tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom
kernel / mm / memcontrol.c
at v6.5-rc3 7896 lines 208 kB view raw
1// SPDX-License-Identifier: GPL-2.0-or-later 2/* memcontrol.c - Memory Controller 3 * 4 * Copyright IBM Corporation, 2007 5 * Author Balbir Singh <balbir@linux.vnet.ibm.com> 6 * 7 * Copyright 2007 OpenVZ SWsoft Inc 8 * Author: Pavel Emelianov <xemul@openvz.org> 9 * 10 * Memory thresholds 11 * Copyright (C) 2009 Nokia Corporation 12 * Author: Kirill A. Shutemov 13 * 14 * Kernel Memory Controller 15 * Copyright (C) 2012 Parallels Inc. and Google Inc. 16 * Authors: Glauber Costa and Suleiman Souhlal 17 * 18 * Native page reclaim 19 * Charge lifetime sanitation 20 * Lockless page tracking & accounting 21 * Unified hierarchy configuration model 22 * Copyright (C) 2015 Red Hat, Inc., Johannes Weiner 23 * 24 * Per memcg lru locking 25 * Copyright (C) 2020 Alibaba, Inc, Alex Shi 26 */ 27 28#include <linux/page_counter.h> 29#include <linux/memcontrol.h> 30#include <linux/cgroup.h> 31#include <linux/pagewalk.h> 32#include <linux/sched/mm.h> 33#include <linux/shmem_fs.h> 34#include <linux/hugetlb.h> 35#include <linux/pagemap.h> 36#include <linux/vm_event_item.h> 37#include <linux/smp.h> 38#include <linux/page-flags.h> 39#include <linux/backing-dev.h> 40#include <linux/bit_spinlock.h> 41#include <linux/rcupdate.h> 42#include <linux/limits.h> 43#include <linux/export.h> 44#include <linux/mutex.h> 45#include <linux/rbtree.h> 46#include <linux/slab.h> 47#include <linux/swap.h> 48#include <linux/swapops.h> 49#include <linux/spinlock.h> 50#include <linux/eventfd.h> 51#include <linux/poll.h> 52#include <linux/sort.h> 53#include <linux/fs.h> 54#include <linux/seq_file.h> 55#include <linux/vmpressure.h> 56#include <linux/memremap.h> 57#include <linux/mm_inline.h> 58#include <linux/swap_cgroup.h> 59#include <linux/cpu.h> 60#include <linux/oom.h> 61#include <linux/lockdep.h> 62#include <linux/file.h> 63#include <linux/resume_user_mode.h> 64#include <linux/psi.h> 65#include <linux/seq_buf.h> 66#include <linux/sched/isolation.h> 67#include "internal.h" 68#include <net/sock.h> 69#include <net/ip.h> 70#include "slab.h" 71#include "swap.h" 72 73#include <linux/uaccess.h> 74 75#include <trace/events/vmscan.h> 76 77struct cgroup_subsys memory_cgrp_subsys __read_mostly; 78EXPORT_SYMBOL(memory_cgrp_subsys); 79 80struct mem_cgroup *root_mem_cgroup __read_mostly; 81 82/* Active memory cgroup to use from an interrupt context */ 83DEFINE_PER_CPU(struct mem_cgroup *, int_active_memcg); 84EXPORT_PER_CPU_SYMBOL_GPL(int_active_memcg); 85 86/* Socket memory accounting disabled? */ 87static bool cgroup_memory_nosocket __ro_after_init; 88 89/* Kernel memory accounting disabled? */ 90static bool cgroup_memory_nokmem __ro_after_init; 91 92/* BPF memory accounting disabled? */ 93static bool cgroup_memory_nobpf __ro_after_init; 94 95#ifdef CONFIG_CGROUP_WRITEBACK 96static DECLARE_WAIT_QUEUE_HEAD(memcg_cgwb_frn_waitq); 97#endif 98 99/* Whether legacy memory+swap accounting is active */ 100static bool do_memsw_account(void) 101{ 102 return !cgroup_subsys_on_dfl(memory_cgrp_subsys); 103} 104 105#define THRESHOLDS_EVENTS_TARGET 128 106#define SOFTLIMIT_EVENTS_TARGET 1024 107 108/* 109 * Cgroups above their limits are maintained in a RB-Tree, independent of 110 * their hierarchy representation 111 */ 112 113struct mem_cgroup_tree_per_node { 114 struct rb_root rb_root; 115 struct rb_node *rb_rightmost; 116 spinlock_t lock; 117}; 118 119struct mem_cgroup_tree { 120 struct mem_cgroup_tree_per_node *rb_tree_per_node[MAX_NUMNODES]; 121}; 122 123static struct mem_cgroup_tree soft_limit_tree __read_mostly; 124 125/* for OOM */ 126struct mem_cgroup_eventfd_list { 127 struct list_head list; 128 struct eventfd_ctx *eventfd; 129}; 130 131/* 132 * cgroup_event represents events which userspace want to receive. 133 */ 134struct mem_cgroup_event { 135 /* 136 * memcg which the event belongs to. 137 */ 138 struct mem_cgroup *memcg; 139 /* 140 * eventfd to signal userspace about the event. 141 */ 142 struct eventfd_ctx *eventfd; 143 /* 144 * Each of these stored in a list by the cgroup. 145 */ 146 struct list_head list; 147 /* 148 * register_event() callback will be used to add new userspace 149 * waiter for changes related to this event. Use eventfd_signal() 150 * on eventfd to send notification to userspace. 151 */ 152 int (*register_event)(struct mem_cgroup *memcg, 153 struct eventfd_ctx *eventfd, const char *args); 154 /* 155 * unregister_event() callback will be called when userspace closes 156 * the eventfd or on cgroup removing. This callback must be set, 157 * if you want provide notification functionality. 158 */ 159 void (*unregister_event)(struct mem_cgroup *memcg, 160 struct eventfd_ctx *eventfd); 161 /* 162 * All fields below needed to unregister event when 163 * userspace closes eventfd. 164 */ 165 poll_table pt; 166 wait_queue_head_t *wqh; 167 wait_queue_entry_t wait; 168 struct work_struct remove; 169}; 170 171static void mem_cgroup_threshold(struct mem_cgroup *memcg); 172static void mem_cgroup_oom_notify(struct mem_cgroup *memcg); 173 174/* Stuffs for move charges at task migration. */ 175/* 176 * Types of charges to be moved. 177 */ 178#define MOVE_ANON 0x1U 179#define MOVE_FILE 0x2U 180#define MOVE_MASK (MOVE_ANON | MOVE_FILE) 181 182/* "mc" and its members are protected by cgroup_mutex */ 183static struct move_charge_struct { 184 spinlock_t lock; /* for from, to */ 185 struct mm_struct *mm; 186 struct mem_cgroup *from; 187 struct mem_cgroup *to; 188 unsigned long flags; 189 unsigned long precharge; 190 unsigned long moved_charge; 191 unsigned long moved_swap; 192 struct task_struct *moving_task; /* a task moving charges */ 193 wait_queue_head_t waitq; /* a waitq for other context */ 194} mc = { 195 .lock = __SPIN_LOCK_UNLOCKED(mc.lock), 196 .waitq = __WAIT_QUEUE_HEAD_INITIALIZER(mc.waitq), 197}; 198 199/* 200 * Maximum loops in mem_cgroup_hierarchical_reclaim(), used for soft 201 * limit reclaim to prevent infinite loops, if they ever occur. 202 */ 203#define MEM_CGROUP_MAX_RECLAIM_LOOPS 100 204#define MEM_CGROUP_MAX_SOFT_LIMIT_RECLAIM_LOOPS 2 205 206/* for encoding cft->private value on file */ 207enum res_type { 208 _MEM, 209 _MEMSWAP, 210 _KMEM, 211 _TCP, 212}; 213 214#define MEMFILE_PRIVATE(x, val) ((x) << 16 | (val)) 215#define MEMFILE_TYPE(val) ((val) >> 16 & 0xffff) 216#define MEMFILE_ATTR(val) ((val) & 0xffff) 217 218/* 219 * Iteration constructs for visiting all cgroups (under a tree). If 220 * loops are exited prematurely (break), mem_cgroup_iter_break() must 221 * be used for reference counting. 222 */ 223#define for_each_mem_cgroup_tree(iter, root) \ 224 for (iter = mem_cgroup_iter(root, NULL, NULL); \ 225 iter != NULL; \ 226 iter = mem_cgroup_iter(root, iter, NULL)) 227 228#define for_each_mem_cgroup(iter) \ 229 for (iter = mem_cgroup_iter(NULL, NULL, NULL); \ 230 iter != NULL; \ 231 iter = mem_cgroup_iter(NULL, iter, NULL)) 232 233static inline bool task_is_dying(void) 234{ 235 return tsk_is_oom_victim(current) || fatal_signal_pending(current) || 236 (current->flags & PF_EXITING); 237} 238 239/* Some nice accessors for the vmpressure. */ 240struct vmpressure *memcg_to_vmpressure(struct mem_cgroup *memcg) 241{ 242 if (!memcg) 243 memcg = root_mem_cgroup; 244 return &memcg->vmpressure; 245} 246 247struct mem_cgroup *vmpressure_to_memcg(struct vmpressure *vmpr) 248{ 249 return container_of(vmpr, struct mem_cgroup, vmpressure); 250} 251 252#ifdef CONFIG_MEMCG_KMEM 253static DEFINE_SPINLOCK(objcg_lock); 254 255bool mem_cgroup_kmem_disabled(void) 256{ 257 return cgroup_memory_nokmem; 258} 259 260static void obj_cgroup_uncharge_pages(struct obj_cgroup *objcg, 261 unsigned int nr_pages); 262 263static void obj_cgroup_release(struct percpu_ref *ref) 264{ 265 struct obj_cgroup *objcg = container_of(ref, struct obj_cgroup, refcnt); 266 unsigned int nr_bytes; 267 unsigned int nr_pages; 268 unsigned long flags; 269 270 /* 271 * At this point all allocated objects are freed, and 272 * objcg->nr_charged_bytes can't have an arbitrary byte value. 273 * However, it can be PAGE_SIZE or (x * PAGE_SIZE). 274 * 275 * The following sequence can lead to it: 276 * 1) CPU0: objcg == stock->cached_objcg 277 * 2) CPU1: we do a small allocation (e.g. 92 bytes), 278 * PAGE_SIZE bytes are charged 279 * 3) CPU1: a process from another memcg is allocating something, 280 * the stock if flushed, 281 * objcg->nr_charged_bytes = PAGE_SIZE - 92 282 * 5) CPU0: we do release this object, 283 * 92 bytes are added to stock->nr_bytes 284 * 6) CPU0: stock is flushed, 285 * 92 bytes are added to objcg->nr_charged_bytes 286 * 287 * In the result, nr_charged_bytes == PAGE_SIZE. 288 * This page will be uncharged in obj_cgroup_release(). 289 */ 290 nr_bytes = atomic_read(&objcg->nr_charged_bytes); 291 WARN_ON_ONCE(nr_bytes & (PAGE_SIZE - 1)); 292 nr_pages = nr_bytes >> PAGE_SHIFT; 293 294 if (nr_pages) 295 obj_cgroup_uncharge_pages(objcg, nr_pages); 296 297 spin_lock_irqsave(&objcg_lock, flags); 298 list_del(&objcg->list); 299 spin_unlock_irqrestore(&objcg_lock, flags); 300 301 percpu_ref_exit(ref); 302 kfree_rcu(objcg, rcu); 303} 304 305static struct obj_cgroup *obj_cgroup_alloc(void) 306{ 307 struct obj_cgroup *objcg; 308 int ret; 309 310 objcg = kzalloc(sizeof(struct obj_cgroup), GFP_KERNEL); 311 if (!objcg) 312 return NULL; 313 314 ret = percpu_ref_init(&objcg->refcnt, obj_cgroup_release, 0, 315 GFP_KERNEL); 316 if (ret) { 317 kfree(objcg); 318 return NULL; 319 } 320 INIT_LIST_HEAD(&objcg->list); 321 return objcg; 322} 323 324static void memcg_reparent_objcgs(struct mem_cgroup *memcg, 325 struct mem_cgroup *parent) 326{ 327 struct obj_cgroup *objcg, *iter; 328 329 objcg = rcu_replace_pointer(memcg->objcg, NULL, true); 330 331 spin_lock_irq(&objcg_lock); 332 333 /* 1) Ready to reparent active objcg. */ 334 list_add(&objcg->list, &memcg->objcg_list); 335 /* 2) Reparent active objcg and already reparented objcgs to parent. */ 336 list_for_each_entry(iter, &memcg->objcg_list, list) 337 WRITE_ONCE(iter->memcg, parent); 338 /* 3) Move already reparented objcgs to the parent's list */ 339 list_splice(&memcg->objcg_list, &parent->objcg_list); 340 341 spin_unlock_irq(&objcg_lock); 342 343 percpu_ref_kill(&objcg->refcnt); 344} 345 346/* 347 * A lot of the calls to the cache allocation functions are expected to be 348 * inlined by the compiler. Since the calls to memcg_slab_pre_alloc_hook() are 349 * conditional to this static branch, we'll have to allow modules that does 350 * kmem_cache_alloc and the such to see this symbol as well 351 */ 352DEFINE_STATIC_KEY_FALSE(memcg_kmem_online_key); 353EXPORT_SYMBOL(memcg_kmem_online_key); 354 355DEFINE_STATIC_KEY_FALSE(memcg_bpf_enabled_key); 356EXPORT_SYMBOL(memcg_bpf_enabled_key); 357#endif 358 359/** 360 * mem_cgroup_css_from_folio - css of the memcg associated with a folio 361 * @folio: folio of interest 362 * 363 * If memcg is bound to the default hierarchy, css of the memcg associated 364 * with @folio is returned. The returned css remains associated with @folio 365 * until it is released. 366 * 367 * If memcg is bound to a traditional hierarchy, the css of root_mem_cgroup 368 * is returned. 369 */ 370struct cgroup_subsys_state *mem_cgroup_css_from_folio(struct folio *folio) 371{ 372 struct mem_cgroup *memcg = folio_memcg(folio); 373 374 if (!memcg || !cgroup_subsys_on_dfl(memory_cgrp_subsys)) 375 memcg = root_mem_cgroup; 376 377 return &memcg->css; 378} 379 380/** 381 * page_cgroup_ino - return inode number of the memcg a page is charged to 382 * @page: the page 383 * 384 * Look up the closest online ancestor of the memory cgroup @page is charged to 385 * and return its inode number or 0 if @page is not charged to any cgroup. It 386 * is safe to call this function without holding a reference to @page. 387 * 388 * Note, this function is inherently racy, because there is nothing to prevent 389 * the cgroup inode from getting torn down and potentially reallocated a moment 390 * after page_cgroup_ino() returns, so it only should be used by callers that 391 * do not care (such as procfs interfaces). 392 */ 393ino_t page_cgroup_ino(struct page *page) 394{ 395 struct mem_cgroup *memcg; 396 unsigned long ino = 0; 397 398 rcu_read_lock(); 399 /* page_folio() is racy here, but the entire function is racy anyway */ 400 memcg = folio_memcg_check(page_folio(page)); 401 402 while (memcg && !(memcg->css.flags & CSS_ONLINE)) 403 memcg = parent_mem_cgroup(memcg); 404 if (memcg) 405 ino = cgroup_ino(memcg->css.cgroup); 406 rcu_read_unlock(); 407 return ino; 408} 409 410static void __mem_cgroup_insert_exceeded(struct mem_cgroup_per_node *mz, 411 struct mem_cgroup_tree_per_node *mctz, 412 unsigned long new_usage_in_excess) 413{ 414 struct rb_node **p = &mctz->rb_root.rb_node; 415 struct rb_node *parent = NULL; 416 struct mem_cgroup_per_node *mz_node; 417 bool rightmost = true; 418 419 if (mz->on_tree) 420 return; 421 422 mz->usage_in_excess = new_usage_in_excess; 423 if (!mz->usage_in_excess) 424 return; 425 while (*p) { 426 parent = *p; 427 mz_node = rb_entry(parent, struct mem_cgroup_per_node, 428 tree_node); 429 if (mz->usage_in_excess < mz_node->usage_in_excess) { 430 p = &(*p)->rb_left; 431 rightmost = false; 432 } else { 433 p = &(*p)->rb_right; 434 } 435 } 436 437 if (rightmost) 438 mctz->rb_rightmost = &mz->tree_node; 439 440 rb_link_node(&mz->tree_node, parent, p); 441 rb_insert_color(&mz->tree_node, &mctz->rb_root); 442 mz->on_tree = true; 443} 444 445static void __mem_cgroup_remove_exceeded(struct mem_cgroup_per_node *mz, 446 struct mem_cgroup_tree_per_node *mctz) 447{ 448 if (!mz->on_tree) 449 return; 450 451 if (&mz->tree_node == mctz->rb_rightmost) 452 mctz->rb_rightmost = rb_prev(&mz->tree_node); 453 454 rb_erase(&mz->tree_node, &mctz->rb_root); 455 mz->on_tree = false; 456} 457 458static void mem_cgroup_remove_exceeded(struct mem_cgroup_per_node *mz, 459 struct mem_cgroup_tree_per_node *mctz) 460{ 461 unsigned long flags; 462 463 spin_lock_irqsave(&mctz->lock, flags); 464 __mem_cgroup_remove_exceeded(mz, mctz); 465 spin_unlock_irqrestore(&mctz->lock, flags); 466} 467 468static unsigned long soft_limit_excess(struct mem_cgroup *memcg) 469{ 470 unsigned long nr_pages = page_counter_read(&memcg->memory); 471 unsigned long soft_limit = READ_ONCE(memcg->soft_limit); 472 unsigned long excess = 0; 473 474 if (nr_pages > soft_limit) 475 excess = nr_pages - soft_limit; 476 477 return excess; 478} 479 480static void mem_cgroup_update_tree(struct mem_cgroup *memcg, int nid) 481{ 482 unsigned long excess; 483 struct mem_cgroup_per_node *mz; 484 struct mem_cgroup_tree_per_node *mctz; 485 486 if (lru_gen_enabled()) { 487 if (soft_limit_excess(memcg)) 488 lru_gen_soft_reclaim(memcg, nid); 489 return; 490 } 491 492 mctz = soft_limit_tree.rb_tree_per_node[nid]; 493 if (!mctz) 494 return; 495 /* 496 * Necessary to update all ancestors when hierarchy is used. 497 * because their event counter is not touched. 498 */ 499 for (; memcg; memcg = parent_mem_cgroup(memcg)) { 500 mz = memcg->nodeinfo[nid]; 501 excess = soft_limit_excess(memcg); 502 /* 503 * We have to update the tree if mz is on RB-tree or 504 * mem is over its softlimit. 505 */ 506 if (excess || mz->on_tree) { 507 unsigned long flags; 508 509 spin_lock_irqsave(&mctz->lock, flags); 510 /* if on-tree, remove it */ 511 if (mz->on_tree) 512 __mem_cgroup_remove_exceeded(mz, mctz); 513 /* 514 * Insert again. mz->usage_in_excess will be updated. 515 * If excess is 0, no tree ops. 516 */ 517 __mem_cgroup_insert_exceeded(mz, mctz, excess); 518 spin_unlock_irqrestore(&mctz->lock, flags); 519 } 520 } 521} 522 523static void mem_cgroup_remove_from_trees(struct mem_cgroup *memcg) 524{ 525 struct mem_cgroup_tree_per_node *mctz; 526 struct mem_cgroup_per_node *mz; 527 int nid; 528 529 for_each_node(nid) { 530 mz = memcg->nodeinfo[nid]; 531 mctz = soft_limit_tree.rb_tree_per_node[nid]; 532 if (mctz) 533 mem_cgroup_remove_exceeded(mz, mctz); 534 } 535} 536 537static struct mem_cgroup_per_node * 538__mem_cgroup_largest_soft_limit_node(struct mem_cgroup_tree_per_node *mctz) 539{ 540 struct mem_cgroup_per_node *mz; 541 542retry: 543 mz = NULL; 544 if (!mctz->rb_rightmost) 545 goto done; /* Nothing to reclaim from */ 546 547 mz = rb_entry(mctz->rb_rightmost, 548 struct mem_cgroup_per_node, tree_node); 549 /* 550 * Remove the node now but someone else can add it back, 551 * we will to add it back at the end of reclaim to its correct 552 * position in the tree. 553 */ 554 __mem_cgroup_remove_exceeded(mz, mctz); 555 if (!soft_limit_excess(mz->memcg) || 556 !css_tryget(&mz->memcg->css)) 557 goto retry; 558done: 559 return mz; 560} 561 562static struct mem_cgroup_per_node * 563mem_cgroup_largest_soft_limit_node(struct mem_cgroup_tree_per_node *mctz) 564{ 565 struct mem_cgroup_per_node *mz; 566 567 spin_lock_irq(&mctz->lock); 568 mz = __mem_cgroup_largest_soft_limit_node(mctz); 569 spin_unlock_irq(&mctz->lock); 570 return mz; 571} 572 573/* 574 * memcg and lruvec stats flushing 575 * 576 * Many codepaths leading to stats update or read are performance sensitive and 577 * adding stats flushing in such codepaths is not desirable. So, to optimize the 578 * flushing the kernel does: 579 * 580 * 1) Periodically and asynchronously flush the stats every 2 seconds to not let 581 * rstat update tree grow unbounded. 582 * 583 * 2) Flush the stats synchronously on reader side only when there are more than 584 * (MEMCG_CHARGE_BATCH * nr_cpus) update events. Though this optimization 585 * will let stats be out of sync by atmost (MEMCG_CHARGE_BATCH * nr_cpus) but 586 * only for 2 seconds due to (1). 587 */ 588static void flush_memcg_stats_dwork(struct work_struct *w); 589static DECLARE_DEFERRABLE_WORK(stats_flush_dwork, flush_memcg_stats_dwork); 590static DEFINE_PER_CPU(unsigned int, stats_updates); 591static atomic_t stats_flush_ongoing = ATOMIC_INIT(0); 592static atomic_t stats_flush_threshold = ATOMIC_INIT(0); 593static u64 flush_next_time; 594 595#define FLUSH_TIME (2UL*HZ) 596 597/* 598 * Accessors to ensure that preemption is disabled on PREEMPT_RT because it can 599 * not rely on this as part of an acquired spinlock_t lock. These functions are 600 * never used in hardirq context on PREEMPT_RT and therefore disabling preemtion 601 * is sufficient. 602 */ 603static void memcg_stats_lock(void) 604{ 605 preempt_disable_nested(); 606 VM_WARN_ON_IRQS_ENABLED(); 607} 608 609static void __memcg_stats_lock(void) 610{ 611 preempt_disable_nested(); 612} 613 614static void memcg_stats_unlock(void) 615{ 616 preempt_enable_nested(); 617} 618 619static inline void memcg_rstat_updated(struct mem_cgroup *memcg, int val) 620{ 621 unsigned int x; 622 623 if (!val) 624 return; 625 626 cgroup_rstat_updated(memcg->css.cgroup, smp_processor_id()); 627 628 x = __this_cpu_add_return(stats_updates, abs(val)); 629 if (x > MEMCG_CHARGE_BATCH) { 630 /* 631 * If stats_flush_threshold exceeds the threshold 632 * (>num_online_cpus()), cgroup stats update will be triggered 633 * in __mem_cgroup_flush_stats(). Increasing this var further 634 * is redundant and simply adds overhead in atomic update. 635 */ 636 if (atomic_read(&stats_flush_threshold) <= num_online_cpus()) 637 atomic_add(x / MEMCG_CHARGE_BATCH, &stats_flush_threshold); 638 __this_cpu_write(stats_updates, 0); 639 } 640} 641 642static void do_flush_stats(void) 643{ 644 /* 645 * We always flush the entire tree, so concurrent flushers can just 646 * skip. This avoids a thundering herd problem on the rstat global lock 647 * from memcg flushers (e.g. reclaim, refault, etc). 648 */ 649 if (atomic_read(&stats_flush_ongoing) || 650 atomic_xchg(&stats_flush_ongoing, 1)) 651 return; 652 653 WRITE_ONCE(flush_next_time, jiffies_64 + 2*FLUSH_TIME); 654 655 cgroup_rstat_flush(root_mem_cgroup->css.cgroup); 656 657 atomic_set(&stats_flush_threshold, 0); 658 atomic_set(&stats_flush_ongoing, 0); 659} 660 661void mem_cgroup_flush_stats(void) 662{ 663 if (atomic_read(&stats_flush_threshold) > num_online_cpus()) 664 do_flush_stats(); 665} 666 667void mem_cgroup_flush_stats_ratelimited(void) 668{ 669 if (time_after64(jiffies_64, READ_ONCE(flush_next_time))) 670 mem_cgroup_flush_stats(); 671} 672 673static void flush_memcg_stats_dwork(struct work_struct *w) 674{ 675 /* 676 * Always flush here so that flushing in latency-sensitive paths is 677 * as cheap as possible. 