3444 * 3445 * How often it's flushed is a trade-off between the memory 3446 * limit enforcement accuracy and potential CPU contention, 3447 * so it might be changed in the future. 3448 */ 3449 atomic_add(nr_bytes, &old->nr_charged_bytes); 3450 stock->nr_bytes = 0; 3451 } 3452 3453 /* 3454 * Flush the vmstat data in current stock 3455 */ 3456 if (stock->nr_slab_reclaimable_b || stock->nr_slab_unreclaimable_b) { 3457 if (stock->nr_slab_reclaimable_b) { 3458 mod_objcg_mlstate(old, stock->cached_pgdat, 3459 NR_SLAB_RECLAIMABLE_B, 3460 stock->nr_slab_reclaimable_b); 3461 stock->nr_slab_reclaimable_b = 0; 3462 } 3463 if (stock->nr_slab_unreclaimable_b) { 3464 mod_objcg_mlstate(old, stock->cached_pgdat, 3465 NR_SLAB_UNRECLAIMABLE_B, 3466 stock->nr_slab_unreclaimable_b); 3467 stock->nr_slab_unreclaimable_b = 0; 3468 } 3469 stock->cached_pgdat = NULL; 3470 } 3471 3472 WRITE_ONCE(stock->cached_objcg, NULL); 3473 /* 3474 * The `old' objects needs to be released by the caller via 3475 * obj_cgroup_put() outside of memcg_stock_pcp::stock_lock. 3476 */ 3477 return old; 3478} 3479 3480static bool obj_stock_flush_required(struct memcg_stock_pcp *stock, 3481 struct mem_cgroup *root_memcg) 3482{ 3483 struct obj_cgroup *objcg = READ_ONCE(stock->cached_objcg); 3484 struct mem_cgroup *memcg; 3485 3486 if (objcg) { 3487 memcg = obj_cgroup_memcg(objcg); 3488 if (memcg && mem_cgroup_is_descendant(memcg, root_memcg)) 3489 return true; 3490 } 3491 3492 return false; 3493} 3494 3495static void refill_obj_stock(struct obj_cgroup *objcg, unsigned int nr_bytes, 3496 bool allow_uncharge) 3497{ 3498 struct memcg_stock_pcp *stock; 3499 struct obj_cgroup *old = NULL; 3500 unsigned long flags; 3501 unsigned int nr_pages = 0; 3502 3503 local_lock_irqsave(&memcg_stock.stock_lock, flags); 3504 3505 stock = this_cpu_ptr(&memcg_stock); 3506 if (READ_ONCE(stock->cached_objcg) != objcg) { /* reset if necessary */ 3507 old = drain_obj_stock(stock); 3508 obj_cgroup_get(objcg); 3509 WRITE_ONCE(stock->cached_objcg, objcg); 3510 stock->nr_bytes = atomic_read(&objcg->nr_charged_bytes) 3511 ? atomic_xchg(&objcg->nr_charged_bytes, 0) : 0; 3512 allow_uncharge = true; /* Allow uncharge when objcg changes */ 3513 } 3514 stock->nr_bytes += nr_bytes; 3515 3516 if (allow_uncharge && (stock->nr_bytes > PAGE_SIZE)) { 3517 nr_pages = stock->nr_bytes >> PAGE_SHIFT; 3518 stock->nr_bytes &= (PAGE_SIZE - 1); 3519 } 3520 3521 local_unlock_irqrestore(&memcg_stock.stock_lock, flags); 3522 if (old) 3523 obj_cgroup_put(old); 3524 3525 if (nr_pages) 3526 obj_cgroup_uncharge_pages(objcg, nr_pages); 3527} 3528 3529int obj_cgroup_charge(struct obj_cgroup *objcg, gfp_t gfp, size_t size) 3530{ 3531 unsigned int nr_pages, nr_bytes; 3532 int ret; 3533 3534 if (consume_obj_stock(objcg, size)) 3535 return 0; 3536 3537 /* 3538 * In theory, objcg->nr_charged_bytes can have enough 3539 * pre-charged bytes to satisfy the allocation. However, 3540 * flushing objcg->nr_charged_bytes requires two atomic 3541 * operations, and objcg->nr_charged_bytes can't be big. 3542 * The shared objcg->nr_charged_bytes can also become a 3543 * performance bottleneck if all tasks of the same memcg are 3544 * trying to update it. So it's better to ignore it and try 3545 * grab some new pages. The stock's nr_bytes will be flushed to 3546 * objcg->nr_charged_bytes later on when objcg changes. 3547 * 3548 * The stock's nr_bytes may contain enough pre-charged bytes 3549 * to allow one less page from being charged, but we can't rely 3550 * on the pre-charged bytes not being changed outside of 3551 * consume_obj_stock() or refill_obj_stock(). So ignore those 3552 * pre-charged bytes as well when charging pages. To avoid a 3553 * page uncharge right after a page charge, we set the 3554 * allow_uncharge flag to false when calling refill_obj_stock() 3555 * to temporarily allow the pre-charged bytes to exceed the page 3556 * size limit. The maximum reachable value of the pre-charged 3557 * bytes is (sizeof(object) + PAGE_SIZE - 2) if there is no data 3558 * race. 3559 */ 3560 nr_pages = size >> PAGE_SHIFT; 3561 nr_bytes = size & (PAGE_SIZE - 1); 3562 3563 if (nr_bytes) 3564 nr_pages += 1; 3565 3566 ret = obj_cgroup_charge_pages(objcg, gfp, nr_pages); 3567 if (!ret && nr_bytes) 3568 refill_obj_stock(objcg, PAGE_SIZE - nr_bytes, false); 3569 3570 return ret; 3571} 3572 3573void obj_cgroup_uncharge(struct obj_cgroup *objcg, size_t size) 3574{ 3575 refill_obj_stock(objcg, size, true); 3576} 3577 3578#endif /* CONFIG_MEMCG_KMEM */ 3579 3580/* 3581 * Because page_memcg(head) is not set on tails, set it now. 3582 */ 3583void split_page_memcg(struct page *head, unsigned int nr) 3584{ 3585 struct folio *folio = page_folio(head); 3586 struct mem_cgroup *memcg = folio_memcg(folio); 3587 int i; 3588 3589 if (mem_cgroup_disabled() || !memcg) 3590 return; 3591 3592 for (i = 1; i < nr; i++) 3593 folio_page(folio, i)->memcg_data = folio->memcg_data; 3594 3595 if (folio_memcg_kmem(folio)) 3596 obj_cgroup_get_many(__folio_objcg(folio), nr - 1); 3597 else 3598 css_get_many(&memcg->css, nr - 1); 3599} 3600 3601#ifdef CONFIG_SWAP 3602/** 3603 * mem_cgroup_move_swap_account - move swap charge and swap_cgroup's record. 3604 * @entry: swap entry to be moved 3605 * @from: mem_cgroup which the entry is moved from 3606 * @to: mem_cgroup which the entry is moved to 3607 * 3608 * It succeeds only when the swap_cgroup's record for this entry is the same 3609 * as the mem_cgroup's id of @from. 3610 * 3611 * Returns 0 on success, -EINVAL on failure. 3612 * 3613 * The caller must have charged to @to, IOW, called page_counter_charge() about 3614 * both res and memsw, and called css_get(). 3615 */ 3616static int mem_cgroup_move_swap_account(swp_entry_t entry, 3617 struct mem_cgroup *from, struct mem_cgroup *to) 3618{ 3619 unsigned short old_id, new_id; 3620 3621 old_id = mem_cgroup_id(from); 3622 new_id = mem_cgroup_id(to); 3623 3624 if (swap_cgroup_cmpxchg(entry, old_id, new_id) == old_id) { 3625 mod_memcg_state(from, MEMCG_SWAP, -1); 3626 mod_memcg_state(to, MEMCG_SWAP, 1); 3627 return 0; 3628 } 3629 return -EINVAL; 3630} 3631#else 3632static inline int mem_cgroup_move_swap_account(swp_entry_t entry, 3633 struct mem_cgroup *from, struct mem_cgroup *to) 3634{ 3635 return -EINVAL; 3636} 3637#endif 3638 3639static DEFINE_MUTEX(memcg_max_mutex); 3640 3641static int mem_cgroup_resize_max(struct mem_cgroup *memcg, 3642 unsigned long max, bool memsw) 3643{ 3644 bool enlarge = false; 3645 bool drained = false; 3646 int ret; 3647 bool limits_invariant; 3648 struct page_counter *counter = memsw ? &memcg->memsw : &memcg->memory; 3649 3650 do { 3651 if (signal_pending(current)) { 3652 ret = -EINTR; 3653 break; 3654 } 3655 3656 mutex_lock(&memcg_max_mutex); 3657 /* 3658 * Make sure that the new limit (memsw or memory limit) doesn't 3659 * break our basic invariant rule memory.max <= memsw.max. 3660 */ 3661 limits_invariant = memsw ? max >= READ_ONCE(memcg->memory.max) : 3662 max <= memcg->memsw.max; 3663 if (!limits_invariant) { 3664 mutex_unlock(&memcg_max_mutex); 3665 ret = -EINVAL; 3666 break; 3667 } 3668 if (max > counter->max) 3669 enlarge = true; 3670 ret = page_counter_set_max(counter, max); 3671 mutex_unlock(&memcg_max_mutex); 3672 3673 if (!ret) 3674 break; 3675 3676 if (!drained) { 3677 drain_all_stock(memcg); 3678 drained = true; 3679 continue; 3680 } 3681 3682 if (!try_to_free_mem_cgroup_pages(memcg, 1, GFP_KERNEL, 3683 memsw ? 0 : MEMCG_RECLAIM_MAY_SWAP)) { 3684 ret = -EBUSY; 3685 break; 3686 } 3687 } while (true); 3688 3689 if (!ret && enlarge) 3690 memcg_oom_recover(memcg); 3691 3692 return ret; 3693} 3694 3695unsigned long mem_cgroup_soft_limit_reclaim(pg_data_t *pgdat, int order, 3696 gfp_t gfp_mask, 3697 unsigned long *total_scanned) 3698{ 3699 unsigned long nr_reclaimed = 0; 3700 struct mem_cgroup_per_node *mz, *next_mz = NULL; 3701 unsigned long reclaimed; 3702 int loop = 0; 3703 struct mem_cgroup_tree_per_node *mctz; 3704 unsigned long excess; 3705 3706 if (lru_gen_enabled()) 3707 return 0; 3708 3709 if (order > 0) 3710 return 0; 3711 3712 mctz = soft_limit_tree.rb_tree_per_node[pgdat->node_id]; 3713 3714 /* 3715 * Do not even bother to check the largest node if the root 3716 * is empty. Do it lockless to prevent lock bouncing. Races 3717 * are acceptable as soft limit is best effort anyway. 3718 */ 3719 if (!mctz || RB_EMPTY_ROOT(&mctz->rb_root)) 3720 return 0; 3721 3722 /* 3723 * This loop can run a while, specially if mem_cgroup's continuously 3724 * keep exceeding their soft limit and putting the system under 3725 * pressure 3726 */ 3727 do { 3728 if (next_mz) 3729 mz = next_mz; 3730 else 3731 mz = mem_cgroup_largest_soft_limit_node(mctz); 3732 if (!mz) 3733 break; 3734 3735 reclaimed = mem_cgroup_soft_reclaim(mz->memcg, pgdat, 3736 gfp_mask, total_scanned); 3737 nr_reclaimed += reclaimed; 3738 spin_lock_irq(&mctz->lock); 3739 3740 /* 3741 * If we failed to reclaim anything from this memory cgroup 3742 * it is time to move on to the next cgroup 3743 */ 3744 next_mz = NULL; 3745 if (!reclaimed) 3746 next_mz = __mem_cgroup_largest_soft_limit_node(mctz); 3747 3748 excess = soft_limit_excess(mz->memcg); 3749 /* 3750 * One school of thought says that we should not add 3751 * back the node to the tree if reclaim returns 0. 3752 * But our reclaim could return 0, simply because due 3753 * to priority we are exposing a smaller subset of 3754 * memory to reclaim from. Consider this as a longer 3755 * term TODO. 3756 */ 3757 /* If excess == 0, no tree ops */ 3758 __mem_cgroup_insert_exceeded(mz, mctz, excess); 3759 spin_unlock_irq(&mctz->lock); 3760 css_put(&mz->memcg->css); 3761 loop++; 3762 /* 3763 * Could not reclaim anything and there are no more 3764 * mem cgroups to try or we seem to be looping without 3765 * reclaiming anything. 3766 */ 3767 if (!nr_reclaimed && 3768 (next_mz == NULL || 3769 loop > MEM_CGROUP_MAX_SOFT_LIMIT_RECLAIM_LOOPS)) 3770 break; 3771 } while (!nr_reclaimed); 3772 if (next_mz) 3773 css_put(&next_mz->memcg->css); 3774 return nr_reclaimed; 3775} 3776 3777/* 3778 * Reclaims as many pages from the given memcg as possible. 3779 * 3780 * Caller is responsible for holding css reference for memcg. 3781 */ 3782static int mem_cgroup_force_empty(struct mem_cgroup *memcg) 3783{ 3784 int nr_retries = MAX_RECLAIM_RETRIES; 3785 3786 /* we call try-to-free pages for make this cgroup empty */ 3787 lru_add_drain_all(); 3788 3789 drain_all_stock(memcg); 3790 3791 /* try to free all pages in this cgroup */ 3792 while (nr_retries && page_counter_read(&memcg->memory)) { 3793 if (signal_pending(current)) 3794 return -EINTR; 3795 3796 if (!try_to_free_mem_cgroup_pages(memcg, 1, GFP_KERNEL, 3797 MEMCG_RECLAIM_MAY_SWAP)) 3798 nr_retries--; 3799 } 3800 3801 return 0; 3802} 3803 3804static ssize_t mem_cgroup_force_empty_write(struct kernfs_open_file *of, 3805 char *buf, size_t nbytes, 3806 loff_t off) 3807{ 3808 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 3809 3810 if (mem_cgroup_is_root(memcg)) 3811 return -EINVAL; 3812 return mem_cgroup_force_empty(memcg) ?: nbytes; 3813} 3814 3815static u64 mem_cgroup_hierarchy_read(struct cgroup_subsys_state *css, 3816 struct cftype *cft) 3817{ 3818 return 1; 3819} 3820 3821static int mem_cgroup_hierarchy_write(struct cgroup_subsys_state *css, 3822 struct cftype *cft, u64 val) 3823{ 3824 if (val == 1) 3825 return 0; 3826 3827 pr_warn_once("Non-hierarchical mode is deprecated. " 3828 "Please report your usecase to linux-mm@kvack.org if you " 3829 "depend on this functionality.\n"); 3830 3831 return -EINVAL; 3832} 3833 3834static unsigned long mem_cgroup_usage(struct mem_cgroup *memcg, bool swap) 3835{ 3836 unsigned long val; 3837 3838 if (mem_cgroup_is_root(memcg)) { 3839 /* 3840 * Approximate root's usage from global state. This isn't 3841 * perfect, but the root usage was always an approximation. 3842 */ 3843 val = global_node_page_state(NR_FILE_PAGES) + 3844 global_node_page_state(NR_ANON_MAPPED); 3845 if (swap) 3846 val += total_swap_pages - get_nr_swap_pages(); 3847 } else { 3848 if (!swap) 3849 val = page_counter_read(&memcg->memory); 3850 else 3851 val = page_counter_read(&memcg->memsw); 3852 } 3853 return val; 3854} 3855 3856enum { 3857 RES_USAGE, 3858 RES_LIMIT, 3859 RES_MAX_USAGE, 3860 RES_FAILCNT, 3861 RES_SOFT_LIMIT, 3862}; 3863 3864static u64 mem_cgroup_read_u64(struct cgroup_subsys_state *css, 3865 struct cftype *cft) 3866{ 3867 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 3868 struct page_counter *counter; 3869 3870 switch (MEMFILE_TYPE(cft->private)) { 3871 case _MEM: 3872 counter = &memcg->memory; 3873 break; 3874 case _MEMSWAP: 3875 counter = &memcg->memsw; 3876 break; 3877 case _KMEM: 3878 counter = &memcg->kmem; 3879 break; 3880 case _TCP: 3881 counter = &memcg->tcpmem; 3882 break; 3883 default: 3884 BUG(); 3885 } 3886 3887 switch (MEMFILE_ATTR(cft->private)) { 3888 case RES_USAGE: 3889 if (counter == &memcg->memory) 3890 return (u64)mem_cgroup_usage(memcg, false) * PAGE_SIZE; 3891 if (counter == &memcg->memsw) 3892 return (u64)mem_cgroup_usage(memcg, true) * PAGE_SIZE; 3893 return (u64)page_counter_read(counter) * PAGE_SIZE; 3894 case RES_LIMIT: 3895 return (u64)counter->max * PAGE_SIZE; 3896 case RES_MAX_USAGE: 3897 return (u64)counter->watermark * PAGE_SIZE; 3898 case RES_FAILCNT: 3899 return counter->failcnt; 3900 case RES_SOFT_LIMIT: 3901 return (u64)READ_ONCE(memcg->soft_limit) * PAGE_SIZE; 3902 default: 3903 BUG(); 3904 } 3905} 3906 3907/* 3908 * This function doesn't do anything useful. Its only job is to provide a read 3909 * handler for a file so that cgroup_file_mode() will add read permissions. 3910 */ 3911static int mem_cgroup_dummy_seq_show(__always_unused struct seq_file *m, 3912 __always_unused void *v) 3913{ 3914 return -EINVAL; 3915} 3916 3917#ifdef CONFIG_MEMCG_KMEM 3918static int memcg_online_kmem(struct mem_cgroup *memcg) 3919{ 3920 struct obj_cgroup *objcg; 3921 3922 if (mem_cgroup_kmem_disabled()) 3923 return 0; 3924 3925 if (unlikely(mem_cgroup_is_root(memcg))) 3926 return 0; 3927 3928 objcg = obj_cgroup_alloc(); 3929 if (!objcg) 3930 return -ENOMEM; 3931 3932 objcg->memcg = memcg; 3933 rcu_assign_pointer(memcg->objcg, objcg); 3934 obj_cgroup_get(objcg); 3935 memcg->orig_objcg = objcg; 3936 3937 static_branch_enable(&memcg_kmem_online_key); 3938 3939 memcg->kmemcg_id = memcg->id.id; 3940 3941 return 0; 3942} 3943 3944static void memcg_offline_kmem(struct mem_cgroup *memcg) 3945{ 3946 struct mem_cgroup *parent; 3947 3948 if (mem_cgroup_kmem_disabled()) 3949 return; 3950 3951 if (unlikely(mem_cgroup_is_root(memcg))) 3952 return; 3953 3954 parent = parent_mem_cgroup(memcg); 3955 if (!parent) 3956 parent = root_mem_cgroup; 3957 3958 memcg_reparent_objcgs(memcg, parent); 3959 3960 /* 3961 * After we have finished memcg_reparent_objcgs(), all list_lrus 3962 * corresponding to this cgroup are guaranteed to remain empty. 3963 * The ordering is imposed by list_lru_node->lock taken by 3964 * memcg_reparent_list_lrus(). 3965 */ 3966 memcg_reparent_list_lrus(memcg, parent); 3967} 3968#else 3969static int memcg_online_kmem(struct mem_cgroup *memcg) 3970{ 3971 return 0; 3972} 3973static void memcg_offline_kmem(struct mem_cgroup *memcg) 3974{ 3975} 3976#endif /* CONFIG_MEMCG_KMEM */ 3977 3978static int memcg_update_tcp_max(struct mem_cgroup *memcg, unsigned long max) 3979{ 3980 int ret; 3981 3982 mutex_lock(&memcg_max_mutex); 3983 3984 ret = page_counter_set_max(&memcg->tcpmem, max); 3985 if (ret) 3986 goto out; 3987 3988 if (!memcg->tcpmem_active) { 3989 /* 3990 * The active flag needs to be written after the static_key 3991 * update. This is what guarantees that the socket activation 3992 * function is the last one to run. See mem_cgroup_sk_alloc() 3993 * for details, and note that we don't mark any socket as 3994 * belonging to this memcg until that flag is up. 3995 * 3996 * We need to do this, because static_keys will span multiple 3997 * sites, but we can't control their order. If we mark a socket 3998 * as accounted, but the accounting functions are not patched in 3999 * yet, we'll lose accounting. 4000 * 4001 * We never race with the readers in mem_cgroup_sk_alloc(), 4002 * because when this value change, the code to process it is not 4003 * patched in yet. 4004 */ 4005 static_branch_inc(&memcg_sockets_enabled_key); 4006 memcg->tcpmem_active = true; 4007 } 4008out: 4009 mutex_unlock(&memcg_max_mutex); 4010 return ret; 4011} 4012 4013/* 4014 * The user of this function is... 4015 * RES_LIMIT. 4016 */ 4017static ssize_t mem_cgroup_write(struct kernfs_open_file *of, 4018 char *buf, size_t nbytes, loff_t off) 4019{ 4020 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 4021 unsigned long nr_pages; 4022 int ret; 4023 4024 buf = strstrip(buf); 4025 ret = page_counter_memparse(buf, "-1", &nr_pages); 4026 if (ret) 4027 return ret; 4028 4029 switch (MEMFILE_ATTR(of_cft(of)->private)) { 4030 case RES_LIMIT: 4031 if (mem_cgroup_is_root(memcg)) { /* Can't set limit on root */ 4032 ret = -EINVAL; 4033 break; 4034 } 4035 switch (MEMFILE_TYPE(of_cft(of)->private)) { 4036 case _MEM: 4037 ret = mem_cgroup_resize_max(memcg, nr_pages, false); 4038 break; 4039 case _MEMSWAP: 4040 ret = mem_cgroup_resize_max(memcg, nr_pages, true); 4041 break; 4042 case _KMEM: 4043 pr_warn_once("kmem.limit_in_bytes is deprecated and will be removed. " 4044 "Writing any value to this file has no effect. " 4045 "Please report your usecase to linux-mm@kvack.org if you " 4046 "depend on this functionality.\n"); 4047 ret = 0; 4048 break; 4049 case _TCP: 4050 ret = memcg_update_tcp_max(memcg, nr_pages); 4051 break; 4052 } 4053 break; 4054 case RES_SOFT_LIMIT: 4055 if (IS_ENABLED(CONFIG_PREEMPT_RT)) { 4056 ret = -EOPNOTSUPP; 4057 } else { 4058 WRITE_ONCE(memcg->soft_limit, nr_pages); 4059 ret = 0; 4060 } 4061 break; 4062 } 4063 return ret ?: nbytes; 4064} 4065 4066static ssize_t mem_cgroup_reset(struct kernfs_open_file *of, char *buf, 4067 size_t nbytes, loff_t off) 4068{ 4069 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 4070 struct page_counter *counter; 4071 4072 switch (MEMFILE_TYPE(of_cft(of)->private)) { 4073 case _MEM: 4074 counter = &memcg->memory; 4075 break; 4076 case _MEMSWAP: 4077 counter = &memcg->memsw; 4078 break; 4079 case _KMEM: 4080 counter = &memcg->kmem; 4081 break; 4082 case _TCP: 4083 counter = &memcg->tcpmem; 4084 break; 4085 default: 4086 BUG(); 4087 } 4088 4089 switch (MEMFILE_ATTR(of_cft(of)->private)) { 4090 case RES_MAX_USAGE: 4091 page_counter_reset_watermark(counter); 4092 break; 4093 case RES_FAILCNT: 4094 counter->failcnt = 0; 4095 break; 4096 default: 4097 BUG(); 4098 } 4099 4100 return nbytes; 4101} 4102 4103static u64 mem_cgroup_move_charge_read(struct cgroup_subsys_state *css, 4104 struct cftype *cft) 4105{ 4106 return mem_cgroup_from_css(css)->move_charge_at_immigrate; 4107} 4108 4109#ifdef CONFIG_MMU 4110static int mem_cgroup_move_charge_write(struct cgroup_subsys_state *css, 4111 struct cftype *cft, u64 val) 4112{ 4113 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 4114 4115 pr_warn_once("Cgroup memory moving (move_charge_at_immigrate) is deprecated. " 4116 "Please report your usecase to linux-mm@kvack.org if you " 4117 "depend on this functionality.\n"); 4118 4119 if (val & ~MOVE_MASK) 4120 return -EINVAL; 4121 4122 /* 4123 * No kind of locking is needed in here, because ->can_attach() will 4124 * check this value once in the beginning of the process, and then carry 4125 * on with stale data. This means that changes to this value will only 4126 * affect task migrations starting after the change. 4127 */ 4128 memcg->move_charge_at_immigrate = val; 4129 return 0; 4130} 4131#else 4132static int mem_cgroup_move_charge_write(struct cgroup_subsys_state *css, 4133 struct cftype *cft, u64 val) 4134{ 4135 return -ENOSYS; 4136} 4137#endif 4138 4139#ifdef CONFIG_NUMA 4140 4141#define LRU_ALL_FILE (BIT(LRU_INACTIVE_FILE) | BIT(LRU_ACTIVE_FILE)) 4142#define LRU_ALL_ANON (BIT(LRU_INACTIVE_ANON) | BIT(LRU_ACTIVE_ANON)) 4143#define LRU_ALL ((1 << NR_LRU_LISTS) - 1) 4144 4145static unsigned long mem_cgroup_node_nr_lru_pages(struct mem_cgroup *memcg, 4146 int nid, unsigned int lru_mask, bool tree) 4147{ 4148 struct lruvec *lruvec = mem_cgroup_lruvec(memcg, NODE_DATA(nid)); 4149 unsigned long nr = 0; 4150 enum lru_list lru; 4151 4152 VM_BUG_ON((unsigned)nid >= nr_node_ids); 4153 4154 for_each_lru(lru) { 4155 if (!(BIT(lru) & lru_mask)) 4156 continue; 4157 if (tree) 4158 nr += lruvec_page_state(lruvec, NR_LRU_BASE + lru); 4159 else 4160 nr += lruvec_page_state_local(lruvec, NR_LRU_BASE + lru); 4161 } 4162 return nr; 4163} 4164 4165static unsigned long mem_cgroup_nr_lru_pages(struct mem_cgroup *memcg, 4166 unsigned int lru_mask, 4167 bool tree) 4168{ 4169 unsigned long nr = 0; 4170 enum lru_list lru; 4171 4172 for_each_lru(lru) { 4173 if (!(BIT(lru) & lru_mask)) 4174 continue; 4175 if (tree) 4176 nr += memcg_page_state(memcg, NR_LRU_BASE + lru); 4177 else 4178 nr += memcg_page_state_local(memcg, NR_LRU_BASE + lru); 4179 } 4180 return nr; 4181} 4182 4183static int memcg_numa_stat_show(struct seq_file *m, void *v) 4184{ 4185 struct numa_stat { 4186 const char *name; 4187 unsigned int lru_mask; 4188 }; 4189 4190 static const struct numa_stat stats[] = { 4191 { "total", LRU_ALL }, 4192 { "file", LRU_ALL_FILE }, 4193 { "anon", LRU_ALL_ANON }, 4194 { "unevictable", BIT(LRU_UNEVICTABLE) }, 4195 }; 4196 const struct numa_stat *stat; 4197 int nid; 4198 struct mem_cgroup *memcg = mem_cgroup_from_seq(m); 4199 4200 mem_cgroup_flush_stats(memcg); 4201 4202 for (stat = stats; stat < stats + ARRAY_SIZE(stats); stat++) { 4203 seq_printf(m, "%s=%lu", stat->name, 4204 mem_cgroup_nr_lru_pages(memcg, stat->lru_mask, 4205 false)); 4206 for_each_node_state(nid, N_MEMORY) 4207 seq_printf(m, " N%d=%lu", nid, 4208 mem_cgroup_node_nr_lru_pages(memcg, nid, 4209 stat->lru_mask, false)); 4210 seq_putc(m, '\n'); 4211 } 4212 4213 for (stat = stats; stat < stats + ARRAY_SIZE(stats); stat++) { 4214 4215 seq_printf(m, "hierarchical_%s=%lu", stat->name, 4216 mem_cgroup_nr_lru_pages(memcg, stat->lru_mask, 4217 true)); 4218 for_each_node_state(nid, N_MEMORY) 4219 seq_printf(m, " N%d=%lu", nid, 4220 mem_cgroup_node_nr_lru_pages(memcg, nid, 4221 stat->lru_mask, true)); 4222 seq_putc(m, '\n'); 4223 } 4224 4225 return 0; 4226} 4227#endif /* CONFIG_NUMA */ 4228 4229static const unsigned int memcg1_stats[] = { 4230 NR_FILE_PAGES, 4231 NR_ANON_MAPPED, 4232#ifdef CONFIG_TRANSPARENT_HUGEPAGE 4233 NR_ANON_THPS, 4234#endif 4235 NR_SHMEM, 4236 NR_FILE_MAPPED, 4237 NR_FILE_DIRTY, 4238 NR_WRITEBACK, 4239 WORKINGSET_REFAULT_ANON, 4240 WORKINGSET_REFAULT_FILE, 4241#ifdef CONFIG_SWAP 4242 MEMCG_SWAP, 4243 NR_SWAPCACHE, 4244#endif 4245}; 4246 4247static const char *const memcg1_stat_names[] = { 4248 "cache", 4249 "rss", 4250#ifdef CONFIG_TRANSPARENT_HUGEPAGE 4251 "rss_huge", 4252#endif 4253 "shmem", 4254 "mapped_file", 4255 "dirty", 4256 "writeback", 4257 "workingset_refault_anon", 4258 "workingset_refault_file", 4259#ifdef CONFIG_SWAP 4260 "swap", 4261 "swapcached", 4262#endif 4263}; 4264 4265/* Universal VM events cgroup1 shows, original sort order */ 4266static const unsigned int memcg1_events[] = { 4267 PGPGIN, 4268 PGPGOUT, 4269 PGFAULT, 4270 PGMAJFAULT, 4271}; 4272 4273static void memcg1_stat_format(struct mem_cgroup *memcg, struct seq_buf *s) 4274{ 4275 unsigned long memory, memsw; 4276 struct mem_cgroup *mi; 4277 unsigned int i; 4278 4279 BUILD_BUG_ON(ARRAY_SIZE(memcg1_stat_names) != ARRAY_SIZE(memcg1_stats)); 4280 4281 mem_cgroup_flush_stats(memcg); 4282 4283 for (i = 0; i < ARRAY_SIZE(memcg1_stats); i++) { 4284 unsigned long nr; 4285 4286 nr = memcg_page_state_local_output(memcg, memcg1_stats[i]); 4287 seq_buf_printf(s, "%s %lu\n", memcg1_stat_names[i], nr); 4288 } 4289 4290 for (i = 0; i < ARRAY_SIZE(memcg1_events); i++) 4291 seq_buf_printf(s, "%s %lu\n", vm_event_name(memcg1_events[i]), 4292 memcg_events_local(memcg, memcg1_events[i])); 4293 4294 for (i = 0; i < NR_LRU_LISTS; i++) 4295 seq_buf_printf(s, "%s %lu\n", lru_list_name(i), 4296 memcg_page_state_local(memcg, NR_LRU_BASE + i) * 4297 PAGE_SIZE); 4298 4299 /* Hierarchical information */ 4300 memory = memsw = PAGE_COUNTER_MAX; 4301 for (mi = memcg; mi; mi = parent_mem_cgroup(mi)) { 4302 memory = min(memory, READ_ONCE(mi->memory.max)); 4303 memsw = min(memsw, READ_ONCE(mi->memsw.max)); 4304 } 4305 seq_buf_printf(s, "hierarchical_memory_limit %llu\n", 4306 (u64)memory * PAGE_SIZE); 4307 seq_buf_printf(s, "hierarchical_memsw_limit %llu\n", 4308 (u64)memsw * PAGE_SIZE); 4309 4310 for (i = 0; i < ARRAY_SIZE(memcg1_stats); i++) { 4311 unsigned long nr; 4312 4313 nr = memcg_page_state_output(memcg, memcg1_stats[i]); 4314 seq_buf_printf(s, "total_%s %llu\n", memcg1_stat_names[i], 4315 (u64)nr); 4316 } 4317 4318 for (i = 0; i < ARRAY_SIZE(memcg1_events); i++) 4319 seq_buf_printf(s, "total_%s %llu\n", 4320 vm_event_name(memcg1_events[i]), 4321 (u64)memcg_events(memcg, memcg1_events[i])); 4322 4323 for (i = 0; i < NR_LRU_LISTS; i++) 4324 seq_buf_printf(s, "total_%s %llu\n", lru_list_name(i), 4325 (u64)memcg_page_state(memcg, NR_LRU_BASE + i) * 4326 PAGE_SIZE); 4327 4328#ifdef CONFIG_DEBUG_VM 4329 { 4330 pg_data_t *pgdat; 4331 struct mem_cgroup_per_node *mz; 4332 unsigned long anon_cost = 0; 4333 unsigned long file_cost = 0; 4334 4335 for_each_online_pgdat(pgdat) { 4336 mz = memcg->nodeinfo[pgdat->node_id]; 4337 4338 anon_cost += mz->lruvec.anon_cost; 4339 file_cost += mz->lruvec.file_cost; 4340 } 4341 seq_buf_printf(s, "anon_cost %lu\n", anon_cost); 4342 seq_buf_printf(s, "file_cost %lu\n", file_cost); 4343 } 4344#endif 4345} 4346 4347static u64 mem_cgroup_swappiness_read(struct cgroup_subsys_state *css, 4348 struct cftype *cft) 4349{ 4350 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 4351 4352 return mem_cgroup_swappiness(memcg); 4353} 4354 4355static int mem_cgroup_swappiness_write(struct cgroup_subsys_state *css, 4356 struct cftype *cft, u64 val) 4357{ 4358 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 4359 4360 if (val > 200) 4361 return -EINVAL; 4362 4363 if (!mem_cgroup_is_root(memcg)) 4364 WRITE_ONCE(memcg->swappiness, val); 4365 else 4366 WRITE_ONCE(vm_swappiness, val); 4367 4368 return 0; 4369} 4370 4371static void __mem_cgroup_threshold(struct mem_cgroup *memcg, bool swap) 4372{ 4373 struct mem_cgroup_threshold_ary *t; 4374 unsigned long usage; 4375 int i; 4376 4377 rcu_read_lock(); 4378 if (!swap) 4379 t = rcu_dereference(memcg->thresholds.primary); 4380 else 4381 t = rcu_dereference(memcg->memsw_thresholds.primary); 4382 4383 if (!t) 4384 goto unlock; 4385 4386 usage = mem_cgroup_usage(memcg, swap); 4387 4388 /* 4389 * current_threshold points to threshold just below or equal to usage. 4390 * If it's not true, a threshold was crossed after last 4391 * call of __mem_cgroup_threshold(). 4392 */ 4393 i = t->current_threshold; 4394 4395 /* 4396 * Iterate backward over array of thresholds starting from 4397 * current_threshold and check if a threshold is crossed. 4398 * If none of thresholds below usage is crossed, we read 4399 * only one element of the array here. 4400 */ 4401 for (; i >= 0 && unlikely(t->entries[i].threshold > usage); i--) 4402 eventfd_signal(t->entries[i].eventfd); 4403 4404 /* i = current_threshold + 1 */ 4405 i++; 4406 4407 /* 4408 * Iterate forward over array of thresholds starting from 4409 * current_threshold+1 and check if a threshold is crossed. 4410 * If none of thresholds above usage is crossed, we read 4411 * only one element of the array here. 4412 */ 4413 for (; i < t->size && unlikely(t->entries[i].threshold <= usage); i++) 4414 eventfd_signal(t->entries[i].eventfd); 4415 4416 /* Update current_threshold */ 4417 t->current_threshold = i - 1; 4418unlock: 4419 rcu_read_unlock(); 4420} 4421 4422static void mem_cgroup_threshold(struct mem_cgroup *memcg) 4423{ 4424 while (memcg) { 4425 __mem_cgroup_threshold(memcg, false); 4426 if (do_memsw_account()) 4427 __mem_cgroup_threshold(memcg, true); 4428 4429 memcg = parent_mem_cgroup(memcg); 4430 } 4431} 4432 4433static int compare_thresholds(const void *a, const void *b) 4434{ 4435 const struct mem_cgroup_threshold *_a = a; 4436 const struct mem_cgroup_threshold *_b = b; 4437 4438 if (_a->threshold > _b->threshold) 4439 return 1; 4440 4441 if (_a->threshold < _b->threshold) 4442 return -1; 4443 4444 return 0; 4445} 4446 4447static int mem_cgroup_oom_notify_cb(struct mem_cgroup *memcg) 4448{ 4449 struct mem_cgroup_eventfd_list *ev; 4450 4451 spin_lock(&memcg_oom_lock); 4452 4453 list_for_each_entry(ev, &memcg->oom_notify, list) 4454 eventfd_signal(ev->eventfd); 4455 4456 spin_unlock(&memcg_oom_lock); 4457 return 0; 4458} 4459 4460static void mem_cgroup_oom_notify(struct mem_cgroup *memcg) 4461{ 4462 struct mem_cgroup *iter; 4463 4464 for_each_mem_cgroup_tree(iter, memcg) 4465 mem_cgroup_oom_notify_cb(iter); 4466} 4467 4468static int __mem_cgroup_usage_register_event(struct mem_cgroup *memcg, 4469 struct eventfd_ctx *eventfd, const char *args, enum res_type type) 4470{ 4471 struct mem_cgroup_thresholds *thresholds; 4472 struct mem_cgroup_threshold_ary *new; 4473 unsigned long threshold; 4474 unsigned long usage; 4475 int i, size, ret; 4476 4477 ret = page_counter_memparse(args, "-1", &threshold); 4478 if (ret) 4479 return ret; 4480 4481 mutex_lock(&memcg->thresholds_lock); 4482 4483 if (type == _MEM) { 4484 thresholds = &memcg->thresholds; 4485 usage = mem_cgroup_usage(memcg, false); 4486 } else if (type == _MEMSWAP) { 4487 thresholds = &memcg->memsw_thresholds; 4488 usage = mem_cgroup_usage(memcg, true); 4489 } else 4490 BUG(); 4491 4492 /* Check if a threshold crossed before adding a new one */ 4493 if (thresholds->primary) 4494 __mem_cgroup_threshold(memcg, type == _MEMSWAP); 4495 4496 size = thresholds->primary ? thresholds->primary->size + 1 : 1; 4497 4498 /* Allocate memory for new array of thresholds */ 4499 new = kmalloc(struct_size(new, entries, size), GFP_KERNEL); 4500 if (!new) { 4501 ret = -ENOMEM; 4502 goto unlock; 4503 } 4504 new->size = size; 4505 4506 /* Copy thresholds (if any) to new array */ 4507 if (thresholds->primary) 4508 memcpy(new->entries, thresholds->primary->entries, 4509 flex_array_size(new, entries, size - 1)); 4510 4511 /* Add new threshold */ 4512 new->entries[size - 1].eventfd = eventfd; 4513 new->entries[size - 1].threshold = threshold; 4514 4515 /* Sort thresholds. Registering of new threshold isn't time-critical */ 4516 sort(new->entries, size, sizeof(*new->entries), 4517 compare_thresholds, NULL); 4518 4519 /* Find current threshold */ 4520 new->current_threshold = -1; 4521 for (i = 0; i < size; i++) { 4522 if (new->entries[i].threshold <= usage) { 4523 /* 4524 * new->current_threshold will not be used until 4525 * rcu_assign_pointer(), so it's safe to increment 4526 * it here. 4527 */ 4528 ++new->current_threshold; 4529 } else 4530 break; 4531 } 4532 4533 /* Free old spare buffer and save old primary buffer as spare */ 4534 kfree(thresholds->spare); 4535 thresholds->spare = thresholds->primary; 4536 4537 rcu_assign_pointer(thresholds->primary, new); 4538 4539 /* To be sure that nobody uses thresholds */ 4540 synchronize_rcu(); 4541 4542unlock: 4543 mutex_unlock(&memcg->thresholds_lock); 4544 4545 return ret; 4546} 4547 4548static int mem_cgroup_usage_register_event(struct mem_cgroup *memcg, 4549 struct eventfd_ctx *eventfd, const char *args) 4550{ 4551 return __mem_cgroup_usage_register_event(memcg, eventfd, args, _MEM); 4552} 4553 4554static int memsw_cgroup_usage_register_event(struct mem_cgroup *memcg, 4555 struct eventfd_ctx *eventfd, const char *args) 4556{ 4557 return __mem_cgroup_usage_register_event(memcg, eventfd, args, _MEMSWAP); 4558} 4559 4560static void __mem_cgroup_usage_unregister_event(struct mem_cgroup *memcg, 4561 struct eventfd_ctx *eventfd, enum res_type type) 4562{ 4563 struct mem_cgroup_thresholds *thresholds; 4564 struct mem_cgroup_threshold_ary *new; 4565 unsigned long usage; 4566 int i, j, size, entries; 4567 4568 mutex_lock(&memcg->thresholds_lock); 4569 4570 if (type == _MEM) { 4571 thresholds = &memcg->thresholds; 4572 usage = mem_cgroup_usage(memcg, false); 4573 } else if (type == _MEMSWAP) { 4574 thresholds = &memcg->memsw_thresholds; 4575 usage = mem_cgroup_usage(memcg, true); 4576 } else 4577 BUG(); 4578 4579 if (!thresholds->primary) 4580 goto unlock; 4581 4582 /* Check if a threshold crossed before removing */ 4583 __mem_cgroup_threshold(memcg, type == _MEMSWAP); 4584 4585 /* Calculate new number of threshold */ 4586 size = entries = 0; 4587 for (i = 0; i < thresholds->primary->size; i++) { 4588 if (thresholds->primary->entries[i].eventfd != eventfd) 4589 size++; 4590 else 4591 entries++; 4592 } 4593 4594 new = thresholds->spare; 4595 4596 /* If no items related to eventfd have been cleared, nothing to do */ 4597 if (!entries) 4598 goto unlock; 4599 4600 /* Set thresholds array to NULL if we don't have thresholds */ 4601 if (!size) { 4602 kfree(new); 4603 new = NULL; 4604 goto swap_buffers; 4605 } 4606 4607 new->size = size; 4608 4609 /* Copy thresholds and find current threshold */ 4610 new->current_threshold = -1; 4611 for (i = 0, j = 0; i < thresholds->primary->size; i++) { 4612 if (thresholds->primary->entries[i].eventfd == eventfd) 4613 continue; 4614 4615 new->entries[j] = thresholds->primary->entries[i]; 4616 if (new->entries[j].threshold <= usage) { 4617 /* 4618 * new->current_threshold will not be used 4619 * until rcu_assign_pointer(), so it's safe to increment 4620 * it here. 4621 */ 4622 ++new->current_threshold; 4623 } 4624 j++; 4625 } 4626 4627swap_buffers: 4628 /* Swap primary and spare array */ 4629 thresholds->spare = thresholds->primary; 4630 4631 rcu_assign_pointer(thresholds->primary, new); 4632 4633 /* To be sure that nobody uses thresholds */ 4634 synchronize_rcu(); 4635 4636 /* If all events are unregistered, free the spare array */ 4637 if (!new) { 4638 kfree(thresholds->spare); 4639 thresholds->spare = NULL; 4640 } 4641unlock: 4642 mutex_unlock(&memcg->thresholds_lock); 4643} 4644 4645static void mem_cgroup_usage_unregister_event(struct mem_cgroup *memcg, 4646 struct eventfd_ctx *eventfd) 4647{ 4648 return __mem_cgroup_usage_unregister_event(memcg, eventfd, _MEM); 4649} 4650 4651static void memsw_cgroup_usage_unregister_event(struct mem_cgroup *memcg, 4652 struct eventfd_ctx *eventfd) 4653{ 4654 return __mem_cgroup_usage_unregister_event(memcg, eventfd, _MEMSWAP); 4655} 4656 4657static int mem_cgroup_oom_register_event(struct mem_cgroup *memcg, 4658 struct eventfd_ctx *eventfd, const char *args) 4659{ 4660 struct mem_cgroup_eventfd_list *event; 4661 4662 event = kmalloc(sizeof(*event), GFP_KERNEL); 4663 if (!event) 4664 return -ENOMEM; 4665 4666 spin_lock(&memcg_oom_lock); 4667 4668 event->eventfd = eventfd; 4669 list_add(&event->list, &memcg->oom_notify); 4670 4671 /* already in OOM ? */ 4672 if (memcg->under_oom) 4673 eventfd_signal(eventfd); 4674 spin_unlock(&memcg_oom_lock); 4675 4676 return 0; 4677} 4678 4679static void mem_cgroup_oom_unregister_event(struct mem_cgroup *memcg, 4680 struct eventfd_ctx *eventfd) 4681{ 4682 struct mem_cgroup_eventfd_list *ev, *tmp; 4683 4684 spin_lock(&memcg_oom_lock); 4685 4686 list_for_each_entry_safe(ev, tmp, &memcg->oom_notify, list) { 4687 if (ev->eventfd == eventfd) { 4688 list_del(&ev->list); 4689 kfree(ev); 4690 } 4691 } 4692 4693 spin_unlock(&memcg_oom_lock); 4694} 4695 4696static int mem_cgroup_oom_control_read(struct seq_file *sf, void *v) 4697{ 4698 struct mem_cgroup *memcg = mem_cgroup_from_seq(sf); 4699 4700 seq_printf(sf, "oom_kill_disable %d\n", READ_ONCE(memcg->oom_kill_disable)); 4701 seq_printf(sf, "under_oom %d\n", (bool)memcg->under_oom); 4702 seq_printf(sf, "oom_kill %lu\n", 4703 atomic_long_read(&memcg->memory_events[MEMCG_OOM_KILL])); 4704 return 0; 4705} 4706 4707static int mem_cgroup_oom_control_write(struct cgroup_subsys_state *css, 4708 struct cftype *cft, u64 val) 4709{ 4710 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 4711 4712 /* cannot set to root cgroup and only 0 and 1 are allowed */ 4713 if (mem_cgroup_is_root(memcg) || !