678 */ 679 do_flush_stats(); 680 queue_delayed_work(system_unbound_wq, &stats_flush_dwork, FLUSH_TIME); 681} 682 683/* Subset of vm_event_item to report for memcg event stats */ 684static const unsigned int memcg_vm_event_stat[] = { 685 PGPGIN, 686 PGPGOUT, 687 PGSCAN_KSWAPD, 688 PGSCAN_DIRECT, 689 PGSCAN_KHUGEPAGED, 690 PGSTEAL_KSWAPD, 691 PGSTEAL_DIRECT, 692 PGSTEAL_KHUGEPAGED, 693 PGFAULT, 694 PGMAJFAULT, 695 PGREFILL, 696 PGACTIVATE, 697 PGDEACTIVATE, 698 PGLAZYFREE, 699 PGLAZYFREED, 700#if defined(CONFIG_MEMCG_KMEM) && defined(CONFIG_ZSWAP) 701 ZSWPIN, 702 ZSWPOUT, 703#endif 704#ifdef CONFIG_TRANSPARENT_HUGEPAGE 705 THP_FAULT_ALLOC, 706 THP_COLLAPSE_ALLOC, 707#endif 708}; 709 710#define NR_MEMCG_EVENTS ARRAY_SIZE(memcg_vm_event_stat) 711static int mem_cgroup_events_index[NR_VM_EVENT_ITEMS] __read_mostly; 712 713static void init_memcg_events(void) 714{ 715 int i; 716 717 for (i = 0; i < NR_MEMCG_EVENTS; ++i) 718 mem_cgroup_events_index[memcg_vm_event_stat[i]] = i + 1; 719} 720 721static inline int memcg_events_index(enum vm_event_item idx) 722{ 723 return mem_cgroup_events_index[idx] - 1; 724} 725 726struct memcg_vmstats_percpu { 727 /* Local (CPU and cgroup) page state & events */ 728 long state[MEMCG_NR_STAT]; 729 unsigned long events[NR_MEMCG_EVENTS]; 730 731 /* Delta calculation for lockless upward propagation */ 732 long state_prev[MEMCG_NR_STAT]; 733 unsigned long events_prev[NR_MEMCG_EVENTS]; 734 735 /* Cgroup1: threshold notifications & softlimit tree updates */ 736 unsigned long nr_page_events; 737 unsigned long targets[MEM_CGROUP_NTARGETS]; 738}; 739 740struct memcg_vmstats { 741 /* Aggregated (CPU and subtree) page state & events */ 742 long state[MEMCG_NR_STAT]; 743 unsigned long events[NR_MEMCG_EVENTS]; 744 745 /* Pending child counts during tree propagation */ 746 long state_pending[MEMCG_NR_STAT]; 747 unsigned long events_pending[NR_MEMCG_EVENTS]; 748}; 749 750unsigned long memcg_page_state(struct mem_cgroup *memcg, int idx) 751{ 752 long x = READ_ONCE(memcg->vmstats->state[idx]); 753#ifdef CONFIG_SMP 754 if (x < 0) 755 x = 0; 756#endif 757 return x; 758} 759 760/** 761 * __mod_memcg_state - update cgroup memory statistics 762 * @memcg: the memory cgroup 763 * @idx: the stat item - can be enum memcg_stat_item or enum node_stat_item 764 * @val: delta to add to the counter, can be negative 765 */ 766void __mod_memcg_state(struct mem_cgroup *memcg, int idx, int val) 767{ 768 if (mem_cgroup_disabled()) 769 return; 770 771 __this_cpu_add(memcg->vmstats_percpu->state[idx], val); 772 memcg_rstat_updated(memcg, val); 773} 774 775/* idx can be of type enum memcg_stat_item or node_stat_item. */ 776static unsigned long memcg_page_state_local(struct mem_cgroup *memcg, int idx) 777{ 778 long x = 0; 779 int cpu; 780 781 for_each_possible_cpu(cpu) 782 x += per_cpu(memcg->vmstats_percpu->state[idx], cpu); 783#ifdef CONFIG_SMP 784 if (x < 0) 785 x = 0; 786#endif 787 return x; 788} 789 790void __mod_memcg_lruvec_state(struct lruvec *lruvec, enum node_stat_item idx, 791 int val) 792{ 793 struct mem_cgroup_per_node *pn; 794 struct mem_cgroup *memcg; 795 796 pn = container_of(lruvec, struct mem_cgroup_per_node, lruvec); 797 memcg = pn->memcg; 798 799 /* 800 * The caller from rmap relay on disabled preemption becase they never 801 * update their counter from in-interrupt context. For these two 802 * counters we check that the update is never performed from an 803 * interrupt context while other caller need to have disabled interrupt. 804 */ 805 __memcg_stats_lock(); 806 if (IS_ENABLED(CONFIG_DEBUG_VM)) { 807 switch (idx) { 808 case NR_ANON_MAPPED: 809 case NR_FILE_MAPPED: 810 case NR_ANON_THPS: 811 case NR_SHMEM_PMDMAPPED: 812 case NR_FILE_PMDMAPPED: 813 WARN_ON_ONCE(!in_task()); 814 break; 815 default: 816 VM_WARN_ON_IRQS_ENABLED(); 817 } 818 } 819 820 /* Update memcg */ 821 __this_cpu_add(memcg->vmstats_percpu->state[idx], val); 822 823 /* Update lruvec */ 824 __this_cpu_add(pn->lruvec_stats_percpu->state[idx], val); 825 826 memcg_rstat_updated(memcg, val); 827 memcg_stats_unlock(); 828} 829 830/** 831 * __mod_lruvec_state - update lruvec memory statistics 832 * @lruvec: the lruvec 833 * @idx: the stat item 834 * @val: delta to add to the counter, can be negative 835 * 836 * The lruvec is the intersection of the NUMA node and a cgroup. This 837 * function updates the all three counters that are affected by a 838 * change of state at this level: per-node, per-cgroup, per-lruvec. 839 */ 840void __mod_lruvec_state(struct lruvec *lruvec, enum node_stat_item idx, 841 int val) 842{ 843 /* Update node */ 844 __mod_node_page_state(lruvec_pgdat(lruvec), idx, val); 845 846 /* Update memcg and lruvec */ 847 if (!mem_cgroup_disabled()) 848 __mod_memcg_lruvec_state(lruvec, idx, val); 849} 850 851void __mod_lruvec_page_state(struct page *page, enum node_stat_item idx, 852 int val) 853{ 854 struct page *head = compound_head(page); /* rmap on tail pages */ 855 struct mem_cgroup *memcg; 856 pg_data_t *pgdat = page_pgdat(page); 857 struct lruvec *lruvec; 858 859 rcu_read_lock(); 860 memcg = page_memcg(head); 861 /* Untracked pages have no memcg, no lruvec. Update only the node */ 862 if (!memcg) { 863 rcu_read_unlock(); 864 __mod_node_page_state(pgdat, idx, val); 865 return; 866 } 867 868 lruvec = mem_cgroup_lruvec(memcg, pgdat); 869 __mod_lruvec_state(lruvec, idx, val); 870 rcu_read_unlock(); 871} 872EXPORT_SYMBOL(__mod_lruvec_page_state); 873 874void __mod_lruvec_kmem_state(void *p, enum node_stat_item idx, int val) 875{ 876 pg_data_t *pgdat = page_pgdat(virt_to_page(p)); 877 struct mem_cgroup *memcg; 878 struct lruvec *lruvec; 879 880 rcu_read_lock(); 881 memcg = mem_cgroup_from_slab_obj(p); 882 883 /* 884 * Untracked pages have no memcg, no lruvec. Update only the 885 * node. If we reparent the slab objects to the root memcg, 886 * when we free the slab object, we need to update the per-memcg 887 * vmstats to keep it correct for the root memcg. 888 */ 889 if (!memcg) { 890 __mod_node_page_state(pgdat, idx, val); 891 } else { 892 lruvec = mem_cgroup_lruvec(memcg, pgdat); 893 __mod_lruvec_state(lruvec, idx, val); 894 } 895 rcu_read_unlock(); 896} 897 898/** 899 * __count_memcg_events - account VM events in a cgroup 900 * @memcg: the memory cgroup 901 * @idx: the event item 902 * @count: the number of events that occurred 903 */ 904void __count_memcg_events(struct mem_cgroup *memcg, enum vm_event_item idx, 905 unsigned long count) 906{ 907 int index = memcg_events_index(idx); 908 909 if (mem_cgroup_disabled() || index < 0) 910 return; 911 912 memcg_stats_lock(); 913 __this_cpu_add(memcg->vmstats_percpu->events[index], count); 914 memcg_rstat_updated(memcg, count); 915 memcg_stats_unlock(); 916} 917 918static unsigned long memcg_events(struct mem_cgroup *memcg, int event) 919{ 920 int index = memcg_events_index(event); 921 922 if (index < 0) 923 return 0; 924 return READ_ONCE(memcg->vmstats->events[index]); 925} 926 927static unsigned long memcg_events_local(struct mem_cgroup *memcg, int event) 928{ 929 long x = 0; 930 int cpu; 931 int index = memcg_events_index(event); 932 933 if (index < 0) 934 return 0; 935 936 for_each_possible_cpu(cpu) 937 x += per_cpu(memcg->vmstats_percpu->events[index], cpu); 938 return x; 939} 940 941static void mem_cgroup_charge_statistics(struct mem_cgroup *memcg, 942 int nr_pages) 943{ 944 /* pagein of a big page is an event. So, ignore page size */ 945 if (nr_pages > 0) 946 __count_memcg_events(memcg, PGPGIN, 1); 947 else { 948 __count_memcg_events(memcg, PGPGOUT, 1); 949 nr_pages = -nr_pages; /* for event */ 950 } 951 952 __this_cpu_add(memcg->vmstats_percpu->nr_page_events, nr_pages); 953} 954 955static bool mem_cgroup_event_ratelimit(struct mem_cgroup *memcg, 956 enum mem_cgroup_events_target target) 957{ 958 unsigned long val, next; 959 960 val = __this_cpu_read(memcg->vmstats_percpu->nr_page_events); 961 next = __this_cpu_read(memcg->vmstats_percpu->targets[target]); 962 /* from time_after() in jiffies.h */ 963 if ((long)(next - val) < 0) { 964 switch (target) { 965 case MEM_CGROUP_TARGET_THRESH: 966 next = val + THRESHOLDS_EVENTS_TARGET; 967 break; 968 case MEM_CGROUP_TARGET_SOFTLIMIT: 969 next = val + SOFTLIMIT_EVENTS_TARGET; 970 break; 971 default: 972 break; 973 } 974 __this_cpu_write(memcg->vmstats_percpu->targets[target], next); 975 return true; 976 } 977 return false; 978} 979 980/* 981 * Check events in order. 982 * 983 */ 984static void memcg_check_events(struct mem_cgroup *memcg, int nid) 985{ 986 if (IS_ENABLED(CONFIG_PREEMPT_RT)) 987 return; 988 989 /* threshold event is triggered in finer grain than soft limit */ 990 if (unlikely(mem_cgroup_event_ratelimit(memcg, 991 MEM_CGROUP_TARGET_THRESH))) { 992 bool do_softlimit; 993 994 do_softlimit = mem_cgroup_event_ratelimit(memcg, 995 MEM_CGROUP_TARGET_SOFTLIMIT); 996 mem_cgroup_threshold(memcg); 997 if (unlikely(do_softlimit)) 998 mem_cgroup_update_tree(memcg, nid); 999 } 1000} 1001 1002struct mem_cgroup *mem_cgroup_from_task(struct task_struct *p) 1003{ 1004 /* 1005 * mm_update_next_owner() may clear mm->owner to NULL 1006 * if it races with swapoff, page migration, etc. 1007 * So this can be called with p == NULL. 1008 */ 1009 if (unlikely(!p)) 1010 return NULL; 1011 1012 return mem_cgroup_from_css(task_css(p, memory_cgrp_id)); 1013} 1014EXPORT_SYMBOL(mem_cgroup_from_task); 1015 1016static __always_inline struct mem_cgroup *active_memcg(void) 1017{ 1018 if (!in_task()) 1019 return this_cpu_read(int_active_memcg); 1020 else 1021 return current->active_memcg; 1022} 1023 1024/** 1025 * get_mem_cgroup_from_mm: Obtain a reference on given mm_struct's memcg. 1026 * @mm: mm from which memcg should be extracted. It can be NULL. 1027 * 1028 * Obtain a reference on mm->memcg and returns it if successful. If mm 1029 * is NULL, then the memcg is chosen as follows: 1030 * 1) The active memcg, if set. 1031 * 2) current->mm->memcg, if available 1032 * 3) root memcg 1033 * If mem_cgroup is disabled, NULL is returned. 1034 */ 1035struct mem_cgroup *get_mem_cgroup_from_mm(struct mm_struct *mm) 1036{ 1037 struct mem_cgroup *memcg; 1038 1039 if (mem_cgroup_disabled()) 1040 return NULL; 1041 1042 /* 1043 * Page cache insertions can happen without an 1044 * actual mm context, e.g. during disk probing 1045 * on boot, loopback IO, acct() writes etc. 1046 * 1047 * No need to css_get on root memcg as the reference 1048 * counting is disabled on the root level in the 1049 * cgroup core. See CSS_NO_REF. 1050 */ 1051 if (unlikely(!mm)) { 1052 memcg = active_memcg(); 1053 if (unlikely(memcg)) { 1054 /* remote memcg must hold a ref */ 1055 css_get(&memcg->css); 1056 return memcg; 1057 } 1058 mm = current->mm; 1059 if (unlikely(!mm)) 1060 return root_mem_cgroup; 1061 } 1062 1063 rcu_read_lock(); 1064 do { 1065 memcg = mem_cgroup_from_task(rcu_dereference(mm->owner)); 1066 if (unlikely(!memcg)) 1067 memcg = root_mem_cgroup; 1068 } while (!css_tryget(&memcg->css)); 1069 rcu_read_unlock(); 1070 return memcg; 1071} 1072EXPORT_SYMBOL(get_mem_cgroup_from_mm); 1073 1074static __always_inline bool memcg_kmem_bypass(void) 1075{ 1076 /* Allow remote memcg charging from any context. */ 1077 if (unlikely(active_memcg())) 1078 return false; 1079 1080 /* Memcg to charge can't be determined. */ 1081 if (!in_task() || !current->mm || (current->flags & PF_KTHREAD)) 1082 return true; 1083 1084 return false; 1085} 1086 1087/** 1088 * mem_cgroup_iter - iterate over memory cgroup hierarchy 1089 * @root: hierarchy root 1090 * @prev: previously returned memcg, NULL on first invocation 1091 * @reclaim: cookie for shared reclaim walks, NULL for full walks 1092 * 1093 * Returns references to children of the hierarchy below @root, or 1094 * @root itself, or %NULL after a full round-trip. 1095 * 1096 * Caller must pass the return value in @prev on subsequent 1097 * invocations for reference counting, or use mem_cgroup_iter_break() 1098 * to cancel a hierarchy walk before the round-trip is complete. 1099 * 1100 * Reclaimers can specify a node in @reclaim to divide up the memcgs 1101 * in the hierarchy among all concurrent reclaimers operating on the 1102 * same node. 1103 */ 1104struct mem_cgroup *mem_cgroup_iter(struct mem_cgroup *root, 1105 struct mem_cgroup *prev, 1106 struct mem_cgroup_reclaim_cookie *reclaim) 1107{ 1108 struct mem_cgroup_reclaim_iter *iter; 1109 struct cgroup_subsys_state *css = NULL; 1110 struct mem_cgroup *memcg = NULL; 1111 struct mem_cgroup *pos = NULL; 1112 1113 if (mem_cgroup_disabled()) 1114 return NULL; 1115 1116 if (!root) 1117 root = root_mem_cgroup; 1118 1119 rcu_read_lock(); 1120 1121 if (reclaim) { 1122 struct mem_cgroup_per_node *mz; 1123 1124 mz = root->nodeinfo[reclaim->pgdat->node_id]; 1125 iter = &mz->iter; 1126 1127 /* 1128 * On start, join the current reclaim iteration cycle. 1129 * Exit when a concurrent walker completes it. 1130 */ 1131 if (!prev) 1132 reclaim->generation = iter->generation; 1133 else if (reclaim->generation != iter->generation) 1134 goto out_unlock; 1135 1136 while (1) { 1137 pos = READ_ONCE(iter->position); 1138 if (!pos || css_tryget(&pos->css)) 1139 break; 1140 /* 1141 * css reference reached zero, so iter->position will 1142 * be cleared by ->css_released. However, we should not 1143 * rely on this happening soon, because ->css_released 1144 * is called from a work queue, and by busy-waiting we 1145 * might block it. So we clear iter->position right 1146 * away. 1147 */ 1148 (void)cmpxchg(&iter->position, pos, NULL); 1149 } 1150 } else if (prev) { 1151 pos = prev; 1152 } 1153 1154 if (pos) 1155 css = &pos->css; 1156 1157 for (;;) { 1158 css = css_next_descendant_pre(css, &root->css); 1159 if (!css) { 1160 /* 1161 * Reclaimers share the hierarchy walk, and a 1162 * new one might jump in right at the end of 1163 * the hierarchy - make sure they see at least 1164 * one group and restart from the beginning. 1165 */ 1166 if (!prev) 1167 continue; 1168 break; 1169 } 1170 1171 /* 1172 * Verify the css and acquire a reference. The root 1173 * is provided by the caller, so we know it's alive 1174 * and kicking, and don't take an extra reference. 1175 */ 1176 if (css == &root->css || css_tryget(css)) { 1177 memcg = mem_cgroup_from_css(css); 1178 break; 1179 } 1180 } 1181 1182 if (reclaim) { 1183 /* 1184 * The position could have already been updated by a competing 1185 * thread, so check that the value hasn't changed since we read 1186 * it to avoid reclaiming from the same cgroup twice. 1187 */ 1188 (void)cmpxchg(&iter->position, pos, memcg); 1189 1190 if (pos) 1191 css_put(&pos->css); 1192 1193 if (!memcg) 1194 iter->generation++; 1195 } 1196 1197out_unlock: 1198 rcu_read_unlock(); 1199 if (prev && prev != root) 1200 css_put(&prev->css); 1201 1202 return memcg; 1203} 1204 1205/** 1206 * mem_cgroup_iter_break - abort a hierarchy walk prematurely 1207 * @root: hierarchy root 1208 * @prev: last visited hierarchy member as returned by mem_cgroup_iter() 1209 */ 1210void mem_cgroup_iter_break(struct mem_cgroup *root, 1211 struct mem_cgroup *prev) 1212{ 1213 if (!root) 1214 root = root_mem_cgroup; 1215 if (prev && prev != root) 1216 css_put(&prev->css); 1217} 1218 1219static void __invalidate_reclaim_iterators(struct mem_cgroup *from, 1220 struct mem_cgroup *dead_memcg) 1221{ 1222 struct mem_cgroup_reclaim_iter *iter; 1223 struct mem_cgroup_per_node *mz; 1224 int nid; 1225 1226 for_each_node(nid) { 1227 mz = from->nodeinfo[nid]; 1228 iter = &mz->iter; 1229 cmpxchg(&iter->position, dead_memcg, NULL); 1230 } 1231} 1232 1233static void invalidate_reclaim_iterators(struct mem_cgroup *dead_memcg) 1234{ 1235 struct mem_cgroup *memcg = dead_memcg; 1236 struct mem_cgroup *last; 1237 1238 do { 1239 __invalidate_reclaim_iterators(memcg, dead_memcg); 1240 last = memcg; 1241 } while ((memcg = parent_mem_cgroup(memcg))); 1242 1243 /* 1244 * When cgroup1 non-hierarchy mode is used, 1245 * parent_mem_cgroup() does not walk all the way up to the 1246 * cgroup root (root_mem_cgroup). So we have to handle 1247 * dead_memcg from cgroup root separately. 1248 */ 1249 if (!mem_cgroup_is_root(last)) 1250 __invalidate_reclaim_iterators(root_mem_cgroup, 1251 dead_memcg); 1252} 1253 1254/** 1255 * mem_cgroup_scan_tasks - iterate over tasks of a memory cgroup hierarchy 1256 * @memcg: hierarchy root 1257 * @fn: function to call for each task 1258 * @arg: argument passed to @fn 1259 * 1260 * This function iterates over tasks attached to @memcg or to any of its 1261 * descendants and calls @fn for each task. If @fn returns a non-zero 1262 * value, the function breaks the iteration loop. Otherwise, it will iterate 1263 * over all tasks and return 0. 1264 * 1265 * This function must not be called for the root memory cgroup. 1266 */ 1267void mem_cgroup_scan_tasks(struct mem_cgroup *memcg, 1268 int (*fn)(struct task_struct *, void *), void *arg) 1269{ 1270 struct mem_cgroup *iter; 1271 int ret = 0; 1272 1273 BUG_ON(mem_cgroup_is_root(memcg)); 1274 1275 for_each_mem_cgroup_tree(iter, memcg) { 1276 struct css_task_iter it; 1277 struct task_struct *task; 1278 1279 css_task_iter_start(&iter->css, CSS_TASK_ITER_PROCS, &it); 1280 while (!ret && (task = css_task_iter_next(&it))) 1281 ret = fn(task, arg); 1282 css_task_iter_end(&it); 1283 if (ret) { 1284 mem_cgroup_iter_break(memcg, iter); 1285 break; 1286 } 1287 } 1288} 1289 1290#ifdef CONFIG_DEBUG_VM 1291void lruvec_memcg_debug(struct lruvec *lruvec, struct folio *folio) 1292{ 1293 struct mem_cgroup *memcg; 1294 1295 if (mem_cgroup_disabled()) 1296 return; 1297 1298 memcg = folio_memcg(folio); 1299 1300 if (!memcg) 1301 VM_BUG_ON_FOLIO(!mem_cgroup_is_root(lruvec_memcg(lruvec)), folio); 1302 else 1303 VM_BUG_ON_FOLIO(lruvec_memcg(lruvec) != memcg, folio); 1304} 1305#endif 1306 1307/** 1308 * folio_lruvec_lock - Lock the lruvec for a folio. 1309 * @folio: Pointer to the folio. 1310 * 1311 * These functions are safe to use under any of the following conditions: 1312 * - folio locked 1313 * - folio_test_lru false 1314 * - folio_memcg_lock() 1315 * - folio frozen (refcount of 0) 1316 * 1317 * Return: The lruvec this folio is on with its lock held. 1318 */ 1319struct lruvec *folio_lruvec_lock(struct folio *folio) 1320{ 1321 struct lruvec *lruvec = folio_lruvec(folio); 1322 1323 spin_lock(&lruvec->lru_lock); 1324 lruvec_memcg_debug(lruvec, folio); 1325 1326 return lruvec; 1327} 1328 1329/** 1330 * folio_lruvec_lock_irq - Lock the lruvec for a folio. 1331 * @folio: Pointer to the folio. 1332 * 1333 * These functions are safe to use under any of the following conditions: 1334 * - folio locked 1335 * - folio_test_lru false 1336 * - folio_memcg_lock() 1337 * - folio frozen (refcount of 0) 1338 * 1339 * Return: The lruvec this folio is on with its lock held and interrupts 1340 * disabled. 1341 */ 1342struct lruvec *folio_lruvec_lock_irq(struct folio *folio) 1343{ 1344 struct lruvec *lruvec = folio_lruvec(folio); 1345 1346 spin_lock_irq(&lruvec->lru_lock); 1347 lruvec_memcg_debug(lruvec, folio); 1348 1349 return lruvec; 1350} 1351 1352/** 1353 * folio_lruvec_lock_irqsave - Lock the lruvec for a folio. 1354 * @folio: Pointer to the folio. 1355 * @flags: Pointer to irqsave flags. 1356 * 1357 * These functions are safe to use under any of the following conditions: 1358 * - folio locked 1359 * - folio_test_lru false 1360 * - folio_memcg_lock() 1361 * - folio frozen (refcount of 0) 1362 * 1363 * Return: The lruvec this folio is on with its lock held and interrupts 1364 * disabled. 1365 */ 1366struct lruvec *folio_lruvec_lock_irqsave(struct folio *folio, 1367 unsigned long *flags) 1368{ 1369 struct lruvec *lruvec = folio_lruvec(folio); 1370 1371 spin_lock_irqsave(&lruvec->lru_lock, *flags); 1372 lruvec_memcg_debug(lruvec, folio); 1373 1374 return lruvec; 1375} 1376 1377/** 1378 * mem_cgroup_update_lru_size - account for adding or removing an lru page 1379 * @lruvec: mem_cgroup per zone lru vector 1380 * @lru: index of lru list the page is sitting on 1381 * @zid: zone id of the accounted pages 1382 * @nr_pages: positive when adding or negative when removing 1383 * 1384 * This function must be called under lru_lock, just before a page is added 1385 * to or just after a page is removed from an lru list. 1386 */ 1387void mem_cgroup_update_lru_size(struct lruvec *lruvec, enum lru_list lru, 1388 int zid, int nr_pages) 1389{ 1390 struct mem_cgroup_per_node *mz; 1391 unsigned long *lru_size; 1392 long size; 1393 1394 if (mem_cgroup_disabled()) 1395 return; 1396 1397 mz = container_of(lruvec, struct mem_cgroup_per_node, lruvec); 1398 lru_size = &mz->lru_zone_size[zid][lru]; 1399 1400 if (nr_pages < 0) 1401 *lru_size += nr_pages; 1402 1403 size = *lru_size; 1404 if (WARN_ONCE(size < 0, 1405 "%s(%p, %d, %d): lru_size %ld\n", 1406 __func__, lruvec, lru, nr_pages, size)) { 1407 VM_BUG_ON(1); 1408 *lru_size = 0; 1409 } 1410 1411 if (nr_pages > 0) 1412 *lru_size += nr_pages; 1413} 1414 1415/** 1416 * mem_cgroup_margin - calculate chargeable space of a memory cgroup 1417 * @memcg: the memory cgroup 1418 * 1419 * Returns the maximum amount of memory @mem can be charged with, in 1420 * pages. 1421 */ 1422static unsigned long mem_cgroup_margin(struct mem_cgroup *memcg) 1423{ 1424 unsigned long margin = 0; 1425 unsigned long count; 1426 unsigned long limit; 1427 1428 count = page_counter_read(&memcg->memory); 1429 limit = READ_ONCE(memcg->memory.max); 1430 if (count < limit) 1431 margin = limit - count; 1432 1433 if (do_memsw_account()) { 1434 count = page_counter_read(&memcg->memsw); 1435 limit = READ_ONCE(memcg->memsw.max); 1436 if (count < limit) 1437 margin = min(margin, limit - count); 1438 else 1439 margin = 0; 1440 } 1441 1442 return margin; 1443} 1444 1445/* 1446 * A routine for checking "mem" is under move_account() or not. 1447 * 1448 * Checking a cgroup is mc.from or mc.to or under hierarchy of 1449 * moving cgroups. This is for waiting at high-memory pressure 1450 * caused by "move". 1451 */ 1452static bool mem_cgroup_under_move(struct mem_cgroup *memcg) 1453{ 1454 struct mem_cgroup *from; 1455 struct mem_cgroup *to; 1456 bool ret = false; 1457 /* 1458 * Unlike task_move routines, we access mc.to, mc.from not under 1459 * mutual exclusion by cgroup_mutex. Here, we take spinlock instead. 1460 */ 1461 spin_lock(&mc.lock); 1462 from = mc.from; 1463 to = mc.to; 1464 if (!from) 1465 goto unlock; 1466 1467 ret = mem_cgroup_is_descendant(from, memcg) || 1468 mem_cgroup_is_descendant(to, memcg); 1469unlock: 1470 spin_unlock(&mc.lock); 1471 return ret; 1472} 1473 1474static bool mem_cgroup_wait_acct_move(struct mem_cgroup *memcg) 1475{ 1476 if (mc.moving_task && current != mc.moving_task) { 1477 if (mem_cgroup_under_move(memcg)) { 1478 DEFINE_WAIT(wait); 1479 prepare_to_wait(&mc.waitq, &wait, TASK_INTERRUPTIBLE); 1480 /* moving charge context might have finished. */ 1481 if (mc.moving_task) 1482 schedule(); 1483 finish_wait(&mc.waitq, &wait); 1484 return true; 1485 } 1486 } 1487 return false; 1488} 1489 1490struct memory_stat { 1491 const char *name; 1492 unsigned int idx; 1493}; 1494 1495static const struct memory_stat memory_stats[] = { 1496 { "anon", NR_ANON_MAPPED }, 1497 { "file", NR_FILE_PAGES }, 1498 { "kernel", MEMCG_KMEM }, 1499 { "kernel_stack", NR_KERNEL_STACK_KB }, 1500 { "pagetables", NR_PAGETABLE }, 1501 { "sec_pagetables", NR_SECONDARY_PAGETABLE }, 1502 { "percpu", MEMCG_PERCPU_B }, 1503 { "sock", MEMCG_SOCK }, 1504 { "vmalloc", MEMCG_VMALLOC }, 1505 { "shmem", NR_SHMEM }, 1506#if defined(CONFIG_MEMCG_KMEM) && defined(CONFIG_ZSWAP) 1507 { "zswap", MEMCG_ZSWAP_B }, 1508 { "zswapped", MEMCG_ZSWAPPED }, 1509#endif 1510 { "file_mapped", NR_FILE_MAPPED }, 1511 { "file_dirty", NR_FILE_DIRTY }, 1512 { "file_writeback", NR_WRITEBACK }, 1513#ifdef CONFIG_SWAP 1514 { "swapcached", NR_SWAPCACHE }, 1515#endif 1516#ifdef CONFIG_TRANSPARENT_HUGEPAGE 1517 { "anon_thp", NR_ANON_THPS }, 1518 { "file_thp", NR_FILE_THPS }, 1519 { "shmem_thp", NR_SHMEM_THPS }, 1520#endif 1521 { "inactive_anon", NR_INACTIVE_ANON }, 1522 { "active_anon", NR_ACTIVE_ANON }, 1523 { "inactive_file", NR_INACTIVE_FILE }, 1524 { "active_file", NR_ACTIVE_FILE }, 1525 { "unevictable", NR_UNEVICTABLE }, 1526 { "slab_reclaimable", NR_SLAB_RECLAIMABLE_B }, 1527 { "slab_unreclaimable", NR_SLAB_UNRECLAIMABLE_B }, 1528 1529 /* The memory events */ 1530 { "workingset_refault_anon", WORKINGSET_REFAULT_ANON }, 1531 { "workingset_refault_file", WORKINGSET_REFAULT_FILE }, 1532 { "workingset_activate_anon", WORKINGSET_ACTIVATE_ANON }, 1533 { "workingset_activate_file", WORKINGSET_ACTIVATE_FILE }, 1534 { "workingset_restore_anon", WORKINGSET_RESTORE_ANON }, 1535 { "workingset_restore_file", WORKINGSET_RESTORE_FILE }, 1536 { "workingset_nodereclaim", WORKINGSET_NODERECLAIM }, 1537}; 1538 1539/* Translate stat items to the correct unit for memory.stat output */ 1540static int memcg_page_state_unit(int item) 1541{ 1542 switch (item) { 1543 case MEMCG_PERCPU_B: 1544 case MEMCG_ZSWAP_B: 1545 case NR_SLAB_RECLAIMABLE_B: 1546 case NR_SLAB_UNRECLAIMABLE_B: 1547 case WORKINGSET_REFAULT_ANON: 1548 case WORKINGSET_REFAULT_FILE: 1549 case WORKINGSET_ACTIVATE_ANON: 1550 case WORKINGSET_ACTIVATE_FILE: 1551 case WORKINGSET_RESTORE_ANON: 1552 case WORKINGSET_RESTORE_FILE: 1553 case WORKINGSET_NODERECLAIM: 1554 return 1; 1555 case NR_KERNEL_STACK_KB: 1556 return SZ_1K; 1557 default: 1558 return PAGE_SIZE; 1559 } 1560} 1561 1562static inline unsigned long memcg_page_state_output(struct mem_cgroup *memcg, 1563 int item) 1564{ 1565 return memcg_page_state(memcg, item) * memcg_page_state_unit(item); 1566} 1567 1568static void memcg_stat_format(struct mem_cgroup *memcg, struct seq_buf *s) 1569{ 1570 int i; 1571 1572 /* 1573 * Provide statistics on the state of the memory subsystem as 1574 * well as cumulative event counters that show past behavior. 1575 * 1576 * This list is ordered following a combination of these gradients: 1577 * 1) generic big picture -> specifics and details 1578 * 2) reflecting userspace activity -> reflecting kernel heuristics 1579 * 1580 * Current memory state: 1581 */ 1582 mem_cgroup_flush_stats(); 1583 1584 for (i = 0; i < ARRAY_SIZE(memory_stats); i++) { 1585 u64 size; 1586 1587 size = memcg_page_state_output(memcg, memory_stats[i].idx); 1588 seq_buf_printf(s, "%s %llu\n", memory_stats[i].name, size); 1589 1590 if (unlikely(memory_stats[i].idx == NR_SLAB_UNRECLAIMABLE_B)) { 1591 size += memcg_page_state_output(memcg, 1592 NR_SLAB_RECLAIMABLE_B); 1593 seq_buf_printf(s, "slab %llu\n", size); 1594 } 1595 } 1596 1597 /* Accumulated memory events */ 1598 seq_buf_printf(s, "pgscan %lu\n", 1599 memcg_events(memcg, PGSCAN_KSWAPD) + 1600 memcg_events(memcg, PGSCAN_DIRECT) + 1601 memcg_events(memcg, PGSCAN_KHUGEPAGED)); 1602 seq_buf_printf(s, "pgsteal %lu\n", 1603 memcg_events(memcg, PGSTEAL_KSWAPD) + 1604 memcg_events(memcg, PGSTEAL_DIRECT) + 1605 memcg_events(memcg, PGSTEAL_KHUGEPAGED)); 1606 1607 for (i = 0; i < ARRAY_SIZE(memcg_vm_event_stat); i++) { 1608 if (memcg_vm_event_stat[i] == PGPGIN || 1609 memcg_vm_event_stat[i] == PGPGOUT) 1610 continue; 1611 1612 seq_buf_printf(s, "%s %lu\n", 1613 vm_event_name(memcg_vm_event_stat[i]), 1614 memcg_events(memcg, memcg_vm_event_stat[i])); 1615 } 1616 1617 /* The above should easily fit into one page */ 1618 WARN_ON_ONCE(seq_buf_has_overflowed(s)); 1619} 1620 1621static void memcg1_stat_format(struct mem_cgroup *memcg, struct seq_buf *s); 1622 1623static void memory_stat_format(struct mem_cgroup *memcg, struct seq_buf *s) 1624{ 1625 if (cgroup_subsys_on_dfl(memory_cgrp_subsys)) 1626 memcg_stat_format(memcg, s); 1627 else 1628 memcg1_stat_format(memcg, s); 1629 WARN_ON_ONCE(seq_buf_has_overflowed(s)); 1630} 1631 1632#define K(x) ((x) << (PAGE_SHIFT-10)) 1633/** 1634 * mem_cgroup_print_oom_context: Print OOM information relevant to 1635 * memory controller. 1636 * @memcg: The memory cgroup that went over limit 1637 * @p: Task that is going to be killed 1638 * 1639 * NOTE: @memcg and @p's mem_cgroup can be different when hierarchy is 1640 * enabled 1641 */ 1642void mem_cgroup_print_oom_context(struct mem_cgroup *memcg, struct task_struct *p) 1643{ 1644 rcu_read_lock(); 1645 1646 if (memcg) { 1647 pr_cont(",oom_memcg="); 1648 pr_cont_cgroup_path(memcg->css.cgroup); 1649 } else 1650 pr_cont(",global_oom"); 1651 if (p) { 1652 pr_cont(",task_memcg="); 1653 pr_cont_cgroup_path(task_cgroup(p, memory_cgrp_id)); 1654 } 1655 rcu_read_unlock(); 1656} 1657 1658/** 1659 * mem_cgroup_print_oom_meminfo: Print OOM memory information relevant to 1660 * memory controller. 1661 * @memcg: The memory cgroup that went over limit 1662 */ 1663void mem_cgroup_print_oom_meminfo(struct mem_cgroup *memcg) 1664{ 1665 /* Use static buffer, for the caller is holding oom_lock. */ 1666 static char buf[PAGE_SIZE]; 1667 struct seq_buf s; 1668 1669 lockdep_assert_held(&oom_lock); 1670 1671 pr_info("memory: usage %llukB, limit %llukB, failcnt %lu\n", 1672 K((u64)page_counter_read(&memcg->memory)), 1673 K((u64)READ_ONCE(memcg->memory.max)), memcg->memory.failcnt); 1674 if (cgroup_subsys_on_dfl(memory_cgrp_subsys)) 1675 pr_info("swap: usage %llukB, limit %llukB, failcnt %lu\n", 1676 K((u64)page_counter_read(&memcg->swap)), 1677 K((u64)READ_ONCE(memcg->swap.max)), memcg->swap.failcnt); 1678 else { 1679 pr_info("memory+swap: usage %llukB, limit %llukB, failcnt %lu\n", 1680 K((u64)page_counter_read(&memcg->memsw)), 1681 K((u64)memcg->memsw.max), memcg->memsw.failcnt); 1682 pr_info("kmem: usage %llukB, limit %llukB, failcnt %lu\n", 1683 K((u64)page_counter_read(&memcg->kmem)), 1684 K((u64)memcg->kmem.max), memcg->kmem.failcnt); 1685 } 1686 1687 pr_info("Memory cgroup stats for "); 1688 pr_cont_cgroup_path(memcg->css.cgroup); 1689 pr_cont(":"); 1690 seq_buf_init(&s, buf, sizeof(buf)); 1691 memory_stat_format(memcg, &s); 1692 seq_buf_do_printk(&s, KERN_INFO); 1693} 1694 1695/* 1696 * Return the memory (and swap, if configured) limit for a memcg. 1697 */ 1698unsigned long mem_cgroup_get_max(struct mem_cgroup *memcg) 1699{ 1700 unsigned long max = READ_ONCE(memcg->memory.max); 1701 1702 if (do_memsw_account()) { 1703 if (mem_cgroup_swappiness(memcg)) { 1704 /* Calculate swap excess capacity from memsw limit */ 1705 unsigned long swap = READ_ONCE(memcg->memsw.max) - max; 1706 1707 max += min(swap, (unsigned long)total_swap_pages); 1708 } 1709 } else { 1710 if (mem_cgroup_swappiness(memcg)) 1711 max += min(READ_ONCE(memcg->swap.max), 1712 (unsigned long)total_swap_pages); 1713 } 1714 return max; 1715} 1716 1717unsigned long mem_cgroup_size(struct mem_cgroup *memcg) 1718{ 1719 return page_counter_read(&memcg->memory); 1720} 1721 1722static bool mem_cgroup_out_of_memory(struct mem_cgroup *memcg, gfp_t gfp_mask, 1723 int order) 1724{ 1725 struct oom_control oc = { 1726 .zonelist = NULL, 1727 .nodemask = NULL, 1728 .memcg = memcg, 1729 .gfp_mask = gfp_mask, 1730 .order = order, 1731 }; 1732 bool ret = true; 1733 1734 if (mutex_lock_killable(&oom_lock)) 1735 return true; 1736 1737 if (mem_cgroup_margin(memcg) >= (1 << order)) 1738 goto unlock; 1739 1740 /* 1741 * A few threads which were not waiting at mutex_lock_killable() can 1742 * fail to bail out. Therefore, check again after holding oom_lock. 1743 */ 1744 ret = task_is_dying() || out_of_memory(&oc); 1745 1746unlock: 1747 mutex_unlock(&oom_lock); 1748 return ret; 1749} 1750 1751static int mem_cgroup_soft_reclaim(struct mem_cgroup *root_memcg, 1752 pg_data_t *pgdat, 1753 gfp_t gfp_mask, 1754 unsigned long *total_scanned) 1755{ 1756 struct mem_cgroup *victim = NULL; 1757 int total = 0; 1758 int loop = 0; 1759 unsigned long excess; 1760 unsigned long nr_scanned; 1761 struct mem_cgroup_reclaim_cookie reclaim = { 1762 .pgdat = pgdat, 1763 }; 1764 1765 excess = soft_limit_excess(root_memcg); 1766 1767 while (1) { 1768 victim = mem_cgroup_iter(root_memcg, victim, &reclaim); 1769 if (!victim) { 1770 loop++; 1771 if (loop >= 2) { 1772 /* 1773 * If we have not been able to reclaim 1774 * anything, it might because there are 1775 * no reclaimable pages under this hierarchy 1776 */ 1777 if (!total) 1778 break; 1779 /* 1780 * We want to do more targeted reclaim. 1781 * excess >> 2 is not to excessive so as to 1782 * reclaim too much, nor too less that we keep 1783 * coming back to reclaim from this cgroup 1784 */ 1785 if (total >= (excess >> 2) || 1786 (loop > MEM_CGROUP_MAX_RECLAIM_LOOPS)) 1787 break; 1788 } 1789 continue; 1790 } 1791 total += mem_cgroup_shrink_node(victim, gfp_mask, false, 1792 pgdat, &nr_scanned); 1793 *total_scanned += nr_scanned; 1794 if (!soft_limit_excess(root_memcg)) 1795 break; 1796 } 1797 mem_cgroup_iter_break(root_memcg, victim); 1798 return total; 1799} 1800 1801#ifdef CONFIG_LOCKDEP 1802static struct lockdep_map memcg_oom_lock_dep_map = { 1803 .name = "memcg_oom_lock", 1804}; 1805#endif 1806 1807static DEFINE_SPINLOCK(memcg_oom_lock); 1808 1809/* 1810 * Check OOM-Killer is already running under our hierarchy. 1811 * If someone is running, return false. 1812 */ 1813static bool mem_cgroup_oom_trylock(struct mem_cgroup *memcg) 1814{ 1815 struct mem_cgroup *iter, *failed = NULL; 1816 1817 spin_lock(&memcg_oom_lock); 1818 1819 for_each_mem_cgroup_tree(iter, memcg) { 1820 if (iter->oom_lock) { 1821 /* 1822 * this subtree of our hierarchy is already locked 1823 * so we cannot give a lock. 1824 */ 1825 failed = iter; 1826 mem_cgroup_iter_break(memcg, iter); 1827 break; 1828 } else 1829 iter->oom_lock = true; 1830 } 1831 1832 if (failed) { 1833 /* 1834 * OK, we failed to lock the whole subtree so we have 1835 * to clean up what we set up to the failing subtree 1836 */ 1837 for_each_mem_cgroup_tree(iter, memcg) { 1838 if (iter == failed) { 1839 mem_cgroup_iter_break(memcg, iter); 1840 break; 1841 } 1842 iter->oom_lock = false; 1843 } 1844 } else 1845 mutex_acquire(&memcg_oom_lock_dep_map, 0, 1, _RET_IP_); 1846 1847 spin_unlock(&memcg_oom_lock); 1848 1849 return !failed; 1850} 1851 1852static void mem_cgroup_oom_unlock(struct mem_cgroup *memcg) 1853{ 1854 struct mem_cgroup *iter; 1855 1856 spin_lock(&memcg_oom_lock); 1857 mutex_release(&memcg_oom_lock_dep_map, _RET_IP_); 1858 for_each_mem_cgroup_tree(iter, memcg) 1859 iter->oom_lock = false; 1860 spin_unlock(&memcg_oom_lock); 1861} 1862 1863static void mem_cgroup_mark_under_oom(struct mem_cgroup *memcg) 1864{ 1865 struct mem_cgroup *iter; 1866 1867 spin_lock(&memcg_oom_lock); 1868 for_each_mem_cgroup_tree(iter, memcg) 1869 iter->under_oom++; 1870 spin_unlock(&memcg_oom_lock); 1871} 1872 1873static void mem_cgroup_unmark_under_oom(struct mem_cgroup *memcg) 1874{ 1875 struct mem_cgroup *iter; 1876 1877 /* 1878 * Be careful about under_oom underflows because a child memcg 1879 * could have been added after mem_cgroup_mark_under_oom. 1880 */ 1881 spin_lock(&memcg_oom_lock); 1882 for_each_mem_cgroup_tree(iter, memcg) 1883 if (iter->under_oom > 0) 1884 iter->under_oom--; 1885 spin_unlock(&memcg_oom_lock); 1886} 1887 1888static DECLARE_WAIT_QUEUE_HEAD(memcg_oom_waitq); 1889 1890struct oom_wait_info { 1891 struct mem_cgroup *memcg; 1892 wait_queue_entry_t wait; 1893}; 1894 1895static int memcg_oom_wake_function(wait_queue_entry_t *wait, 1896 unsigned mode, int sync, void *arg) 1897{ 1898 struct mem_cgroup *wake_memcg = (struct mem_cgroup *)arg; 1899 struct mem_cgroup *oom_wait_memcg; 1900 struct oom_wait_info *oom_wait_info; 1901 1902 oom_wait_info = container_of(wait, struct oom_wait_info, wait); 1903 oom_wait_memcg = oom_wait_info->memcg; 1904 1905 if (!mem_cgroup_is_descendant(wake_memcg, oom_wait_memcg) && 1906 !mem_cgroup_is_descendant(oom_wait_memcg, wake_memcg)) 1907 return 0; 1908 return autoremove_wake_function(wait, mode, sync, arg); 1909} 1910 1911static void memcg_oom_recover(struct mem_cgroup *memcg) 1912{ 1913 /* 1914 * For the following lockless ->under_oom test, the only required 1915 * guarantee is that it must see the state asserted by an OOM when 1916 * this function is called as a result of userland actions 1917 * triggered by the notification of the OOM. This is trivially 1918 * achieved by invoking mem_cgroup_mark_under_oom() before 1919 * triggering notification. 1920 */ 1921 if (memcg && memcg->under_oom) 1922 __wake_up(&memcg_oom_waitq, TASK_NORMAL, 0, memcg); 1923} 1924 1925/* 1926 * Returns true if successfully killed one or more processes. Though in some 1927 * corner cases it can return true even without killing any process. 1928 */ 1929static bool mem_cgroup_oom(struct mem_cgroup *memcg, gfp_t mask, int order) 1930{ 1931 bool locked, ret; 1932 1933 if (order > PAGE_ALLOC_COSTLY_ORDER) 1934 return false; 1935 1936 memcg_memory_event(memcg, MEMCG_OOM); 1937 1938 /* 1939 * We are in the middle of the charge context here, so we 1940 * don't want to block when potentially sitting on a callstack 1941 * that holds all kinds of filesystem and mm locks. 1942 * 1943 * cgroup1 allows disabling the OOM killer and waiting for outside 1944 * handling until the charge can succeed; remember the context and put 1945 * the task to sleep at the end of the page fault when all locks are 1946 * released. 1947 * 1948 * On the other hand, in-kernel OOM killer allows for an async victim 1949 * memory reclaim (oom_reaper) and that means that we are not solely 1950 * relying on the oom victim to make a forward progress and we can 1951 * invoke the oom killer here. 1952 * 1953 * Please note that mem_cgroup_out_of_memory might fail to find a 1954 * victim and then we have to bail out from the charge path. 1955 */ 1956 if (READ_ONCE(memcg->oom_kill_disable)) { 1957 if (current->in_user_fault) { 1958 css_get(&memcg->css); 1959 current->memcg_in_oom = memcg; 1960 current->memcg_oom_gfp_mask = mask; 1961 current->memcg_oom_order = order; 1962 } 1963 return false; 1964 } 1965 1966 mem_cgroup_mark_under_oom(memcg); 1967 1968 locked = mem_cgroup_oom_trylock(memcg); 1969 1970 if (locked) 1971 mem_cgroup_oom_notify(memcg); 1972 1973 mem_cgroup_unmark_under_oom(memcg); 1974 ret = mem_cgroup_out_of_memory(memcg, mask, order); 1975 1976 if (locked) 1977 mem_cgroup_oom_unlock(memcg); 1978 1979 return ret; 1980} 1981 1982/** 1983 * mem_cgroup_oom_synchronize - complete memcg OOM handling 1984 * @handle: actually kill/wait or just clean up the OOM state 1985 * 1986 * This has to be called at the end of a page fault if the memcg OOM 1987 * handler was enabled. 1988 * 1989 * Memcg supports userspace OOM handling where failed allocations must 1990 * sleep on a waitqueue until the userspace task resolves the 1991 * situation. Sleeping directly in the charge context with all kinds 1992 * of locks held is not a good idea, instead we remember an OOM state 1993 * in the task and mem_cgroup_oom_synchronize() has to be called at 1994 * the end of the page fault to complete the OOM handling. 1995 * 1996 * Returns %true if an ongoing memcg OOM situation was detected and 1997 * completed, %false otherwise. 1998 */ 1999bool mem_cgroup_oom_synchronize(bool handle) 2000{ 2001 struct mem_cgroup *memcg = current->memcg_in_oom; 2002 struct oom_wait_info owait; 2003 bool locked; 2004 2005 /* OOM is global, do not handle */ 2006 if (!memcg) 2007 return false; 2008 2009 if (!handle) 2010 goto cleanup; 2011 2012 owait.memcg = memcg; 2013 owait.wait.flags = 0; 2014 owait.wait.func = memcg_oom_wake_function; 2015 owait.wait.private = current; 2016 INIT_LIST_HEAD(&owait.wait.entry); 2017 2018 prepare_to_wait(&memcg_oom_waitq, &owait.wait, TASK_KILLABLE); 2019 mem_cgroup_mark_under_oom(memcg); 2020 2021 locked = mem_cgroup_oom_trylock(memcg); 2022 2023 if (locked) 2024 mem_cgroup_oom_notify(memcg); 2025 2026 schedule(); 2027 mem_cgroup_unmark_under_oom(memcg); 2028 finish_wait(&memcg_oom_waitq, &owait.wait); 2029 2030 if (locked) 2031 mem_cgroup_oom_unlock(memcg); 2032cleanup: 2033 current->memcg_in_oom = NULL; 2034 css_put(&memcg->css); 2035 return true; 2036} 2037 2038/** 2039 * mem_cgroup_get_oom_group - get a memory cgroup to clean up after OOM 2040 * @victim: task to be killed by the OOM killer 2041 * @oom_domain: memcg in case of memcg OOM, NULL in case of system-wide OOM 2042 * 2043 * Returns a pointer to a memory cgroup, which has to be cleaned up 2044 * by killing all belonging OOM-killable tasks. 2045 * 2046 * Caller has to call mem_cgroup_put() on the returned non-NULL memcg. 2047 */ 2048struct mem_cgroup *mem_cgroup_get_oom_group(struct task_struct *victim, 2049 struct mem_cgroup *oom_domain) 2050{ 2051 struct mem_cgroup *oom_group = NULL; 2052 struct mem_cgroup *memcg; 2053 2054 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys)) 2055 return NULL; 2056 2057 if (!oom_domain) 2058 oom_domain = root_mem_cgroup; 2059 2060 rcu_read_lock(); 2061 2062 memcg = mem_cgroup_from_task(victim); 2063 if (mem_cgroup_is_root(memcg)) 2064 goto out; 2065 2066 /* 2067 * If the victim task has been asynchronously moved to a different 2068 * memory cgroup, we might end up killing tasks outside oom_domain. 2069 * In this case it's better to ignore memory.group.oom. 2070 */ 2071 if (unlikely(!mem_cgroup_is_descendant(memcg, oom_domain))) 2072 goto out; 2073 2074 /* 2075 * Traverse the memory cgroup hierarchy from the victim task's 2076 * cgroup up to the OOMing cgroup (or root) to find the 2077 * highest-level memory cgroup with oom.group set. 2078 */ 2079 for (; memcg; memcg = parent_mem_cgroup(memcg)) { 2080 if (READ_ONCE(memcg->oom_group)) 2081 oom_group = memcg; 2082 2083 if (memcg == oom_domain) 2084 break; 2085 } 2086 2087 if (oom_group) 2088 css_get(&oom_group->css); 2089out: 2090 rcu_read_unlock(); 2091 2092 return oom_group; 2093} 2094 2095void mem_cgroup_print_oom_group(struct mem_cgroup *memcg) 2096{ 2097 pr_info("Tasks in "); 2098 pr_cont_cgroup_path(memcg->css.cgroup); 2099 pr_cont(" are going to be killed due to memory.oom.group set\n"); 2100} 2101 2102/** 2103 * folio_memcg_lock - Bind a folio to its memcg. 2104 * @folio: The folio. 2105 * 2106 * This function prevents unlocked LRU folios from being moved to 2107 * another cgroup. 2108 * 2109 * It ensures lifetime of the bound memcg. The caller is responsible 2110 * for the lifetime of the folio. 2111 */ 2112void folio_memcg_lock(struct folio *folio) 2113{ 2114 struct mem_cgroup *memcg; 2115 unsigned long flags; 2116 2117 /* 2118 * The RCU lock is held throughout the transaction. The fast 2119 * path can get away without acquiring the memcg->move_lock 2120 * because page moving starts with an RCU grace period. 2121 */ 2122 rcu_read_lock(); 2123 2124 if (mem_cgroup_disabled()) 2125 return; 2126again: 2127 memcg = folio_memcg(folio); 2128 if (unlikely(!memcg)) 2129 return; 2130 2131#ifdef CONFIG_PROVE_LOCKING 2132 local_irq_save(flags); 2133 might_lock(&memcg->move_lock); 2134 local_irq_restore(flags); 2135#endif 2136 2137 if (atomic_read(&memcg->moving_account) <= 0) 2138 return; 2139 2140 spin_lock_irqsave(&memcg->move_lock, flags); 2141 if (memcg != folio_memcg(folio)) { 2142 spin_unlock_irqrestore(&memcg->move_lock, flags); 2143 goto again; 2144 } 2145 2146 /* 2147 * When charge migration first begins, we can have multiple 2148 * critical sections holding the fast-path RCU lock and one 2149 * holding the slowpath move_lock. Track the task who has the 2150 * move_lock for folio_memcg_unlock(). 2151 */ 2152 memcg->move_lock_task = current; 2153 memcg->move_lock_flags = flags; 2154} 2155 2156static void __folio_memcg_unlock(struct mem_cgroup *memcg) 2157{ 2158 if (memcg && memcg->move_lock_task == current) { 2159 unsigned long flags = memcg->move_lock_flags; 2160 2161 memcg->move_lock_task = NULL; 2162 memcg->move_lock_flags = 0; 2163 2164 spin_unlock_irqrestore(&memcg->move_lock, flags); 2165 } 2166 2167 rcu_read_unlock(); 2168} 2169 2170/** 2171 * folio_memcg_unlock - Release the binding between a folio and its memcg. 2172 * @folio: The folio. 