((val == 0) || (val == 1))) 4714 return -EINVAL; 4715 4716 WRITE_ONCE(memcg->oom_kill_disable, val); 4717 if (!val) 4718 memcg_oom_recover(memcg); 4719 4720 return 0; 4721} 4722 4723#ifdef CONFIG_CGROUP_WRITEBACK 4724 4725#include <trace/events/writeback.h> 4726 4727static int memcg_wb_domain_init(struct mem_cgroup *memcg, gfp_t gfp) 4728{ 4729 return wb_domain_init(&memcg->cgwb_domain, gfp); 4730} 4731 4732static void memcg_wb_domain_exit(struct mem_cgroup *memcg) 4733{ 4734 wb_domain_exit(&memcg->cgwb_domain); 4735} 4736 4737static void memcg_wb_domain_size_changed(struct mem_cgroup *memcg) 4738{ 4739 wb_domain_size_changed(&memcg->cgwb_domain); 4740} 4741 4742struct wb_domain *mem_cgroup_wb_domain(struct bdi_writeback *wb) 4743{ 4744 struct mem_cgroup *memcg = mem_cgroup_from_css(wb->memcg_css); 4745 4746 if (!memcg->css.parent) 4747 return NULL; 4748 4749 return &memcg->cgwb_domain; 4750} 4751 4752/** 4753 * mem_cgroup_wb_stats - retrieve writeback related stats from its memcg 4754 * @wb: bdi_writeback in question 4755 * @pfilepages: out parameter for number of file pages 4756 * @pheadroom: out parameter for number of allocatable pages according to memcg 4757 * @pdirty: out parameter for number of dirty pages 4758 * @pwriteback: out parameter for number of pages under writeback 4759 * 4760 * Determine the numbers of file, headroom, dirty, and writeback pages in 4761 * @wb's memcg. File, dirty and writeback are self-explanatory. Headroom 4762 * is a bit more involved. 4763 * 4764 * A memcg's headroom is "min(max, high) - used". In the hierarchy, the 4765 * headroom is calculated as the lowest headroom of itself and the 4766 * ancestors. Note that this doesn't consider the actual amount of 4767 * available memory in the system. The caller should further cap 4768 * *@pheadroom accordingly. 4769 */ 4770void mem_cgroup_wb_stats(struct bdi_writeback *wb, unsigned long *pfilepages, 4771 unsigned long *pheadroom, unsigned long *pdirty, 4772 unsigned long *pwriteback) 4773{ 4774 struct mem_cgroup *memcg = mem_cgroup_from_css(wb->memcg_css); 4775 struct mem_cgroup *parent; 4776 4777 mem_cgroup_flush_stats(memcg); 4778 4779 *pdirty = memcg_page_state(memcg, NR_FILE_DIRTY); 4780 *pwriteback = memcg_page_state(memcg, NR_WRITEBACK); 4781 *pfilepages = memcg_page_state(memcg, NR_INACTIVE_FILE) + 4782 memcg_page_state(memcg, NR_ACTIVE_FILE); 4783 4784 *pheadroom = PAGE_COUNTER_MAX; 4785 while ((parent = parent_mem_cgroup(memcg))) { 4786 unsigned long ceiling = min(READ_ONCE(memcg->memory.max), 4787 READ_ONCE(memcg->memory.high)); 4788 unsigned long used = page_counter_read(&memcg->memory); 4789 4790 *pheadroom = min(*pheadroom, ceiling - min(ceiling, used)); 4791 memcg = parent; 4792 } 4793} 4794 4795/* 4796 * Foreign dirty flushing 4797 * 4798 * There's an inherent mismatch between memcg and writeback. The former 4799 * tracks ownership per-page while the latter per-inode. This was a 4800 * deliberate design decision because honoring per-page ownership in the 4801 * writeback path is complicated, may lead to higher CPU and IO overheads 4802 * and deemed unnecessary given that write-sharing an inode across 4803 * different cgroups isn't a common use-case. 4804 * 4805 * Combined with inode majority-writer ownership switching, this works well 4806 * enough in most cases but there are some pathological cases. For 4807 * example, let's say there are two cgroups A and B which keep writing to 4808 * different but confined parts of the same inode. B owns the inode and 4809 * A's memory is limited far below B's. A's dirty ratio can rise enough to 4810 * trigger balance_dirty_pages() sleeps but B's can be low enough to avoid 4811 * triggering background writeback. A will be slowed down without a way to 4812 * make writeback of the dirty pages happen. 4813 * 4814 * Conditions like the above can lead to a cgroup getting repeatedly and 4815 * severely throttled after making some progress after each 4816 * dirty_expire_interval while the underlying IO device is almost 4817 * completely idle. 4818 * 4819 * Solving this problem completely requires matching the ownership tracking 4820 * granularities between memcg and writeback in either direction. However, 4821 * the more egregious behaviors can be avoided by simply remembering the 4822 * most recent foreign dirtying events and initiating remote flushes on 4823 * them when local writeback isn't enough to keep the memory clean enough. 4824 * 4825 * The following two functions implement such mechanism. When a foreign 4826 * page - a page whose memcg and writeback ownerships don't match - is 4827 * dirtied, mem_cgroup_track_foreign_dirty() records the inode owning 4828 * bdi_writeback on the page owning memcg. When balance_dirty_pages() 4829 * decides that the memcg needs to sleep due to high dirty ratio, it calls 4830 * mem_cgroup_flush_foreign() which queues writeback on the recorded 4831 * foreign bdi_writebacks which haven't expired. Both the numbers of 4832 * recorded bdi_writebacks and concurrent in-flight foreign writebacks are 4833 * limited to MEMCG_CGWB_FRN_CNT. 4834 * 4835 * The mechanism only remembers IDs and doesn't hold any object references. 4836 * As being wrong occasionally doesn't matter, updates and accesses to the 4837 * records are lockless and racy. 4838 */ 4839void mem_cgroup_track_foreign_dirty_slowpath(struct folio *folio, 4840 struct bdi_writeback *wb) 4841{ 4842 struct mem_cgroup *memcg = folio_memcg(folio); 4843 struct memcg_cgwb_frn *frn; 4844 u64 now = get_jiffies_64(); 4845 u64 oldest_at = now; 4846 int oldest = -1; 4847 int i; 4848 4849 trace_track_foreign_dirty(folio, wb); 4850 4851 /* 4852 * Pick the slot to use. If there is already a slot for @wb, keep 4853 * using it. If not replace the oldest one which isn't being 4854 * written out. 4855 */ 4856 for (i = 0; i < MEMCG_CGWB_FRN_CNT; i++) { 4857 frn = &memcg->cgwb_frn[i]; 4858 if (frn->bdi_id == wb->bdi->id && 4859 frn->memcg_id == wb->memcg_css->id) 4860 break; 4861 if (time_before64(frn->at, oldest_at) && 4862 atomic_read(&frn->done.cnt) == 1) { 4863 oldest = i; 4864 oldest_at = frn->at; 4865 } 4866 } 4867 4868 if (i < MEMCG_CGWB_FRN_CNT) { 4869 /* 4870 * Re-using an existing one. Update timestamp lazily to 4871 * avoid making the cacheline hot. We want them to be 4872 * reasonably up-to-date and significantly shorter than 4873 * dirty_expire_interval as that's what expires the record. 4874 * Use the shorter of 1s and dirty_expire_interval / 8. 4875 */ 4876 unsigned long update_intv = 4877 min_t(unsigned long, HZ, 4878 msecs_to_jiffies(dirty_expire_interval * 10) / 8); 4879 4880 if (time_before64(frn->at, now - update_intv)) 4881 frn->at = now; 4882 } else if (oldest >= 0) { 4883 /* replace the oldest free one */ 4884 frn = &memcg->cgwb_frn[oldest]; 4885 frn->bdi_id = wb->bdi->id; 4886 frn->memcg_id = wb->memcg_css->id; 4887 frn->at = now; 4888 } 4889} 4890 4891/* issue foreign writeback flushes for recorded foreign dirtying events */ 4892void mem_cgroup_flush_foreign(struct bdi_writeback *wb) 4893{ 4894 struct mem_cgroup *memcg = mem_cgroup_from_css(wb->memcg_css); 4895 unsigned long intv = msecs_to_jiffies(dirty_expire_interval * 10); 4896 u64 now = jiffies_64; 4897 int i; 4898 4899 for (i = 0; i < MEMCG_CGWB_FRN_CNT; i++) { 4900 struct memcg_cgwb_frn *frn = &memcg->cgwb_frn[i]; 4901 4902 /* 4903 * If the record is older than dirty_expire_interval, 4904 * writeback on it has already started. No need to kick it 4905 * off again. Also, don't start a new one if there's 4906 * already one in flight. 4907 */ 4908 if (time_after64(frn->at, now - intv) && 4909 atomic_read(&frn->done.cnt) == 1) { 4910 frn->at = 0; 4911 trace_flush_foreign(wb, frn->bdi_id, frn->memcg_id); 4912 cgroup_writeback_by_id(frn->bdi_id, frn->memcg_id, 4913 WB_REASON_FOREIGN_FLUSH, 4914 &frn->done); 4915 } 4916 } 4917} 4918 4919#else /* CONFIG_CGROUP_WRITEBACK */ 4920 4921static int memcg_wb_domain_init(struct mem_cgroup *memcg, gfp_t gfp) 4922{ 4923 return 0; 4924} 4925 4926static void memcg_wb_domain_exit(struct mem_cgroup *memcg) 4927{ 4928} 4929 4930static void memcg_wb_domain_size_changed(struct mem_cgroup *memcg) 4931{ 4932} 4933 4934#endif /* CONFIG_CGROUP_WRITEBACK */ 4935 4936/* 4937 * DO NOT USE IN NEW FILES. 4938 * 4939 * "cgroup.event_control" implementation. 4940 * 4941 * This is way over-engineered. It tries to support fully configurable 4942 * events for each user. Such level of flexibility is completely 4943 * unnecessary especially in the light of the planned unified hierarchy. 4944 * 4945 * Please deprecate this and replace with something simpler if at all 4946 * possible. 4947 */ 4948 4949/* 4950 * Unregister event and free resources. 4951 * 4952 * Gets called from workqueue. 4953 */ 4954static void memcg_event_remove(struct work_struct *work) 4955{ 4956 struct mem_cgroup_event *event = 4957 container_of(work, struct mem_cgroup_event, remove); 4958 struct mem_cgroup *memcg = event->memcg; 4959 4960 remove_wait_queue(event->wqh, &event->wait); 4961 4962 event->unregister_event(memcg, event->eventfd); 4963 4964 /* Notify userspace the event is going away. */ 4965 eventfd_signal(event->eventfd); 4966 4967 eventfd_ctx_put(event->eventfd); 4968 kfree(event); 4969 css_put(&memcg->css); 4970} 4971 4972/* 4973 * Gets called on EPOLLHUP on eventfd when user closes it. 4974 * 4975 * Called with wqh->lock held and interrupts disabled. 4976 */ 4977static int memcg_event_wake(wait_queue_entry_t *wait, unsigned mode, 4978 int sync, void *key) 4979{ 4980 struct mem_cgroup_event *event = 4981 container_of(wait, struct mem_cgroup_event, wait); 4982 struct mem_cgroup *memcg = event->memcg; 4983 __poll_t flags = key_to_poll(key); 4984 4985 if (flags & EPOLLHUP) { 4986 /* 4987 * If the event has been detached at cgroup removal, we 4988 * can simply return knowing the other side will cleanup 4989 * for us. 4990 * 4991 * We can't race against event freeing since the other 4992 * side will require wqh->lock via remove_wait_queue(), 4993 * which we hold. 4994 */ 4995 spin_lock(&memcg->event_list_lock); 4996 if (!list_empty(&event->list)) { 4997 list_del_init(&event->list); 4998 /* 4999 * We are in atomic context, but cgroup_event_remove() 5000 * may sleep, so we have to call it in workqueue. 5001 */ 5002 schedule_work(&event->remove); 5003 } 5004 spin_unlock(&memcg->event_list_lock); 5005 } 5006 5007 return 0; 5008} 5009 5010static void memcg_event_ptable_queue_proc(struct file *file, 5011 wait_queue_head_t *wqh, poll_table *pt) 5012{ 5013 struct mem_cgroup_event *event = 5014 container_of(pt, struct mem_cgroup_event, pt); 5015 5016 event->wqh = wqh; 5017 add_wait_queue(wqh, &event->wait); 5018} 5019 5020/* 5021 * DO NOT USE IN NEW FILES. 5022 * 5023 * Parse input and register new cgroup event handler. 5024 * 5025 * Input must be in format '<event_fd> <control_fd> <args>'. 5026 * Interpretation of args is defined by control file implementation. 5027 */ 5028static ssize_t memcg_write_event_control(struct kernfs_open_file *of, 5029 char *buf, size_t nbytes, loff_t off) 5030{ 5031 struct cgroup_subsys_state *css = of_css(of); 5032 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 5033 struct mem_cgroup_event *event; 5034 struct cgroup_subsys_state *cfile_css; 5035 unsigned int efd, cfd; 5036 struct fd efile; 5037 struct fd cfile; 5038 struct dentry *cdentry; 5039 const char *name; 5040 char *endp; 5041 int ret; 5042 5043 if (IS_ENABLED(CONFIG_PREEMPT_RT)) 5044 return -EOPNOTSUPP; 5045 5046 buf = strstrip(buf); 5047 5048 efd = simple_strtoul(buf, &endp, 10); 5049 if (*endp != ' ') 5050 return -EINVAL; 5051 buf = endp + 1; 5052 5053 cfd = simple_strtoul(buf, &endp, 10); 5054 if ((*endp != ' ') && (*endp != '\0')) 5055 return -EINVAL; 5056 buf = endp + 1; 5057 5058 event = kzalloc(sizeof(*event), GFP_KERNEL); 5059 if (!event) 5060 return -ENOMEM; 5061 5062 event->memcg = memcg; 5063 INIT_LIST_HEAD(&event->list); 5064 init_poll_funcptr(&event->pt, memcg_event_ptable_queue_proc); 5065 init_waitqueue_func_entry(&event->wait, memcg_event_wake); 5066 INIT_WORK(&event->remove, memcg_event_remove); 5067 5068 efile = fdget(efd); 5069 if (!efile.file) { 5070 ret = -EBADF; 5071 goto out_kfree; 5072 } 5073 5074 event->eventfd = eventfd_ctx_fileget(efile.file); 5075 if (IS_ERR(event->eventfd)) { 5076 ret = PTR_ERR(event->eventfd); 5077 goto out_put_efile; 5078 } 5079 5080 cfile = fdget(cfd); 5081 if (!cfile.file) { 5082 ret = -EBADF; 5083 goto out_put_eventfd; 5084 } 5085 5086 /* the process need read permission on control file */ 5087 /* AV: shouldn't we check that it's been opened for read instead? */ 5088 ret = file_permission(cfile.file, MAY_READ); 5089 if (ret < 0) 5090 goto out_put_cfile; 5091 5092 /* 5093 * The control file must be a regular cgroup1 file. As a regular cgroup 5094 * file can't be renamed, it's safe to access its name afterwards. 5095 */ 5096 cdentry = cfile.file->f_path.dentry; 5097 if (cdentry->d_sb->s_type != &cgroup_fs_type || !d_is_reg(cdentry)) { 5098 ret = -EINVAL; 5099 goto out_put_cfile; 5100 } 5101 5102 /* 5103 * Determine the event callbacks and set them in @event. This used 5104 * to be done via struct cftype but cgroup core no longer knows 5105 * about these events. The following is crude but the whole thing 5106 * is for compatibility anyway. 5107 * 5108 * DO NOT ADD NEW FILES. 5109 */ 5110 name = cdentry->d_name.name; 5111 5112 if (!strcmp(name, "memory.usage_in_bytes")) { 5113 event->register_event = mem_cgroup_usage_register_event; 5114 event->unregister_event = mem_cgroup_usage_unregister_event; 5115 } else if (!strcmp(name, "memory.oom_control")) { 5116 event->register_event = mem_cgroup_oom_register_event; 5117 event->unregister_event = mem_cgroup_oom_unregister_event; 5118 } else if (!strcmp(name, "memory.pressure_level")) { 5119 event->register_event = vmpressure_register_event; 5120 event->unregister_event = vmpressure_unregister_event; 5121 } else if (!strcmp(name, "memory.memsw.usage_in_bytes")) { 5122 event->register_event = memsw_cgroup_usage_register_event; 5123 event->unregister_event = memsw_cgroup_usage_unregister_event; 5124 } else { 5125 ret = -EINVAL; 5126 goto out_put_cfile; 5127 } 5128 5129 /* 5130 * Verify @cfile should belong to @css. Also, remaining events are 5131 * automatically removed on cgroup destruction but the removal is 5132 * asynchronous, so take an extra ref on @css. 5133 */ 5134 cfile_css = css_tryget_online_from_dir(cdentry->d_parent, 5135 &memory_cgrp_subsys); 5136 ret = -EINVAL; 5137 if (IS_ERR(cfile_css)) 5138 goto out_put_cfile; 5139 if (cfile_css != css) { 5140 css_put(cfile_css); 5141 goto out_put_cfile; 5142 } 5143 5144 ret = event->register_event(memcg, event->eventfd, buf); 5145 if (ret) 5146 goto out_put_css; 5147 5148 vfs_poll(efile.file, &event->pt); 5149 5150 spin_lock_irq(&memcg->event_list_lock); 5151 list_add(&event->list, &memcg->event_list); 5152 spin_unlock_irq(&memcg->event_list_lock); 5153 5154 fdput(cfile); 5155 fdput(efile); 5156 5157 return nbytes; 5158 5159out_put_css: 5160 css_put(css); 5161out_put_cfile: 5162 fdput(cfile); 5163out_put_eventfd: 5164 eventfd_ctx_put(event->eventfd); 5165out_put_efile: 5166 fdput(efile); 5167out_kfree: 5168 kfree(event); 5169 5170 return ret; 5171} 5172 5173#if defined(CONFIG_MEMCG_KMEM) && defined(CONFIG_SLUB_DEBUG) 5174static int mem_cgroup_slab_show(struct seq_file *m, void *p) 5175{ 5176 /* 5177 * Deprecated. 5178 * Please, take a look at tools/cgroup/memcg_slabinfo.py . 5179 */ 5180 return 0; 5181} 5182#endif 5183 5184static int memory_stat_show(struct seq_file *m, void *v); 5185 5186static struct cftype mem_cgroup_legacy_files[] = { 5187 { 5188 .name = "usage_in_bytes", 5189 .private = MEMFILE_PRIVATE(_MEM, RES_USAGE), 5190 .read_u64 = mem_cgroup_read_u64, 5191 }, 5192 { 5193 .name = "max_usage_in_bytes", 5194 .private = MEMFILE_PRIVATE(_MEM, RES_MAX_USAGE), 5195 .write = mem_cgroup_reset, 5196 .read_u64 = mem_cgroup_read_u64, 5197 }, 5198 { 5199 .name = "limit_in_bytes", 5200 .private = MEMFILE_PRIVATE(_MEM, RES_LIMIT), 5201 .write = mem_cgroup_write, 5202 .read_u64 = mem_cgroup_read_u64, 5203 }, 5204 { 5205 .name = "soft_limit_in_bytes", 5206 .private = MEMFILE_PRIVATE(_MEM, RES_SOFT_LIMIT), 5207 .write = mem_cgroup_write, 5208 .read_u64 = mem_cgroup_read_u64, 5209 }, 5210 { 5211 .name = "failcnt", 5212 .private = MEMFILE_PRIVATE(_MEM, RES_FAILCNT), 5213 .write = mem_cgroup_reset, 5214 .read_u64 = mem_cgroup_read_u64, 5215 }, 5216 { 5217 .name = "stat", 5218 .seq_show = memory_stat_show, 5219 }, 5220 { 5221 .name = "force_empty", 5222 .write = mem_cgroup_force_empty_write, 5223 }, 5224 { 5225 .name = "use_hierarchy", 5226 .write_u64 = mem_cgroup_hierarchy_write, 5227 .read_u64 = mem_cgroup_hierarchy_read, 5228 }, 5229 { 5230 .name = "cgroup.event_control", /* XXX: for compat */ 5231 .write = memcg_write_event_control, 5232 .flags = CFTYPE_NO_PREFIX | CFTYPE_WORLD_WRITABLE, 5233 }, 5234 { 5235 .name = "swappiness", 5236 .read_u64 = mem_cgroup_swappiness_read, 5237 .write_u64 = mem_cgroup_swappiness_write, 5238 }, 5239 { 5240 .name = "move_charge_at_immigrate", 5241 .read_u64 = mem_cgroup_move_charge_read, 5242 .write_u64 = mem_cgroup_move_charge_write, 5243 }, 5244 { 5245 .name = "oom_control", 5246 .seq_show = mem_cgroup_oom_control_read, 5247 .write_u64 = mem_cgroup_oom_control_write, 5248 }, 5249 { 5250 .name = "pressure_level", 5251 .seq_show = mem_cgroup_dummy_seq_show, 5252 }, 5253#ifdef CONFIG_NUMA 5254 { 5255 .name = "numa_stat", 5256 .seq_show = memcg_numa_stat_show, 5257 }, 5258#endif 5259 { 5260 .name = "kmem.limit_in_bytes", 5261 .private = MEMFILE_PRIVATE(_KMEM, RES_LIMIT), 5262 .write = mem_cgroup_write, 5263 .read_u64 = mem_cgroup_read_u64, 5264 }, 5265 { 5266 .name = "kmem.usage_in_bytes", 5267 .private = MEMFILE_PRIVATE(_KMEM, RES_USAGE), 5268 .read_u64 = mem_cgroup_read_u64, 5269 }, 5270 { 5271 .name = "kmem.failcnt", 5272 .private = MEMFILE_PRIVATE(_KMEM, RES_FAILCNT), 5273 .write = mem_cgroup_reset, 5274 .read_u64 = mem_cgroup_read_u64, 5275 }, 5276 { 5277 .name = "kmem.max_usage_in_bytes", 5278 .private = MEMFILE_PRIVATE(_KMEM, RES_MAX_USAGE), 5279 .write = mem_cgroup_reset, 5280 .read_u64 = mem_cgroup_read_u64, 5281 }, 5282#if defined(CONFIG_MEMCG_KMEM) && defined(CONFIG_SLUB_DEBUG) 5283 { 5284 .name = "kmem.slabinfo", 5285 .seq_show = mem_cgroup_slab_show, 5286 }, 5287#endif 5288 { 5289 .name = "kmem.tcp.limit_in_bytes", 5290 .private = MEMFILE_PRIVATE(_TCP, RES_LIMIT), 5291 .write = mem_cgroup_write, 5292 .read_u64 = mem_cgroup_read_u64, 5293 }, 5294 { 5295 .name = "kmem.tcp.usage_in_bytes", 5296 .private = MEMFILE_PRIVATE(_TCP, RES_USAGE), 5297 .read_u64 = mem_cgroup_read_u64, 5298 }, 5299 { 5300 .name = "kmem.tcp.failcnt", 5301 .private = MEMFILE_PRIVATE(_TCP, RES_FAILCNT), 5302 .write = mem_cgroup_reset, 5303 .read_u64 = mem_cgroup_read_u64, 5304 }, 5305 { 5306 .name = "kmem.tcp.max_usage_in_bytes", 5307 .private = MEMFILE_PRIVATE(_TCP, RES_MAX_USAGE), 5308 .write = mem_cgroup_reset, 5309 .read_u64 = mem_cgroup_read_u64, 5310 }, 5311 { }, /* terminate */ 5312}; 5313 5314/* 5315 * Private memory cgroup IDR 5316 * 5317 * Swap-out records and page cache shadow entries need to store memcg 5318 * references in constrained space, so we maintain an ID space that is 5319 * limited to 16 bit (MEM_CGROUP_ID_MAX), limiting the total number of 5320 * memory-controlled cgroups to 64k. 5321 * 5322 * However, there usually are many references to the offline CSS after 5323 * the cgroup has been destroyed, such as page cache or reclaimable 5324 * slab objects, that don't need to hang on to the ID. We want to keep 5325 * those dead CSS from occupying IDs, or we might quickly exhaust the 5326 * relatively small ID space and prevent the creation of new cgroups 5327 * even when there are much fewer than 64k cgroups - possibly none. 5328 * 5329 * Maintain a private 16-bit ID space for memcg, and allow the ID to 5330 * be freed and recycled when it's no longer needed, which is usually 5331 * when the CSS is offlined. 5332 * 5333 * The only exception to that are records of swapped out tmpfs/shmem 5334 * pages that need to be attributed to live ancestors on swapin. But 5335 * those references are manageable from userspace. 5336 */ 5337 5338#define MEM_CGROUP_ID_MAX ((1UL << MEM_CGROUP_ID_SHIFT) - 1) 5339static DEFINE_IDR(mem_cgroup_idr); 5340 5341static void mem_cgroup_id_remove(struct mem_cgroup *memcg) 5342{ 5343 if (memcg->id.id > 0) { 5344 idr_remove(&mem_cgroup_idr, memcg->id.id); 5345 memcg->id.id = 0; 5346 } 5347} 5348 5349static void __maybe_unused mem_cgroup_id_get_many(struct mem_cgroup *memcg, 5350 unsigned int n) 5351{ 5352 refcount_add(n, &memcg->id.ref); 5353} 5354 5355static void mem_cgroup_id_put_many(struct mem_cgroup *memcg, unsigned int n) 5356{ 5357 if (refcount_sub_and_test(n, &memcg->id.ref)) { 5358 mem_cgroup_id_remove(memcg); 5359 5360 /* Memcg ID pins CSS */ 5361 css_put(&memcg->css); 5362 } 5363} 5364 5365static inline void mem_cgroup_id_put(struct mem_cgroup *memcg) 5366{ 5367 mem_cgroup_id_put_many(memcg, 1); 5368} 5369 5370/** 5371 * mem_cgroup_from_id - look up a memcg from a memcg id 5372 * @id: the memcg id to look up 5373 * 5374 * Caller must hold rcu_read_lock(). 5375 */ 5376struct mem_cgroup *mem_cgroup_from_id(unsigned short id) 5377{ 5378 WARN_ON_ONCE(!rcu_read_lock_held()); 5379 return idr_find(&mem_cgroup_idr, id); 5380} 5381 5382#ifdef CONFIG_SHRINKER_DEBUG 5383struct mem_cgroup *mem_cgroup_get_from_ino(unsigned long ino) 5384{ 5385 struct cgroup *cgrp; 5386 struct cgroup_subsys_state *css; 5387 struct mem_cgroup *memcg; 5388 5389 cgrp = cgroup_get_from_id(ino); 5390 if (IS_ERR(cgrp)) 5391 return ERR_CAST(cgrp); 5392 5393 css = cgroup_get_e_css(cgrp, &memory_cgrp_subsys); 5394 if (css) 5395 memcg = container_of(css, struct mem_cgroup, css); 5396 else 5397 memcg = ERR_PTR(-ENOENT); 5398 5399 cgroup_put(cgrp); 5400 5401 return memcg; 5402} 5403#endif 5404 5405static int alloc_mem_cgroup_per_node_info(struct mem_cgroup *memcg, int node) 5406{ 5407 struct mem_cgroup_per_node *pn; 5408 5409 pn = kzalloc_node(sizeof(*pn), GFP_KERNEL, node); 5410 if (!pn) 5411 return 1; 5412 5413 pn->lruvec_stats_percpu = alloc_percpu_gfp(struct lruvec_stats_percpu, 5414 GFP_KERNEL_ACCOUNT); 5415 if (!pn->lruvec_stats_percpu) { 5416 kfree(pn); 5417 return 1; 5418 } 5419 5420 lruvec_init(&pn->lruvec); 5421 pn->memcg = memcg; 5422 5423 memcg->nodeinfo[node] = pn; 5424 return 0; 5425} 5426 5427static void free_mem_cgroup_per_node_info(struct mem_cgroup *memcg, int node) 5428{ 5429 struct mem_cgroup_per_node *pn = memcg->nodeinfo[node]; 5430 5431 if (!pn) 5432 return; 5433 5434 free_percpu(pn->lruvec_stats_percpu); 5435 kfree(pn); 5436} 5437 5438static void __mem_cgroup_free(struct mem_cgroup *memcg) 5439{ 5440 int node; 5441 5442 if (memcg->orig_objcg) 5443 obj_cgroup_put(memcg->orig_objcg); 5444 5445 for_each_node(node) 5446 free_mem_cgroup_per_node_info(memcg, node); 5447 kfree(memcg->vmstats); 5448 free_percpu(memcg->vmstats_percpu); 5449 kfree(memcg); 5450} 5451 5452static void mem_cgroup_free(struct mem_cgroup *memcg) 5453{ 5454 lru_gen_exit_memcg(memcg); 5455 memcg_wb_domain_exit(memcg); 5456 __mem_cgroup_free(memcg); 5457} 5458 5459static struct mem_cgroup *mem_cgroup_alloc(void) 5460{ 5461 struct mem_cgroup *memcg; 5462 int node; 5463 int __maybe_unused i; 5464 long error = -ENOMEM; 5465 5466 memcg = kzalloc(struct_size(memcg, nodeinfo, nr_node_ids), GFP_KERNEL); 5467 if (!memcg) 5468 return ERR_PTR(error); 5469 5470 memcg->id.id = idr_alloc(&mem_cgroup_idr, NULL, 5471 1, MEM_CGROUP_ID_MAX + 1, GFP_KERNEL); 5472 if (memcg->id.id < 0) { 5473 error = memcg->id.id; 5474 goto fail; 5475 } 5476 5477 memcg->vmstats = kzalloc(sizeof(struct memcg_vmstats), GFP_KERNEL); 5478 if (!memcg->vmstats) 5479 goto fail; 5480 5481 memcg->vmstats_percpu = alloc_percpu_gfp(struct memcg_vmstats_percpu, 5482 GFP_KERNEL_ACCOUNT); 5483 if (!memcg->vmstats_percpu) 5484 goto fail; 5485 5486 for_each_node(node) 5487 if (alloc_mem_cgroup_per_node_info(memcg, node)) 5488 goto fail; 5489 5490 if (memcg_wb_domain_init(memcg, GFP_KERNEL)) 5491 goto fail; 5492 5493 INIT_WORK(&memcg->high_work, high_work_func); 5494 INIT_LIST_HEAD(&memcg->oom_notify); 5495 mutex_init(&memcg->thresholds_lock); 5496 spin_lock_init(&memcg->move_lock); 5497 vmpressure_init(&memcg->vmpressure); 5498 INIT_LIST_HEAD(&memcg->event_list); 5499 spin_lock_init(&memcg->event_list_lock); 5500 memcg->socket_pressure = jiffies; 5501#ifdef CONFIG_MEMCG_KMEM 5502 memcg->kmemcg_id = -1; 5503 INIT_LIST_HEAD(&memcg->objcg_list); 5504#endif 5505#ifdef CONFIG_CGROUP_WRITEBACK 5506 INIT_LIST_HEAD(&memcg->cgwb_list); 5507 for (i = 0; i < MEMCG_CGWB_FRN_CNT; i++) 5508 memcg->cgwb_frn[i].done = 5509 __WB_COMPLETION_INIT(&memcg_cgwb_frn_waitq); 5510#endif 5511#ifdef CONFIG_TRANSPARENT_HUGEPAGE 5512 spin_lock_init(&memcg->deferred_split_queue.split_queue_lock); 5513 INIT_LIST_HEAD(&memcg->deferred_split_queue.split_queue); 5514 memcg->deferred_split_queue.split_queue_len = 0; 5515#endif 5516 lru_gen_init_memcg(memcg); 5517 return memcg; 5518fail: 5519 mem_cgroup_id_remove(memcg); 5520 __mem_cgroup_free(memcg); 5521 return ERR_PTR(error); 5522} 5523 5524static struct cgroup_subsys_state * __ref 5525mem_cgroup_css_alloc(struct cgroup_subsys_state *parent_css) 5526{ 5527 struct mem_cgroup *parent = mem_cgroup_from_css(parent_css); 5528 struct mem_cgroup *memcg, *old_memcg; 5529 5530 old_memcg = set_active_memcg(parent); 5531 memcg = mem_cgroup_alloc(); 5532 set_active_memcg(old_memcg); 5533 if (IS_ERR(memcg)) 5534 return ERR_CAST(memcg); 5535 5536 page_counter_set_high(&memcg->memory, PAGE_COUNTER_MAX); 5537 WRITE_ONCE(memcg->soft_limit, PAGE_COUNTER_MAX); 5538#if defined(CONFIG_MEMCG_KMEM) && defined(CONFIG_ZSWAP) 5539 memcg->zswap_max = PAGE_COUNTER_MAX; 5540 WRITE_ONCE(memcg->zswap_writeback, 5541 !parent || READ_ONCE(parent->zswap_writeback)); 5542#endif 5543 page_counter_set_high(&memcg->swap, PAGE_COUNTER_MAX); 5544 if (parent) { 5545 WRITE_ONCE(memcg->swappiness, mem_cgroup_swappiness(parent)); 5546 WRITE_ONCE(memcg->oom_kill_disable, READ_ONCE(parent->oom_kill_disable)); 5547 5548 page_counter_init(&memcg->memory, &parent->memory); 5549 page_counter_init(&memcg->swap, &parent->swap); 5550 page_counter_init(&memcg->kmem, &parent->kmem); 5551 page_counter_init(&memcg->tcpmem, &parent->tcpmem); 5552 } else { 5553 init_memcg_events(); 5554 page_counter_init(&memcg->memory, NULL); 5555 page_counter_init(&memcg->swap, NULL); 5556 page_counter_init(&memcg->kmem, NULL); 5557 page_counter_init(&memcg->tcpmem, NULL); 5558 5559 root_mem_cgroup = memcg; 5560 return &memcg->css; 5561 } 5562 5563 if (cgroup_subsys_on_dfl(memory_cgrp_subsys) && !cgroup_memory_nosocket) 5564 static_branch_inc(&memcg_sockets_enabled_key); 5565 5566#if defined(CONFIG_MEMCG_KMEM) 5567 if (!cgroup_memory_nobpf) 5568 static_branch_inc(&memcg_bpf_enabled_key); 5569#endif 5570 5571 return &memcg->css; 5572} 5573 5574static int mem_cgroup_css_online(struct cgroup_subsys_state *css) 5575{ 5576 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 5577 5578 if (memcg_online_kmem(memcg)) 5579 goto remove_id; 5580 5581 /* 5582 * A memcg must be visible for expand_shrinker_info() 5583 * by the time the maps are allocated. So, we allocate maps 5584 * here, when for_each_mem_cgroup() can't skip it. 5585 */ 5586 if (alloc_shrinker_info(memcg)) 5587 goto offline_kmem; 5588 5589 if (unlikely(mem_cgroup_is_root(memcg))) 5590 queue_delayed_work(system_unbound_wq, &stats_flush_dwork, 5591 FLUSH_TIME); 5592 lru_gen_online_memcg(memcg); 5593 5594 /* Online state pins memcg ID, memcg ID pins CSS */ 5595 refcount_set(&memcg->id.ref, 1); 5596 css_get(css); 5597 5598 /* 5599 * Ensure mem_cgroup_from_id() works once we're fully online. 5600 * 5601 * We could do this earlier and require callers to filter with 5602 * css_tryget_online(). But right now there are no users that 5603 * need earlier access, and the workingset code relies on the 5604 * cgroup tree linkage (mem_cgroup_get_nr_swap_pages()). So 5605 * publish it here at the end of onlining. This matches the 5606 * regular ID destruction during offlining. 5607 */ 5608 idr_replace(&mem_cgroup_idr, memcg, memcg->id.id); 5609 5610 return 0; 5611offline_kmem: 5612 memcg_offline_kmem(memcg); 5613remove_id: 5614 mem_cgroup_id_remove(memcg); 5615 return -ENOMEM; 5616} 5617 5618static void mem_cgroup_css_offline(struct cgroup_subsys_state *css) 5619{ 5620 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 5621 struct mem_cgroup_event *event, *tmp; 5622 5623 /* 5624 * Unregister events and notify userspace. 5625 * Notify userspace about cgroup removing only after rmdir of cgroup 5626 * directory to avoid race between userspace and kernelspace. 5627 */ 5628 spin_lock_irq(&memcg->event_list_lock); 5629 list_for_each_entry_safe(event, tmp, &memcg->event_list, list) { 5630 list_del_init(&event->list); 5631 schedule_work(&event->remove); 5632 } 5633 spin_unlock_irq(&memcg->event_list_lock); 5634 5635 page_counter_set_min(&memcg->memory, 0); 5636 page_counter_set_low(&memcg->memory, 0); 5637 5638 zswap_memcg_offline_cleanup(memcg); 5639 5640 memcg_offline_kmem(memcg); 5641 reparent_shrinker_deferred(memcg); 5642 wb_memcg_offline(memcg); 5643 lru_gen_offline_memcg(memcg); 5644 5645 drain_all_stock(memcg); 5646 5647 mem_cgroup_id_put(memcg); 5648} 5649 5650static void mem_cgroup_css_released(struct cgroup_subsys_state *css) 5651{ 5652 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 5653 5654 invalidate_reclaim_iterators(memcg); 5655 lru_gen_release_memcg(memcg); 5656} 5657 5658static void mem_cgroup_css_free(struct cgroup_subsys_state *css) 5659{ 5660 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 5661 int __maybe_unused i; 5662 5663#ifdef CONFIG_CGROUP_WRITEBACK 5664 for (i = 0; i < MEMCG_CGWB_FRN_CNT; i++) 5665 wb_wait_for_completion(&memcg->cgwb_frn[i].done); 5666#endif 5667 if (cgroup_subsys_on_dfl(memory_cgrp_subsys) && !cgroup_memory_nosocket) 5668 static_branch_dec(&memcg_sockets_enabled_key); 5669 5670 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys) && memcg->tcpmem_active) 5671 static_branch_dec(&memcg_sockets_enabled_key); 5672 5673#if defined(CONFIG_MEMCG_KMEM) 5674 if (!cgroup_memory_nobpf) 5675 static_branch_dec(&memcg_bpf_enabled_key); 5676#endif 5677 5678 vmpressure_cleanup(&memcg->vmpressure); 5679 cancel_work_sync(&memcg->high_work); 5680 mem_cgroup_remove_from_trees(memcg); 5681 free_shrinker_info(memcg); 5682 mem_cgroup_free(memcg); 5683} 5684 5685/** 5686 * mem_cgroup_css_reset - reset the states of a mem_cgroup 5687 * @css: the target css 5688 * 5689 * Reset the states of the mem_cgroup associated with @css. This is 5690 * invoked when the userland requests disabling on the default hierarchy 5691 * but the memcg is pinned through dependency. The memcg should stop 5692 * applying policies and should revert to the vanilla state as it may be 5693 * made visible again. 5694 * 5695 * The current implementation only resets the essential configurations. 5696 * This needs to be expanded to cover all the visible parts. 5697 */ 5698static void mem_cgroup_css_reset(struct cgroup_subsys_state *css) 5699{ 5700 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 5701 5702 page_counter_set_max(&memcg->memory, PAGE_COUNTER_MAX); 5703 page_counter_set_max(&memcg->swap, PAGE_COUNTER_MAX); 5704 page_counter_set_max(&memcg->kmem, PAGE_COUNTER_MAX); 5705 page_counter_set_max(&memcg->tcpmem, PAGE_COUNTER_MAX); 5706 page_counter_set_min(&memcg->memory, 0); 5707 page_counter_set_low(&memcg->memory, 0); 5708 page_counter_set_high(&memcg->memory, PAGE_COUNTER_MAX); 5709 WRITE_ONCE(memcg->soft_limit, PAGE_COUNTER_MAX); 5710 page_counter_set_high(&memcg->swap, PAGE_COUNTER_MAX); 5711 memcg_wb_domain_size_changed(memcg); 5712} 5713 5714static void mem_cgroup_css_rstat_flush(struct cgroup_subsys_state *css, int cpu) 5715{ 5716 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 5717 struct mem_cgroup *parent = parent_mem_cgroup(memcg); 5718 struct memcg_vmstats_percpu *statc; 5719 long delta, delta_cpu, v; 5720 int i, nid; 5721 5722 statc = per_cpu_ptr(memcg->vmstats_percpu, cpu); 5723 5724 for (i = 0; i < MEMCG_NR_STAT; i++) { 5725 /* 5726 * Collect the aggregated propagation counts of groups 5727 * below us. We're in a per-cpu loop here and this is 5728 * a global counter, so the first cycle will get them. 5729 */ 5730 delta = memcg->vmstats->state_pending[i]; 5731 if (delta) 5732 memcg->vmstats->state_pending[i] = 0; 5733 5734 /* Add CPU changes on this level since the last flush */ 5735 delta_cpu = 0; 5736 v = READ_ONCE(statc->state[i]); 5737 if (v != statc->state_prev[i]) { 5738 delta_cpu = v - statc->state_prev[i]; 5739 delta += delta_cpu; 5740 statc->state_prev[i] = v; 5741 } 5742 5743 /* Aggregate counts on this level and propagate upwards */ 5744 if (delta_cpu) 5745 memcg->vmstats->state_local[i] += delta_cpu; 5746 5747 if (delta) { 5748 memcg->vmstats->state[i] += delta; 5749 if (parent) 5750 parent->vmstats->state_pending[i] += delta; 5751 } 5752 } 5753 5754 for (i = 0; i < NR_MEMCG_EVENTS; i++) { 5755 delta = memcg->vmstats->events_pending[i]; 5756 if (delta) 5757 memcg->vmstats->events_pending[i] = 0; 5758 5759 delta_cpu = 0; 5760 v = READ_ONCE(statc->events[i]); 5761 if (v != statc->events_prev[i]) { 5762 delta_cpu = v - statc->events_prev[i]; 5763 delta += delta_cpu; 5764 statc->events_prev[i] = v; 5765 } 5766 5767 if (delta_cpu) 5768 memcg->vmstats->events_local[i] += delta_cpu; 5769 5770 if (delta) { 5771 memcg->vmstats->events[i] += delta; 5772 if (parent) 5773 parent->vmstats->events_pending[i] += delta; 5774 } 5775 } 5776 5777 for_each_node_state(nid, N_MEMORY) { 5778 struct mem_cgroup_per_node *pn = memcg->nodeinfo[nid]; 5779 struct mem_cgroup_per_node *ppn = NULL; 5780 struct lruvec_stats_percpu *lstatc; 5781 5782 if (parent) 5783 ppn = parent->nodeinfo[nid]; 5784 5785 lstatc = per_cpu_ptr(pn->lruvec_stats_percpu, cpu); 5786 5787 for (i = 0; i < NR_VM_NODE_STAT_ITEMS; i++) { 5788 delta = pn->lruvec_stats.state_pending[i]; 5789 if (delta) 5790 pn->lruvec_stats.state_pending[i] = 0; 5791 5792 delta_cpu = 0; 5793 v = READ_ONCE(lstatc->state[i]); 5794 if (v != lstatc->state_prev[i]) { 5795 delta_cpu = v - lstatc->state_prev[i]; 5796 delta += delta_cpu; 5797 lstatc->state_prev[i] = v; 5798 } 5799 5800 if (delta_cpu) 5801 pn->lruvec_stats.state_local[i] += delta_cpu; 5802 5803 if (delta) { 5804 pn->lruvec_stats.state[i] += delta; 5805 if (ppn) 5806 ppn->lruvec_stats.state_pending[i] += delta; 5807 } 5808 } 5809 } 5810 statc->stats_updates = 0; 5811 /* We are in a per-cpu loop here, only do the atomic write once */ 5812 if (atomic64_read(&memcg->vmstats->stats_updates)) 5813 atomic64_set(&memcg->vmstats->stats_updates, 0); 5814} 5815 5816#ifdef CONFIG_MMU 5817/* Handlers for move charge at task migration. */ 5818static int mem_cgroup_do_precharge(unsigned long count) 5819{ 5820 int ret; 5821 5822 /* Try a single bulk charge without reclaim first, kswapd may wake */ 5823 ret = try_charge(mc.to, GFP_KERNEL & ~__GFP_DIRECT_RECLAIM, count); 5824 if (!ret) { 5825 mc.precharge += count; 5826 return ret; 5827 } 5828 5829 /* Try charges one by one with reclaim, but do not retry */ 5830 while (count--) { 5831 ret = try_charge(mc.to, GFP_KERNEL | __GFP_NORETRY, 1); 5832 if (ret) 5833 return ret; 5834 mc.precharge++; 5835 cond_resched(); 5836 } 5837 return 0; 5838} 5839 5840union mc_target { 5841 struct page *page; 5842 swp_entry_t ent; 5843}; 5844 5845enum mc_target_type { 5846 MC_TARGET_NONE = 0, 5847 MC_TARGET_PAGE, 5848 MC_TARGET_SWAP, 5849 MC_TARGET_DEVICE, 5850}; 5851 5852static struct page *mc_handle_present_pte(struct vm_area_struct *vma, 5853 unsigned long addr, pte_t ptent) 5854{ 5855 struct page *page = vm_normal_page(vma, addr, ptent); 5856 5857 if (!page) 5858 return NULL; 5859 if (PageAnon(page)) { 5860 if (!