2173 * 2174 * This releases the binding created by folio_memcg_lock(). This does 2175 * not change the accounting of this folio to its memcg, but it does 2176 * permit others to change it. 2177 */ 2178void folio_memcg_unlock(struct folio *folio) 2179{ 2180 __folio_memcg_unlock(folio_memcg(folio)); 2181} 2182 2183struct memcg_stock_pcp { 2184 local_lock_t stock_lock; 2185 struct mem_cgroup *cached; /* this never be root cgroup */ 2186 unsigned int nr_pages; 2187 2188#ifdef CONFIG_MEMCG_KMEM 2189 struct obj_cgroup *cached_objcg; 2190 struct pglist_data *cached_pgdat; 2191 unsigned int nr_bytes; 2192 int nr_slab_reclaimable_b; 2193 int nr_slab_unreclaimable_b; 2194#endif 2195 2196 struct work_struct work; 2197 unsigned long flags; 2198#define FLUSHING_CACHED_CHARGE 0 2199}; 2200static DEFINE_PER_CPU(struct memcg_stock_pcp, memcg_stock) = { 2201 .stock_lock = INIT_LOCAL_LOCK(stock_lock), 2202}; 2203static DEFINE_MUTEX(percpu_charge_mutex); 2204 2205#ifdef CONFIG_MEMCG_KMEM 2206static struct obj_cgroup *drain_obj_stock(struct memcg_stock_pcp *stock); 2207static bool obj_stock_flush_required(struct memcg_stock_pcp *stock, 2208 struct mem_cgroup *root_memcg); 2209static void memcg_account_kmem(struct mem_cgroup *memcg, int nr_pages); 2210 2211#else 2212static inline struct obj_cgroup *drain_obj_stock(struct memcg_stock_pcp *stock) 2213{ 2214 return NULL; 2215} 2216static bool obj_stock_flush_required(struct memcg_stock_pcp *stock, 2217 struct mem_cgroup *root_memcg) 2218{ 2219 return false; 2220} 2221static void memcg_account_kmem(struct mem_cgroup *memcg, int nr_pages) 2222{ 2223} 2224#endif 2225 2226/** 2227 * consume_stock: Try to consume stocked charge on this cpu. 2228 * @memcg: memcg to consume from. 2229 * @nr_pages: how many pages to charge. 2230 * 2231 * The charges will only happen if @memcg matches the current cpu's memcg 2232 * stock, and at least @nr_pages are available in that stock. Failure to 2233 * service an allocation will refill the stock. 2234 * 2235 * returns true if successful, false otherwise. 2236 */ 2237static bool consume_stock(struct mem_cgroup *memcg, unsigned int nr_pages) 2238{ 2239 struct memcg_stock_pcp *stock; 2240 unsigned long flags; 2241 bool ret = false; 2242 2243 if (nr_pages > MEMCG_CHARGE_BATCH) 2244 return ret; 2245 2246 local_lock_irqsave(&memcg_stock.stock_lock, flags); 2247 2248 stock = this_cpu_ptr(&memcg_stock); 2249 if (memcg == READ_ONCE(stock->cached) && stock->nr_pages >= nr_pages) { 2250 stock->nr_pages -= nr_pages; 2251 ret = true; 2252 } 2253 2254 local_unlock_irqrestore(&memcg_stock.stock_lock, flags); 2255 2256 return ret; 2257} 2258 2259/* 2260 * Returns stocks cached in percpu and reset cached information. 2261 */ 2262static void drain_stock(struct memcg_stock_pcp *stock) 2263{ 2264 struct mem_cgroup *old = READ_ONCE(stock->cached); 2265 2266 if (!old) 2267 return; 2268 2269 if (stock->nr_pages) { 2270 page_counter_uncharge(&old->memory, stock->nr_pages); 2271 if (do_memsw_account()) 2272 page_counter_uncharge(&old->memsw, stock->nr_pages); 2273 stock->nr_pages = 0; 2274 } 2275 2276 css_put(&old->css); 2277 WRITE_ONCE(stock->cached, NULL); 2278} 2279 2280static void drain_local_stock(struct work_struct *dummy) 2281{ 2282 struct memcg_stock_pcp *stock; 2283 struct obj_cgroup *old = NULL; 2284 unsigned long flags; 2285 2286 /* 2287 * The only protection from cpu hotplug (memcg_hotplug_cpu_dead) vs. 2288 * drain_stock races is that we always operate on local CPU stock 2289 * here with IRQ disabled 2290 */ 2291 local_lock_irqsave(&memcg_stock.stock_lock, flags); 2292 2293 stock = this_cpu_ptr(&memcg_stock); 2294 old = drain_obj_stock(stock); 2295 drain_stock(stock); 2296 clear_bit(FLUSHING_CACHED_CHARGE, &stock->flags); 2297 2298 local_unlock_irqrestore(&memcg_stock.stock_lock, flags); 2299 if (old) 2300 obj_cgroup_put(old); 2301} 2302 2303/* 2304 * Cache charges(val) to local per_cpu area. 2305 * This will be consumed by consume_stock() function, later. 2306 */ 2307static void __refill_stock(struct mem_cgroup *memcg, unsigned int nr_pages) 2308{ 2309 struct memcg_stock_pcp *stock; 2310 2311 stock = this_cpu_ptr(&memcg_stock); 2312 if (READ_ONCE(stock->cached) != memcg) { /* reset if necessary */ 2313 drain_stock(stock); 2314 css_get(&memcg->css); 2315 WRITE_ONCE(stock->cached, memcg); 2316 } 2317 stock->nr_pages += nr_pages; 2318 2319 if (stock->nr_pages > MEMCG_CHARGE_BATCH) 2320 drain_stock(stock); 2321} 2322 2323static void refill_stock(struct mem_cgroup *memcg, unsigned int nr_pages) 2324{ 2325 unsigned long flags; 2326 2327 local_lock_irqsave(&memcg_stock.stock_lock, flags); 2328 __refill_stock(memcg, nr_pages); 2329 local_unlock_irqrestore(&memcg_stock.stock_lock, flags); 2330} 2331 2332/* 2333 * Drains all per-CPU charge caches for given root_memcg resp. subtree 2334 * of the hierarchy under it. 2335 */ 2336static void drain_all_stock(struct mem_cgroup *root_memcg) 2337{ 2338 int cpu, curcpu; 2339 2340 /* If someone's already draining, avoid adding running more workers. */ 2341 if (!mutex_trylock(&percpu_charge_mutex)) 2342 return; 2343 /* 2344 * Notify other cpus that system-wide "drain" is running 2345 * We do not care about races with the cpu hotplug because cpu down 2346 * as well as workers from this path always operate on the local 2347 * per-cpu data. CPU up doesn't touch memcg_stock at all. 2348 */ 2349 migrate_disable(); 2350 curcpu = smp_processor_id(); 2351 for_each_online_cpu(cpu) { 2352 struct memcg_stock_pcp *stock = &per_cpu(memcg_stock, cpu); 2353 struct mem_cgroup *memcg; 2354 bool flush = false; 2355 2356 rcu_read_lock(); 2357 memcg = READ_ONCE(stock->cached); 2358 if (memcg && stock->nr_pages && 2359 mem_cgroup_is_descendant(memcg, root_memcg)) 2360 flush = true; 2361 else if (obj_stock_flush_required(stock, root_memcg)) 2362 flush = true; 2363 rcu_read_unlock(); 2364 2365 if (flush && 2366 !test_and_set_bit(FLUSHING_CACHED_CHARGE, &stock->flags)) { 2367 if (cpu == curcpu) 2368 drain_local_stock(&stock->work); 2369 else if (!cpu_is_isolated(cpu)) 2370 schedule_work_on(cpu, &stock->work); 2371 } 2372 } 2373 migrate_enable(); 2374 mutex_unlock(&percpu_charge_mutex); 2375} 2376 2377static int memcg_hotplug_cpu_dead(unsigned int cpu) 2378{ 2379 struct memcg_stock_pcp *stock; 2380 2381 stock = &per_cpu(memcg_stock, cpu); 2382 drain_stock(stock); 2383 2384 return 0; 2385} 2386 2387static unsigned long reclaim_high(struct mem_cgroup *memcg, 2388 unsigned int nr_pages, 2389 gfp_t gfp_mask) 2390{ 2391 unsigned long nr_reclaimed = 0; 2392 2393 do { 2394 unsigned long pflags; 2395 2396 if (page_counter_read(&memcg->memory) <= 2397 READ_ONCE(memcg->memory.high)) 2398 continue; 2399 2400 memcg_memory_event(memcg, MEMCG_HIGH); 2401 2402 psi_memstall_enter(&pflags); 2403 nr_reclaimed += try_to_free_mem_cgroup_pages(memcg, nr_pages, 2404 gfp_mask, 2405 MEMCG_RECLAIM_MAY_SWAP); 2406 psi_memstall_leave(&pflags); 2407 } while ((memcg = parent_mem_cgroup(memcg)) && 2408 !mem_cgroup_is_root(memcg)); 2409 2410 return nr_reclaimed; 2411} 2412 2413static void high_work_func(struct work_struct *work) 2414{ 2415 struct mem_cgroup *memcg; 2416 2417 memcg = container_of(work, struct mem_cgroup, high_work); 2418 reclaim_high(memcg, MEMCG_CHARGE_BATCH, GFP_KERNEL); 2419} 2420 2421/* 2422 * Clamp the maximum sleep time per allocation batch to 2 seconds. This is 2423 * enough to still cause a significant slowdown in most cases, while still 2424 * allowing diagnostics and tracing to proceed without becoming stuck. 2425 */ 2426#define MEMCG_MAX_HIGH_DELAY_JIFFIES (2UL*HZ) 2427 2428/* 2429 * When calculating the delay, we use these either side of the exponentiation to 2430 * maintain precision and scale to a reasonable number of jiffies (see the table 2431 * below. 2432 * 2433 * - MEMCG_DELAY_PRECISION_SHIFT: Extra precision bits while translating the 2434 * overage ratio to a delay. 2435 * - MEMCG_DELAY_SCALING_SHIFT: The number of bits to scale down the 2436 * proposed penalty in order to reduce to a reasonable number of jiffies, and 2437 * to produce a reasonable delay curve. 2438 * 2439 * MEMCG_DELAY_SCALING_SHIFT just happens to be a number that produces a 2440 * reasonable delay curve compared to precision-adjusted overage, not 2441 * penalising heavily at first, but still making sure that growth beyond the 2442 * limit penalises misbehaviour cgroups by slowing them down exponentially. For 2443 * example, with a high of 100 megabytes: 2444 * 2445 * +-------+------------------------+ 2446 * | usage | time to allocate in ms | 2447 * +-------+------------------------+ 2448 * | 100M | 0 | 2449 * | 101M | 6 | 2450 * | 102M | 25 | 2451 * | 103M | 57 | 2452 * | 104M | 102 | 2453 * | 105M | 159 | 2454 * | 106M | 230 | 2455 * | 107M | 313 | 2456 * | 108M | 409 | 2457 * | 109M | 518 | 2458 * | 110M | 639 | 2459 * | 111M | 774 | 2460 * | 112M | 921 | 2461 * | 113M | 1081 | 2462 * | 114M | 1254 | 2463 * | 115M | 1439 | 2464 * | 116M | 1638 | 2465 * | 117M | 1849 | 2466 * | 118M | 2000 | 2467 * | 119M | 2000 | 2468 * | 120M | 2000 | 2469 * +-------+------------------------+ 2470 */ 2471 #define MEMCG_DELAY_PRECISION_SHIFT 20 2472 #define MEMCG_DELAY_SCALING_SHIFT 14 2473 2474static u64 calculate_overage(unsigned long usage, unsigned long high) 2475{ 2476 u64 overage; 2477 2478 if (usage <= high) 2479 return 0; 2480 2481 /* 2482 * Prevent division by 0 in overage calculation by acting as if 2483 * it was a threshold of 1 page 2484 */ 2485 high = max(high, 1UL); 2486 2487 overage = usage - high; 2488 overage <<= MEMCG_DELAY_PRECISION_SHIFT; 2489 return div64_u64(overage, high); 2490} 2491 2492static u64 mem_find_max_overage(struct mem_cgroup *memcg) 2493{ 2494 u64 overage, max_overage = 0; 2495 2496 do { 2497 overage = calculate_overage(page_counter_read(&memcg->memory), 2498 READ_ONCE(memcg->memory.high)); 2499 max_overage = max(overage, max_overage); 2500 } while ((memcg = parent_mem_cgroup(memcg)) && 2501 !mem_cgroup_is_root(memcg)); 2502 2503 return max_overage; 2504} 2505 2506static u64 swap_find_max_overage(struct mem_cgroup *memcg) 2507{ 2508 u64 overage, max_overage = 0; 2509 2510 do { 2511 overage = calculate_overage(page_counter_read(&memcg->swap), 2512 READ_ONCE(memcg->swap.high)); 2513 if (overage) 2514 memcg_memory_event(memcg, MEMCG_SWAP_HIGH); 2515 max_overage = max(overage, max_overage); 2516 } while ((memcg = parent_mem_cgroup(memcg)) && 2517 !mem_cgroup_is_root(memcg)); 2518 2519 return max_overage; 2520} 2521 2522/* 2523 * Get the number of jiffies that we should penalise a mischievous cgroup which 2524 * is exceeding its memory.high by checking both it and its ancestors. 2525 */ 2526static unsigned long calculate_high_delay(struct mem_cgroup *memcg, 2527 unsigned int nr_pages, 2528 u64 max_overage) 2529{ 2530 unsigned long penalty_jiffies; 2531 2532 if (!max_overage) 2533 return 0; 2534 2535 /* 2536 * We use overage compared to memory.high to calculate the number of 2537 * jiffies to sleep (penalty_jiffies). Ideally this value should be 2538 * fairly lenient on small overages, and increasingly harsh when the 2539 * memcg in question makes it clear that it has no intention of stopping 2540 * its crazy behaviour, so we exponentially increase the delay based on 2541 * overage amount. 2542 */ 2543 penalty_jiffies = max_overage * max_overage * HZ; 2544 penalty_jiffies >>= MEMCG_DELAY_PRECISION_SHIFT; 2545 penalty_jiffies >>= MEMCG_DELAY_SCALING_SHIFT; 2546 2547 /* 2548 * Factor in the task's own contribution to the overage, such that four 2549 * N-sized allocations are throttled approximately the same as one 2550 * 4N-sized allocation. 2551 * 2552 * MEMCG_CHARGE_BATCH pages is nominal, so work out how much smaller or 2553 * larger the current charge patch is than that. 2554 */ 2555 return penalty_jiffies * nr_pages / MEMCG_CHARGE_BATCH; 2556} 2557 2558/* 2559 * Scheduled by try_charge() to be executed from the userland return path 2560 * and reclaims memory over the high limit. 2561 */ 2562void mem_cgroup_handle_over_high(void) 2563{ 2564 unsigned long penalty_jiffies; 2565 unsigned long pflags; 2566 unsigned long nr_reclaimed; 2567 unsigned int nr_pages = current->memcg_nr_pages_over_high; 2568 int nr_retries = MAX_RECLAIM_RETRIES; 2569 struct mem_cgroup *memcg; 2570 bool in_retry = false; 2571 2572 if (likely(!nr_pages)) 2573 return; 2574 2575 memcg = get_mem_cgroup_from_mm(current->mm); 2576 current->memcg_nr_pages_over_high = 0; 2577 2578retry_reclaim: 2579 /* 2580 * The allocating task should reclaim at least the batch size, but for 2581 * subsequent retries we only want to do what's necessary to prevent oom 2582 * or breaching resource isolation. 2583 * 2584 * This is distinct from memory.max or page allocator behaviour because 2585 * memory.high is currently batched, whereas memory.max and the page 2586 * allocator run every time an allocation is made. 2587 */ 2588 nr_reclaimed = reclaim_high(memcg, 2589 in_retry ? SWAP_CLUSTER_MAX : nr_pages, 2590 GFP_KERNEL); 2591 2592 /* 2593 * memory.high is breached and reclaim is unable to keep up. Throttle 2594 * allocators proactively to slow down excessive growth. 2595 */ 2596 penalty_jiffies = calculate_high_delay(memcg, nr_pages, 2597 mem_find_max_overage(memcg)); 2598 2599 penalty_jiffies += calculate_high_delay(memcg, nr_pages, 2600 swap_find_max_overage(memcg)); 2601 2602 /* 2603 * Clamp the max delay per usermode return so as to still keep the 2604 * application moving forwards and also permit diagnostics, albeit 2605 * extremely slowly. 2606 */ 2607 penalty_jiffies = min(penalty_jiffies, MEMCG_MAX_HIGH_DELAY_JIFFIES); 2608 2609 /* 2610 * Don't sleep if the amount of jiffies this memcg owes us is so low 2611 * that it's not even worth doing, in an attempt to be nice to those who 2612 * go only a small amount over their memory.high value and maybe haven't 2613 * been aggressively reclaimed enough yet. 2614 */ 2615 if (penalty_jiffies <= HZ / 100) 2616 goto out; 2617 2618 /* 2619 * If reclaim is making forward progress but we're still over 2620 * memory.high, we want to encourage that rather than doing allocator 2621 * throttling. 2622 */ 2623 if (nr_reclaimed || nr_retries--) { 2624 in_retry = true; 2625 goto retry_reclaim; 2626 } 2627 2628 /* 2629 * If we exit early, we're guaranteed to die (since 2630 * schedule_timeout_killable sets TASK_KILLABLE). This means we don't 2631 * need to account for any ill-begotten jiffies to pay them off later. 2632 */ 2633 psi_memstall_enter(&pflags); 2634 schedule_timeout_killable(penalty_jiffies); 2635 psi_memstall_leave(&pflags); 2636 2637out: 2638 css_put(&memcg->css); 2639} 2640 2641static int try_charge_memcg(struct mem_cgroup *memcg, gfp_t gfp_mask, 2642 unsigned int nr_pages) 2643{ 2644 unsigned int batch = max(MEMCG_CHARGE_BATCH, nr_pages); 2645 int nr_retries = MAX_RECLAIM_RETRIES; 2646 struct mem_cgroup *mem_over_limit; 2647 struct page_counter *counter; 2648 unsigned long nr_reclaimed; 2649 bool passed_oom = false; 2650 unsigned int reclaim_options = MEMCG_RECLAIM_MAY_SWAP; 2651 bool drained = false; 2652 bool raised_max_event = false; 2653 unsigned long pflags; 2654 2655retry: 2656 if (consume_stock(memcg, nr_pages)) 2657 return 0; 2658 2659 if (!do_memsw_account() || 2660 page_counter_try_charge(&memcg->memsw, batch, &counter)) { 2661 if (page_counter_try_charge(&memcg->memory, batch, &counter)) 2662 goto done_restock; 2663 if (do_memsw_account()) 2664 page_counter_uncharge(&memcg->memsw, batch); 2665 mem_over_limit = mem_cgroup_from_counter(counter, memory); 2666 } else { 2667 mem_over_limit = mem_cgroup_from_counter(counter, memsw); 2668 reclaim_options &= ~MEMCG_RECLAIM_MAY_SWAP; 2669 } 2670 2671 if (batch > nr_pages) { 2672 batch = nr_pages; 2673 goto retry; 2674 } 2675 2676 /* 2677 * Prevent unbounded recursion when reclaim operations need to 2678 * allocate memory. This might exceed the limits temporarily, 2679 * but we prefer facilitating memory reclaim and getting back 2680 * under the limit over triggering OOM kills in these cases. 2681 */ 2682 if (unlikely(current->flags & PF_MEMALLOC)) 2683 goto force; 2684 2685 if (unlikely(task_in_memcg_oom(current))) 2686 goto nomem; 2687 2688 if (!gfpflags_allow_blocking(gfp_mask)) 2689 goto nomem; 2690 2691 memcg_memory_event(mem_over_limit, MEMCG_MAX); 2692 raised_max_event = true; 2693 2694 psi_memstall_enter(&pflags); 2695 nr_reclaimed = try_to_free_mem_cgroup_pages(mem_over_limit, nr_pages, 2696 gfp_mask, reclaim_options); 2697 psi_memstall_leave(&pflags); 2698 2699 if (mem_cgroup_margin(mem_over_limit) >= nr_pages) 2700 goto retry; 2701 2702 if (!drained) { 2703 drain_all_stock(mem_over_limit); 2704 drained = true; 2705 goto retry; 2706 } 2707 2708 if (gfp_mask & __GFP_NORETRY) 2709 goto nomem; 2710 /* 2711 * Even though the limit is exceeded at this point, reclaim 2712 * may have been able to free some pages. Retry the charge 2713 * before killing the task. 2714 * 2715 * Only for regular pages, though: huge pages are rather 2716 * unlikely to succeed so close to the limit, and we fall back 2717 * to regular pages anyway in case of failure. 2718 */ 2719 if (nr_reclaimed && nr_pages <= (1 << PAGE_ALLOC_COSTLY_ORDER)) 2720 goto retry; 2721 /* 2722 * At task move, charge accounts can be doubly counted. So, it's 2723 * better to wait until the end of task_move if something is going on. 2724 */ 2725 if (mem_cgroup_wait_acct_move(mem_over_limit)) 2726 goto retry; 2727 2728 if (nr_retries--) 2729 goto retry; 2730 2731 if (gfp_mask & __GFP_RETRY_MAYFAIL) 2732 goto nomem; 2733 2734 /* Avoid endless loop for tasks bypassed by the oom killer */ 2735 if (passed_oom && task_is_dying()) 2736 goto nomem; 2737 2738 /* 2739 * keep retrying as long as the memcg oom killer is able to make 2740 * a forward progress or bypass the charge if the oom killer 2741 * couldn't make any progress. 2742 */ 2743 if (mem_cgroup_oom(mem_over_limit, gfp_mask, 2744 get_order(nr_pages * PAGE_SIZE))) { 2745 passed_oom = true; 2746 nr_retries = MAX_RECLAIM_RETRIES; 2747 goto retry; 2748 } 2749nomem: 2750 /* 2751 * Memcg doesn't have a dedicated reserve for atomic 2752 * allocations. But like the global atomic pool, we need to 2753 * put the burden of reclaim on regular allocation requests 2754 * and let these go through as privileged allocations. 2755 */ 2756 if (!(gfp_mask & (__GFP_NOFAIL | __GFP_HIGH))) 2757 return -ENOMEM; 2758force: 2759 /* 2760 * If the allocation has to be enforced, don't forget to raise 2761 * a MEMCG_MAX event. 2762 */ 2763 if (!raised_max_event) 2764 memcg_memory_event(mem_over_limit, MEMCG_MAX); 2765 2766 /* 2767 * The allocation either can't fail or will lead to more memory 2768 * being freed very soon. Allow memory usage go over the limit 2769 * temporarily by force charging it. 2770 */ 2771 page_counter_charge(&memcg->memory, nr_pages); 2772 if (do_memsw_account()) 2773 page_counter_charge(&memcg->memsw, nr_pages); 2774 2775 return 0; 2776 2777done_restock: 2778 if (batch > nr_pages) 2779 refill_stock(memcg, batch - nr_pages); 2780 2781 /* 2782 * If the hierarchy is above the normal consumption range, schedule 2783 * reclaim on returning to userland. We can perform reclaim here 2784 * if __GFP_RECLAIM but let's always punt for simplicity and so that 2785 * GFP_KERNEL can consistently be used during reclaim. @memcg is 2786 * not recorded as it most likely matches current's and won't 2787 * change in the meantime. As high limit is checked again before 2788 * reclaim, the cost of mismatch is negligible. 2789 */ 2790 do { 2791 bool mem_high, swap_high; 2792 2793 mem_high = page_counter_read(&memcg->memory) > 2794 READ_ONCE(memcg->memory.high); 2795 swap_high = page_counter_read(&memcg->swap) > 2796 READ_ONCE(memcg->swap.high); 2797 2798 /* Don't bother a random interrupted task */ 2799 if (!in_task()) { 2800 if (mem_high) { 2801 schedule_work(&memcg->high_work); 2802 break; 2803 } 2804 continue; 2805 } 2806 2807 if (mem_high || swap_high) { 2808 /* 2809 * The allocating tasks in this cgroup will need to do 2810 * reclaim or be throttled to prevent further growth 2811 * of the memory or swap footprints. 2812 * 2813 * Target some best-effort fairness between the tasks, 2814 * and distribute reclaim work and delay penalties 2815 * based on how much each task is actually allocating. 2816 */ 2817 current->memcg_nr_pages_over_high += batch; 2818 set_notify_resume(current); 2819 break; 2820 } 2821 } while ((memcg = parent_mem_cgroup(memcg))); 2822 2823 if (current->memcg_nr_pages_over_high > MEMCG_CHARGE_BATCH && 2824 !(current->flags & PF_MEMALLOC) && 2825 gfpflags_allow_blocking(gfp_mask)) { 2826 mem_cgroup_handle_over_high(); 2827 } 2828 return 0; 2829} 2830 2831static inline int try_charge(struct mem_cgroup *memcg, gfp_t gfp_mask, 2832 unsigned int nr_pages) 2833{ 2834 if (mem_cgroup_is_root(memcg)) 2835 return 0; 2836 2837 return try_charge_memcg(memcg, gfp_mask, nr_pages); 2838} 2839 2840static inline void cancel_charge(struct mem_cgroup *memcg, unsigned int nr_pages) 2841{ 2842 if (mem_cgroup_is_root(memcg)) 2843 return; 2844 2845 page_counter_uncharge(&memcg->memory, nr_pages); 2846 if (do_memsw_account()) 2847 page_counter_uncharge(&memcg->memsw, nr_pages); 2848} 2849 2850static void commit_charge(struct folio *folio, struct mem_cgroup *memcg) 2851{ 2852 VM_BUG_ON_FOLIO(folio_memcg(folio), folio); 2853 /* 2854 * Any of the following ensures page's memcg stability: 2855 * 2856 * - the page lock 2857 * - LRU isolation 2858 * - folio_memcg_lock() 2859 * - exclusive reference 2860 * - mem_cgroup_trylock_pages() 2861 */ 2862 folio->memcg_data = (unsigned long)memcg; 2863} 2864 2865#ifdef CONFIG_MEMCG_KMEM 2866/* 2867 * The allocated objcg pointers array is not accounted directly. 