(mc.flags & MOVE_ANON)) 5861 return NULL; 5862 } else { 5863 if (!(mc.flags & MOVE_FILE)) 5864 return NULL; 5865 } 5866 get_page(page); 5867 5868 return page; 5869} 5870 5871#if defined(CONFIG_SWAP) || defined(CONFIG_DEVICE_PRIVATE) 5872static struct page *mc_handle_swap_pte(struct vm_area_struct *vma, 5873 pte_t ptent, swp_entry_t *entry) 5874{ 5875 struct page *page = NULL; 5876 swp_entry_t ent = pte_to_swp_entry(ptent); 5877 5878 if (!(mc.flags & MOVE_ANON)) 5879 return NULL; 5880 5881 /* 5882 * Handle device private pages that are not accessible by the CPU, but 5883 * stored as special swap entries in the page table. 5884 */ 5885 if (is_device_private_entry(ent)) { 5886 page = pfn_swap_entry_to_page(ent); 5887 if (!get_page_unless_zero(page)) 5888 return NULL; 5889 return page; 5890 } 5891 5892 if (non_swap_entry(ent)) 5893 return NULL; 5894 5895 /* 5896 * Because swap_cache_get_folio() updates some statistics counter, 5897 * we call find_get_page() with swapper_space directly. 5898 */ 5899 page = find_get_page(swap_address_space(ent), swp_offset(ent)); 5900 entry->val = ent.val; 5901 5902 return page; 5903} 5904#else 5905static struct page *mc_handle_swap_pte(struct vm_area_struct *vma, 5906 pte_t ptent, swp_entry_t *entry) 5907{ 5908 return NULL; 5909} 5910#endif 5911 5912static struct page *mc_handle_file_pte(struct vm_area_struct *vma, 5913 unsigned long addr, pte_t ptent) 5914{ 5915 unsigned long index; 5916 struct folio *folio; 5917 5918 if (!vma->vm_file) /* anonymous vma */ 5919 return NULL; 5920 if (!(mc.flags & MOVE_FILE)) 5921 return NULL; 5922 5923 /* folio is moved even if it's not RSS of this task(page-faulted). */ 5924 /* shmem/tmpfs may report page out on swap: account for that too. */ 5925 index = linear_page_index(vma, addr); 5926 folio = filemap_get_incore_folio(vma->vm_file->f_mapping, index); 5927 if (IS_ERR(folio)) 5928 return NULL; 5929 return folio_file_page(folio, index); 5930} 5931 5932/** 5933 * mem_cgroup_move_account - move account of the page 5934 * @page: the page 5935 * @compound: charge the page as compound or small page 5936 * @from: mem_cgroup which the page is moved from. 5937 * @to: mem_cgroup which the page is moved to. @from != @to. 5938 * 5939 * The page must be locked and not on the LRU. 5940 * 5941 * This function doesn't do "charge" to new cgroup and doesn't do "uncharge" 5942 * from old cgroup. 5943 */ 5944static int mem_cgroup_move_account(struct page *page, 5945 bool compound, 5946 struct mem_cgroup *from, 5947 struct mem_cgroup *to) 5948{ 5949 struct folio *folio = page_folio(page); 5950 struct lruvec *from_vec, *to_vec; 5951 struct pglist_data *pgdat; 5952 unsigned int nr_pages = compound ? folio_nr_pages(folio) : 1; 5953 int nid, ret; 5954 5955 VM_BUG_ON(from == to); 5956 VM_BUG_ON_FOLIO(!folio_test_locked(folio), folio); 5957 VM_BUG_ON_FOLIO(folio_test_lru(folio), folio); 5958 VM_BUG_ON(compound && !folio_test_large(folio)); 5959 5960 ret = -EINVAL; 5961 if (folio_memcg(folio) != from) 5962 goto out; 5963 5964 pgdat = folio_pgdat(folio); 5965 from_vec = mem_cgroup_lruvec(from, pgdat); 5966 to_vec = mem_cgroup_lruvec(to, pgdat); 5967 5968 folio_memcg_lock(folio); 5969 5970 if (folio_test_anon(folio)) { 5971 if (folio_mapped(folio)) { 5972 __mod_lruvec_state(from_vec, NR_ANON_MAPPED, -nr_pages); 5973 __mod_lruvec_state(to_vec, NR_ANON_MAPPED, nr_pages); 5974 if (folio_test_pmd_mappable(folio)) { 5975 __mod_lruvec_state(from_vec, NR_ANON_THPS, 5976 -nr_pages); 5977 __mod_lruvec_state(to_vec, NR_ANON_THPS, 5978 nr_pages); 5979 } 5980 } 5981 } else { 5982 __mod_lruvec_state(from_vec, NR_FILE_PAGES, -nr_pages); 5983 __mod_lruvec_state(to_vec, NR_FILE_PAGES, nr_pages); 5984 5985 if (folio_test_swapbacked(folio)) { 5986 __mod_lruvec_state(from_vec, NR_SHMEM, -nr_pages); 5987 __mod_lruvec_state(to_vec, NR_SHMEM, nr_pages); 5988 } 5989 5990 if (folio_mapped(folio)) { 5991 __mod_lruvec_state(from_vec, NR_FILE_MAPPED, -nr_pages); 5992 __mod_lruvec_state(to_vec, NR_FILE_MAPPED, nr_pages); 5993 } 5994 5995 if (folio_test_dirty(folio)) { 5996 struct address_space *mapping = folio_mapping(folio); 5997 5998 if (mapping_can_writeback(mapping)) { 5999 __mod_lruvec_state(from_vec, NR_FILE_DIRTY, 6000 -nr_pages); 6001 __mod_lruvec_state(to_vec, NR_FILE_DIRTY, 6002 nr_pages); 6003 } 6004 } 6005 } 6006 6007#ifdef CONFIG_SWAP 6008 if (folio_test_swapcache(folio)) { 6009 __mod_lruvec_state(from_vec, NR_SWAPCACHE, -nr_pages); 6010 __mod_lruvec_state(to_vec, NR_SWAPCACHE, nr_pages); 6011 } 6012#endif 6013 if (folio_test_writeback(folio)) { 6014 __mod_lruvec_state(from_vec, NR_WRITEBACK, -nr_pages); 6015 __mod_lruvec_state(to_vec, NR_WRITEBACK, nr_pages); 6016 } 6017 6018 /* 6019 * All state has been migrated, let's switch to the new memcg. 6020 * 6021 * It is safe to change page's memcg here because the page 6022 * is referenced, charged, isolated, and locked: we can't race 6023 * with (un)charging, migration, LRU putback, or anything else 6024 * that would rely on a stable page's memory cgroup. 6025 * 6026 * Note that folio_memcg_lock is a memcg lock, not a page lock, 6027 * to save space. As soon as we switch page's memory cgroup to a 6028 * new memcg that isn't locked, the above state can change 6029 * concurrently again. Make sure we're truly done with it. 6030 */ 6031 smp_mb(); 6032 6033 css_get(&to->css); 6034 css_put(&from->css); 6035 6036 folio->memcg_data = (unsigned long)to; 6037 6038 __folio_memcg_unlock(from); 6039 6040 ret = 0; 6041 nid = folio_nid(folio); 6042 6043 local_irq_disable(); 6044 mem_cgroup_charge_statistics(to, nr_pages); 6045 memcg_check_events(to, nid); 6046 mem_cgroup_charge_statistics(from, -nr_pages); 6047 memcg_check_events(from, nid); 6048 local_irq_enable(); 6049out: 6050 return ret; 6051} 6052 6053/** 6054 * get_mctgt_type - get target type of moving charge 6055 * @vma: the vma the pte to be checked belongs 6056 * @addr: the address corresponding to the pte to be checked 6057 * @ptent: the pte to be checked 6058 * @target: the pointer the target page or swap ent will be stored(can be NULL) 6059 * 6060 * Context: Called with pte lock held. 6061 * Return: 6062 * * MC_TARGET_NONE - If the pte is not a target for move charge. 6063 * * MC_TARGET_PAGE - If the page corresponding to this pte is a target for 6064 * move charge. If @target is not NULL, the page is stored in target->page 6065 * with extra refcnt taken (Caller should release it). 6066 * * MC_TARGET_SWAP - If the swap entry corresponding to this pte is a 6067 * target for charge migration. If @target is not NULL, the entry is 6068 * stored in target->ent. 6069 * * MC_TARGET_DEVICE - Like MC_TARGET_PAGE but page is device memory and 6070 * thus not on the lru. For now such page is charged like a regular page 6071 * would be as it is just special memory taking the place of a regular page. 6072 * See Documentations/vm/hmm.txt and include/linux/hmm.h 6073 */ 6074static enum mc_target_type get_mctgt_type(struct vm_area_struct *vma, 6075 unsigned long addr, pte_t ptent, union mc_target *target) 6076{ 6077 struct page *page = NULL; 6078 enum mc_target_type ret = MC_TARGET_NONE; 6079 swp_entry_t ent = { .val = 0 }; 6080 6081 if (pte_present(ptent)) 6082 page = mc_handle_present_pte(vma, addr, ptent); 6083 else if (pte_none_mostly(ptent)) 6084 /* 6085 * PTE markers should be treated as a none pte here, separated 6086 * from other swap handling below. 6087 */ 6088 page = mc_handle_file_pte(vma, addr, ptent); 6089 else if (is_swap_pte(ptent)) 6090 page = mc_handle_swap_pte(vma, ptent, &ent); 6091 6092 if (target && page) { 6093 if (!trylock_page(page)) { 6094 put_page(page); 6095 return ret; 6096 } 6097 /* 6098 * page_mapped() must be stable during the move. This 6099 * pte is locked, so if it's present, the page cannot 6100 * become unmapped. If it isn't, we have only partial 6101 * control over the mapped state: the page lock will 6102 * prevent new faults against pagecache and swapcache, 6103 * so an unmapped page cannot become mapped. However, 6104 * if the page is already mapped elsewhere, it can 6105 * unmap, and there is nothing we can do about it. 6106 * Alas, skip moving the page in this case. 6107 */ 6108 if (!pte_present(ptent) && page_mapped(page)) { 6109 unlock_page(page); 6110 put_page(page); 6111 return ret; 6112 } 6113 } 6114 6115 if (!page && !ent.val) 6116 return ret; 6117 if (page) { 6118 /* 6119 * Do only loose check w/o serialization. 6120 * mem_cgroup_move_account() checks the page is valid or 6121 * not under LRU exclusion. 6122 */ 6123 if (page_memcg(page) == mc.from) { 6124 ret = MC_TARGET_PAGE; 6125 if (is_device_private_page(page) || 6126 is_device_coherent_page(page)) 6127 ret = MC_TARGET_DEVICE; 6128 if (target) 6129 target->page = page; 6130 } 6131 if (!ret || !target) { 6132 if (target) 6133 unlock_page(page); 6134 put_page(page); 6135 } 6136 } 6137 /* 6138 * There is a swap entry and a page doesn't exist or isn't charged. 6139 * But we cannot move a tail-page in a THP. 6140 */ 6141 if (ent.val && !ret && (!page || !PageTransCompound(page)) && 6142 mem_cgroup_id(mc.from) == lookup_swap_cgroup_id(ent)) { 6143 ret = MC_TARGET_SWAP; 6144 if (target) 6145 target->ent = ent; 6146 } 6147 return ret; 6148} 6149 6150#ifdef CONFIG_TRANSPARENT_HUGEPAGE 6151/* 6152 * We don't consider PMD mapped swapping or file mapped pages because THP does 6153 * not support them for now. 6154 * Caller should make sure that pmd_trans_huge(pmd) is true. 6155 */ 6156static enum mc_target_type get_mctgt_type_thp(struct vm_area_struct *vma, 6157 unsigned long addr, pmd_t pmd, union mc_target *target) 6158{ 6159 struct page *page = NULL; 6160 enum mc_target_type ret = MC_TARGET_NONE; 6161 6162 if (unlikely(is_swap_pmd(pmd))) { 6163 VM_BUG_ON(thp_migration_supported() && 6164 !is_pmd_migration_entry(pmd)); 6165 return ret; 6166 } 6167 page = pmd_page(pmd); 6168 VM_BUG_ON_PAGE(!page || !PageHead(page), page); 6169 if (!(mc.flags & MOVE_ANON)) 6170 return ret; 6171 if (page_memcg(page) == mc.from) { 6172 ret = MC_TARGET_PAGE; 6173 if (target) { 6174 get_page(page); 6175 if (!trylock_page(page)) { 6176 put_page(page); 6177 return MC_TARGET_NONE; 6178 } 6179 target->page = page; 6180 } 6181 } 6182 return ret; 6183} 6184#else 6185static inline enum mc_target_type get_mctgt_type_thp(struct vm_area_struct *vma, 6186 unsigned long addr, pmd_t pmd, union mc_target *target) 6187{ 6188 return MC_TARGET_NONE; 6189} 6190#endif 6191 6192static int mem_cgroup_count_precharge_pte_range(pmd_t *pmd, 6193 unsigned long addr, unsigned long end, 6194 struct mm_walk *walk) 6195{ 6196 struct vm_area_struct *vma = walk->vma; 6197 pte_t *pte; 6198 spinlock_t *ptl; 6199 6200 ptl = pmd_trans_huge_lock(pmd, vma); 6201 if (ptl) { 6202 /* 6203 * Note their can not be MC_TARGET_DEVICE for now as we do not 6204 * support transparent huge page with MEMORY_DEVICE_PRIVATE but 6205 * this might change. 6206 */ 6207 if (get_mctgt_type_thp(vma, addr, *pmd, NULL) == MC_TARGET_PAGE) 6208 mc.precharge += HPAGE_PMD_NR; 6209 spin_unlock(ptl); 6210 return 0; 6211 } 6212 6213 pte = pte_offset_map_lock(vma->vm_mm, pmd, addr, &ptl); 6214 if (!pte) 6215 return 0; 6216 for (; addr != end; pte++, addr += PAGE_SIZE) 6217 if (get_mctgt_type(vma, addr, ptep_get(pte), NULL)) 6218 mc.precharge++; /* increment precharge temporarily */ 6219 pte_unmap_unlock(pte - 1, ptl); 6220 cond_resched(); 6221 6222 return 0; 6223} 6224 6225static const struct mm_walk_ops precharge_walk_ops = { 6226 .pmd_entry = mem_cgroup_count_precharge_pte_range, 6227 .walk_lock = PGWALK_RDLOCK, 6228}; 6229 6230static unsigned long mem_cgroup_count_precharge(struct mm_struct *mm) 6231{ 6232 unsigned long precharge; 6233 6234 mmap_read_lock(mm); 6235 walk_page_range(mm, 0, ULONG_MAX, &precharge_walk_ops, NULL); 6236 mmap_read_unlock(mm); 6237 6238 precharge = mc.precharge; 6239 mc.precharge = 0; 6240 6241 return precharge; 6242} 6243 6244static int mem_cgroup_precharge_mc(struct mm_struct *mm) 6245{ 6246 unsigned long precharge = mem_cgroup_count_precharge(mm); 6247 6248 VM_BUG_ON(mc.moving_task); 6249 mc.moving_task = current; 6250 return mem_cgroup_do_precharge(precharge); 6251} 6252 6253/* cancels all extra charges on mc.from and mc.to, and wakes up all waiters. */ 6254static void __mem_cgroup_clear_mc(void) 6255{ 6256 struct mem_cgroup *from = mc.from; 6257 struct mem_cgroup *to = mc.to; 6258 6259 /* we must uncharge all the leftover precharges from mc.to */ 6260 if (mc.precharge) { 6261 mem_cgroup_cancel_charge(mc.to, mc.precharge); 6262 mc.precharge = 0; 6263 } 6264 /* 6265 * we didn't uncharge from mc.from at mem_cgroup_move_account(), so 6266 * we must uncharge here. 6267 */ 6268 if (mc.moved_charge) { 6269 mem_cgroup_cancel_charge(mc.from, mc.moved_charge); 6270 mc.moved_charge = 0; 6271 } 6272 /* we must fixup refcnts and charges */ 6273 if (mc.moved_swap) { 6274 /* uncharge swap account from the old cgroup */ 6275 if (!mem_cgroup_is_root(mc.from)) 6276 page_counter_uncharge(&mc.from->memsw, mc.moved_swap); 6277 6278 mem_cgroup_id_put_many(mc.from, mc.moved_swap); 6279 6280 /* 6281 * we charged both to->memory and to->memsw, so we 6282 * should uncharge to->memory. 6283 */ 6284 if (!mem_cgroup_is_root(mc.to)) 6285 page_counter_uncharge(&mc.to->memory, mc.moved_swap); 6286 6287 mc.moved_swap = 0; 6288 } 6289 memcg_oom_recover(from); 6290 memcg_oom_recover(to); 6291 wake_up_all(&mc.waitq); 6292} 6293 6294static void mem_cgroup_clear_mc(void) 6295{ 6296 struct mm_struct *mm = mc.mm; 6297 6298 /* 6299 * we must clear moving_task before waking up waiters at the end of 6300 * task migration. 6301 */ 6302 mc.moving_task = NULL; 6303 __mem_cgroup_clear_mc(); 6304 spin_lock(&mc.lock); 6305 mc.from = NULL; 6306 mc.to = NULL; 6307 mc.mm = NULL; 6308 spin_unlock(&mc.lock); 6309 6310 mmput(mm); 6311} 6312 6313static int mem_cgroup_can_attach(struct cgroup_taskset *tset) 6314{ 6315 struct cgroup_subsys_state *css; 6316 struct mem_cgroup *memcg = NULL; /* unneeded init to make gcc happy */ 6317 struct mem_cgroup *from; 6318 struct task_struct *leader, *p; 6319 struct mm_struct *mm; 6320 unsigned long move_flags; 6321 int ret = 0; 6322 6323 /* charge immigration isn't supported on the default hierarchy */ 6324 if (cgroup_subsys_on_dfl(memory_cgrp_subsys)) 6325 return 0; 6326 6327 /* 6328 * Multi-process migrations only happen on the default hierarchy 6329 * where charge immigration is not used. Perform charge 6330 * immigration if @tset contains a leader and whine if there are 6331 * multiple. 6332 */ 6333 p = NULL; 6334 cgroup_taskset_for_each_leader(leader, css, tset) { 6335 WARN_ON_ONCE(p); 6336 p = leader; 6337 memcg = mem_cgroup_from_css(css); 6338 } 6339 if (!p) 6340 return 0; 6341 6342 /* 6343 * We are now committed to this value whatever it is. Changes in this 6344 * tunable will only affect upcoming migrations, not the current one. 6345 * So we need to save it, and keep it going. 6346 */ 6347 move_flags = READ_ONCE(memcg->move_charge_at_immigrate); 6348 if (!move_flags) 6349 return 0; 6350 6351 from = mem_cgroup_from_task(p); 6352 6353 VM_BUG_ON(from == memcg); 6354 6355 mm = get_task_mm(p); 6356 if (!mm) 6357 return 0; 6358 /* We move charges only when we move a owner of the mm */ 6359 if (mm->owner == p) { 6360 VM_BUG_ON(mc.from); 6361 VM_BUG_ON(mc.to); 6362 VM_BUG_ON(mc.precharge); 6363 VM_BUG_ON(mc.moved_charge); 6364 VM_BUG_ON(mc.moved_swap); 6365 6366 spin_lock(&mc.lock); 6367 mc.mm = mm; 6368 mc.from = from; 6369 mc.to = memcg; 6370 mc.flags = move_flags; 6371 spin_unlock(&mc.lock); 6372 /* We set mc.moving_task later */ 6373 6374 ret = mem_cgroup_precharge_mc(mm); 6375 if (ret) 6376 mem_cgroup_clear_mc(); 6377 } else { 6378 mmput(mm); 6379 } 6380 return ret; 6381} 6382 6383static void mem_cgroup_cancel_attach(struct cgroup_taskset *tset) 6384{ 6385 if (mc.to) 6386 mem_cgroup_clear_mc(); 6387} 6388 6389static int mem_cgroup_move_charge_pte_range(pmd_t *pmd, 6390 unsigned long addr, unsigned long end, 6391 struct mm_walk *walk) 6392{ 6393 int ret = 0; 6394 struct vm_area_struct *vma = walk->vma; 6395 pte_t *pte; 6396 spinlock_t *ptl; 6397 enum mc_target_type target_type; 6398 union mc_target target; 6399 struct page *page; 6400 6401 ptl = pmd_trans_huge_lock(pmd, vma); 6402 if (ptl) { 6403 if (mc.precharge < HPAGE_PMD_NR) { 6404 spin_unlock(ptl); 6405 return 0; 6406 } 6407 target_type = get_mctgt_type_thp(vma, addr, *pmd, &target); 6408 if (target_type == MC_TARGET_PAGE) { 6409 page = target.page; 6410 if (isolate_lru_page(page)) { 6411 if (!mem_cgroup_move_account(page, true, 6412 mc.from, mc.to)) { 6413 mc.precharge -= HPAGE_PMD_NR; 6414 mc.moved_charge += HPAGE_PMD_NR; 6415 } 6416 putback_lru_page(page); 6417 } 6418 unlock_page(page); 6419 put_page(page); 6420 } else if (target_type == MC_TARGET_DEVICE) { 6421 page = target.page; 6422 if (!mem_cgroup_move_account(page, true, 6423 mc.from, mc.to)) { 6424 mc.precharge -= HPAGE_PMD_NR; 6425 mc.moved_charge += HPAGE_PMD_NR; 6426 } 6427 unlock_page(page); 6428 put_page(page); 6429 } 6430 spin_unlock(ptl); 6431 return 0; 6432 } 6433 6434retry: 6435 pte = pte_offset_map_lock(vma->vm_mm, pmd, addr, &ptl); 6436 if (!pte) 6437 return 0; 6438 for (; addr != end; addr += PAGE_SIZE) { 6439 pte_t ptent = ptep_get(pte++); 6440 bool device = false; 6441 swp_entry_t ent; 6442 6443 if (!mc.precharge) 6444 break; 6445 6446 switch (get_mctgt_type(vma, addr, ptent, &target)) { 6447 case MC_TARGET_DEVICE: 6448 device = true; 6449 fallthrough; 6450 case MC_TARGET_PAGE: 6451 page = target.page; 6452 /* 6453 * We can have a part of the split pmd here. Moving it 6454 * can be done but it would be too convoluted so simply 6455 * ignore such a partial THP and keep it in original 6456 * memcg. There should be somebody mapping the head. 6457 */ 6458 if (PageTransCompound(page)) 6459 goto put; 6460 if (!device && !isolate_lru_page(page)) 6461 goto put; 6462 if (!mem_cgroup_move_account(page, false, 6463 mc.from, mc.to)) { 6464 mc.precharge--; 6465 /* we uncharge from mc.from later. */ 6466 mc.moved_charge++; 6467 } 6468 if (!device) 6469 putback_lru_page(page); 6470put: /* get_mctgt_type() gets & locks the page */ 6471 unlock_page(page); 6472 put_page(page); 6473 break; 6474 case MC_TARGET_SWAP: 6475 ent = target.ent; 6476 if (!mem_cgroup_move_swap_account(ent, mc.from, mc.to)) { 6477 mc.precharge--; 6478 mem_cgroup_id_get_many(mc.to, 1); 6479 /* we fixup other refcnts and charges later. */ 6480 mc.moved_swap++; 6481 } 6482 break; 6483 default: 6484 break; 6485 } 6486 } 6487 pte_unmap_unlock(pte - 1, ptl); 6488 cond_resched(); 6489 6490 if (addr != end) { 6491 /* 6492 * We have consumed all precharges we got in can_attach(). 