2868 * Moreover, it should not come from DMA buffer and is not readily 2869 * reclaimable. So those GFP bits should be masked off. 2870 */ 2871#define OBJCGS_CLEAR_MASK (__GFP_DMA | __GFP_RECLAIMABLE | __GFP_ACCOUNT) 2872 2873/* 2874 * mod_objcg_mlstate() may be called with irq enabled, so 2875 * mod_memcg_lruvec_state() should be used. 2876 */ 2877static inline void mod_objcg_mlstate(struct obj_cgroup *objcg, 2878 struct pglist_data *pgdat, 2879 enum node_stat_item idx, int nr) 2880{ 2881 struct mem_cgroup *memcg; 2882 struct lruvec *lruvec; 2883 2884 rcu_read_lock(); 2885 memcg = obj_cgroup_memcg(objcg); 2886 lruvec = mem_cgroup_lruvec(memcg, pgdat); 2887 mod_memcg_lruvec_state(lruvec, idx, nr); 2888 rcu_read_unlock(); 2889} 2890 2891int memcg_alloc_slab_cgroups(struct slab *slab, struct kmem_cache *s, 2892 gfp_t gfp, bool new_slab) 2893{ 2894 unsigned int objects = objs_per_slab(s, slab); 2895 unsigned long memcg_data; 2896 void *vec; 2897 2898 gfp &= ~OBJCGS_CLEAR_MASK; 2899 vec = kcalloc_node(objects, sizeof(struct obj_cgroup *), gfp, 2900 slab_nid(slab)); 2901 if (!vec) 2902 return -ENOMEM; 2903 2904 memcg_data = (unsigned long) vec | MEMCG_DATA_OBJCGS; 2905 if (new_slab) { 2906 /* 2907 * If the slab is brand new and nobody can yet access its 2908 * memcg_data, no synchronization is required and memcg_data can 2909 * be simply assigned. 2910 */ 2911 slab->memcg_data = memcg_data; 2912 } else if (cmpxchg(&slab->memcg_data, 0, memcg_data)) { 2913 /* 2914 * If the slab is already in use, somebody can allocate and 2915 * assign obj_cgroups in parallel. In this case the existing 2916 * objcg vector should be reused. 2917 */ 2918 kfree(vec); 2919 return 0; 2920 } 2921 2922 kmemleak_not_leak(vec); 2923 return 0; 2924} 2925 2926static __always_inline 2927struct mem_cgroup *mem_cgroup_from_obj_folio(struct folio *folio, void *p) 2928{ 2929 /* 2930 * Slab objects are accounted individually, not per-page. 2931 * Memcg membership data for each individual object is saved in 2932 * slab->memcg_data. 2933 */ 2934 if (folio_test_slab(folio)) { 2935 struct obj_cgroup **objcgs; 2936 struct slab *slab; 2937 unsigned int off; 2938 2939 slab = folio_slab(folio); 2940 objcgs = slab_objcgs(slab); 2941 if (!objcgs) 2942 return NULL; 2943 2944 off = obj_to_index(slab->slab_cache, slab, p); 2945 if (objcgs[off]) 2946 return obj_cgroup_memcg(objcgs[off]); 2947 2948 return NULL; 2949 } 2950 2951 /* 2952 * folio_memcg_check() is used here, because in theory we can encounter 2953 * a folio where the slab flag has been cleared already, but 2954 * slab->memcg_data has not been freed yet 2955 * folio_memcg_check() will guarantee that a proper memory 2956 * cgroup pointer or NULL will be returned. 2957 */ 2958 return folio_memcg_check(folio); 2959} 2960 2961/* 2962 * Returns a pointer to the memory cgroup to which the kernel object is charged. 2963 * 2964 * A passed kernel object can be a slab object, vmalloc object or a generic 2965 * kernel page, so different mechanisms for getting the memory cgroup pointer 2966 * should be used. 2967 * 2968 * In certain cases (e.g. kernel stacks or large kmallocs with SLUB) the caller 2969 * can not know for sure how the kernel object is implemented. 2970 * mem_cgroup_from_obj() can be safely used in such cases. 2971 * 2972 * The caller must ensure the memcg lifetime, e.g. by taking rcu_read_lock(), 2973 * cgroup_mutex, etc. 2974 */ 2975struct mem_cgroup *mem_cgroup_from_obj(void *p) 2976{ 2977 struct folio *folio; 2978 2979 if (mem_cgroup_disabled()) 2980 return NULL; 2981 2982 if (unlikely(is_vmalloc_addr(p))) 2983 folio = page_folio(vmalloc_to_page(p)); 2984 else 2985 folio = virt_to_folio(p); 2986 2987 return mem_cgroup_from_obj_folio(folio, p); 2988} 2989 2990/* 2991 * Returns a pointer to the memory cgroup to which the kernel object is charged. 2992 * Similar to mem_cgroup_from_obj(), but faster and not suitable for objects, 2993 * allocated using vmalloc(). 2994 * 2995 * A passed kernel object must be a slab object or a generic kernel page. 2996 * 2997 * The caller must ensure the memcg lifetime, e.g. by taking rcu_read_lock(), 2998 * cgroup_mutex, etc. 2999 */ 3000struct mem_cgroup *mem_cgroup_from_slab_obj(void *p) 3001{ 3002 if (mem_cgroup_disabled()) 3003 return NULL; 3004 3005 return mem_cgroup_from_obj_folio(virt_to_folio(p), p); 3006} 3007 3008static struct obj_cgroup *__get_obj_cgroup_from_memcg(struct mem_cgroup *memcg) 3009{ 3010 struct obj_cgroup *objcg = NULL; 3011 3012 for (; !mem_cgroup_is_root(memcg); memcg = parent_mem_cgroup(memcg)) { 3013 objcg = rcu_dereference(memcg->objcg); 3014 if (objcg && obj_cgroup_tryget(objcg)) 3015 break; 3016 objcg = NULL; 3017 } 3018 return objcg; 3019} 3020 3021__always_inline struct obj_cgroup *get_obj_cgroup_from_current(void) 3022{ 3023 struct obj_cgroup *objcg = NULL; 3024 struct mem_cgroup *memcg; 3025 3026 if (memcg_kmem_bypass()) 3027 return NULL; 3028 3029 rcu_read_lock(); 3030 if (unlikely(active_memcg())) 3031 memcg = active_memcg(); 3032 else 3033 memcg = mem_cgroup_from_task(current); 3034 objcg = __get_obj_cgroup_from_memcg(memcg); 3035 rcu_read_unlock(); 3036 return objcg; 3037} 3038 3039struct obj_cgroup *get_obj_cgroup_from_page(struct page *page) 3040{ 3041 struct obj_cgroup *objcg; 3042 3043 if (!memcg_kmem_online()) 3044 return NULL; 3045 3046 if (PageMemcgKmem(page)) { 3047 objcg = __folio_objcg(page_folio(page)); 3048 obj_cgroup_get(objcg); 3049 } else { 3050 struct mem_cgroup *memcg; 3051 3052 rcu_read_lock(); 3053 memcg = __folio_memcg(page_folio(page)); 3054 if (memcg) 3055 objcg = __get_obj_cgroup_from_memcg(memcg); 3056 else 3057 objcg = NULL; 3058 rcu_read_unlock(); 3059 } 3060 return objcg; 3061} 3062 3063static void memcg_account_kmem(struct mem_cgroup *memcg, int nr_pages) 3064{ 3065 mod_memcg_state(memcg, MEMCG_KMEM, nr_pages); 3066 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys)) { 3067 if (nr_pages > 0) 3068 page_counter_charge(&memcg->kmem, nr_pages); 3069 else 3070 page_counter_uncharge(&memcg->kmem, -nr_pages); 3071 } 3072} 3073 3074 3075/* 3076 * obj_cgroup_uncharge_pages: uncharge a number of kernel pages from a objcg 3077 * @objcg: object cgroup to uncharge 3078 * @nr_pages: number of pages to uncharge 3079 */ 3080static void obj_cgroup_uncharge_pages(struct obj_cgroup *objcg, 3081 unsigned int nr_pages) 3082{ 3083 struct mem_cgroup *memcg; 3084 3085 memcg = get_mem_cgroup_from_objcg(objcg); 3086 3087 memcg_account_kmem(memcg, -nr_pages); 3088 refill_stock(memcg, nr_pages); 3089 3090 css_put(&memcg->css); 3091} 3092 3093/* 3094 * obj_cgroup_charge_pages: charge a number of kernel pages to a objcg 3095 * @objcg: object cgroup to charge 3096 * @gfp: reclaim mode 3097 * @nr_pages: number of pages to charge 3098 * 3099 * Returns 0 on success, an error code on failure. 3100 */ 3101static int obj_cgroup_charge_pages(struct obj_cgroup *objcg, gfp_t gfp, 3102 unsigned int nr_pages) 3103{ 3104 struct mem_cgroup *memcg; 3105 int ret; 3106 3107 memcg = get_mem_cgroup_from_objcg(objcg); 3108 3109 ret = try_charge_memcg(memcg, gfp, nr_pages); 3110 if (ret) 3111 goto out; 3112 3113 memcg_account_kmem(memcg, nr_pages); 3114out: 3115 css_put(&memcg->css); 3116 3117 return ret; 3118} 3119 3120/** 3121 * __memcg_kmem_charge_page: charge a kmem page to the current memory cgroup 3122 * @page: page to charge 3123 * @gfp: reclaim mode 3124 * @order: allocation order 3125 * 3126 * Returns 0 on success, an error code on failure. 3127 */ 3128int __memcg_kmem_charge_page(struct page *page, gfp_t gfp, int order) 3129{ 3130 struct obj_cgroup *objcg; 3131 int ret = 0; 3132 3133 objcg = get_obj_cgroup_from_current(); 3134 if (objcg) { 3135 ret = obj_cgroup_charge_pages(objcg, gfp, 1 << order); 3136 if (!ret) { 3137 page->memcg_data = (unsigned long)objcg | 3138 MEMCG_DATA_KMEM; 3139 return 0; 3140 } 3141 obj_cgroup_put(objcg); 3142 } 3143 return ret; 3144} 3145 3146/** 3147 * __memcg_kmem_uncharge_page: uncharge a kmem page 3148 * @page: page to uncharge 3149 * @order: allocation order 3150 */ 3151void __memcg_kmem_uncharge_page(struct page *page, int order) 3152{ 3153 struct folio *folio = page_folio(page); 3154 struct obj_cgroup *objcg; 3155 unsigned int nr_pages = 1 << order; 3156 3157 if (!folio_memcg_kmem(folio)) 3158 return; 3159 3160 objcg = __folio_objcg(folio); 3161 obj_cgroup_uncharge_pages(objcg, nr_pages); 3162 folio->memcg_data = 0; 3163 obj_cgroup_put(objcg); 3164} 3165 3166void mod_objcg_state(struct obj_cgroup *objcg, struct pglist_data *pgdat, 3167 enum node_stat_item idx, int nr) 3168{ 3169 struct memcg_stock_pcp *stock; 3170 struct obj_cgroup *old = NULL; 3171 unsigned long flags; 3172 int *bytes; 3173 3174 local_lock_irqsave(&memcg_stock.stock_lock, flags); 3175 stock = this_cpu_ptr(&memcg_stock); 3176 3177 /* 3178 * Save vmstat data in stock and skip vmstat array update unless 3179 * accumulating over a page of vmstat data or when pgdat or idx 3180 * changes. 3181 */ 3182 if (READ_ONCE(stock->cached_objcg) != objcg) { 3183 old = drain_obj_stock(stock); 3184 obj_cgroup_get(objcg); 3185 stock->nr_bytes = atomic_read(&objcg->nr_charged_bytes) 3186 ? atomic_xchg(&objcg->nr_charged_bytes, 0) : 0; 3187 WRITE_ONCE(stock->cached_objcg, objcg); 3188 stock->cached_pgdat = pgdat; 3189 } else if (stock->cached_pgdat != pgdat) { 3190 /* Flush the existing cached vmstat data */ 3191 struct pglist_data *oldpg = stock->cached_pgdat; 3192 3193 if (stock->nr_slab_reclaimable_b) { 3194 mod_objcg_mlstate(objcg, oldpg, NR_SLAB_RECLAIMABLE_B, 3195 stock->nr_slab_reclaimable_b); 3196 stock->nr_slab_reclaimable_b = 0; 3197 } 3198 if (stock->nr_slab_unreclaimable_b) { 3199 mod_objcg_mlstate(objcg, oldpg, NR_SLAB_UNRECLAIMABLE_B, 3200 stock->nr_slab_unreclaimable_b); 3201 stock->nr_slab_unreclaimable_b = 0; 3202 } 3203 stock->cached_pgdat = pgdat; 3204 } 3205 3206 bytes = (idx == NR_SLAB_RECLAIMABLE_B) ? &stock->nr_slab_reclaimable_b 3207 : &stock->nr_slab_unreclaimable_b; 3208 /* 3209 * Even for large object >= PAGE_SIZE, the vmstat data will still be 3210 * cached locally at least once before pushing it out. 3211 */ 3212 if (!*bytes) { 3213 *bytes = nr; 3214 nr = 0; 3215 } else { 3216 *bytes += nr; 3217 if (abs(*bytes) > PAGE_SIZE) { 3218 nr = *bytes; 3219 *bytes = 0; 3220 } else { 3221 nr = 0; 3222 } 3223 } 3224 if (nr) 3225 mod_objcg_mlstate(objcg, pgdat, idx, nr); 3226 3227 local_unlock_irqrestore(&memcg_stock.stock_lock, flags); 3228 if (old) 3229 obj_cgroup_put(old); 3230} 3231 3232static bool consume_obj_stock(struct obj_cgroup *objcg, unsigned int nr_bytes) 3233{ 3234 struct memcg_stock_pcp *stock; 3235 unsigned long flags; 3236 bool ret = false; 3237 3238 local_lock_irqsave(&memcg_stock.stock_lock, flags); 3239 3240 stock = this_cpu_ptr(&memcg_stock); 3241 if (objcg == READ_ONCE(stock->cached_objcg) && stock->nr_bytes >= nr_bytes) { 3242 stock->nr_bytes -= nr_bytes; 3243 ret = true; 3244 } 3245 3246 local_unlock_irqrestore(&memcg_stock.stock_lock, flags); 3247 3248 return ret; 3249} 3250 3251static struct obj_cgroup *drain_obj_stock(struct memcg_stock_pcp *stock) 3252{ 3253 struct obj_cgroup *old = READ_ONCE(stock->cached_objcg); 3254 3255 if (!old) 3256 return NULL; 3257 3258 if (stock->nr_bytes) { 3259 unsigned int nr_pages = stock->nr_bytes >> PAGE_SHIFT; 3260 unsigned int nr_bytes = stock->nr_bytes & (PAGE_SIZE - 1); 3261 3262 if (nr_pages) { 3263 struct mem_cgroup *memcg; 3264 3265 memcg = get_mem_cgroup_from_objcg(old); 3266 3267 memcg_account_kmem(memcg, -nr_pages); 3268 __refill_stock(memcg, nr_pages); 3269 3270 css_put(&memcg->css); 3271 } 3272 3273 /* 3274 * The leftover is flushed to the centralized per-memcg value. 3275 * On the next attempt to refill obj stock it will be moved 3276 * to a per-cpu stock (probably, on an other CPU), see 3277 * refill_obj_stock(). 3278 * 3279 * How often it's flushed is a trade-off between the memory 3280 * limit enforcement accuracy and potential CPU contention, 3281 * so it might be changed in the future. 3282 */ 3283 atomic_add(nr_bytes, &old->nr_charged_bytes); 3284 stock->nr_bytes = 0; 3285 } 3286 3287 /* 3288 * Flush the vmstat data in current stock 3289 */ 3290 if (stock->nr_slab_reclaimable_b || stock->nr_slab_unreclaimable_b) { 3291 if (stock->nr_slab_reclaimable_b) { 3292 mod_objcg_mlstate(old, stock->cached_pgdat, 3293 NR_SLAB_RECLAIMABLE_B, 3294 stock->nr_slab_reclaimable_b); 3295 stock->nr_slab_reclaimable_b = 0; 3296 } 3297 if (stock->nr_slab_unreclaimable_b) { 3298 mod_objcg_mlstate(old, stock->cached_pgdat, 3299 NR_SLAB_UNRECLAIMABLE_B, 3300 stock->nr_slab_unreclaimable_b); 3301 stock->nr_slab_unreclaimable_b = 0; 3302 } 3303 stock->cached_pgdat = NULL; 3304 } 3305 3306 WRITE_ONCE(stock->cached_objcg, NULL); 3307 /* 3308 * The `old' objects needs to be released by the caller via 3309 * obj_cgroup_put() outside of memcg_stock_pcp::stock_lock. 3310 */ 3311 return old; 3312} 3313 3314static bool obj_stock_flush_required(struct memcg_stock_pcp *stock, 3315 struct mem_cgroup *root_memcg) 3316{ 3317 struct obj_cgroup *objcg = READ_ONCE(stock->cached_objcg); 3318 struct mem_cgroup *memcg; 3319 3320 if (objcg) { 3321 memcg = obj_cgroup_memcg(objcg); 3322 if (memcg && mem_cgroup_is_descendant(memcg, root_memcg)) 3323 return true; 3324 } 3325 3326 return false; 3327} 3328 3329static void refill_obj_stock(struct obj_cgroup *objcg, unsigned int nr_bytes, 3330 bool allow_uncharge) 3331{ 3332 struct memcg_stock_pcp *stock; 3333 struct obj_cgroup *old = NULL; 3334 unsigned long flags; 3335 unsigned int nr_pages = 0; 3336 3337 local_lock_irqsave(&memcg_stock.stock_lock, flags); 3338 3339 stock = this_cpu_ptr(&memcg_stock); 3340 if (READ_ONCE(stock->cached_objcg) != objcg) { /* reset if necessary */ 3341 old = drain_obj_stock(stock); 3342 obj_cgroup_get(objcg); 3343 WRITE_ONCE(stock->cached_objcg, objcg); 3344 stock->nr_bytes = atomic_read(&objcg->nr_charged_bytes) 3345 ? atomic_xchg(&objcg->nr_charged_bytes, 0) : 0; 3346 allow_uncharge = true; /* Allow uncharge when objcg changes */ 3347 } 3348 stock->nr_bytes += nr_bytes; 3349 3350 if (allow_uncharge && (stock->nr_bytes > PAGE_SIZE)) { 3351 nr_pages = stock->nr_bytes >> PAGE_SHIFT; 3352 stock->nr_bytes &= (PAGE_SIZE - 1); 3353 } 3354 3355 local_unlock_irqrestore(&memcg_stock.stock_lock, flags); 3356 if (old) 3357 obj_cgroup_put(old); 3358 3359 if (nr_pages) 3360 obj_cgroup_uncharge_pages(objcg, nr_pages); 3361} 3362 3363int obj_cgroup_charge(struct obj_cgroup *objcg, gfp_t gfp, size_t size) 3364{ 3365 unsigned int nr_pages, nr_bytes; 3366 int ret; 3367 3368 if (consume_obj_stock(objcg, size)) 3369 return 0; 3370 3371 /* 3372 * In theory, objcg->nr_charged_bytes can have enough 3373 * pre-charged bytes to satisfy the allocation. However, 3374 * flushing objcg->nr_charged_bytes requires two atomic 3375 * operations, and objcg->nr_charged_bytes can't be big. 3376 * The shared objcg->nr_charged_bytes can also become a 3377 * performance bottleneck if all tasks of the same memcg are 3378 * trying to update it. So it's better to ignore it and try 3379 * grab some new pages. The stock's nr_bytes will be flushed to 3380 * objcg->nr_charged_bytes later on when objcg changes. 3381 * 3382 * The stock's nr_bytes may contain enough pre-charged bytes 3383 * to allow one less page from being charged, but we can't rely 3384 * on the pre-charged bytes not being changed outside of 3385 * consume_obj_stock() or refill_obj_stock(). So ignore those 3386 * pre-charged bytes as well when charging pages. To avoid a 3387 * page uncharge right after a page charge, we set the 3388 * allow_uncharge flag to false when calling refill_obj_stock() 3389 * to temporarily allow the pre-charged bytes to exceed the page 3390 * size limit. The maximum reachable value of the pre-charged 3391 * bytes is (sizeof(object) + PAGE_SIZE - 2) if there is no data 3392 * race. 3393 */ 3394 nr_pages = size >> PAGE_SHIFT; 3395 nr_bytes = size & (PAGE_SIZE - 1); 3396 3397 if (nr_bytes) 3398 nr_pages += 1; 3399 3400 ret = obj_cgroup_charge_pages(objcg, gfp, nr_pages); 3401 if (!ret && nr_bytes) 3402 refill_obj_stock(objcg, PAGE_SIZE - nr_bytes, false); 3403 3404 return ret; 3405} 3406 3407void obj_cgroup_uncharge(struct obj_cgroup *objcg, size_t size) 3408{ 3409 refill_obj_stock(objcg, size, true); 3410} 3411 3412#endif /* CONFIG_MEMCG_KMEM */ 3413 3414/* 3415 * Because page_memcg(head) is not set on tails, set it now. 3416 */ 3417void split_page_memcg(struct page *head, unsigned int nr) 3418{ 3419 struct folio *folio = page_folio(head); 3420 struct mem_cgroup *memcg = folio_memcg(folio); 3421 int i; 3422 3423 if (mem_cgroup_disabled() || !memcg) 3424 return; 3425 3426 for (i = 1; i < nr; i++) 3427 folio_page(folio, i)->memcg_data = folio->memcg_data; 3428 3429 if (folio_memcg_kmem(folio)) 3430 obj_cgroup_get_many(__folio_objcg(folio), nr - 1); 3431 else 3432 css_get_many(&memcg->css, nr - 1); 3433} 3434 3435#ifdef CONFIG_SWAP 3436/** 3437 * mem_cgroup_move_swap_account - move swap charge and swap_cgroup's record. 3438 * @entry: swap entry to be moved 3439 * @from: mem_cgroup which the entry is moved from 3440 * @to: mem_cgroup which the entry is moved to 3441 * 3442 * It succeeds only when the swap_cgroup's record for this entry is the same 3443 * as the mem_cgroup's id of @from. 3444 * 3445 * Returns 0 on success, -EINVAL on failure. 3446 * 3447 * The caller must have charged to @to, IOW, called page_counter_charge() about 3448 * both res and memsw, and called css_get(). 3449 */ 3450static int mem_cgroup_move_swap_account(swp_entry_t entry, 3451 struct mem_cgroup *from, struct mem_cgroup *to) 3452{ 3453 unsigned short old_id, new_id; 3454 3455 old_id = mem_cgroup_id(from); 3456 new_id = mem_cgroup_id(to); 3457 3458 if (swap_cgroup_cmpxchg(entry, old_id, new_id) == old_id) { 3459 mod_memcg_state(from, MEMCG_SWAP, -1); 3460 mod_memcg_state(to, MEMCG_SWAP, 1); 3461 return 0; 3462 } 3463 return -EINVAL; 3464} 3465#else 3466static inline int mem_cgroup_move_swap_account(swp_entry_t entry, 3467 struct mem_cgroup *from, struct mem_cgroup *to) 3468{ 3469 return -EINVAL; 3470} 3471#endif 3472 3473static DEFINE_MUTEX(memcg_max_mutex); 3474 3475static int mem_cgroup_resize_max(struct mem_cgroup *memcg, 3476 unsigned long max, bool memsw) 3477{ 3478 bool enlarge = false; 3479 bool drained = false; 3480 int ret; 3481 bool limits_invariant; 3482 struct page_counter *counter = memsw ? &memcg->memsw : &memcg->memory; 3483 3484 do { 3485 if (signal_pending(current)) { 3486 ret = -EINTR; 3487 break; 3488 } 3489 3490 mutex_lock(&memcg_max_mutex); 3491 /* 3492 * Make sure that the new limit (memsw or memory limit) doesn't 3493 * break our basic invariant rule memory.max <= memsw.max. 3494 */ 3495 limits_invariant = memsw ? max >= READ_ONCE(memcg->memory.max) : 3496 max <= memcg->memsw.max; 3497 if (!limits_invariant) { 3498 mutex_unlock(&memcg_max_mutex); 3499 ret = -EINVAL; 3500 break; 3501 } 3502 if (max > counter->max) 3503 enlarge = true; 3504 ret = page_counter_set_max(counter, max); 3505 mutex_unlock(&memcg_max_mutex); 3506 3507 if (!ret) 3508 break; 3509 3510 if (!drained) { 3511 drain_all_stock(memcg); 3512 drained = true; 3513 continue; 3514 } 3515 3516 if (!try_to_free_mem_cgroup_pages(memcg, 1, GFP_KERNEL, 3517 memsw ? 0 : MEMCG_RECLAIM_MAY_SWAP)) { 3518 ret = -EBUSY; 3519 break; 3520 } 3521 } while (true); 3522 3523 if (!ret && enlarge) 3524 memcg_oom_recover(memcg); 3525 3526 return ret; 3527} 3528 3529unsigned long mem_cgroup_soft_limit_reclaim(pg_data_t *pgdat, int order, 3530 gfp_t gfp_mask, 3531 unsigned long *total_scanned) 3532{ 3533 unsigned long nr_reclaimed = 0; 3534 struct mem_cgroup_per_node *mz, *next_mz = NULL; 3535 unsigned long reclaimed; 3536 int loop = 0; 3537 struct mem_cgroup_tree_per_node *mctz; 3538 unsigned long excess; 3539 3540 if (lru_gen_enabled()) 3541 return 0; 3542 3543 if (order > 0) 3544 return 0; 3545 3546 mctz = soft_limit_tree.rb_tree_per_node[pgdat->node_id]; 3547 3548 /* 3549 * Do not even bother to check the largest node if the root 3550 * is empty. Do it lockless to prevent lock bouncing. Races 3551 * are acceptable as soft limit is best effort anyway. 3552 */ 3553 if (!mctz || RB_EMPTY_ROOT(&mctz->rb_root)) 3554 return 0; 3555 3556 /* 3557 * This loop can run a while, specially if mem_cgroup's continuously 3558 * keep exceeding their soft limit and putting the system under 3559 * pressure 3560 */ 3561 do { 3562 if (next_mz) 3563 mz = next_mz; 3564 else 3565 mz = mem_cgroup_largest_soft_limit_node(mctz); 3566 if (!mz) 3567 break; 3568 3569 reclaimed = mem_cgroup_soft_reclaim(mz->memcg, pgdat, 3570 gfp_mask, total_scanned); 3571 nr_reclaimed += reclaimed; 3572 spin_lock_irq(&mctz->lock); 3573 3574 /* 3575 * If we failed to reclaim anything from this memory cgroup 3576 * it is time to move on to the next cgroup 3577 */ 3578 next_mz = NULL; 3579 if (!reclaimed) 3580 next_mz = __mem_cgroup_largest_soft_limit_node(mctz); 3581 3582 excess = soft_limit_excess(mz->memcg); 3583 /* 3584 * One school of thought says that we should not add 3585 * back the node to the tree if reclaim returns 0. 3586 * But our reclaim could return 0, simply because due 3587 * to priority we are exposing a smaller subset of 3588 * memory to reclaim from. Consider this as a longer 3589 * term TODO. 3590 */ 3591 /* If excess == 0, no tree ops */ 3592 __mem_cgroup_insert_exceeded(mz, mctz, excess); 3593 spin_unlock_irq(&mctz->lock); 3594 css_put(&mz->memcg->css); 3595 loop++; 3596 /* 3597 * Could not reclaim anything and there are no more 3598 * mem cgroups to try or we seem to be looping without 3599 * reclaiming anything. 3600 */ 3601 if (!nr_reclaimed && 3602 (next_mz == NULL || 3603 loop > MEM_CGROUP_MAX_SOFT_LIMIT_RECLAIM_LOOPS)) 3604 break; 3605 } while (!nr_reclaimed); 3606 if (next_mz) 3607 css_put(&next_mz->memcg->css); 3608 return nr_reclaimed; 3609} 3610 3611/* 3612 * Reclaims as many pages from the given memcg as possible. 3613 * 3614 * Caller is responsible for holding css reference for memcg. 3615 */ 3616static int mem_cgroup_force_empty(struct mem_cgroup *memcg) 3617{ 3618 int nr_retries = MAX_RECLAIM_RETRIES; 3619 3620 /* we call try-to-free pages for make this cgroup empty */ 3621 lru_add_drain_all(); 3622 3623 drain_all_stock(memcg); 3624 3625 /* try to free all pages in this cgroup */ 3626 while (nr_retries && page_counter_read(&memcg->memory)) { 3627 if (signal_pending(current)) 3628 return -EINTR; 3629 3630 if (!try_to_free_mem_cgroup_pages(memcg, 1, GFP_KERNEL, 3631 MEMCG_RECLAIM_MAY_SWAP)) 3632 nr_retries--; 3633 } 3634 3635 return 0; 3636} 3637 3638static ssize_t mem_cgroup_force_empty_write(struct kernfs_open_file *of, 3639 char *buf, size_t nbytes, 3640 loff_t off) 3641{ 3642 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 3643 3644 if (mem_cgroup_is_root(memcg)) 3645 return -EINVAL; 3646 return mem_cgroup_force_empty(memcg) ?: nbytes; 3647} 3648 3649static u64 mem_cgroup_hierarchy_read(struct cgroup_subsys_state *css, 3650 struct cftype *cft) 3651{ 3652 return 1; 3653} 3654 3655static int mem_cgroup_hierarchy_write(struct cgroup_subsys_state *css, 3656 struct cftype *cft, u64 val) 3657{ 3658 if (val == 1) 3659 return 0; 3660 3661 pr_warn_once("Non-hierarchical mode is deprecated. " 3662 "Please report your usecase to linux-mm@kvack.org if you " 3663 "depend on this functionality.\n"); 3664 3665 return -EINVAL; 3666} 3667 3668static unsigned long mem_cgroup_usage(struct mem_cgroup *memcg, bool swap) 3669{ 3670 unsigned long val; 3671 3672 if (mem_cgroup_is_root(memcg)) { 3673 /* 3674 * Approximate root's usage from global state. This isn't 3675 * perfect, but the root usage was always an approximation. 3676 */ 3677 val = global_node_page_state(NR_FILE_PAGES) + 3678 global_node_page_state(NR_ANON_MAPPED); 3679 if (swap) 3680 val += total_swap_pages - get_nr_swap_pages(); 3681 } else { 3682 if (!swap) 3683 val = page_counter_read(&memcg->memory); 3684 else 3685 val = page_counter_read(&memcg->memsw); 3686 } 3687 return val; 3688} 3689 3690enum { 3691 RES_USAGE, 3692 RES_LIMIT, 3693 RES_MAX_USAGE, 3694 RES_FAILCNT, 3695 RES_SOFT_LIMIT, 3696}; 3697 3698static u64 mem_cgroup_read_u64(struct cgroup_subsys_state *css, 3699 struct cftype *cft) 3700{ 3701 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 3702 struct page_counter *counter; 3703 3704 switch (MEMFILE_TYPE(cft->private)) { 3705 case _MEM: 3706 counter = &memcg->memory; 3707 break; 3708 case _MEMSWAP: 3709 counter = &memcg->memsw; 3710 break; 3711 case _KMEM: 3712 counter = &memcg->kmem; 3713 break; 3714 case _TCP: 3715 counter = &memcg->tcpmem; 3716 break; 3717 default: 3718 BUG(); 3719 } 3720 3721 switch (MEMFILE_ATTR(cft->private)) { 3722 case RES_USAGE: 3723 if (counter == &memcg->memory) 3724 return (u64)mem_cgroup_usage(memcg, false) * PAGE_SIZE; 3725 if (counter == &memcg->memsw) 3726 return (u64)mem_cgroup_usage(memcg, true) * PAGE_SIZE; 3727 return (u64)page_counter_read(counter) * PAGE_SIZE; 3728 case RES_LIMIT: 3729 return (u64)counter->max * PAGE_SIZE; 3730 case RES_MAX_USAGE: 3731 return (u64)counter->watermark * PAGE_SIZE; 3732 case RES_FAILCNT: 3733 return counter->failcnt; 3734 case RES_SOFT_LIMIT: 3735 return (u64)READ_ONCE(memcg->soft_limit) * PAGE_SIZE; 3736 default: 3737 BUG(); 3738 } 3739} 3740 3741/* 3742 * This function doesn't do anything useful. Its only job is to provide a read 3743 * handler for a file so that cgroup_file_mode() will add read permissions. 3744 */ 3745static int mem_cgroup_dummy_seq_show(__always_unused struct seq_file *m, 3746 __always_unused void *v) 3747{ 3748 return -EINVAL; 3749} 3750 3751#ifdef CONFIG_MEMCG_KMEM 3752static int memcg_online_kmem(struct mem_cgroup *memcg) 3753{ 3754 struct obj_cgroup *objcg; 3755 3756 if (mem_cgroup_kmem_disabled()) 3757 return 0; 3758 3759 if (unlikely(mem_cgroup_is_root(memcg))) 3760 return 0; 3761 3762 objcg = obj_cgroup_alloc(); 3763 if (!objcg) 3764 return -ENOMEM; 3765 3766 objcg->memcg = memcg; 3767 rcu_assign_pointer(memcg->objcg, objcg); 3768 3769 static_branch_enable(&memcg_kmem_online_key); 3770 3771 memcg->kmemcg_id = memcg->id.id; 3772 3773 return 0; 3774} 3775 3776static void memcg_offline_kmem(struct mem_cgroup *memcg) 3777{ 3778 struct mem_cgroup *parent; 3779 3780 if (mem_cgroup_kmem_disabled()) 3781 return; 3782 3783 if (unlikely(mem_cgroup_is_root(memcg))) 3784 return; 3785 3786 parent = parent_mem_cgroup(memcg); 3787 if (!parent) 3788 parent = root_mem_cgroup; 3789 3790 memcg_reparent_objcgs(memcg, parent); 3791 3792 /* 3793 * After we have finished memcg_reparent_objcgs(), all list_lrus 3794 * corresponding to this cgroup are guaranteed to remain empty. 3795 * The ordering is imposed by list_lru_node->lock taken by 3796 * memcg_reparent_list_lrus(). 3797 */ 3798 memcg_reparent_list_lrus(memcg, parent); 3799} 3800#else 3801static int memcg_online_kmem(struct mem_cgroup *memcg) 3802{ 3803 return 0; 3804} 3805static void memcg_offline_kmem(struct mem_cgroup *memcg) 3806{ 3807} 3808#endif /* CONFIG_MEMCG_KMEM */ 3809 3810static int memcg_update_tcp_max(struct mem_cgroup *memcg, unsigned long max) 3811{ 3812 int ret; 3813 3814 mutex_lock(&memcg_max_mutex); 3815 3816 ret = page_counter_set_max(&memcg->tcpmem, max); 3817 if (ret) 3818 goto out; 3819 3820 if (!memcg->tcpmem_active) { 3821 /* 3822 * The active flag needs to be written after the static_key 3823 * update. This is what guarantees that the socket activation 3824 * function is the last one to run. See mem_cgroup_sk_alloc() 3825 * for details, and note that we don't mark any socket as 3826 * belonging to this memcg until that flag is up. 3827 * 3828 * We need to do this, because static_keys will span multiple 3829 * sites, but we can't control their order. If we mark a socket 3830 * as accounted, but the accounting functions are not patched in 3831 * yet, we'll lose accounting. 3832 * 3833 * We never race with the readers in mem_cgroup_sk_alloc(), 3834 * because when this value change, the code to process it is not 3835 * patched in yet. 3836 */ 3837 static_branch_inc(&memcg_sockets_enabled_key); 3838 memcg->tcpmem_active = true; 3839 } 3840out: 3841 mutex_unlock(&memcg_max_mutex); 3842 return ret; 3843} 3844 3845/* 3846 * The user of this function is... 3847 * RES_LIMIT. 3848 */ 3849static ssize_t mem_cgroup_write(struct kernfs_open_file *of, 3850 char *buf, size_t nbytes, loff_t off) 3851{ 3852 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 3853 unsigned long nr_pages; 3854 int ret; 3855 3856 buf = strstrip(buf); 3857 ret = page_counter_memparse(buf, "-1", &nr_pages); 3858 if (ret) 3859 return ret; 3860 3861 switch (MEMFILE_ATTR(of_cft(of)->private)) { 3862 case RES_LIMIT: 3863 if (mem_cgroup_is_root(memcg)) { /* Can't set limit on root */ 3864 ret = -EINVAL; 3865 break; 3866 } 3867 switch (MEMFILE_TYPE(of_cft(of)->private)) { 3868 case _MEM: 3869 ret = mem_cgroup_resize_max(memcg, nr_pages, false); 3870 break; 3871 case _MEMSWAP: 3872 ret = mem_cgroup_resize_max(memcg, nr_pages, true); 3873 break; 3874 case _KMEM: 3875 /* kmem.limit_in_bytes is deprecated. */ 3876 ret = -EOPNOTSUPP; 3877 break; 3878 case _TCP: 3879 ret = memcg_update_tcp_max(memcg, nr_pages); 3880 break; 3881 } 3882 break; 3883 case RES_SOFT_LIMIT: 3884 if (IS_ENABLED(CONFIG_PREEMPT_RT)) { 3885 ret = -EOPNOTSUPP; 3886 } else { 3887 WRITE_ONCE(memcg->soft_limit, nr_pages); 3888 ret = 0; 3889 } 3890 break; 3891 } 3892 return ret ?: nbytes; 3893} 3894 3895static ssize_t mem_cgroup_reset(struct kernfs_open_file *of, char *buf, 3896 size_t nbytes, loff_t off) 3897{ 3898 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 3899 struct page_counter *counter; 3900 3901 switch (MEMFILE_TYPE(of_cft(of)->private)) { 3902 case _MEM: 3903 counter = &memcg->memory; 3904 break; 3905 case _MEMSWAP: 3906 counter = &memcg->memsw; 3907 break; 3908 case _KMEM: 3909 counter = &memcg->kmem; 3910 break; 3911 case _TCP: 3912 counter = &memcg->tcpmem; 3913 break; 3914 default: 3915 BUG(); 3916 } 3917 3918 switch (MEMFILE_ATTR(of_cft(of)->private)) { 3919 case RES_MAX_USAGE: 3920 page_counter_reset_watermark(counter); 3921 break; 3922 case RES_FAILCNT: 3923 counter->failcnt = 0; 3924 break; 3925 default: 3926 BUG(); 3927 } 3928 3929 return nbytes; 3930} 3931 3932static u64 mem_cgroup_move_charge_read(struct cgroup_subsys_state *css, 3933 struct cftype *cft) 3934{ 3935 return mem_cgroup_from_css(css)->move_charge_at_immigrate; 3936} 3937 3938#ifdef CONFIG_MMU 3939static int mem_cgroup_move_charge_write(struct cgroup_subsys_state *css, 3940 struct cftype *cft, u64 val) 3941{ 3942 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 3943 3944 pr_warn_once("Cgroup memory moving (move_charge_at_immigrate) is deprecated. " 3945 "Please report your usecase to linux-mm@kvack.org if you " 3946 "depend on this functionality.\n"); 3947 3948 if (val & ~MOVE_MASK) 3949 return -EINVAL; 3950 3951 /* 3952 * No kind of locking is needed in here, because ->can_attach() will 3953 * check this value once in the beginning of the process, and then carry 3954 * on with stale data. This means that changes to this value will only 3955 * affect task migrations starting after the change. 3956 */ 3957 memcg->move_charge_at_immigrate = val; 3958 return 0; 3959} 3960#else 3961static int mem_cgroup_move_charge_write(struct cgroup_subsys_state *css, 3962 struct cftype *cft, u64 val) 3963{ 3964 return -ENOSYS; 3965} 3966#endif 3967 3968#ifdef CONFIG_NUMA 3969 3970#define LRU_ALL_FILE (BIT(LRU_INACTIVE_FILE) | BIT(LRU_ACTIVE_FILE)) 3971#define LRU_ALL_ANON (BIT(LRU_INACTIVE_ANON) | BIT(LRU_ACTIVE_ANON)) 3972#define LRU_ALL ((1 << NR_LRU_LISTS) - 1) 3973 3974static unsigned long mem_cgroup_node_nr_lru_pages(struct mem_cgroup *memcg, 3975 int nid, unsigned int lru_mask, bool tree) 3976{ 3977 struct lruvec *lruvec = mem_cgroup_lruvec(memcg, NODE_DATA(nid)); 3978 unsigned long nr = 0; 3979 enum lru_list lru; 3980 3981 VM_BUG_ON((unsigned)nid >= nr_node_ids); 3982 3983 for_each_lru(lru) { 3984 if (!(BIT(lru) & lru_mask)) 3985 continue; 3986 if (tree) 3987 nr += lruvec_page_state(lruvec, NR_LRU_BASE + lru); 3988 else 3989 nr += lruvec_page_state_local(lruvec, NR_LRU_BASE + lru); 3990 } 3991 return nr; 3992} 3993 3994static unsigned long mem_cgroup_nr_lru_pages(struct mem_cgroup *memcg, 3995 unsigned int lru_mask, 3996 bool tree) 3997{ 3998 unsigned long nr = 0; 3999 enum lru_list lru; 4000 4001 for_each_lru(lru) { 4002 if (!(BIT(lru) & lru_mask)) 4003 continue; 4004 if (tree) 4005 nr += memcg_page_state(memcg, NR_LRU_BASE + lru); 4006 else 4007 nr += memcg_page_state_local(memcg, NR_LRU_BASE + lru); 4008 } 4009 return nr; 4010} 4011 4012static int memcg_numa_stat_show(struct seq_file *m, void *v) 4013{ 4014 struct numa_stat { 4015 const char *name; 4016 unsigned int lru_mask; 4017 }; 4018 4019 static const struct numa_stat stats[] = { 4020 { "total", LRU_ALL }, 4021 { "file", LRU_ALL_FILE }, 4022 { "anon", LRU_ALL_ANON }, 4023 { "unevictable", BIT(LRU_UNEVICTABLE) }, 4024 }; 4025 const struct numa_stat *stat; 4026 int nid; 4027 struct mem_cgroup *memcg = mem_cgroup_from_seq(m); 4028 4029 mem_cgroup_flush_stats(); 4030 4031 for (stat = stats; stat < stats + ARRAY_SIZE(stats); stat++) { 4032 seq_printf(m, "%s=%lu", stat->name, 4033 mem_cgroup_nr_lru_pages(memcg, stat->lru_mask, 4034 false)); 4035 for_each_node_state(nid, N_MEMORY) 4036 seq_printf(m, " N%d=%lu", nid, 4037 mem_cgroup_node_nr_lru_pages(memcg, nid, 4038 stat->lru_mask, false)); 4039 seq_putc(m, '\n'); 4040 } 4041 4042 for (stat = stats; stat < stats + ARRAY_SIZE(stats); stat++) { 4043 4044 seq_printf(m, "hierarchical_%s=%lu", stat->name, 4045 mem_cgroup_nr_lru_pages(memcg, stat->lru_mask, 4046 true)); 4047 for_each_node_state(nid, N_MEMORY) 4048 seq_printf(m, " N%d=%lu", nid, 4049 mem_cgroup_node_nr_lru_pages(memcg, nid, 4050 stat->lru_mask, true)); 4051 seq_putc(m, '\n'); 4052 } 4053 4054 return 0; 4055} 4056#endif /* CONFIG_NUMA */ 4057 4058static const unsigned int memcg1_stats[] = { 4059 NR_FILE_PAGES, 4060 NR_ANON_MAPPED, 4061#ifdef CONFIG_TRANSPARENT_HUGEPAGE 4062 NR_ANON_THPS, 4063#endif 4064 NR_SHMEM, 4065 NR_FILE_MAPPED, 4066 NR_FILE_DIRTY, 4067 NR_WRITEBACK, 4068 WORKINGSET_REFAULT_ANON, 4069 WORKINGSET_REFAULT_FILE, 4070 MEMCG_SWAP, 4071}; 4072 4073static const char *const memcg1_stat_names[] = { 4074 "cache", 4075 "rss", 4076#ifdef CONFIG_TRANSPARENT_HUGEPAGE 4077 "rss_huge", 4078#endif 4079 "shmem", 4080 "mapped_file", 4081 "dirty", 4082 "writeback", 4083 "workingset_refault_anon", 4084 "workingset_refault_file", 4085 "swap", 4086}; 4087 4088/* Universal VM events cgroup1 shows, original sort order */ 4089static const unsigned int memcg1_events[] = { 4090 PGPGIN, 4091 PGPGOUT, 4092 PGFAULT, 4093 PGMAJFAULT, 4094}; 4095 4096static void memcg1_stat_format(struct mem_cgroup *memcg, struct seq_buf *s) 4097{ 4098 unsigned long memory, memsw; 4099 struct mem_cgroup *mi; 4100 unsigned int i; 4101 4102 BUILD_BUG_ON(ARRAY_SIZE(memcg1_stat_names) != ARRAY_SIZE(memcg1_stats)); 4103 4104 mem_cgroup_flush_stats(); 4105 4106 for (i = 0; i < ARRAY_SIZE(memcg1_stats); i++) { 4107 unsigned long nr; 4108 4109 if (memcg1_stats[i] == MEMCG_SWAP && !do_memsw_account()) 4110 continue; 4111 nr = memcg_page_state_local(memcg, memcg1_stats[i]); 4112 seq_buf_printf(s, "%s %lu\n", memcg1_stat_names[i], 4113 nr * memcg_page_state_unit(memcg1_stats[i])); 4114 } 4115 4116 for (i = 0; i < ARRAY_SIZE(memcg1_events); i++) 4117 seq_buf_printf(s, "%s %lu\n", vm_event_name(memcg1_events[i]), 4118 memcg_events_local(memcg, memcg1_events[i])); 4119 4120 for (i = 0; i < NR_LRU_LISTS; i++) 4121 seq_buf_printf(s, "%s %lu\n", lru_list_name(i), 4122 memcg_page_state_local(memcg, NR_LRU_BASE + i) * 4123 PAGE_SIZE); 4124 4125 /* Hierarchical information */ 4126 memory = memsw = PAGE_COUNTER_MAX; 4127 for (mi = memcg; mi; mi = parent_mem_cgroup(mi)) { 4128 memory = min(memory, READ_ONCE(mi->memory.max)); 4129 memsw = min(memsw, READ_ONCE(mi->memsw.max)); 4130 } 4131 seq_buf_printf(s, "hierarchical_memory_limit %llu\n", 4132 (u64)memory * PAGE_SIZE); 4133 if (do_memsw_account()) 4134 seq_buf_printf(s, "hierarchical_memsw_limit %llu\n", 4135 (u64)memsw * PAGE_SIZE); 4136 4137 for (i = 0; i < ARRAY_SIZE(memcg1_stats); i++) { 4138 unsigned long nr; 4139 4140 if (memcg1_stats[i] == MEMCG_SWAP && !do_memsw_account()) 4141 continue; 4142 nr = memcg_page_state(memcg, memcg1_stats[i]); 4143 seq_buf_printf(s, "total_%s %llu\n", memcg1_stat_names[i], 4144 (u64)nr * memcg_page_state_unit(memcg1_stats[i])); 4145 } 4146 4147 for (i = 0; i < ARRAY_SIZE(memcg1_events); i++) 4148 seq_buf_printf(s, "total_%s %llu\n", 4149 vm_event_name(memcg1_events[i]), 4150 (u64)memcg_events(memcg, memcg1_events[i])); 4151 4152 for (i = 0; i < NR_LRU_LISTS; i++) 4153 seq_buf_printf(s, "total_%s %llu\n", lru_list_name(i), 4154 (u64)memcg_page_state(memcg, NR_LRU_BASE + i) * 4155 PAGE_SIZE); 4156 4157#ifdef CONFIG_DEBUG_VM 4158 { 4159 pg_data_t *pgdat; 4160 struct mem_cgroup_per_node *mz; 4161 unsigned long anon_cost = 0; 4162 unsigned long file_cost = 0; 4163 4164 for_each_online_pgdat(pgdat) { 4165 mz = memcg->nodeinfo[pgdat->node_id]; 4166 4167 anon_cost += mz->lruvec.anon_cost; 4168 file_cost += mz->lruvec.file_cost; 4169 } 4170 seq_buf_printf(s, "anon_cost %lu\n", anon_cost); 4171 seq_buf_printf(s, "file_cost %lu\n", file_cost); 4172 } 4173#endif 4174} 4175 4176static u64 mem_cgroup_swappiness_read(struct cgroup_subsys_state *css, 4177 struct cftype *cft) 4178{ 4179 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 4180 4181 return mem_cgroup_swappiness(memcg); 4182} 4183 4184static int mem_cgroup_swappiness_write(struct cgroup_subsys_state *css, 4185 struct cftype *cft, u64 val) 4186{ 4187 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 4188 4189 if (val > 200) 4190 return -EINVAL; 4191 4192 if (!mem_cgroup_is_root(memcg)) 4193 WRITE_ONCE(memcg->swappiness, val); 4194 else 4195 WRITE_ONCE(vm_swappiness, val); 4196 4197 return 0; 4198} 4199 4200static void __mem_cgroup_threshold(struct mem_cgroup *memcg, bool swap) 4201{ 4202 struct mem_cgroup_threshold_ary *t; 4203 unsigned long usage; 4204 int i; 4205 4206 rcu_read_lock(); 4207 if (!swap) 4208 t = rcu_dereference(memcg->thresholds.primary); 4209 else 4210 t = rcu_dereference(memcg->memsw_thresholds.primary); 4211 4212 if (!t) 4213 goto unlock; 4214 4215 usage = mem_cgroup_usage(memcg, swap); 4216 4217 /* 4218 * current_threshold points to threshold just below or equal to usage. 4219 * If it's not true, a threshold was crossed after last 4220 * call of __mem_cgroup_threshold(). 4221 */ 4222 i = t->current_threshold; 4223 4224 /* 4225 * Iterate backward over array of thresholds starting from 4226 * current_threshold and check if a threshold is crossed. 4227 * If none of thresholds below usage is crossed, we read 4228 * only one element of the array here. 4229 */ 4230 for (; i >= 0 && unlikely(t->entries[i].threshold > usage); i--) 4231 eventfd_signal(t->entries[i].eventfd, 1); 4232 4233 /* i = current_threshold + 1 */ 4234 i++; 4235 4236 /* 4237 * Iterate forward over array of thresholds starting from 4238 * current_threshold+1 and check if a threshold is crossed. 4239 * If none of thresholds above usage is crossed, we read 4240 * only one element of the array here. 4241 */ 4242 for (; i < t->size && unlikely(t->entries[i].threshold <= usage); i++) 4243 eventfd_signal(t->entries[i].eventfd, 1); 4244 4245 /* Update current_threshold */ 4246 t->current_threshold = i - 1; 4247unlock: 4248 rcu_read_unlock(); 4249} 4250 4251static void mem_cgroup_threshold(struct mem_cgroup *memcg) 4252{ 4253 while (memcg) { 4254 __mem_cgroup_threshold(memcg, false); 4255 if (do_memsw_account()) 4256 __mem_cgroup_threshold(memcg, true); 4257 4258 memcg = parent_mem_cgroup(memcg); 4259 } 4260} 4261 4262static int compare_thresholds(const void *a, const void *b) 4263{ 4264 const struct mem_cgroup_threshold *_a = a; 4265 const struct mem_cgroup_threshold *_b = b; 4266 4267 if (_a->threshold > _b->threshold) 4268 return 1; 4269 4270 if (_a->threshold < _b->threshold) 4271 return -1; 4272 4273 return 0; 4274} 4275 4276static int mem_cgroup_oom_notify_cb(struct mem_cgroup *memcg) 4277{ 4278 struct mem_cgroup_eventfd_list *ev; 4279 4280 spin_lock(&memcg_oom_lock); 4281 4282 list_for_each_entry(ev, &memcg->oom_notify, list) 4283 eventfd_signal(ev->eventfd, 1); 4284 4285 spin_unlock(&memcg_oom_lock); 4286 return 0; 4287} 4288 4289static void mem_cgroup_oom_notify(struct mem_cgroup *memcg) 4290{ 4291 struct mem_cgroup *iter; 4292 4293 for_each_mem_cgroup_tree(iter, memcg) 4294 mem_cgroup_oom_notify_cb(iter); 4295} 4296 4297static int __mem_cgroup_usage_register_event(struct mem_cgroup *memcg, 4298 struct eventfd_ctx *eventfd, const char *args, enum res_type type) 4299{ 4300 struct mem_cgroup_thresholds *thresholds; 4301 struct mem_cgroup_threshold_ary *new; 4302 unsigned long threshold; 4303 unsigned long usage; 4304 int i, size, ret; 4305 4306 ret = page_counter_memparse(args, "-1", &threshold); 4307 if (ret) 4308 return ret; 4309 4310 mutex_lock(&memcg->thresholds_lock); 4311 4312 if (type == _MEM) { 4313 thresholds = &memcg->thresholds; 4314 usage = mem_cgroup_usage(memcg, false); 4315 } else if (type == _MEMSWAP) { 4316 thresholds = &memcg->memsw_thresholds; 4317 usage = mem_cgroup_usage(memcg, true); 4318 } else 4319 BUG(); 4320 4321 /* Check if a threshold crossed before adding a new one */ 4322 if (thresholds->primary) 4323 __mem_cgroup_threshold(memcg, type == _MEMSWAP); 4324 4325 size = thresholds->primary ? thresholds->primary->size + 1 : 1; 4326 4327 /* Allocate memory for new array of thresholds */ 4328 new = kmalloc(struct_size(new, entries, size), GFP_KERNEL); 4329 if (!new) { 4330 ret = -ENOMEM; 4331 goto unlock; 4332 } 4333 new->size = size; 4334 4335 /* Copy thresholds (if any) to new array */ 4336 if (thresholds->primary) 4337 memcpy(new->entries, thresholds->primary->entries, 4338 flex_array_size(new, entries, size - 1)); 4339 4340 /* Add new threshold */ 4341 new->entries[size - 1].eventfd = eventfd; 4342 new->entries[size - 1].threshold = threshold; 4343 4344 /* Sort thresholds. Registering of new threshold isn't time-critical */ 4345 sort(new->entries, size, sizeof(*new->entries), 4346 compare_thresholds, NULL); 4347 4348 /* Find current threshold */ 4349 new->current_threshold = -1; 4350 for (i = 0; i < size; i++) { 4351 if (new->entries[i].threshold <= usage) { 4352 /* 4353 * new->current_threshold will not be used until 4354 * rcu_assign_pointer(), so it's safe to increment 4355 * it here. 4356 */ 4357 ++new->current_threshold; 4358 } else 4359 break; 4360 } 4361 4362 /* Free old spare buffer and save old primary buffer as spare */ 4363 kfree(thresholds->spare); 4364 thresholds->spare = thresholds->primary; 4365 4366 rcu_assign_pointer(thresholds->primary, new); 4367 4368 /* To be sure that nobody uses thresholds */ 4369 synchronize_rcu(); 4370 4371unlock: 4372 mutex_unlock(&memcg->thresholds_lock); 4373 4374 return ret; 4375} 4376 4377static int mem_cgroup_usage_register_event(struct mem_cgroup *memcg, 4378 struct