6493 * We try charge one by one, but don't do any additional 6494 * charges to mc.to if we have failed in charge once in attach() 6495 * phase. 6496 */ 6497 ret = mem_cgroup_do_precharge(1); 6498 if (!ret) 6499 goto retry; 6500 } 6501 6502 return ret; 6503} 6504 6505static const struct mm_walk_ops charge_walk_ops = { 6506 .pmd_entry = mem_cgroup_move_charge_pte_range, 6507 .walk_lock = PGWALK_RDLOCK, 6508}; 6509 6510static void mem_cgroup_move_charge(void) 6511{ 6512 lru_add_drain_all(); 6513 /* 6514 * Signal folio_memcg_lock() to take the memcg's move_lock 6515 * while we're moving its pages to another memcg. Then wait 6516 * for already started RCU-only updates to finish. 6517 */ 6518 atomic_inc(&mc.from->moving_account); 6519 synchronize_rcu(); 6520retry: 6521 if (unlikely(!mmap_read_trylock(mc.mm))) { 6522 /* 6523 * Someone who are holding the mmap_lock might be waiting in 6524 * waitq. So we cancel all extra charges, wake up all waiters, 6525 * and retry. Because we cancel precharges, we might not be able 6526 * to move enough charges, but moving charge is a best-effort 6527 * feature anyway, so it wouldn't be a big problem. 6528 */ 6529 __mem_cgroup_clear_mc(); 6530 cond_resched(); 6531 goto retry; 6532 } 6533 /* 6534 * When we have consumed all precharges and failed in doing 6535 * additional charge, the page walk just aborts. 6536 */ 6537 walk_page_range(mc.mm, 0, ULONG_MAX, &charge_walk_ops, NULL); 6538 mmap_read_unlock(mc.mm); 6539 atomic_dec(&mc.from->moving_account); 6540} 6541 6542static void mem_cgroup_move_task(void) 6543{ 6544 if (mc.to) { 6545 mem_cgroup_move_charge(); 6546 mem_cgroup_clear_mc(); 6547 } 6548} 6549 6550#else /* !CONFIG_MMU */ 6551static int mem_cgroup_can_attach(struct cgroup_taskset *tset) 6552{ 6553 return 0; 6554} 6555static void mem_cgroup_cancel_attach(struct cgroup_taskset *tset) 6556{ 6557} 6558static void mem_cgroup_move_task(void) 6559{ 6560} 6561#endif 6562 6563#ifdef CONFIG_MEMCG_KMEM 6564static void mem_cgroup_fork(struct task_struct *task) 6565{ 6566 /* 6567 * Set the update flag to cause task->objcg to be initialized lazily 6568 * on the first allocation. It can be done without any synchronization 6569 * because it's always performed on the current task, so does 6570 * current_objcg_update(). 6571 */ 6572 task->objcg = (struct obj_cgroup *)CURRENT_OBJCG_UPDATE_FLAG; 6573} 6574 6575static void mem_cgroup_exit(struct task_struct *task) 6576{ 6577 struct obj_cgroup *objcg = task->objcg; 6578 6579 objcg = (struct obj_cgroup *) 6580 ((unsigned long)objcg & ~CURRENT_OBJCG_UPDATE_FLAG); 6581 if (objcg) 6582 obj_cgroup_put(objcg); 6583 6584 /* 6585 * Some kernel allocations can happen after this point, 6586 * but let's ignore them. It can be done without any synchronization 6587 * because it's always performed on the current task, so does 6588 * current_objcg_update(). 6589 */ 6590 task->objcg = NULL; 6591} 6592#endif 6593 6594#ifdef CONFIG_LRU_GEN 6595static void mem_cgroup_lru_gen_attach(struct cgroup_taskset *tset) 6596{ 6597 struct task_struct *task; 6598 struct cgroup_subsys_state *css; 6599 6600 /* find the first leader if there is any */ 6601 cgroup_taskset_for_each_leader(task, css, tset) 6602 break; 6603 6604 if (!task) 6605 return; 6606 6607 task_lock(task); 6608 if (task->mm && READ_ONCE(task->mm->owner) == task) 6609 lru_gen_migrate_mm(task->mm); 6610 task_unlock(task); 6611} 6612#else 6613static void mem_cgroup_lru_gen_attach(struct cgroup_taskset *tset) {} 6614#endif /* CONFIG_LRU_GEN */ 6615 6616#ifdef CONFIG_MEMCG_KMEM 6617static void mem_cgroup_kmem_attach(struct cgroup_taskset *tset) 6618{ 6619 struct task_struct *task; 6620 struct cgroup_subsys_state *css; 6621 6622 cgroup_taskset_for_each(task, css, tset) { 6623 /* atomically set the update bit */ 6624 set_bit(CURRENT_OBJCG_UPDATE_BIT, (unsigned long *)&task->objcg); 6625 } 6626} 6627#else 6628static void mem_cgroup_kmem_attach(struct cgroup_taskset *tset) {} 6629#endif /* CONFIG_MEMCG_KMEM */ 6630 6631#if defined(CONFIG_LRU_GEN) || defined(CONFIG_MEMCG_KMEM) 6632static void mem_cgroup_attach(struct cgroup_taskset *tset) 6633{ 6634 mem_cgroup_lru_gen_attach(tset); 6635 mem_cgroup_kmem_attach(tset); 6636} 6637#endif 6638 6639static int seq_puts_memcg_tunable(struct seq_file *m, unsigned long value) 6640{ 6641 if (value == PAGE_COUNTER_MAX) 6642 seq_puts(m, "max\n"); 6643 else 6644 seq_printf(m, "%llu\n", (u64)value * PAGE_SIZE); 6645 6646 return 0; 6647} 6648 6649static u64 memory_current_read(struct cgroup_subsys_state *css, 6650 struct cftype *cft) 6651{ 6652 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 6653 6654 return (u64)page_counter_read(&memcg->memory) * PAGE_SIZE; 6655} 6656 6657static u64 memory_peak_read(struct cgroup_subsys_state *css, 6658 struct cftype *cft) 6659{ 6660 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 6661 6662 return (u64)memcg->memory.watermark * PAGE_SIZE; 6663} 6664 6665static int memory_min_show(struct seq_file *m, void *v) 6666{ 6667 return seq_puts_memcg_tunable(m, 6668 READ_ONCE(mem_cgroup_from_seq(m)->memory.min)); 6669} 6670 6671static ssize_t memory_min_write(struct kernfs_open_file *of, 6672 char *buf, size_t nbytes, loff_t off) 6673{ 6674 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 6675 unsigned long min; 6676 int err; 6677 6678 buf = strstrip(buf); 6679 err = page_counter_memparse(buf, "max", &min); 6680 if (err) 6681 return err; 6682 6683 page_counter_set_min(&memcg->memory, min); 6684 6685 return nbytes; 6686} 6687 6688static int memory_low_show(struct seq_file *m, void *v) 6689{ 6690 return seq_puts_memcg_tunable(m, 6691 READ_ONCE(mem_cgroup_from_seq(m)->memory.low)); 6692} 6693 6694static ssize_t memory_low_write(struct kernfs_open_file *of, 6695 char *buf, size_t nbytes, loff_t off) 6696{ 6697 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 6698 unsigned long low; 6699 int err; 6700 6701 buf = strstrip(buf); 6702 err = page_counter_memparse(buf, "max", &low); 6703 if (err) 6704 return err; 6705 6706 page_counter_set_low(&memcg->memory, low); 6707 6708 return nbytes; 6709} 6710 6711static int memory_high_show(struct seq_file *m, void *v) 6712{ 6713 return seq_puts_memcg_tunable(m, 6714 READ_ONCE(mem_cgroup_from_seq(m)->memory.high)); 6715} 6716 6717static ssize_t memory_high_write(struct kernfs_open_file *of, 6718 char *buf, size_t nbytes, loff_t off) 6719{ 6720 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 6721 unsigned int nr_retries = MAX_RECLAIM_RETRIES; 6722 bool drained = false; 6723 unsigned long high; 6724 int err; 6725 6726 buf = strstrip(buf); 6727 err = page_counter_memparse(buf, "max", &high); 6728 if (err) 6729 return err; 6730 6731 page_counter_set_high(&memcg->memory, high); 6732 6733 for (;;) { 6734 unsigned long nr_pages = page_counter_read(&memcg->memory); 6735 unsigned long reclaimed; 6736 6737 if (nr_pages <= high) 6738 break; 6739 6740 if (signal_pending(current)) 6741 break; 6742 6743 if (!drained) { 6744 drain_all_stock(memcg); 6745 drained = true; 6746 continue; 6747 } 6748 6749 reclaimed = try_to_free_mem_cgroup_pages(memcg, nr_pages - high, 6750 GFP_KERNEL, MEMCG_RECLAIM_MAY_SWAP); 6751 6752 if (!reclaimed && !nr_retries--) 6753 break; 6754 } 6755 6756 memcg_wb_domain_size_changed(memcg); 6757 return nbytes; 6758} 6759 6760static int memory_max_show(struct seq_file *m, void *v) 6761{ 6762 return seq_puts_memcg_tunable(m, 6763 READ_ONCE(mem_cgroup_from_seq(m)->memory.max)); 6764} 6765 6766static ssize_t memory_max_write(struct kernfs_open_file *of, 6767 char *buf, size_t nbytes, loff_t off) 6768{ 6769 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 6770 unsigned int nr_reclaims = MAX_RECLAIM_RETRIES; 6771 bool drained = false; 6772 unsigned long max; 6773 int err; 6774 6775 buf = strstrip(buf); 6776 err = page_counter_memparse(buf, "max", &max); 6777 if (err) 6778 return err; 6779 6780 xchg(&memcg->memory.max, max); 6781 6782 for (;;) { 6783 unsigned long nr_pages = page_counter_read(&memcg->memory); 6784 6785 if (nr_pages <= max) 6786 break; 6787 6788 if (signal_pending(current)) 6789 break; 6790 6791 if (!drained) { 6792 drain_all_stock(memcg); 6793 drained = true; 6794 continue; 6795 } 6796 6797 if (nr_reclaims) { 6798 if (!try_to_free_mem_cgroup_pages(memcg, nr_pages - max, 6799 GFP_KERNEL, MEMCG_RECLAIM_MAY_SWAP)) 6800 nr_reclaims--; 6801 continue; 6802 } 6803 6804 memcg_memory_event(memcg, MEMCG_OOM); 6805 if (!mem_cgroup_out_of_memory(memcg, GFP_KERNEL, 0)) 6806 break; 6807 } 6808 6809 memcg_wb_domain_size_changed(memcg); 6810 return nbytes; 6811} 6812 6813/* 6814 * Note: don't forget to update the 'samples/cgroup/memcg_event_listener' 6815 * if any new events become available. 6816 */ 6817static void __memory_events_show(struct seq_file *m, atomic_long_t *events) 6818{ 6819 seq_printf(m, "low %lu\n", atomic_long_read(&events[MEMCG_LOW])); 6820 seq_printf(m, "high %lu\n", atomic_long_read(&events[MEMCG_HIGH])); 6821 seq_printf(m, "max %lu\n", atomic_long_read(&events[MEMCG_MAX])); 6822 seq_printf(m, "oom %lu\n", atomic_long_read(&events[MEMCG_OOM])); 6823 seq_printf(m, "oom_kill %lu\n", 6824 atomic_long_read(&events[MEMCG_OOM_KILL])); 6825 seq_printf(m, "oom_group_kill %lu\n", 6826 atomic_long_read(&events[MEMCG_OOM_GROUP_KILL])); 6827} 6828 6829static int memory_events_show(struct seq_file *m, void *v) 6830{ 6831 struct mem_cgroup *memcg = mem_cgroup_from_seq(m); 6832 6833 __memory_events_show(m, memcg->memory_events); 6834 return 0; 6835} 6836 6837static int memory_events_local_show(struct seq_file *m, void *v) 6838{ 6839 struct mem_cgroup *memcg = mem_cgroup_from_seq(m); 6840 6841 __memory_events_show(m, memcg->memory_events_local); 6842 return 0; 6843} 6844 6845static int memory_stat_show(struct seq_file *m, void *v) 6846{ 6847 struct mem_cgroup *memcg = mem_cgroup_from_seq(m); 6848 char *buf = kmalloc(PAGE_SIZE, GFP_KERNEL); 6849 struct seq_buf s; 6850 6851 if (!buf) 6852 return -ENOMEM; 6853 seq_buf_init(&s, buf, PAGE_SIZE); 6854 memory_stat_format(memcg, &s); 6855 seq_puts(m, buf); 6856 kfree(buf); 6857 return 0; 6858} 6859 6860#ifdef CONFIG_NUMA 6861static inline unsigned long lruvec_page_state_output(struct lruvec *lruvec, 6862 int item) 6863{ 6864 return lruvec_page_state(lruvec, item) * 6865 memcg_page_state_output_unit(item); 6866} 6867 6868static int memory_numa_stat_show(struct seq_file *m, void *v) 6869{ 6870 int i; 6871 struct mem_cgroup *memcg = mem_cgroup_from_seq(m); 6872 6873 mem_cgroup_flush_stats(memcg); 6874 6875 for (i = 0; i < ARRAY_SIZE(memory_stats); i++) { 6876 int nid; 6877 6878 if (memory_stats[i].idx >= NR_VM_NODE_STAT_ITEMS) 6879 continue; 6880 6881 seq_printf(m, "%s", memory_stats[i].name); 6882 for_each_node_state(nid, N_MEMORY) { 6883 u64 size; 6884 struct lruvec *lruvec; 6885 6886 lruvec = mem_cgroup_lruvec(memcg, NODE_DATA(nid)); 6887 size = lruvec_page_state_output(lruvec, 6888 memory_stats[i].idx); 6889 seq_printf(m, " N%d=%llu", nid, size); 6890 } 6891 seq_putc(m, '\n'); 6892 } 6893 6894 return 0; 6895} 6896#endif 6897 6898static int memory_oom_group_show(struct seq_file *m, void *v) 6899{ 6900 struct mem_cgroup *memcg = mem_cgroup_from_seq(m); 6901 6902 seq_printf(m, "%d\n", READ_ONCE(memcg->oom_group)); 6903 6904 return 0; 6905} 6906 6907static ssize_t memory_oom_group_write(struct kernfs_open_file *of, 6908 char *buf, size_t nbytes, loff_t off) 6909{ 6910 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 6911 int ret, oom_group; 6912 6913 buf = strstrip(buf); 6914 if (!buf) 6915 return -EINVAL; 6916 6917 ret = kstrtoint(buf, 0, &oom_group); 6918 if (ret) 6919 return ret; 6920 6921 if (oom_group != 0 && oom_group != 1) 6922 return -EINVAL; 6923 6924 WRITE_ONCE(memcg->oom_group, oom_group); 6925 6926 return nbytes; 6927} 6928 6929static ssize_t memory_reclaim(struct kernfs_open_file *of, char *buf, 6930 size_t nbytes, loff_t off) 6931{ 6932 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 6933 unsigned int nr_retries = MAX_RECLAIM_RETRIES; 6934 unsigned long nr_to_reclaim, nr_reclaimed = 0; 6935 unsigned int reclaim_options; 6936 int err; 6937 6938 buf = strstrip(buf); 6939 err = page_counter_memparse(buf, "", &nr_to_reclaim); 6940 if (err) 6941 return err; 6942 6943 reclaim_options = MEMCG_RECLAIM_MAY_SWAP | MEMCG_RECLAIM_PROACTIVE; 6944 while (nr_reclaimed < nr_to_reclaim) { 6945 unsigned long reclaimed; 6946 6947 if (signal_pending(current)) 6948 return -EINTR; 6949 6950 /* 6951 * This is the final attempt, drain percpu lru caches in the 6952 * hope of introducing more evictable pages for 6953 * try_to_free_mem_cgroup_pages(). 6954 */ 6955 if (!nr_retries) 6956 lru_add_drain_all(); 6957 6958 reclaimed = try_to_free_mem_cgroup_pages(memcg, 6959 min(nr_to_reclaim - nr_reclaimed, SWAP_CLUSTER_MAX), 6960 GFP_KERNEL, reclaim_options); 6961 6962 if (!reclaimed && !nr_retries--) 6963 return -EAGAIN; 6964 6965 nr_reclaimed += reclaimed; 6966 } 6967 6968 return nbytes; 6969} 6970 6971static struct cftype memory_files[] = { 6972 { 6973 .name = "current", 6974 .flags = CFTYPE_NOT_ON_ROOT, 6975 .read_u64 = memory_current_read, 6976 }, 6977 { 6978 .name = "peak", 6979 .flags = CFTYPE_NOT_ON_ROOT, 6980 .read_u64 = memory_peak_read, 6981 }, 6982 { 6983 .name = "min", 6984 .flags = CFTYPE_NOT_ON_ROOT, 6985 .seq_show = memory_min_show, 6986 .write = memory_min_write, 6987 }, 6988 { 6989 .name = "low", 6990 .flags = CFTYPE_NOT_ON_ROOT, 6991 .seq_show = memory_low_show, 6992 .write = memory_low_write, 6993 }, 6994 { 6995 .name = "high", 6996 .flags = CFTYPE_NOT_ON_ROOT, 6997 .seq_show = memory_high_show, 6998 .write = memory_high_write, 6999 }, 7000 { 7001 .name = "max", 7002 .flags = CFTYPE_NOT_ON_ROOT, 7003 .seq_show = memory_max_show, 7004 .write = memory_max_write, 7005 }, 7006 { 7007 .name = "events", 7008 .flags = CFTYPE_NOT_ON_ROOT, 7009 .file_offset = offsetof(struct mem_cgroup, events_file), 7010 .seq_show = memory_events_show, 7011 }, 7012 { 7013 .name = "events.local", 7014 .flags = CFTYPE_NOT_ON_ROOT, 7015 .file_offset = offsetof(struct mem_cgroup, events_local_file), 7016 .seq_show = memory_events_local_show, 7017 }, 7018 { 7019 .name = "stat", 7020 .seq_show = memory_stat_show, 7021 }, 7022#ifdef CONFIG_NUMA 7023 { 7024 .name = "numa_stat", 7025 .seq_show = memory_numa_stat_show, 7026 }, 7027#endif 7028 { 7029 .name = "oom.group", 7030 .flags = CFTYPE_NOT_ON_ROOT | CFTYPE_NS_DELEGATABLE, 7031 .seq_show = memory_oom_group_show, 7032 .write = memory_oom_group_write, 7033 }, 7034 { 7035 .name = "reclaim", 7036 .flags = CFTYPE_NS_DELEGATABLE, 7037 .write = memory_reclaim, 7038 }, 7039 { } /* terminate */ 7040}; 7041 7042struct cgroup_subsys memory_cgrp_subsys = { 7043 .css_alloc = mem_cgroup_css_alloc, 7044 .css_online = mem_cgroup_css_online, 7045 .css_offline = mem_cgroup_css_offline, 7046 .css_released = mem_cgroup_css_released, 7047 .css_free = mem_cgroup_css_free, 7048 .css_reset = mem_cgroup_css_reset, 7049 .css_rstat_flush = mem_cgroup_css_rstat_flush, 7050 .can_attach = mem_cgroup_can_attach, 7051#if defined(CONFIG_LRU_GEN) || defined(CONFIG_MEMCG_KMEM) 7052 .attach = mem_cgroup_attach, 7053#endif 7054 .cancel_attach = mem_cgroup_cancel_attach, 7055 .post_attach = mem_cgroup_move_task, 7056#ifdef CONFIG_MEMCG_KMEM 7057 .fork = mem_cgroup_fork, 7058 .exit = mem_cgroup_exit, 7059#endif 7060 .dfl_cftypes = memory_files, 7061 .legacy_cftypes = mem_cgroup_legacy_files, 7062 .early_init = 0, 7063}; 7064 7065/* 7066 * This function calculates an individual cgroup's effective 7067 * protection which is derived from its own memory.min/low, its 7068 * parent's and siblings' settings, as well as the actual memory 7069 * distribution in the tree. 7070 * 7071 * The following rules apply to the effective protection values: 7072 * 7073 * 1. At the first level of reclaim, effective protection is equal to 7074 * the declared protection in memory.min and memory.low. 7075 * 7076 * 2. To enable safe delegation of the protection configuration, at 7077 * subsequent levels the effective protection is capped to the 7078 * parent's effective protection. 7079 * 7080 * 3. To make complex and dynamic subtrees easier to configure, the 7081 * user is allowed to overcommit the declared protection at a given 7082 * level. If that is the case, the parent's effective protection is 7083 * distributed to the children in proportion to how much protection 7084 * they have declared and how much of it they are utilizing. 7085 * 7086 * This makes distribution proportional, but also work-conserving: 7087 * if one cgroup claims much more protection than it uses memory, 7088 * the unused remainder is available to its siblings. 7089 * 7090 * 4. Conversely, when the declared protection is undercommitted at a 7091 * given level, the distribution of the larger parental protection 7092 * budget is NOT proportional. A cgroup's protection from a sibling 7093 * is capped to its own memory.min/low setting. 