eventfd_ctx *eventfd, const char *args) 4379{ 4380 return __mem_cgroup_usage_register_event(memcg, eventfd, args, _MEM); 4381} 4382 4383static int memsw_cgroup_usage_register_event(struct mem_cgroup *memcg, 4384 struct eventfd_ctx *eventfd, const char *args) 4385{ 4386 return __mem_cgroup_usage_register_event(memcg, eventfd, args, _MEMSWAP); 4387} 4388 4389static void __mem_cgroup_usage_unregister_event(struct mem_cgroup *memcg, 4390 struct eventfd_ctx *eventfd, enum res_type type) 4391{ 4392 struct mem_cgroup_thresholds *thresholds; 4393 struct mem_cgroup_threshold_ary *new; 4394 unsigned long usage; 4395 int i, j, size, entries; 4396 4397 mutex_lock(&memcg->thresholds_lock); 4398 4399 if (type == _MEM) { 4400 thresholds = &memcg->thresholds; 4401 usage = mem_cgroup_usage(memcg, false); 4402 } else if (type == _MEMSWAP) { 4403 thresholds = &memcg->memsw_thresholds; 4404 usage = mem_cgroup_usage(memcg, true); 4405 } else 4406 BUG(); 4407 4408 if (!thresholds->primary) 4409 goto unlock; 4410 4411 /* Check if a threshold crossed before removing */ 4412 __mem_cgroup_threshold(memcg, type == _MEMSWAP); 4413 4414 /* Calculate new number of threshold */ 4415 size = entries = 0; 4416 for (i = 0; i < thresholds->primary->size; i++) { 4417 if (thresholds->primary->entries[i].eventfd != eventfd) 4418 size++; 4419 else 4420 entries++; 4421 } 4422 4423 new = thresholds->spare; 4424 4425 /* If no items related to eventfd have been cleared, nothing to do */ 4426 if (!entries) 4427 goto unlock; 4428 4429 /* Set thresholds array to NULL if we don't have thresholds */ 4430 if (!size) { 4431 kfree(new); 4432 new = NULL; 4433 goto swap_buffers; 4434 } 4435 4436 new->size = size; 4437 4438 /* Copy thresholds and find current threshold */ 4439 new->current_threshold = -1; 4440 for (i = 0, j = 0; i < thresholds->primary->size; i++) { 4441 if (thresholds->primary->entries[i].eventfd == eventfd) 4442 continue; 4443 4444 new->entries[j] = thresholds->primary->entries[i]; 4445 if (new->entries[j].threshold <= usage) { 4446 /* 4447 * new->current_threshold will not be used 4448 * until rcu_assign_pointer(), so it's safe to increment 4449 * it here. 4450 */ 4451 ++new->current_threshold; 4452 } 4453 j++; 4454 } 4455 4456swap_buffers: 4457 /* Swap primary and spare array */ 4458 thresholds->spare = thresholds->primary; 4459 4460 rcu_assign_pointer(thresholds->primary, new); 4461 4462 /* To be sure that nobody uses thresholds */ 4463 synchronize_rcu(); 4464 4465 /* If all events are unregistered, free the spare array */ 4466 if (!new) { 4467 kfree(thresholds->spare); 4468 thresholds->spare = NULL; 4469 } 4470unlock: 4471 mutex_unlock(&memcg->thresholds_lock); 4472} 4473 4474static void mem_cgroup_usage_unregister_event(struct mem_cgroup *memcg, 4475 struct eventfd_ctx *eventfd) 4476{ 4477 return __mem_cgroup_usage_unregister_event(memcg, eventfd, _MEM); 4478} 4479 4480static void memsw_cgroup_usage_unregister_event(struct mem_cgroup *memcg, 4481 struct eventfd_ctx *eventfd) 4482{ 4483 return __mem_cgroup_usage_unregister_event(memcg, eventfd, _MEMSWAP); 4484} 4485 4486static int mem_cgroup_oom_register_event(struct mem_cgroup *memcg, 4487 struct eventfd_ctx *eventfd, const char *args) 4488{ 4489 struct mem_cgroup_eventfd_list *event; 4490 4491 event = kmalloc(sizeof(*event), GFP_KERNEL); 4492 if (!event) 4493 return -ENOMEM; 4494 4495 spin_lock(&memcg_oom_lock); 4496 4497 event->eventfd = eventfd; 4498 list_add(&event->list, &memcg->oom_notify); 4499 4500 /* already in OOM ? */ 4501 if (memcg->under_oom) 4502 eventfd_signal(eventfd, 1); 4503 spin_unlock(&memcg_oom_lock); 4504 4505 return 0; 4506} 4507 4508static void mem_cgroup_oom_unregister_event(struct mem_cgroup *memcg, 4509 struct eventfd_ctx *eventfd) 4510{ 4511 struct mem_cgroup_eventfd_list *ev, *tmp; 4512 4513 spin_lock(&memcg_oom_lock); 4514 4515 list_for_each_entry_safe(ev, tmp, &memcg->oom_notify, list) { 4516 if (ev->eventfd == eventfd) { 4517 list_del(&ev->list); 4518 kfree(ev); 4519 } 4520 } 4521 4522 spin_unlock(&memcg_oom_lock); 4523} 4524 4525static int mem_cgroup_oom_control_read(struct seq_file *sf, void *v) 4526{ 4527 struct mem_cgroup *memcg = mem_cgroup_from_seq(sf); 4528 4529 seq_printf(sf, "oom_kill_disable %d\n", READ_ONCE(memcg->oom_kill_disable)); 4530 seq_printf(sf, "under_oom %d\n", (bool)memcg->under_oom); 4531 seq_printf(sf, "oom_kill %lu\n", 4532 atomic_long_read(&memcg->memory_events[MEMCG_OOM_KILL])); 4533 return 0; 4534} 4535 4536static int mem_cgroup_oom_control_write(struct cgroup_subsys_state *css, 4537 struct cftype *cft, u64 val) 4538{ 4539 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 4540 4541 /* cannot set to root cgroup and only 0 and 1 are allowed */ 4542 if (mem_cgroup_is_root(memcg) || !((val == 0) || (val == 1))) 4543 return -EINVAL; 4544 4545 WRITE_ONCE(memcg->oom_kill_disable, val); 4546 if (!val) 4547 memcg_oom_recover(memcg); 4548 4549 return 0; 4550} 4551 4552#ifdef CONFIG_CGROUP_WRITEBACK 4553 4554#include <trace/events/writeback.h> 4555 4556static int memcg_wb_domain_init(struct mem_cgroup *memcg, gfp_t gfp) 4557{ 4558 return wb_domain_init(&memcg->cgwb_domain, gfp); 4559} 4560 4561static void memcg_wb_domain_exit(struct mem_cgroup *memcg) 4562{ 4563 wb_domain_exit(&memcg->cgwb_domain); 4564} 4565 4566static void memcg_wb_domain_size_changed(struct mem_cgroup *memcg) 4567{ 4568 wb_domain_size_changed(&memcg->cgwb_domain); 4569} 4570 4571struct wb_domain *mem_cgroup_wb_domain(struct bdi_writeback *wb) 4572{ 4573 struct mem_cgroup *memcg = mem_cgroup_from_css(wb->memcg_css); 4574 4575 if (!memcg->css.parent) 4576 return NULL; 4577 4578 return &memcg->cgwb_domain; 4579} 4580 4581/** 4582 * mem_cgroup_wb_stats - retrieve writeback related stats from its memcg 4583 * @wb: bdi_writeback in question 4584 * @pfilepages: out parameter for number of file pages 4585 * @pheadroom: out parameter for number of allocatable pages according to memcg 4586 * @pdirty: out parameter for number of dirty pages 4587 * @pwriteback: out parameter for number of pages under writeback 4588 * 4589 * Determine the numbers of file, headroom, dirty, and writeback pages in 4590 * @wb's memcg. File, dirty and writeback are self-explanatory. Headroom 4591 * is a bit more involved. 4592 * 4593 * A memcg's headroom is "min(max, high) - used". In the hierarchy, the 4594 * headroom is calculated as the lowest headroom of itself and the 4595 * ancestors. Note that this doesn't consider the actual amount of 4596 * available memory in the system. The caller should further cap 4597 * *@pheadroom accordingly. 4598 */ 4599void mem_cgroup_wb_stats(struct bdi_writeback *wb, unsigned long *pfilepages, 4600 unsigned long *pheadroom, unsigned long *pdirty, 4601 unsigned long *pwriteback) 4602{ 4603 struct mem_cgroup *memcg = mem_cgroup_from_css(wb->memcg_css); 4604 struct mem_cgroup *parent; 4605 4606 mem_cgroup_flush_stats(); 4607 4608 *pdirty = memcg_page_state(memcg, NR_FILE_DIRTY); 4609 *pwriteback = memcg_page_state(memcg, NR_WRITEBACK); 4610 *pfilepages = memcg_page_state(memcg, NR_INACTIVE_FILE) + 4611 memcg_page_state(memcg, NR_ACTIVE_FILE); 4612 4613 *pheadroom = PAGE_COUNTER_MAX; 4614 while ((parent = parent_mem_cgroup(memcg))) { 4615 unsigned long ceiling = min(READ_ONCE(memcg->memory.max), 4616 READ_ONCE(memcg->memory.high)); 4617 unsigned long used = page_counter_read(&memcg->memory); 4618 4619 *pheadroom = min(*pheadroom, ceiling - min(ceiling, used)); 4620 memcg = parent; 4621 } 4622} 4623 4624/* 4625 * Foreign dirty flushing 4626 * 4627 * There's an inherent mismatch between memcg and writeback. The former 4628 * tracks ownership per-page while the latter per-inode. This was a 4629 * deliberate design decision because honoring per-page ownership in the 4630 * writeback path is complicated, may lead to higher CPU and IO overheads 4631 * and deemed unnecessary given that write-sharing an inode across 4632 * different cgroups isn't a common use-case. 4633 * 4634 * Combined with inode majority-writer ownership switching, this works well 4635 * enough in most cases but there are some pathological cases. For 4636 * example, let's say there are two cgroups A and B which keep writing to 4637 * different but confined parts of the same inode. B owns the inode and 4638 * A's memory is limited far below B's. A's dirty ratio can rise enough to 4639 * trigger balance_dirty_pages() sleeps but B's can be low enough to avoid 4640 * triggering background writeback. A will be slowed down without a way to 4641 * make writeback of the dirty pages happen. 4642 * 4643 * Conditions like the above can lead to a cgroup getting repeatedly and 4644 * severely throttled after making some progress after each 4645 * dirty_expire_interval while the underlying IO device is almost 4646 * completely idle. 4647 * 4648 * Solving this problem completely requires matching the ownership tracking 4649 * granularities between memcg and writeback in either direction. However, 4650 * the more egregious behaviors can be avoided by simply remembering the 4651 * most recent foreign dirtying events and initiating remote flushes on 4652 * them when local writeback isn't enough to keep the memory clean enough. 4653 * 4654 * The following two functions implement such mechanism. When a foreign 4655 * page - a page whose memcg and writeback ownerships don't match - is 4656 * dirtied, mem_cgroup_track_foreign_dirty() records the inode owning 4657 * bdi_writeback on the page owning memcg. When balance_dirty_pages() 4658 * decides that the memcg needs to sleep due to high dirty ratio, it calls 4659 * mem_cgroup_flush_foreign() which queues writeback on the recorded 4660 * foreign bdi_writebacks which haven't expired. Both the numbers of 4661 * recorded bdi_writebacks and concurrent in-flight foreign writebacks are 4662 * limited to MEMCG_CGWB_FRN_CNT. 4663 * 4664 * The mechanism only remembers IDs and doesn't hold any object references. 4665 * As being wrong occasionally doesn't matter, updates and accesses to the 4666 * records are lockless and racy. 4667 */ 4668void mem_cgroup_track_foreign_dirty_slowpath(struct folio *folio, 4669 struct bdi_writeback *wb) 4670{ 4671 struct mem_cgroup *memcg = folio_memcg(folio); 4672 struct memcg_cgwb_frn *frn; 4673 u64 now = get_jiffies_64(); 4674 u64 oldest_at = now; 4675 int oldest = -1; 4676 int i; 4677 4678 trace_track_foreign_dirty(folio, wb); 4679 4680 /* 4681 * Pick the slot to use. If there is already a slot for @wb, keep 4682 * using it. If not replace the oldest one which isn't being 4683 * written out. 4684 */ 4685 for (i = 0; i < MEMCG_CGWB_FRN_CNT; i++) { 4686 frn = &memcg->cgwb_frn[i]; 4687 if (frn->bdi_id == wb->bdi->id && 4688 frn->memcg_id == wb->memcg_css->id) 4689 break; 4690 if (time_before64(frn->at, oldest_at) && 4691 atomic_read(&frn->done.cnt) == 1) { 4692 oldest = i; 4693 oldest_at = frn->at; 4694 } 4695 } 4696 4697 if (i < MEMCG_CGWB_FRN_CNT) { 4698 /* 4699 * Re-using an existing one. Update timestamp lazily to 4700 * avoid making the cacheline hot. We want them to be 4701 * reasonably up-to-date and significantly shorter than 4702 * dirty_expire_interval as that's what expires the record. 4703 * Use the shorter of 1s and dirty_expire_interval / 8. 4704 */ 4705 unsigned long update_intv = 4706 min_t(unsigned long, HZ, 4707 msecs_to_jiffies(dirty_expire_interval * 10) / 8); 4708 4709 if (time_before64(frn->at, now - update_intv)) 4710 frn->at = now; 4711 } else if (oldest >= 0) { 4712 /* replace the oldest free one */ 4713 frn = &memcg->cgwb_frn[oldest]; 4714 frn->bdi_id = wb->bdi->id; 4715 frn->memcg_id = wb->memcg_css->id; 4716 frn->at = now; 4717 } 4718} 4719 4720/* issue foreign writeback flushes for recorded foreign dirtying events */ 4721void mem_cgroup_flush_foreign(struct bdi_writeback *wb) 4722{ 4723 struct mem_cgroup *memcg = mem_cgroup_from_css(wb->memcg_css); 4724 unsigned long intv = msecs_to_jiffies(dirty_expire_interval * 10); 4725 u64 now = jiffies_64; 4726 int i; 4727 4728 for (i = 0; i < MEMCG_CGWB_FRN_CNT; i++) { 4729 struct memcg_cgwb_frn *frn = &memcg->cgwb_frn[i]; 4730 4731 /* 4732 * If the record is older than dirty_expire_interval, 4733 * writeback on it has already started. No need to kick it 4734 * off again. Also, don't start a new one if there's 4735 * already one in flight. 4736 */ 4737 if (time_after64(frn->at, now - intv) && 4738 atomic_read(&frn->done.cnt) == 1) { 4739 frn->at = 0; 4740 trace_flush_foreign(wb, frn->bdi_id, frn->memcg_id); 4741 cgroup_writeback_by_id(frn->bdi_id, frn->memcg_id, 4742 WB_REASON_FOREIGN_FLUSH, 4743 &frn->done); 4744 } 4745 } 4746} 4747 4748#else /* CONFIG_CGROUP_WRITEBACK */ 4749 4750static int memcg_wb_domain_init(struct mem_cgroup *memcg, gfp_t gfp) 4751{ 4752 return 0; 4753} 4754 4755static void memcg_wb_domain_exit(struct mem_cgroup *memcg) 4756{ 4757} 4758 4759static void memcg_wb_domain_size_changed(struct mem_cgroup *memcg) 4760{ 4761} 4762 4763#endif /* CONFIG_CGROUP_WRITEBACK */ 4764 4765/* 4766 * DO NOT USE IN NEW FILES. 4767 * 4768 * "cgroup.event_control" implementation. 4769 * 4770 * This is way over-engineered. It tries to support fully configurable 4771 * events for each user. Such level of flexibility is completely 4772 * unnecessary especially in the light of the planned unified hierarchy. 4773 * 4774 * Please deprecate this and replace with something simpler if at all 4775 * possible. 4776 */ 4777 4778/* 4779 * Unregister event and free resources. 4780 * 4781 * Gets called from workqueue. 4782 */ 4783static void memcg_event_remove(struct work_struct *work) 4784{ 4785 struct mem_cgroup_event *event = 4786 container_of(work, struct mem_cgroup_event, remove); 4787 struct mem_cgroup *memcg = event->memcg; 4788 4789 remove_wait_queue(event->wqh, &event->wait); 4790 4791 event->unregister_event(memcg, event->eventfd); 4792 4793 /* Notify userspace the event is going away. */ 4794 eventfd_signal(event->eventfd, 1); 4795 4796 eventfd_ctx_put(event->eventfd); 4797 kfree(event); 4798 css_put(&memcg->css); 4799} 4800 4801/* 4802 * Gets called on EPOLLHUP on eventfd when user closes it. 4803 * 4804 * Called with wqh->lock held and interrupts disabled. 4805 */ 4806static int memcg_event_wake(wait_queue_entry_t *wait, unsigned mode, 4807 int sync, void *key) 4808{ 4809 struct mem_cgroup_event *event = 4810 container_of(wait, struct mem_cgroup_event, wait); 4811 struct mem_cgroup *memcg = event->memcg; 4812 __poll_t flags = key_to_poll(key); 4813 4814 if (flags & EPOLLHUP) { 4815 /* 4816 * If the event has been detached at cgroup removal, we 4817 * can simply return knowing the other side will cleanup 4818 * for us. 4819 * 4820 * We can't race against event freeing since the other 4821 * side will require wqh->lock via remove_wait_queue(), 4822 * which we hold. 4823 */ 4824 spin_lock(&memcg->event_list_lock); 4825 if (!list_empty(&event->list)) { 4826 list_del_init(&event->list); 4827 /* 4828 * We are in atomic context, but cgroup_event_remove() 4829 * may sleep, so we have to call it in workqueue. 4830 */ 4831 schedule_work(&event->remove); 4832 } 4833 spin_unlock(&memcg->event_list_lock); 4834 } 4835 4836 return 0; 4837} 4838 4839static void memcg_event_ptable_queue_proc(struct file *file, 4840 wait_queue_head_t *wqh, poll_table *pt) 4841{ 4842 struct mem_cgroup_event *event = 4843 container_of(pt, struct mem_cgroup_event, pt); 4844 4845 event->wqh = wqh; 4846 add_wait_queue(wqh, &event->wait); 4847} 4848 4849/* 4850 * DO NOT USE IN NEW FILES. 4851 * 4852 * Parse input and register new cgroup event handler. 4853 * 4854 * Input must be in format '<event_fd> <control_fd> <args>'. 4855 * Interpretation of args is defined by control file implementation. 4856 */ 4857static ssize_t memcg_write_event_control(struct kernfs_open_file *of, 4858 char *buf, size_t nbytes, loff_t off) 4859{ 4860 struct cgroup_subsys_state *css = of_css(of); 4861 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 4862 struct mem_cgroup_event *event; 4863 struct cgroup_subsys_state *cfile_css; 4864 unsigned int efd, cfd; 4865 struct fd efile; 4866 struct fd cfile; 4867 struct dentry *cdentry; 4868 const char *name; 4869 char *endp; 4870 int ret; 4871 4872 if (IS_ENABLED(CONFIG_PREEMPT_RT)) 4873 return -EOPNOTSUPP; 4874 4875 buf = strstrip(buf); 4876 4877 efd = simple_strtoul(buf, &endp, 10); 4878 if (*endp != ' ') 4879 return -EINVAL; 4880 buf = endp + 1; 4881 4882 cfd = simple_strtoul(buf, &endp, 10); 4883 if ((*endp != ' ') && (*endp != '\0')) 4884 return -EINVAL; 4885 buf = endp + 1; 4886 4887 event = kzalloc(sizeof(*event), GFP_KERNEL); 4888 if (!event) 4889 return -ENOMEM; 4890 4891 event->memcg = memcg; 4892 INIT_LIST_HEAD(&event->list); 4893 init_poll_funcptr(&event->pt, memcg_event_ptable_queue_proc); 4894 init_waitqueue_func_entry(&event->wait, memcg_event_wake); 4895 INIT_WORK(&event->remove, memcg_event_remove); 4896 4897 efile = fdget(efd); 4898 if (!efile.file) { 4899 ret = -EBADF; 4900 goto out_kfree; 4901 } 4902 4903 event->eventfd = eventfd_ctx_fileget(efile.file); 4904 if (IS_ERR(event->eventfd)) { 4905 ret = PTR_ERR(event->eventfd); 4906 goto out_put_efile; 4907 } 4908 4909 cfile = fdget(cfd); 4910 if (!cfile.file) { 4911 ret = -EBADF; 4912 goto out_put_eventfd; 4913 } 4914 4915 /* the process need read permission on control file */ 4916 /* AV: shouldn't we check that it's been opened for read instead? */ 4917 ret = file_permission(cfile.file, MAY_READ); 4918 if (ret < 0) 4919 goto out_put_cfile; 4920 4921 /* 4922 * The control file must be a regular cgroup1 file. As a regular cgroup 4923 * file can't be renamed, it's safe to access its name afterwards. 4924 */ 4925 cdentry = cfile.file->f_path.dentry; 4926 if (cdentry->d_sb->s_type != &cgroup_fs_type || !d_is_reg(cdentry)) { 4927 ret = -EINVAL; 4928 goto out_put_cfile; 4929 } 4930 4931 /* 4932 * Determine the event callbacks and set them in @event. This used 4933 * to be done via struct cftype but cgroup core no longer knows 4934 * about these events. The following is crude but the whole thing 4935 * is for compatibility anyway. 4936 * 4937 * DO NOT ADD NEW FILES. 4938 */ 4939 name = cdentry->d_name.name; 4940 4941 if (!strcmp(name, "memory.usage_in_bytes")) { 4942 event->register_event = mem_cgroup_usage_register_event; 4943 event->unregister_event = mem_cgroup_usage_unregister_event; 4944 } else if (!strcmp(name, "memory.oom_control")) { 4945 event->register_event = mem_cgroup_oom_register_event; 4946 event->unregister_event = mem_cgroup_oom_unregister_event; 4947 } else if (!strcmp(name, "memory.pressure_level")) { 4948 event->register_event = vmpressure_register_event; 4949 event->unregister_event = vmpressure_unregister_event; 4950 } else if (!strcmp(name, "memory.memsw.usage_in_bytes")) { 4951 event->register_event = memsw_cgroup_usage_register_event; 4952 event->unregister_event = memsw_cgroup_usage_unregister_event; 4953 } else { 4954 ret = -EINVAL; 4955 goto out_put_cfile; 4956 } 4957 4958 /* 4959 * Verify @cfile should belong to @css. Also, remaining events are 4960 * automatically removed on cgroup destruction but the removal is 4961 * asynchronous, so take an extra ref on @css. 4962 */ 4963 cfile_css = css_tryget_online_from_dir(cdentry->d_parent, 4964 &memory_cgrp_subsys); 4965 ret = -EINVAL; 4966 if (IS_ERR(cfile_css)) 4967 goto out_put_cfile; 4968 if (cfile_css != css) { 4969 css_put(cfile_css); 4970 goto out_put_cfile; 4971 } 4972 4973 ret = event->register_event(memcg, event->eventfd, buf); 4974 if (ret) 4975 goto out_put_css; 4976 4977 vfs_poll(efile.file, &event->pt); 4978 4979 spin_lock_irq(&memcg->event_list_lock); 4980 list_add(&event->list, &memcg->event_list); 4981 spin_unlock_irq(&memcg->event_list_lock); 4982 4983 fdput(cfile); 4984 fdput(efile); 4985 4986 return nbytes; 4987 4988out_put_css: 4989 css_put(css); 4990out_put_cfile: 4991 fdput(cfile); 4992out_put_eventfd: 4993 eventfd_ctx_put(event->eventfd); 4994out_put_efile: 4995 fdput(efile); 4996out_kfree: 4997 kfree(event); 4998 4999 return ret; 5000} 5001 5002#if defined(CONFIG_MEMCG_KMEM) && (defined(CONFIG_SLAB) || defined(CONFIG_SLUB_DEBUG)) 5003static int mem_cgroup_slab_show(struct seq_file *m, void *p) 5004{ 5005 /* 5006 * Deprecated. 5007 * Please, take a look at tools/cgroup/memcg_slabinfo.py . 