7094 * 7095 * 5. However, to allow protecting recursive subtrees from each other 7096 * without having to declare each individual cgroup's fixed share 7097 * of the ancestor's claim to protection, any unutilized - 7098 * "floating" - protection from up the tree is distributed in 7099 * proportion to each cgroup's *usage*. This makes the protection 7100 * neutral wrt sibling cgroups and lets them compete freely over 7101 * the shared parental protection budget, but it protects the 7102 * subtree as a whole from neighboring subtrees. 7103 * 7104 * Note that 4. and 5. are not in conflict: 4. is about protecting 7105 * against immediate siblings whereas 5. is about protecting against 7106 * neighboring subtrees. 7107 */ 7108static unsigned long effective_protection(unsigned long usage, 7109 unsigned long parent_usage, 7110 unsigned long setting, 7111 unsigned long parent_effective, 7112 unsigned long siblings_protected) 7113{ 7114 unsigned long protected; 7115 unsigned long ep; 7116 7117 protected = min(usage, setting); 7118 /* 7119 * If all cgroups at this level combined claim and use more 7120 * protection than what the parent affords them, distribute 7121 * shares in proportion to utilization. 7122 * 7123 * We are using actual utilization rather than the statically 7124 * claimed protection in order to be work-conserving: claimed 7125 * but unused protection is available to siblings that would 7126 * otherwise get a smaller chunk than what they claimed. 7127 */ 7128 if (siblings_protected > parent_effective) 7129 return protected * parent_effective / siblings_protected; 7130 7131 /* 7132 * Ok, utilized protection of all children is within what the 7133 * parent affords them, so we know whatever this child claims 7134 * and utilizes is effectively protected. 7135 * 7136 * If there is unprotected usage beyond this value, reclaim 7137 * will apply pressure in proportion to that amount. 7138 * 7139 * If there is unutilized protection, the cgroup will be fully 7140 * shielded from reclaim, but we do return a smaller value for 7141 * protection than what the group could enjoy in theory. This 7142 * is okay. With the overcommit distribution above, effective 7143 * protection is always dependent on how memory is actually 7144 * consumed among the siblings anyway. 7145 */ 7146 ep = protected; 7147 7148 /* 7149 * If the children aren't claiming (all of) the protection 7150 * afforded to them by the parent, distribute the remainder in 7151 * proportion to the (unprotected) memory of each cgroup. That 7152 * way, cgroups that aren't explicitly prioritized wrt each 7153 * other compete freely over the allowance, but they are 7154 * collectively protected from neighboring trees. 7155 * 7156 * We're using unprotected memory for the weight so that if 7157 * some cgroups DO claim explicit protection, we don't protect 7158 * the same bytes twice. 7159 * 7160 * Check both usage and parent_usage against the respective 7161 * protected values. One should imply the other, but they 7162 * aren't read atomically - make sure the division is sane. 7163 */ 7164 if (!(cgrp_dfl_root.flags & CGRP_ROOT_MEMORY_RECURSIVE_PROT)) 7165 return ep; 7166 if (parent_effective > siblings_protected && 7167 parent_usage > siblings_protected && 7168 usage > protected) { 7169 unsigned long unclaimed; 7170 7171 unclaimed = parent_effective - siblings_protected; 7172 unclaimed *= usage - protected; 7173 unclaimed /= parent_usage - siblings_protected; 7174 7175 ep += unclaimed; 7176 } 7177 7178 return ep; 7179} 7180 7181/** 7182 * mem_cgroup_calculate_protection - check if memory consumption is in the normal range 7183 * @root: the top ancestor of the sub-tree being checked 7184 * @memcg: the memory cgroup to check 7185 * 7186 * WARNING: This function is not stateless! It can only be used as part 7187 * of a top-down tree iteration, not for isolated queries. 7188 */ 7189void mem_cgroup_calculate_protection(struct mem_cgroup *root, 7190 struct mem_cgroup *memcg) 7191{ 7192 unsigned long usage, parent_usage; 7193 struct mem_cgroup *parent; 7194 7195 if (mem_cgroup_disabled()) 7196 return; 7197 7198 if (!root) 7199 root = root_mem_cgroup; 7200 7201 /* 7202 * Effective values of the reclaim targets are ignored so they 7203 * can be stale. Have a look at mem_cgroup_protection for more 7204 * details. 7205 * TODO: calculation should be more robust so that we do not need 7206 * that special casing. 7207 */ 7208 if (memcg == root) 7209 return; 7210 7211 usage = page_counter_read(&memcg->memory); 7212 if (!usage) 7213 return; 7214 7215 parent = parent_mem_cgroup(memcg); 7216 7217 if (parent == root) { 7218 memcg->memory.emin = READ_ONCE(memcg->memory.min); 7219 memcg->memory.elow = READ_ONCE(memcg->memory.low); 7220 return; 7221 } 7222 7223 parent_usage = page_counter_read(&parent->memory); 7224 7225 WRITE_ONCE(memcg->memory.emin, effective_protection(usage, parent_usage, 7226 READ_ONCE(memcg->memory.min), 7227 READ_ONCE(parent->memory.emin), 7228 atomic_long_read(&parent->memory.children_min_usage))); 7229 7230 WRITE_ONCE(memcg->memory.elow, effective_protection(usage, parent_usage, 7231 READ_ONCE(memcg->memory.low), 7232 READ_ONCE(parent->memory.elow), 7233 atomic_long_read(&parent->memory.children_low_usage))); 7234} 7235 7236static int charge_memcg(struct folio *folio, struct mem_cgroup *memcg, 7237 gfp_t gfp) 7238{ 7239 int ret; 7240 7241 ret = try_charge(memcg, gfp, folio_nr_pages(folio)); 7242 if (ret) 7243 goto out; 7244 7245 mem_cgroup_commit_charge(folio, memcg); 7246out: 7247 return ret; 7248} 7249 7250int __mem_cgroup_charge(struct folio *folio, struct mm_struct *mm, gfp_t gfp) 7251{ 7252 struct mem_cgroup *memcg; 7253 int ret; 7254 7255 memcg = get_mem_cgroup_from_mm(mm); 7256 ret = charge_memcg(folio, memcg, gfp); 7257 css_put(&memcg->css); 7258 7259 return ret; 7260} 7261 7262/** 7263 * mem_cgroup_hugetlb_try_charge - try to charge the memcg for a hugetlb folio 7264 * @memcg: memcg to charge. 7265 * @gfp: reclaim mode. 7266 * @nr_pages: number of pages to charge. 7267 * 7268 * This function is called when allocating a huge page folio to determine if 7269 * the memcg has the capacity for it. It does not commit the charge yet, 7270 * as the hugetlb folio itself has not been obtained from the hugetlb pool. 7271 * 7272 * Once we have obtained the hugetlb folio, we can call 7273 * mem_cgroup_commit_charge() to commit the charge. If we fail to obtain the 7274 * folio, we should instead call mem_cgroup_cancel_charge() to undo the effect 7275 * of try_charge(). 7276 * 7277 * Returns 0 on success. Otherwise, an error code is returned. 7278 */ 7279int mem_cgroup_hugetlb_try_charge(struct mem_cgroup *memcg, gfp_t gfp, 7280 long nr_pages) 7281{ 7282 /* 7283 * If hugetlb memcg charging is not enabled, do not fail hugetlb allocation, 7284 * but do not attempt to commit charge later (or cancel on error) either. 7285 */ 7286 if (mem_cgroup_disabled() || !memcg || 7287 !cgroup_subsys_on_dfl(memory_cgrp_subsys) || 7288 !(cgrp_dfl_root.flags & CGRP_ROOT_MEMORY_HUGETLB_ACCOUNTING)) 7289 return -EOPNOTSUPP; 7290 7291 if (try_charge(memcg, gfp, nr_pages)) 7292 return -ENOMEM; 7293 7294 return 0; 7295} 7296 7297/** 7298 * mem_cgroup_swapin_charge_folio - Charge a newly allocated folio for swapin. 7299 * @folio: folio to charge. 7300 * @mm: mm context of the victim 7301 * @gfp: reclaim mode 7302 * @entry: swap entry for which the folio is allocated 7303 * 7304 * This function charges a folio allocated for swapin. Please call this before 7305 * adding the folio to the swapcache. 7306 * 7307 * Returns 0 on success. Otherwise, an error code is returned. 7308 */ 7309int mem_cgroup_swapin_charge_folio(struct folio *folio, struct mm_struct *mm, 7310 gfp_t gfp, swp_entry_t entry) 7311{ 7312 struct mem_cgroup *memcg; 7313 unsigned short id; 7314 int ret; 7315 7316 if (mem_cgroup_disabled()) 7317 return 0; 7318 7319 id = lookup_swap_cgroup_id(entry); 7320 rcu_read_lock(); 7321 memcg = mem_cgroup_from_id(id); 7322 if (!memcg || !css_tryget_online(&memcg->css)) 7323 memcg = get_mem_cgroup_from_mm(mm); 7324 rcu_read_unlock(); 7325 7326 ret = charge_memcg(folio, memcg, gfp); 7327 7328 css_put(&memcg->css); 7329 return ret; 7330} 7331 7332/* 7333 * mem_cgroup_swapin_uncharge_swap - uncharge swap slot 7334 * @entry: swap entry for which the page is charged 7335 * 7336 * Call this function after successfully adding the charged page to swapcache. 7337 * 7338 * Note: This function assumes the page for which swap slot is being uncharged 7339 * is order 0 page. 7340 */ 7341void mem_cgroup_swapin_uncharge_swap(swp_entry_t entry) 7342{ 7343 /* 7344 * Cgroup1's unified memory+swap counter has been charged with the 7345 * new swapcache page, finish the transfer by uncharging the swap 7346 * slot. The swap slot would also get uncharged when it dies, but 7347 * it can stick around indefinitely and we'd count the page twice 7348 * the entire time. 7349 * 7350 * Cgroup2 has separate resource counters for memory and swap, 7351 * so this is a non-issue here. Memory and swap charge lifetimes 7352 * correspond 1:1 to page and swap slot lifetimes: we charge the 7353 * page to memory here, and uncharge swap when the slot is freed. 7354 */ 7355 if (!mem_cgroup_disabled() && do_memsw_account()) { 7356 /* 7357 * The swap entry might not get freed for a long time, 7358 * let's not wait for it. The page already received a 7359 * memory+swap charge, drop the swap entry duplicate. 7360 */ 7361 mem_cgroup_uncharge_swap(entry, 1); 7362 } 7363} 7364 7365struct uncharge_gather { 7366 struct mem_cgroup *memcg; 7367 unsigned long nr_memory; 7368 unsigned long pgpgout; 7369 unsigned long nr_kmem; 7370 int nid; 7371}; 7372 7373static inline void uncharge_gather_clear(struct uncharge_gather *ug) 7374{ 7375 memset(ug, 0, sizeof(*ug)); 7376} 7377 7378static void uncharge_batch(const struct uncharge_gather *ug) 7379{ 7380 unsigned long flags; 7381 7382 if (ug->nr_memory) { 7383 page_counter_uncharge(&ug->memcg->memory, ug->nr_memory); 7384 if (do_memsw_account()) 7385 page_counter_uncharge(&ug->memcg->memsw, ug->nr_memory); 7386 if (ug->nr_kmem) 7387 memcg_account_kmem(ug->memcg, -ug->nr_kmem); 7388 memcg_oom_recover(ug->memcg); 7389 } 7390 7391 local_irq_save(flags); 7392 __count_memcg_events(ug->memcg, PGPGOUT, ug->pgpgout); 7393 __this_cpu_add(ug->memcg->vmstats_percpu->nr_page_events, ug->nr_memory); 7394 memcg_check_events(ug->memcg, ug->nid); 7395 local_irq_restore(flags); 7396 7397 /* drop reference from uncharge_folio */ 7398 css_put(&ug->memcg->css); 7399} 7400 7401static void uncharge_folio(struct folio *folio, struct uncharge_gather *ug) 7402{ 7403 long nr_pages; 7404 struct mem_cgroup *memcg; 7405 struct obj_cgroup *objcg; 7406 7407 VM_BUG_ON_FOLIO(folio_test_lru(folio), folio); 7408 7409 /* 7410 * Nobody should be changing or seriously looking at 7411 * folio memcg or objcg at this point, we have fully 7412 * exclusive access to the folio. 7413 */ 7414 if (folio_memcg_kmem(folio)) { 7415 objcg = __folio_objcg(folio); 7416 /* 7417 * This get matches the put at the end of the function and 7418 * kmem pages do not hold memcg references anymore. 7419 */ 7420 memcg = get_mem_cgroup_from_objcg(objcg); 7421 } else { 7422 memcg = __folio_memcg(folio); 7423 } 7424 7425 if (!memcg) 7426 return; 7427 7428 if (ug->memcg != memcg) { 7429 if (ug->memcg) { 7430 uncharge_batch(ug); 7431 uncharge_gather_clear(ug); 7432 } 7433 ug->memcg = memcg; 7434 ug->nid = folio_nid(folio); 7435 7436 /* pairs with css_put in uncharge_batch */ 7437 css_get(&memcg->css); 7438 } 7439 7440 nr_pages = folio_nr_pages(folio); 7441 7442 if (folio_memcg_kmem(folio)) { 7443 ug->nr_memory += nr_pages; 7444 ug->nr_kmem += nr_pages; 7445 7446 folio->memcg_data = 0; 7447 obj_cgroup_put(objcg); 7448 } else { 7449 /* LRU pages aren't accounted at the root level */ 7450 if (!mem_cgroup_is_root(memcg)) 7451 ug->nr_memory += nr_pages; 7452 ug->pgpgout++; 7453 7454 folio->memcg_data = 0; 7455 } 7456 7457 css_put(&memcg->css); 7458} 7459 7460void __mem_cgroup_uncharge(struct folio *folio) 7461{ 7462 struct uncharge_gather ug; 7463 7464 /* Don't touch folio->lru of any random page, pre-check: */ 7465 if (!folio_memcg(folio)) 7466 return; 7467 7468 uncharge_gather_clear(&ug); 7469 uncharge_folio(folio, &ug); 7470 uncharge_batch(&ug); 7471} 7472 7473/** 7474 * __mem_cgroup_uncharge_list - uncharge a list of page 7475 * @page_list: list of pages to uncharge 7476 * 7477 * Uncharge a list of pages previously charged with 7478 * __mem_cgroup_charge(). 7479 */ 7480void __mem_cgroup_uncharge_list(struct list_head *page_list) 7481{ 7482 struct uncharge_gather ug; 7483 struct folio *folio; 7484 7485 uncharge_gather_clear(&ug); 7486 list_for_each_entry(folio, page_list, lru) 7487 uncharge_folio(folio, &ug); 7488 if (ug.memcg) 7489 uncharge_batch(&ug); 7490} 7491 7492/** 7493 * mem_cgroup_replace_folio - Charge a folio's replacement. 7494 * @old: Currently circulating folio. 7495 * @new: Replacement folio. 7496 * 7497 * Charge @new as a replacement folio for @old. @old will 7498 * be uncharged upon free. This is only used by the page cache 7499 * (in replace_page_cache_folio()). 7500 * 7501 * Both folios must be locked, @new->mapping must be set up. 7502 */ 7503void mem_cgroup_replace_folio(struct folio *old, struct folio *new) 7504{ 7505 struct mem_cgroup *memcg; 7506 long nr_pages = folio_nr_pages(new); 7507 unsigned long flags; 7508 7509 VM_BUG_ON_FOLIO(!folio_test_locked(old), old); 7510 VM_BUG_ON_FOLIO(!folio_test_locked(new), new); 7511 VM_BUG_ON_FOLIO(folio_test_anon(old) != folio_test_anon(new), new); 7512 VM_BUG_ON_FOLIO(folio_nr_pages(old) != nr_pages, new); 7513 7514 if (mem_cgroup_disabled()) 7515 return; 7516 7517 /* Page cache replacement: new folio already charged? */ 7518 if (folio_memcg(new)) 7519 return; 7520 7521 memcg = folio_memcg(old); 7522 VM_WARN_ON_ONCE_FOLIO(!memcg, old); 7523 if (!memcg) 7524 return; 7525 7526 /* Force-charge the new page. The old one will be freed soon */ 7527 if (!mem_cgroup_is_root(memcg)) { 7528 page_counter_charge(&memcg->memory, nr_pages); 7529 if (do_memsw_account()) 7530 page_counter_charge(&memcg->memsw, nr_pages); 7531 } 7532 7533 css_get(&memcg->css); 7534 commit_charge(new, memcg); 7535 7536 local_irq_save(flags); 7537 mem_cgroup_charge_statistics(memcg, nr_pages); 7538 memcg_check_events(memcg, folio_nid(new)); 7539 local_irq_restore(flags); 7540} 7541 7542/** 7543 * mem_cgroup_migrate - Transfer the memcg data from the old to the new folio. 7544 * @old: Currently circulating folio. 7545 * @new: Replacement folio. 7546 * 7547 * Transfer the memcg data from the old folio to the new folio for migration. 7548 * The old folio's data info will be cleared. Note that the memory counters 7549 * will remain unchanged throughout the process. 7550 * 7551 * Both folios must be locked, @new->mapping must be set up. 7552 */ 7553void mem_cgroup_migrate(struct folio *old, struct folio *new) 7554{ 7555 struct mem_cgroup *memcg; 7556 7557 VM_BUG_ON_FOLIO(!folio_test_locked(old), old); 7558 VM_BUG_ON_FOLIO(!folio_test_locked(new), new); 7559 VM_BUG_ON_FOLIO(folio_test_anon(old) != folio_test_anon(new), new); 7560 VM_BUG_ON_FOLIO(folio_nr_pages(old) != folio_nr_pages(new), new); 7561 7562 if (mem_cgroup_disabled()) 7563 return; 7564 7565 memcg = folio_memcg(old); 7566 /* 7567 * Note that it is normal to see !memcg for a hugetlb folio. 7568 * For e.g, itt could have been allocated when memory_hugetlb_accounting 7569 * was not selected. 7570 */ 7571 VM_WARN_ON_ONCE_FOLIO(!folio_test_hugetlb(old) && !memcg, old); 7572 if (!memcg) 7573 return; 7574 7575 /* Transfer the charge and the css ref */ 7576 commit_charge(new, memcg); 7577 /* 7578 * If the old folio is a large folio and is in the split queue, it needs 7579 * to be removed from the split queue now, in case getting an incorrect 7580 * split queue in destroy_large_folio() after the memcg of the old folio 7581 * is cleared. 7582 * 7583 * In addition, the old folio is about to be freed after migration, so 7584 * removing from the split queue a bit earlier seems reasonable. 7585 */ 7586 if (folio_test_large(old) && folio_test_large_rmappable(old)) 7587 folio_undo_large_rmappable(old); 7588 old->memcg_data = 0; 7589} 7590 7591DEFINE_STATIC_KEY_FALSE(memcg_sockets_enabled_key); 7592EXPORT_SYMBOL(memcg_sockets_enabled_key); 7593 7594void mem_cgroup_sk_alloc(struct sock *sk) 7595{ 7596 struct mem_cgroup *memcg; 7597 7598 if (!mem_cgroup_sockets_enabled) 7599 return; 7600 7601 /* Do not associate the sock with unrelated interrupted task's memcg. */ 7602 if (!in_task()) 7603 return; 7604 7605 rcu_read_lock(); 7606 memcg = mem_cgroup_from_task(current); 7607 if (mem_cgroup_is_root(memcg)) 7608 goto out; 7609 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys) && !memcg->tcpmem_active) 7610 goto out; 7611 if (css_tryget(&memcg->css)) 7612 sk->sk_memcg = memcg; 7613out: 7614 rcu_read_unlock(); 7615} 7616 7617void mem_cgroup_sk_free(struct sock *sk) 7618{ 7619 if (sk->sk_memcg) 7620 css_put(&sk->sk_memcg->css); 7621} 7622 7623/** 7624 * mem_cgroup_charge_skmem - charge socket memory 7625 * @memcg: memcg to charge 7626 * @nr_pages: number of pages to charge 7627 * @gfp_mask: reclaim mode 7628 * 7629 * Charges @nr_pages to @memcg. Returns %true if the charge fit within 7630 * @memcg's configured limit, %false if it doesn't. 7631 */ 7632bool mem_cgroup_charge_skmem(struct mem_cgroup *memcg, unsigned int nr_pages, 7633 gfp_t gfp_mask) 7634{ 7635 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys)) { 7636 struct page_counter *fail; 7637 7638 if (page_counter_try_charge(&memcg->tcpmem, nr_pages, &fail)) { 7639 memcg->tcpmem_pressure = 0; 7640 return true; 7641 } 7642 memcg->tcpmem_pressure = 1; 7643 if (gfp_mask & __GFP_NOFAIL) { 7644 page_counter_charge(&memcg->tcpmem, nr_pages); 7645 return true; 7646 } 7647 return false; 7648 } 7649 7650 if (try_charge(memcg, gfp_mask, nr_pages) == 0) { 7651 mod_memcg_state(memcg, MEMCG_SOCK, nr_pages); 7652 return true; 7653 } 7654 7655 return false; 7656} 7657 7658/** 7659 * mem_cgroup_uncharge_skmem - uncharge socket memory 7660 * @memcg: memcg to uncharge 7661 * @nr_pages: number of pages to uncharge 7662 */ 7663void mem_cgroup_uncharge_skmem(struct mem_cgroup *memcg, unsigned int nr_pages) 7664{ 7665 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys)) { 7666 page_counter_uncharge(&memcg->tcpmem, nr_pages); 7667 return; 7668 } 7669 7670 mod_memcg_state(memcg, MEMCG_SOCK, -nr_pages); 7671 7672 refill_stock(memcg, nr_pages); 7673} 7674 7675static int __init cgroup_memory(char *s) 7676{ 7677 char *token; 7678 7679 while ((token = strsep(&s, ",")) != NULL) { 7680 if (!*token) 7681 continue; 7682 if (!strcmp(token, "nosocket")) 7683 cgroup_memory_nosocket = true; 7684 if (!strcmp(token, "nokmem")) 7685 cgroup_memory_nokmem = true; 7686 if (!strcmp(token, "nobpf")) 7687 cgroup_memory_nobpf = true; 7688 } 7689 return 1; 7690} 7691__setup("cgroup.memory=", cgroup_memory); 7692 7693/* 7694 * subsys_initcall() for memory controller. 7695 * 7696 * Some parts like memcg_hotplug_cpu_dead() have to be initialized from this 7697 * context because of lock dependencies (cgroup_lock -> cpu hotplug) but 7698 * basically everything that doesn't depend on a specific mem_cgroup structure 7699 * should be initialized from here. 7700 */ 7701static int __init mem_cgroup_init(void) 7702{ 7703 int cpu, node; 7704 7705 /* 7706 * Currently s32 type (can refer to struct batched_lruvec_stat) is 7707 * used for per-memcg-per-cpu caching of per-node statistics. In order 7708 * to work fine, we should make sure that the overfill threshold can't 7709 * exceed S32_MAX / PAGE_SIZE. 7710 */ 7711 BUILD_BUG_ON(MEMCG_CHARGE_BATCH > S32_MAX / PAGE_SIZE); 7712 7713 cpuhp_setup_state_nocalls(CPUHP_MM_MEMCQ_DEAD, "mm/memctrl:dead", NULL, 7714 memcg_hotplug_cpu_dead); 7715 7716 for_each_possible_cpu(cpu) 7717 INIT_WORK(&per_cpu_ptr(&memcg_stock, cpu)->work, 7718 drain_local_stock); 7719 7720 for_each_node(node) { 7721 struct mem_cgroup_tree_per_node *rtpn; 7722 7723 rtpn = kzalloc_node(sizeof(*rtpn), GFP_KERNEL, node); 7724 7725 rtpn->rb_root = RB_ROOT; 7726 rtpn->rb_rightmost = NULL; 7727 spin_lock_init(&rtpn->lock); 7728 soft_limit_tree.rb_tree_per_node[node] = rtpn; 7729 } 7730 7731 return 0; 7732} 7733subsys_initcall(mem_cgroup_init); 7734 7735#ifdef CONFIG_SWAP 7736static struct mem_cgroup *mem_cgroup_id_get_online(struct mem_cgroup *memcg) 7737{ 7738 while (!refcount_inc_not_zero(&memcg->id.ref)) { 7739 /* 7740 * The root cgroup cannot be destroyed, so it's refcount must 7741 * always be >= 1. 7742 */ 7743 if (WARN_ON_ONCE(mem_cgroup_is_root(memcg))) { 7744 VM_BUG_ON(1); 7745 break; 7746 } 7747 memcg = parent_mem_cgroup(memcg); 7748 if (!memcg) 7749 memcg = root_mem_cgroup; 7750 } 7751 return memcg; 7752} 7753 7754/** 7755 * mem_cgroup_swapout - transfer a memsw charge to swap 7756 * @folio: folio whose memsw charge to transfer 7757 * @entry: swap entry to move the charge to 7758 * 7759 * Transfer the memsw charge of @folio to @entry. 7760 */ 7761void mem_cgroup_swapout(struct folio *folio, swp_entry_t entry) 7762{ 7763 struct mem_cgroup *memcg, *swap_memcg; 7764 unsigned int nr_entries; 7765 unsigned short oldid; 7766 7767 VM_BUG_ON_FOLIO(folio_test_lru(folio), folio); 7768 VM_BUG_ON_FOLIO(folio_ref_count(folio), folio); 7769 7770 if (mem_cgroup_disabled()) 7771 return; 7772 7773 if (!do_memsw_account()) 7774 return; 7775 7776 memcg = folio_memcg(folio); 7777 7778 VM_WARN_ON_ONCE_FOLIO(!memcg, folio); 7779 if (!memcg) 7780 return; 7781 7782 /* 7783 * In case the memcg owning these pages has been offlined and doesn't 7784 * have an ID allocated to it anymore, charge the closest online 7785 * ancestor for the swap instead and transfer the memory+swap charge. 7786 */ 7787 swap_memcg = mem_cgroup_id_get_online(memcg); 7788 nr_entries = folio_nr_pages(folio); 7789 /* Get references for the tail pages, too */ 7790 if (nr_entries > 1) 7791 mem_cgroup_id_get_many(swap_memcg, nr_entries - 1); 7792 oldid = swap_cgroup_record(entry, mem_cgroup_id(swap_memcg), 7793 nr_entries); 7794 VM_BUG_ON_FOLIO(oldid, folio); 7795 mod_memcg_state(swap_memcg, MEMCG_SWAP, nr_entries); 7796 7797 folio->memcg_data = 0; 7798 7799 if (!mem_cgroup_is_root(memcg)) 7800 page_counter_uncharge(&memcg->memory, nr_entries); 7801 7802 if (memcg != swap_memcg) { 7803 if (!mem_cgroup_is_root(swap_memcg)) 7804 page_counter_charge(&swap_memcg->memsw, nr_entries); 7805 page_counter_uncharge(&memcg->memsw, nr_entries); 7806 } 7807 7808 /* 7809 * Interrupts should be disabled here because the caller holds the 7810 * i_pages lock which is taken with interrupts-off. It is 7811 * important here to have the interrupts disabled because it is the 7812 * only synchronisation we have for updating the per-CPU variables. 7813 */ 7814 memcg_stats_lock(); 7815 mem_cgroup_charge_statistics(memcg, -nr_entries); 7816 memcg_stats_unlock(); 7817 memcg_check_events(memcg, folio_nid(folio)); 7818 7819 css_put(&memcg->css); 7820} 7821 7822/** 7823 * __mem_cgroup_try_charge_swap - try charging swap space for a folio 7824 * @folio: folio being added to swap 7825 * @entry: swap entry to charge 7826 * 7827 * Try to charge @folio's memcg for the swap space at @entry. 7828 * 7829 * Returns 0 on success, -ENOMEM on failure. 7830 */ 7831int __mem_cgroup_try_charge_swap(struct folio *folio, swp_entry_t entry) 7832{ 7833 unsigned int nr_pages = folio_nr_pages(folio); 7834 struct page_counter *counter; 7835 struct mem_cgroup *memcg; 7836 unsigned short oldid; 7837 7838 if (do_memsw_account()) 7839 return 0; 7840 7841 memcg = folio_memcg(folio); 7842 7843 VM_WARN_ON_ONCE_FOLIO(!memcg, folio); 7844 if (!memcg) 7845 return 0; 7846 7847 if (!entry.val) { 7848 memcg_memory_event(memcg, MEMCG_SWAP_FAIL); 7849 return 0; 7850 } 7851 7852 memcg = mem_cgroup_id_get_online(memcg); 7853 7854 if (!mem_cgroup_is_root(memcg) && 7855 !page_counter_try_charge(&memcg->swap, nr_pages, &counter)) { 7856 memcg_memory_event(memcg, MEMCG_SWAP_MAX); 7857 memcg_memory_event(memcg, MEMCG_SWAP_FAIL); 7858 mem_cgroup_id_put(memcg); 7859 return -ENOMEM; 7860 } 7861 7862 /* Get references for the tail pages, too */ 7863 if (nr_pages > 1) 7864 mem_cgroup_id_get_many(memcg, nr_pages - 1); 7865 oldid = swap_cgroup_record(entry, mem_cgroup_id(memcg), nr_pages); 7866 VM_BUG_ON_FOLIO(oldid, folio); 7867 mod_memcg_state(memcg, MEMCG_SWAP, nr_pages); 7868 7869 return 0; 7870} 7871 7872/** 7873 * __mem_cgroup_uncharge_swap - uncharge swap space 7874 * @entry: swap entry to uncharge 7875 * @nr_pages: the amount of swap space to uncharge 7876 */ 7877void __mem_cgroup_uncharge_swap(swp_entry_t entry, unsigned int nr_pages) 7878{ 7879 struct mem_cgroup *memcg; 7880 unsigned short id; 7881 7882 id = swap_cgroup_record(entry, 0, nr_pages); 7883 rcu_read_lock(); 7884 memcg = mem_cgroup_from_id(id); 7885 if (memcg) { 7886 if (!mem_cgroup_is_root(memcg)) { 7887 if (do_memsw_account()) 7888 page_counter_uncharge(&memcg->memsw, nr_pages); 7889 else 7890 page_counter_uncharge(&memcg->swap, nr_pages); 7891 } 7892 mod_memcg_state(memcg, MEMCG_SWAP, -nr_pages); 7893 mem_cgroup_id_put_many(memcg, nr_pages); 7894 } 7895 rcu_read_unlock(); 7896} 7897 7898long mem_cgroup_get_nr_swap_pages(struct mem_cgroup *memcg) 7899{ 7900 long nr_swap_pages = get_nr_swap_pages(); 7901 7902 if (mem_cgroup_disabled() || do_memsw_account()) 7903 return nr_swap_pages; 7904 for (; !mem_cgroup_is_root(memcg); memcg = parent_mem_cgroup(memcg)) 7905 nr_swap_pages = min_t(long, nr_swap_pages, 7906 READ_ONCE(memcg->swap.max) - 7907 page_counter_read(&memcg->swap)); 7908 return nr_swap_pages; 7909} 7910 7911bool mem_cgroup_swap_full(struct folio *folio) 7912{ 7913 struct mem_cgroup *memcg; 7914 7915 VM_BUG_ON_FOLIO(!folio_test_locked(folio), folio); 7916 7917 if (vm_swap_full()) 7918 return true; 7919 if (do_memsw_account()) 7920 return false; 7921 7922 memcg = folio_memcg(folio); 7923 if (!memcg) 7924 return false; 7925 7926 for (; !mem_cgroup_is_root(memcg); memcg = parent_mem_cgroup(memcg)) { 7927 unsigned long usage = page_counter_read(&memcg->swap); 7928 7929 if (usage * 2 >= READ_ONCE(memcg->swap.high) || 7930 usage * 2 >= READ_ONCE(memcg->swap.max)) 7931 return true; 7932 } 7933 7934 return false; 7935} 7936 7937static int __init setup_swap_account(char *s) 7938{ 7939 pr_warn_once("The swapaccount= commandline option is deprecated. " 7940 "Please report your usecase to linux-mm@kvack.org if you " 7941 "depend on this functionality.\n"); 7942 return 1; 7943} 7944__setup("swapaccount=", setup_swap_account); 7945 7946static u64 swap_current_read(struct cgroup_subsys_state *css, 7947 struct cftype *cft) 7948{ 7949 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 7950 7951 return (u64)page_counter_read(&memcg->swap) * PAGE_SIZE; 7952} 7953 7954static u64 swap_peak_read(struct cgroup_subsys_state *css, 7955 struct cftype *cft) 7956{ 7957 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 7958 7959 return (u64)memcg->swap.watermark * PAGE_SIZE; 7960} 7961 7962static int swap_high_show(struct seq_file *m, void *v) 7963{ 7964 return seq_puts_memcg_tunable(m, 7965 READ_ONCE(mem_cgroup_from_seq(m)->swap.high)); 7966} 7967 7968static ssize_t swap_high_write(struct kernfs_open_file *of, 7969 char *buf, size_t nbytes, loff_t off) 7970{ 7971 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 7972 unsigned long high; 7973 int err; 7974 7975 buf = strstrip(buf); 7976 err = page_counter_memparse(buf, "max", &high); 7977 if (err) 7978 return err; 7979 7980 page_counter_set_high(&memcg->swap, high); 7981 7982 return nbytes; 7983} 7984 7985static int swap_max_show(struct seq_file *m, void *v) 7986{ 7987 return seq_puts_memcg_tunable(m, 7988 READ_ONCE(mem_cgroup_from_seq(m)->swap.max)); 7989} 7990 7991static ssize_t swap_max_write(struct kernfs_open_file *of, 7992 char *buf, size_t nbytes, loff_t off) 7993{ 7994 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 7995 unsigned long max; 7996 int err; 7997 7998 buf = strstrip(buf); 7999 err = page_counter_memparse(buf, "max", &max); 8000 if (err) 8001 return err; 8002 8003 xchg(&memcg->swap.max, max); 8004 8005 return nbytes; 8006} 8007 8008static int swap_events_show(struct seq_file *m, void *v) 8009{ 8010 struct mem_cgroup *memcg = mem_cgroup_from_seq(m); 8011 8012 seq_printf(m, "high %lu\n", 8013 atomic_long_read(&memcg->memory_events[MEMCG_SWAP_HIGH])); 8014 seq_printf(m, "max %lu\n", 8015 atomic_long_read(&memcg->memory_events[MEMCG_SWAP_MAX])); 8016 seq_printf(m, "fail %lu\n", 8017 atomic_long_read(&memcg->memory_events[MEMCG_SWAP_FAIL])); 8018 8019 return 0; 8020} 8021 8022static struct cftype swap_files[] = { 8023 { 8024 .name = "swap.current", 8025 .flags = CFTYPE_NOT_ON_ROOT, 8026 .read_u64 = swap_current_read, 8027 }, 8028 { 8029 .name = "swap.high", 8030 .flags = CFTYPE_NOT_ON_ROOT, 8031 .seq_show = swap_high_show, 8032 .write = swap_high_write, 8033 }, 8034 { 8035 .name = "swap.max", 8036 .flags = CFTYPE_NOT_ON_ROOT, 8037 .seq_show = swap_max_show, 8038 .write = swap_max_write, 8039 }, 8040 { 8041 .name = "swap.peak", 8042 .flags = CFTYPE_NOT_ON_ROOT, 8043 .read_u64 = swap_peak_read, 8044 }, 8045 { 8046 .name = "swap.events", 8047 .flags = CFTYPE_NOT_ON_ROOT, 8048 .file_offset = offsetof(struct mem_cgroup, swap_events_file), 8049 .seq_show = swap_events_show, 8050 }, 8051 { } /* terminate */ 8052}; 8053 8054static struct cftype memsw_files[] = { 8055 { 8056 .name = "memsw.usage_in_bytes", 8057 .private = MEMFILE_PRIVATE(_MEMSWAP, RES_USAGE), 8058 .read_u64 = mem_cgroup_read_u64, 8059 }, 8060 { 8061 .name = "memsw.max_usage_in_bytes", 8062 .private = MEMFILE_PRIVATE(_MEMSWAP, RES_MAX_USAGE), 8063 .write = mem_cgroup_reset, 8064 .read_u64 = mem_cgroup_read_u64, 8065 }, 8066 { 8067 .name = "memsw.limit_in_bytes", 8068 .private = MEMFILE_PRIVATE(_MEMSWAP, RES_LIMIT), 8069 .write = mem_cgroup_write, 8070 .read_u64 = mem_cgroup_read_u64, 8071 }, 8072 { 8073 .name = "memsw.failcnt", 8074 .private = MEMFILE_PRIVATE(_MEMSWAP, RES_FAILCNT), 8075 .write = mem_cgroup_reset, 8076 .read_u64 = mem_cgroup_read_u64, 8077 }, 8078 { }, /* terminate */ 8079}; 8080 8081#if defined(CONFIG_MEMCG_KMEM) && defined(CONFIG_ZSWAP) 8082/** 8083 * obj_cgroup_may_zswap - check if this cgroup can zswap 8084 * @objcg: the object cgroup 8085 * 8086 * Check if the hierarchical zswap limit has been reached. 8087 * 8088 * This doesn't check for specific headroom, and it is not atomic 8089 * either. But with zswap, the size of the allocation is only known 8090 * once compression has occurred, and this optimistic pre-check avoids 8091 * spending cycles on compression when there is already no room left 8092 * or zswap is disabled altogether somewhere in the hierarchy. 8093 */ 8094bool obj_cgroup_may_zswap(struct obj_cgroup *objcg) 8095{ 8096 struct mem_cgroup *memcg, *original_memcg; 8097 bool ret = true; 8098 8099 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys)) 8100 return true; 8101 8102 original_memcg = get_mem_cgroup_from_objcg(objcg); 8103 for (memcg = original_memcg; !mem_cgroup_is_root(memcg); 8104 memcg = parent_mem_cgroup(memcg)) { 8105 unsigned long max = READ_ONCE(memcg->zswap_max); 8106 unsigned long pages; 8107 8108 if (max == PAGE_COUNTER_MAX) 8109 continue; 8110 if (max == 0) { 8111 ret = false; 8112 break; 8113 } 8114 8115 /* 8116 * mem_cgroup_flush_stats() ignores small changes. Use 8117 * do_flush_stats() directly to get accurate stats for charging. 8118 */ 8119 do_flush_stats(memcg); 8120 pages = memcg_page_state(memcg, MEMCG_ZSWAP_B) / PAGE_SIZE; 8121 if (pages < max) 8122 continue; 8123 ret = false; 8124 break; 8125 } 8126 mem_cgroup_put(original_memcg); 8127 return ret; 8128} 8129 8130/** 8131 * obj_cgroup_charge_zswap - charge compression backend memory 8132 * @objcg: the object cgroup 8133 * @size: size of compressed object 8134 * 8135 * This forces the charge after obj_cgroup_may_zswap() allowed 8136 * compression and storage in zwap for this cgroup to go ahead. 8137 */ 8138void obj_cgroup_charge_zswap(struct obj_cgroup *objcg, size_t size) 8139{ 8140 struct mem_cgroup *memcg; 8141 8142 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys)) 8143 return; 8144 8145 VM_WARN_ON_ONCE(!(current->flags & PF_MEMALLOC)); 8146 8147 /* PF_MEMALLOC context, charging must succeed */ 8148 if (obj_cgroup_charge(objcg, GFP_KERNEL, size)) 8149 VM_WARN_ON_ONCE(1); 8150 8151 rcu_read_lock(); 8152 memcg = obj_cgroup_memcg(objcg); 8153 mod_memcg_state(memcg, MEMCG_ZSWAP_B, size); 8154 mod_memcg_state(memcg, MEMCG_ZSWAPPED, 1); 8155 rcu_read_unlock(); 8156} 8157 8158/** 8159 * obj_cgroup_uncharge_zswap - uncharge compression backend memory 8160 * @objcg: the object cgroup 8161 * @size: size of compressed object 8162 * 8163 * Uncharges zswap memory on page in. 8164 */ 8165void obj_cgroup_uncharge_zswap(struct obj_cgroup *objcg, size_t size) 8166{ 8167 struct mem_cgroup *memcg; 8168 8169 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys)) 8170 return; 8171 8172 obj_cgroup_uncharge(objcg, size); 8173 8174 rcu_read_lock(); 8175 memcg = obj_cgroup_memcg(objcg); 8176 mod_memcg_state(memcg, MEMCG_ZSWAP_B, -size); 8177 mod_memcg_state(memcg, MEMCG_ZSWAPPED, -1); 8178 rcu_read_unlock(); 8179} 8180 8181bool mem_cgroup_zswap_writeback_enabled(struct mem_cgroup *memcg) 8182{ 8183 /* if zswap is disabled, do not block pages going to the swapping device */ 8184 return !is_zswap_enabled() || !memcg || READ_ONCE(memcg->zswap_writeback); 8185} 8186 8187static u64 zswap_current_read(struct cgroup_subsys_state *css, 8188 struct cftype *cft) 8189{ 8190 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 8191 8192 mem_cgroup_flush_stats(memcg); 8193 return memcg_page_state(memcg, MEMCG_ZSWAP_B); 8194} 8195 8196static int zswap_max_show(struct seq_file *m, void *v) 8197{ 8198 return seq_puts_memcg_tunable(m, 8199 READ_ONCE(mem_cgroup_from_seq(m)->zswap_max)); 8200} 8201 8202static ssize_t zswap_max_write(struct kernfs_open_file *of, 8203 char *buf, size_t nbytes, loff_t off) 8204{ 8205 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 8206 unsigned long max; 8207 int err; 8208 8209 buf = strstrip(buf); 8210 err = page_counter_memparse(buf, "max", &max); 8211 if (err) 8212 return err; 8213 8214 xchg(&memcg->zswap_max, max); 8215 8216 return nbytes; 8217} 8218 8219static int zswap_writeback_show(struct seq_file *m, void *v) 8220{ 8221 struct mem_cgroup *memcg = mem_cgroup_from_seq(m); 8222 8223 seq_printf(m, "%d\n", READ_ONCE(memcg->zswap_writeback)); 8224 return 0; 8225} 8226 8227static ssize_t zswap_writeback_write(struct kernfs_open_file *of, 8228 char *buf, size_t nbytes, loff_t off) 8229{ 8230 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 8231 int zswap_writeback; 8232 ssize_t parse_ret = kstrtoint(strstrip(buf), 0, &zswap_writeback); 8233 8234 if (parse_ret) 8235 return parse_ret; 8236 8237 if (zswap_writeback != 0 && zswap_writeback != 1) 8238 return -EINVAL; 8239 8240 WRITE_ONCE(memcg->zswap_writeback, zswap_writeback); 8241 return nbytes; 8242} 8243 8244static struct cftype zswap_files[] = { 8245 { 8246 .name = "zswap.current", 8247 .flags = CFTYPE_NOT_ON_ROOT, 8248 .read_u64 = zswap_current_read, 8249 }, 8250 { 8251 .name = "zswap.max", 8252 .flags = CFTYPE_NOT_ON_ROOT, 8253 .seq_show = zswap_max_show, 8254 .write = zswap_max_write, 8255 }, 8256 { 8257 .name = "zswap.writeback", 8258 .seq_show = zswap_writeback_show, 8259 .write = zswap_writeback_write, 8260 }, 8261 { } /* terminate */ 8262}; 8263#endif /* CONFIG_MEMCG_KMEM && CONFIG_ZSWAP */ 8264 8265static int __init mem_cgroup_swap_init(void) 8266{ 8267 if (mem_cgroup_disabled()) 8268 return 0; 8269 8270 WARN_ON(cgroup_add_dfl_cftypes(&memory_cgrp_subsys, swap_files)); 8271 WARN_ON(cgroup_add_legacy_cftypes(&memory_cgrp_subsys, memsw_files)); 8272#if defined(CONFIG_MEMCG_KMEM) && defined(CONFIG_ZSWAP) 8273 WARN_ON(cgroup_add_dfl_cftypes(&memory_cgrp_subsys, zswap_files)); 8274#endif 8275 return 0; 8276} 8277subsys_initcall(mem_cgroup_swap_init); 8278 8279#endif /* CONFIG_SWAP */