5008 */ 5009 return 0; 5010} 5011#endif 5012 5013static int memory_stat_show(struct seq_file *m, void *v); 5014 5015static struct cftype mem_cgroup_legacy_files[] = { 5016 { 5017 .name = "usage_in_bytes", 5018 .private = MEMFILE_PRIVATE(_MEM, RES_USAGE), 5019 .read_u64 = mem_cgroup_read_u64, 5020 }, 5021 { 5022 .name = "max_usage_in_bytes", 5023 .private = MEMFILE_PRIVATE(_MEM, RES_MAX_USAGE), 5024 .write = mem_cgroup_reset, 5025 .read_u64 = mem_cgroup_read_u64, 5026 }, 5027 { 5028 .name = "limit_in_bytes", 5029 .private = MEMFILE_PRIVATE(_MEM, RES_LIMIT), 5030 .write = mem_cgroup_write, 5031 .read_u64 = mem_cgroup_read_u64, 5032 }, 5033 { 5034 .name = "soft_limit_in_bytes", 5035 .private = MEMFILE_PRIVATE(_MEM, RES_SOFT_LIMIT), 5036 .write = mem_cgroup_write, 5037 .read_u64 = mem_cgroup_read_u64, 5038 }, 5039 { 5040 .name = "failcnt", 5041 .private = MEMFILE_PRIVATE(_MEM, RES_FAILCNT), 5042 .write = mem_cgroup_reset, 5043 .read_u64 = mem_cgroup_read_u64, 5044 }, 5045 { 5046 .name = "stat", 5047 .seq_show = memory_stat_show, 5048 }, 5049 { 5050 .name = "force_empty", 5051 .write = mem_cgroup_force_empty_write, 5052 }, 5053 { 5054 .name = "use_hierarchy", 5055 .write_u64 = mem_cgroup_hierarchy_write, 5056 .read_u64 = mem_cgroup_hierarchy_read, 5057 }, 5058 { 5059 .name = "cgroup.event_control", /* XXX: for compat */ 5060 .write = memcg_write_event_control, 5061 .flags = CFTYPE_NO_PREFIX | CFTYPE_WORLD_WRITABLE, 5062 }, 5063 { 5064 .name = "swappiness", 5065 .read_u64 = mem_cgroup_swappiness_read, 5066 .write_u64 = mem_cgroup_swappiness_write, 5067 }, 5068 { 5069 .name = "move_charge_at_immigrate", 5070 .read_u64 = mem_cgroup_move_charge_read, 5071 .write_u64 = mem_cgroup_move_charge_write, 5072 }, 5073 { 5074 .name = "oom_control", 5075 .seq_show = mem_cgroup_oom_control_read, 5076 .write_u64 = mem_cgroup_oom_control_write, 5077 }, 5078 { 5079 .name = "pressure_level", 5080 .seq_show = mem_cgroup_dummy_seq_show, 5081 }, 5082#ifdef CONFIG_NUMA 5083 { 5084 .name = "numa_stat", 5085 .seq_show = memcg_numa_stat_show, 5086 }, 5087#endif 5088 { 5089 .name = "kmem.limit_in_bytes", 5090 .private = MEMFILE_PRIVATE(_KMEM, RES_LIMIT), 5091 .write = mem_cgroup_write, 5092 .read_u64 = mem_cgroup_read_u64, 5093 }, 5094 { 5095 .name = "kmem.usage_in_bytes", 5096 .private = MEMFILE_PRIVATE(_KMEM, RES_USAGE), 5097 .read_u64 = mem_cgroup_read_u64, 5098 }, 5099 { 5100 .name = "kmem.failcnt", 5101 .private = MEMFILE_PRIVATE(_KMEM, RES_FAILCNT), 5102 .write = mem_cgroup_reset, 5103 .read_u64 = mem_cgroup_read_u64, 5104 }, 5105 { 5106 .name = "kmem.max_usage_in_bytes", 5107 .private = MEMFILE_PRIVATE(_KMEM, RES_MAX_USAGE), 5108 .write = mem_cgroup_reset, 5109 .read_u64 = mem_cgroup_read_u64, 5110 }, 5111#if defined(CONFIG_MEMCG_KMEM) && \ 5112 (defined(CONFIG_SLAB) || defined(CONFIG_SLUB_DEBUG)) 5113 { 5114 .name = "kmem.slabinfo", 5115 .seq_show = mem_cgroup_slab_show, 5116 }, 5117#endif 5118 { 5119 .name = "kmem.tcp.limit_in_bytes", 5120 .private = MEMFILE_PRIVATE(_TCP, RES_LIMIT), 5121 .write = mem_cgroup_write, 5122 .read_u64 = mem_cgroup_read_u64, 5123 }, 5124 { 5125 .name = "kmem.tcp.usage_in_bytes", 5126 .private = MEMFILE_PRIVATE(_TCP, RES_USAGE), 5127 .read_u64 = mem_cgroup_read_u64, 5128 }, 5129 { 5130 .name = "kmem.tcp.failcnt", 5131 .private = MEMFILE_PRIVATE(_TCP, RES_FAILCNT), 5132 .write = mem_cgroup_reset, 5133 .read_u64 = mem_cgroup_read_u64, 5134 }, 5135 { 5136 .name = "kmem.tcp.max_usage_in_bytes", 5137 .private = MEMFILE_PRIVATE(_TCP, RES_MAX_USAGE), 5138 .write = mem_cgroup_reset, 5139 .read_u64 = mem_cgroup_read_u64, 5140 }, 5141 { }, /* terminate */ 5142}; 5143 5144/* 5145 * Private memory cgroup IDR 5146 * 5147 * Swap-out records and page cache shadow entries need to store memcg 5148 * references in constrained space, so we maintain an ID space that is 5149 * limited to 16 bit (MEM_CGROUP_ID_MAX), limiting the total number of 5150 * memory-controlled cgroups to 64k. 5151 * 5152 * However, there usually are many references to the offline CSS after 5153 * the cgroup has been destroyed, such as page cache or reclaimable 5154 * slab objects, that don't need to hang on to the ID. We want to keep 5155 * those dead CSS from occupying IDs, or we might quickly exhaust the 5156 * relatively small ID space and prevent the creation of new cgroups 5157 * even when there are much fewer than 64k cgroups - possibly none. 5158 * 5159 * Maintain a private 16-bit ID space for memcg, and allow the ID to 5160 * be freed and recycled when it's no longer needed, which is usually 5161 * when the CSS is offlined. 5162 * 5163 * The only exception to that are records of swapped out tmpfs/shmem 5164 * pages that need to be attributed to live ancestors on swapin. But 5165 * those references are manageable from userspace. 5166 */ 5167 5168static DEFINE_IDR(mem_cgroup_idr); 5169 5170static void mem_cgroup_id_remove(struct mem_cgroup *memcg) 5171{ 5172 if (memcg->id.id > 0) { 5173 idr_remove(&mem_cgroup_idr, memcg->id.id); 5174 memcg->id.id = 0; 5175 } 5176} 5177 5178static void __maybe_unused mem_cgroup_id_get_many(struct mem_cgroup *memcg, 5179 unsigned int n) 5180{ 5181 refcount_add(n, &memcg->id.ref); 5182} 5183 5184static void mem_cgroup_id_put_many(struct mem_cgroup *memcg, unsigned int n) 5185{ 5186 if (refcount_sub_and_test(n, &memcg->id.ref)) { 5187 mem_cgroup_id_remove(memcg); 5188 5189 /* Memcg ID pins CSS */ 5190 css_put(&memcg->css); 5191 } 5192} 5193 5194static inline void mem_cgroup_id_put(struct mem_cgroup *memcg) 5195{ 5196 mem_cgroup_id_put_many(memcg, 1); 5197} 5198 5199/** 5200 * mem_cgroup_from_id - look up a memcg from a memcg id 5201 * @id: the memcg id to look up 5202 * 5203 * Caller must hold rcu_read_lock(). 5204 */ 5205struct mem_cgroup *mem_cgroup_from_id(unsigned short id) 5206{ 5207 WARN_ON_ONCE(!rcu_read_lock_held()); 5208 return idr_find(&mem_cgroup_idr, id); 5209} 5210 5211#ifdef CONFIG_SHRINKER_DEBUG 5212struct mem_cgroup *mem_cgroup_get_from_ino(unsigned long ino) 5213{ 5214 struct cgroup *cgrp; 5215 struct cgroup_subsys_state *css; 5216 struct mem_cgroup *memcg; 5217 5218 cgrp = cgroup_get_from_id(ino); 5219 if (IS_ERR(cgrp)) 5220 return ERR_CAST(cgrp); 5221 5222 css = cgroup_get_e_css(cgrp, &memory_cgrp_subsys); 5223 if (css) 5224 memcg = container_of(css, struct mem_cgroup, css); 5225 else 5226 memcg = ERR_PTR(-ENOENT); 5227 5228 cgroup_put(cgrp); 5229 5230 return memcg; 5231} 5232#endif 5233 5234static int alloc_mem_cgroup_per_node_info(struct mem_cgroup *memcg, int node) 5235{ 5236 struct mem_cgroup_per_node *pn; 5237 5238 pn = kzalloc_node(sizeof(*pn), GFP_KERNEL, node); 5239 if (!pn) 5240 return 1; 5241 5242 pn->lruvec_stats_percpu = alloc_percpu_gfp(struct lruvec_stats_percpu, 5243 GFP_KERNEL_ACCOUNT); 5244 if (!pn->lruvec_stats_percpu) { 5245 kfree(pn); 5246 return 1; 5247 } 5248 5249 lruvec_init(&pn->lruvec); 5250 pn->memcg = memcg; 5251 5252 memcg->nodeinfo[node] = pn; 5253 return 0; 5254} 5255 5256static void free_mem_cgroup_per_node_info(struct mem_cgroup *memcg, int node) 5257{ 5258 struct mem_cgroup_per_node *pn = memcg->nodeinfo[node]; 5259 5260 if (!pn) 5261 return; 5262 5263 free_percpu(pn->lruvec_stats_percpu); 5264 kfree(pn); 5265} 5266 5267static void __mem_cgroup_free(struct mem_cgroup *memcg) 5268{ 5269 int node; 5270 5271 for_each_node(node) 5272 free_mem_cgroup_per_node_info(memcg, node); 5273 kfree(memcg->vmstats); 5274 free_percpu(memcg->vmstats_percpu); 5275 kfree(memcg); 5276} 5277 5278static void mem_cgroup_free(struct mem_cgroup *memcg) 5279{ 5280 lru_gen_exit_memcg(memcg); 5281 memcg_wb_domain_exit(memcg); 5282 __mem_cgroup_free(memcg); 5283} 5284 5285static struct mem_cgroup *mem_cgroup_alloc(void) 5286{ 5287 struct mem_cgroup *memcg; 5288 int node; 5289 int __maybe_unused i; 5290 long error = -ENOMEM; 5291 5292 memcg = kzalloc(struct_size(memcg, nodeinfo, nr_node_ids), GFP_KERNEL); 5293 if (!memcg) 5294 return ERR_PTR(error); 5295 5296 memcg->id.id = idr_alloc(&mem_cgroup_idr, NULL, 5297 1, MEM_CGROUP_ID_MAX + 1, GFP_KERNEL); 5298 if (memcg->id.id < 0) { 5299 error = memcg->id.id; 5300 goto fail; 5301 } 5302 5303 memcg->vmstats = kzalloc(sizeof(struct memcg_vmstats), GFP_KERNEL); 5304 if (!memcg->vmstats) 5305 goto fail; 5306 5307 memcg->vmstats_percpu = alloc_percpu_gfp(struct memcg_vmstats_percpu, 5308 GFP_KERNEL_ACCOUNT); 5309 if (!memcg->vmstats_percpu) 5310 goto fail; 5311 5312 for_each_node(node) 5313 if (alloc_mem_cgroup_per_node_info(memcg, node)) 5314 goto fail; 5315 5316 if (memcg_wb_domain_init(memcg, GFP_KERNEL)) 5317 goto fail; 5318 5319 INIT_WORK(&memcg->high_work, high_work_func); 5320 INIT_LIST_HEAD(&memcg->oom_notify); 5321 mutex_init(&memcg->thresholds_lock); 5322 spin_lock_init(&memcg->move_lock); 5323 vmpressure_init(&memcg->vmpressure); 5324 INIT_LIST_HEAD(&memcg->event_list); 5325 spin_lock_init(&memcg->event_list_lock); 5326 memcg->socket_pressure = jiffies; 5327#ifdef CONFIG_MEMCG_KMEM 5328 memcg->kmemcg_id = -1; 5329 INIT_LIST_HEAD(&memcg->objcg_list); 5330#endif 5331#ifdef CONFIG_CGROUP_WRITEBACK 5332 INIT_LIST_HEAD(&memcg->cgwb_list); 5333 for (i = 0; i < MEMCG_CGWB_FRN_CNT; i++) 5334 memcg->cgwb_frn[i].done = 5335 __WB_COMPLETION_INIT(&memcg_cgwb_frn_waitq); 5336#endif 5337#ifdef CONFIG_TRANSPARENT_HUGEPAGE 5338 spin_lock_init(&memcg->deferred_split_queue.split_queue_lock); 5339 INIT_LIST_HEAD(&memcg->deferred_split_queue.split_queue); 5340 memcg->deferred_split_queue.split_queue_len = 0; 5341#endif 5342 idr_replace(&mem_cgroup_idr, memcg, memcg->id.id); 5343 lru_gen_init_memcg(memcg); 5344 return memcg; 5345fail: 5346 mem_cgroup_id_remove(memcg); 5347 __mem_cgroup_free(memcg); 5348 return ERR_PTR(error); 5349} 5350 5351static struct cgroup_subsys_state * __ref 5352mem_cgroup_css_alloc(struct cgroup_subsys_state *parent_css) 5353{ 5354 struct mem_cgroup *parent = mem_cgroup_from_css(parent_css); 5355 struct mem_cgroup *memcg, *old_memcg; 5356 5357 old_memcg = set_active_memcg(parent); 5358 memcg = mem_cgroup_alloc(); 5359 set_active_memcg(old_memcg); 5360 if (IS_ERR(memcg)) 5361 return ERR_CAST(memcg); 5362 5363 page_counter_set_high(&memcg->memory, PAGE_COUNTER_MAX); 5364 WRITE_ONCE(memcg->soft_limit, PAGE_COUNTER_MAX); 5365#if defined(CONFIG_MEMCG_KMEM) && defined(CONFIG_ZSWAP) 5366 memcg->zswap_max = PAGE_COUNTER_MAX; 5367#endif 5368 page_counter_set_high(&memcg->swap, PAGE_COUNTER_MAX); 5369 if (parent) { 5370 WRITE_ONCE(memcg->swappiness, mem_cgroup_swappiness(parent)); 5371 WRITE_ONCE(memcg->oom_kill_disable, READ_ONCE(parent->oom_kill_disable)); 5372 5373 page_counter_init(&memcg->memory, &parent->memory); 5374 page_counter_init(&memcg->swap, &parent->swap); 5375 page_counter_init(&memcg->kmem, &parent->kmem); 5376 page_counter_init(&memcg->tcpmem, &parent->tcpmem); 5377 } else { 5378 init_memcg_events(); 5379 page_counter_init(&memcg->memory, NULL); 5380 page_counter_init(&memcg->swap, NULL); 5381 page_counter_init(&memcg->kmem, NULL); 5382 page_counter_init(&memcg->tcpmem, NULL); 5383 5384 root_mem_cgroup = memcg; 5385 return &memcg->css; 5386 } 5387 5388 if (cgroup_subsys_on_dfl(memory_cgrp_subsys) && !cgroup_memory_nosocket) 5389 static_branch_inc(&memcg_sockets_enabled_key); 5390 5391#if defined(CONFIG_MEMCG_KMEM) 5392 if (!cgroup_memory_nobpf) 5393 static_branch_inc(&memcg_bpf_enabled_key); 5394#endif 5395 5396 return &memcg->css; 5397} 5398 5399static int mem_cgroup_css_online(struct cgroup_subsys_state *css) 5400{ 5401 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 5402 5403 if (memcg_online_kmem(memcg)) 5404 goto remove_id; 5405 5406 /* 5407 * A memcg must be visible for expand_shrinker_info() 5408 * by the time the maps are allocated. So, we allocate maps 5409 * here, when for_each_mem_cgroup() can't skip it. 5410 */ 5411 if (alloc_shrinker_info(memcg)) 5412 goto offline_kmem; 5413 5414 /* Online state pins memcg ID, memcg ID pins CSS */ 5415 refcount_set(&memcg->id.ref, 1); 5416 css_get(css); 5417 5418 if (unlikely(mem_cgroup_is_root(memcg))) 5419 queue_delayed_work(system_unbound_wq, &stats_flush_dwork, 5420 FLUSH_TIME); 5421 lru_gen_online_memcg(memcg); 5422 return 0; 5423offline_kmem: 5424 memcg_offline_kmem(memcg); 5425remove_id: 5426 mem_cgroup_id_remove(memcg); 5427 return -ENOMEM; 5428} 5429 5430static void mem_cgroup_css_offline(struct cgroup_subsys_state *css) 5431{ 5432 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 5433 struct mem_cgroup_event *event, *tmp; 5434 5435 /* 5436 * Unregister events and notify userspace. 5437 * Notify userspace about cgroup removing only after rmdir of cgroup 5438 * directory to avoid race between userspace and kernelspace. 5439 */ 5440 spin_lock_irq(&memcg->event_list_lock); 5441 list_for_each_entry_safe(event, tmp, &memcg->event_list, list) { 5442 list_del_init(&event->list); 5443 schedule_work(&event->remove); 5444 } 5445 spin_unlock_irq(&memcg->event_list_lock); 5446 5447 page_counter_set_min(&memcg->memory, 0); 5448 page_counter_set_low(&memcg->memory, 0); 5449 5450 memcg_offline_kmem(memcg); 5451 reparent_shrinker_deferred(memcg); 5452 wb_memcg_offline(memcg); 5453 lru_gen_offline_memcg(memcg); 5454 5455 drain_all_stock(memcg); 5456 5457 mem_cgroup_id_put(memcg); 5458} 5459 5460static void mem_cgroup_css_released(struct cgroup_subsys_state *css) 5461{ 5462 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 5463 5464 invalidate_reclaim_iterators(memcg); 5465 lru_gen_release_memcg(memcg); 5466} 5467 5468static void mem_cgroup_css_free(struct cgroup_subsys_state *css) 5469{ 5470 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 5471 int __maybe_unused i; 5472 5473#ifdef CONFIG_CGROUP_WRITEBACK 5474 for (i = 0; i < MEMCG_CGWB_FRN_CNT; i++) 5475 wb_wait_for_completion(&memcg->cgwb_frn[i].done); 5476#endif 5477 if (cgroup_subsys_on_dfl(memory_cgrp_subsys) && !cgroup_memory_nosocket) 5478 static_branch_dec(&memcg_sockets_enabled_key); 5479 5480 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys) && memcg->tcpmem_active) 5481 static_branch_dec(&memcg_sockets_enabled_key); 5482 5483#if defined(CONFIG_MEMCG_KMEM) 5484 if (!cgroup_memory_nobpf) 5485 static_branch_dec(&memcg_bpf_enabled_key); 5486#endif 5487 5488 vmpressure_cleanup(&memcg->vmpressure); 5489 cancel_work_sync(&memcg->high_work); 5490 mem_cgroup_remove_from_trees(memcg); 5491 free_shrinker_info(memcg); 5492 mem_cgroup_free(memcg); 5493} 5494 5495/** 5496 * mem_cgroup_css_reset - reset the states of a mem_cgroup 5497 * @css: the target css 5498 * 5499 * Reset the states of the mem_cgroup associated with @css. This is 5500 * invoked when the userland requests disabling on the default hierarchy 5501 * but the memcg is pinned through dependency. The memcg should stop 5502 * applying policies and should revert to the vanilla state as it may be 5503 * made visible again. 5504 * 5505 * The current implementation only resets the essential configurations. 5506 * This needs to be expanded to cover all the visible parts. 5507 */ 5508static void mem_cgroup_css_reset(struct cgroup_subsys_state *css) 5509{ 5510 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 5511 5512 page_counter_set_max(&memcg->memory, PAGE_COUNTER_MAX); 5513 page_counter_set_max(&memcg->swap, PAGE_COUNTER_MAX); 5514 page_counter_set_max(&memcg->kmem, PAGE_COUNTER_MAX); 5515 page_counter_set_max(&memcg->tcpmem, PAGE_COUNTER_MAX); 5516 page_counter_set_min(&memcg->memory, 0); 5517 page_counter_set_low(&memcg->memory, 0); 5518 page_counter_set_high(&memcg->memory, PAGE_COUNTER_MAX); 5519 WRITE_ONCE(memcg->soft_limit, PAGE_COUNTER_MAX); 5520 page_counter_set_high(&memcg->swap, PAGE_COUNTER_MAX); 5521 memcg_wb_domain_size_changed(memcg); 5522} 5523 5524static void mem_cgroup_css_rstat_flush(struct cgroup_subsys_state *css, int cpu) 5525{ 5526 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 5527 struct mem_cgroup *parent = parent_mem_cgroup(memcg); 5528 struct memcg_vmstats_percpu *statc; 5529 long delta, v; 5530 int i, nid; 5531 5532 statc = per_cpu_ptr(memcg->vmstats_percpu, cpu); 5533 5534 for (i = 0; i < MEMCG_NR_STAT; i++) { 5535 /* 5536 * Collect the aggregated propagation counts of groups 5537 * below us. We're in a per-cpu loop here and this is 5538 * a global counter, so the first cycle will get them. 5539 */ 5540 delta = memcg->vmstats->state_pending[i]; 5541 if (delta) 5542 memcg->vmstats->state_pending[i] = 0; 5543 5544 /* Add CPU changes on this level since the last flush */ 5545 v = READ_ONCE(statc->state[i]); 5546 if (v != statc->state_prev[i]) { 5547 delta += v - statc->state_prev[i]; 5548 statc->state_prev[i] = v; 5549 } 5550 5551 if (!delta) 5552 continue; 5553 5554 /* Aggregate counts on this level and propagate upwards */ 5555 memcg->vmstats->state[i] += delta; 5556 if (parent) 5557 parent->vmstats->state_pending[i] += delta; 5558 } 5559 5560 for (i = 0; i < NR_MEMCG_EVENTS; i++) { 5561 delta = memcg->vmstats->events_pending[i]; 5562 if (delta) 5563 memcg->vmstats->events_pending[i] = 0; 5564 5565 v = READ_ONCE(statc->events[i]); 5566 if (v != statc->events_prev[i]) { 5567 delta += v - statc->events_prev[i]; 5568 statc->events_prev[i] = v; 5569 } 5570 5571 if (!delta) 5572 continue; 5573 5574 memcg->vmstats->events[i] += delta; 5575 if (parent) 5576 parent->vmstats->events_pending[i] += delta; 5577 } 5578 5579 for_each_node_state(nid, N_MEMORY) { 5580 struct mem_cgroup_per_node *pn = memcg->nodeinfo[nid]; 5581 struct mem_cgroup_per_node *ppn = NULL; 5582 struct lruvec_stats_percpu *lstatc; 5583 5584 if (parent) 5585 ppn = parent->nodeinfo[nid]; 5586 5587 lstatc = per_cpu_ptr(pn->lruvec_stats_percpu, cpu); 5588 5589 for (i = 0; i < NR_VM_NODE_STAT_ITEMS; i++) { 5590 delta = pn->lruvec_stats.state_pending[i]; 5591 if (delta) 5592 pn->lruvec_stats.state_pending[i] = 0; 5593 5594 v = READ_ONCE(lstatc->state[i]); 5595 if (v != lstatc->state_prev[i]) { 5596 delta += v - lstatc->state_prev[i]; 5597 lstatc->state_prev[i] = v; 5598 } 5599 5600 if (!delta) 5601 continue; 5602 5603 pn->lruvec_stats.state[i] += delta; 5604 if (ppn) 5605 ppn->lruvec_stats.state_pending[i] += delta; 5606 } 5607 } 5608} 5609 5610#ifdef CONFIG_MMU 5611/* Handlers for move charge at task migration. */ 5612static int mem_cgroup_do_precharge(unsigned long count) 5613{ 5614 int ret; 5615 5616 /* Try a single bulk charge without reclaim first, kswapd may wake */ 5617 ret = try_charge(mc.to, GFP_KERNEL & ~__GFP_DIRECT_RECLAIM, count); 5618 if (!ret) { 5619 mc.precharge += count; 5620 return ret; 5621 } 5622 5623 /* Try charges one by one with reclaim, but do not retry */ 5624 while (count--) { 5625 ret = try_charge(mc.to, GFP_KERNEL | __GFP_NORETRY, 1); 5626 if (ret) 5627 return ret; 5628 mc.precharge++; 5629 cond_resched(); 5630 } 5631 return 0; 5632} 5633 5634union mc_target { 5635 struct page *page; 5636 swp_entry_t ent; 5637}; 5638 5639enum mc_target_type { 5640 MC_TARGET_NONE = 0, 5641 MC_TARGET_PAGE, 5642 MC_TARGET_SWAP, 5643 MC_TARGET_DEVICE, 5644}; 5645 5646static struct page *mc_handle_present_pte(struct vm_area_struct *vma, 5647 unsigned long addr, pte_t ptent) 5648{ 5649 struct page *page = vm_normal_page(vma, addr, ptent); 5650 5651 if (!page || !page_mapped(page)) 5652 return NULL; 5653 if (PageAnon(page)) { 5654 if (!(mc.flags & MOVE_ANON)) 5655 return NULL; 5656 } else { 5657 if (!(mc.flags & MOVE_FILE)) 5658 return NULL; 5659 } 5660 if (!get_page_unless_zero(page)) 5661 return NULL; 5662 5663 return page; 5664} 5665 5666#if defined(CONFIG_SWAP) || defined(CONFIG_DEVICE_PRIVATE) 5667static struct page *mc_handle_swap_pte(struct vm_area_struct *vma, 5668 pte_t ptent, swp_entry_t *entry) 5669{ 5670 struct page *page = NULL; 5671 swp_entry_t ent = pte_to_swp_entry(ptent); 5672 5673 if (!(mc.flags & MOVE_ANON)) 5674 return NULL; 5675 5676 /* 5677 * Handle device private pages that are not accessible by the CPU, but 5678 * stored as special swap entries in the page table. 5679 */ 5680 if (is_device_private_entry(ent)) { 5681 page = pfn_swap_entry_to_page(ent); 5682 if (!get_page_unless_zero(page)) 5683 return NULL; 5684 return page; 5685 } 5686 5687 if (non_swap_entry(ent)) 5688 return NULL; 5689 5690 /* 5691 * Because swap_cache_get_folio() updates some statistics counter, 5692 * we call find_get_page() with swapper_space directly. 5693 */ 5694 page = find_get_page(swap_address_space(ent), swp_offset(ent)); 5695 entry->val = ent.val; 5696 5697 return page; 5698} 5699#else 5700static struct page *mc_handle_swap_pte(struct vm_area_struct *vma, 5701 pte_t ptent, swp_entry_t *entry) 5702{ 5703 return NULL; 5704} 5705#endif 5706 5707static struct page *mc_handle_file_pte(struct vm_area_struct *vma, 5708 unsigned long addr, pte_t ptent) 5709{ 5710 unsigned long index; 5711 struct folio *folio; 5712 5713 if (!vma->vm_file) /* anonymous vma */ 5714 return NULL; 5715 if (!(mc.flags & MOVE_FILE)) 5716 return NULL; 5717 5718 /* folio is moved even if it's not RSS of this task(page-faulted). */ 5719 /* shmem/tmpfs may report page out on swap: account for that too. */ 5720 index = linear_page_index(vma, addr); 5721 folio = filemap_get_incore_folio(vma->vm_file->f_mapping, index); 5722 if (IS_ERR(folio)) 5723 return NULL; 5724 return folio_file_page(folio, index); 5725} 5726 5727/** 5728 * mem_cgroup_move_account - move account of the page 5729 * @page: the page 5730 * @compound: charge the page as compound or small page 5731 * @from: mem_cgroup which the page is moved from. 5732 * @to: mem_cgroup which the page is moved to. @from != @to. 5733 * 5734 * The page must be locked and not on the LRU. 5735 * 5736 * This function doesn't do "charge" to new cgroup and doesn't do "uncharge" 5737 * from old cgroup. 5738 */ 5739static int mem_cgroup_move_account(struct page *page, 5740 bool compound, 5741 struct mem_cgroup *from, 5742 struct mem_cgroup *to) 5743{ 5744 struct folio *folio = page_folio(page); 5745 struct lruvec *from_vec, *to_vec; 5746 struct pglist_data *pgdat; 5747 unsigned int nr_pages = compound ? folio_nr_pages(folio) : 1; 5748 int nid, ret; 5749 5750 VM_BUG_ON(from == to); 5751 VM_BUG_ON_FOLIO(!folio_test_locked(folio), folio); 5752 VM_BUG_ON_FOLIO(folio_test_lru(folio), folio); 5753 VM_BUG_ON(compound && !folio_test_large(folio)); 5754 5755 ret = -EINVAL; 5756 if (folio_memcg(folio) != from) 5757 goto out; 5758 5759 pgdat = folio_pgdat(folio); 5760 from_vec = mem_cgroup_lruvec(from, pgdat); 5761 to_vec = mem_cgroup_lruvec(to, pgdat); 5762 5763 folio_memcg_lock(folio); 5764 5765 if (folio_test_anon(folio)) { 5766 if (folio_mapped(folio)) { 5767 __mod_lruvec_state(from_vec, NR_ANON_MAPPED, -nr_pages); 5768 __mod_lruvec_state(to_vec, NR_ANON_MAPPED, nr_pages); 5769 if (folio_test_transhuge(folio)) { 5770 __mod_lruvec_state(from_vec, NR_ANON_THPS, 5771 -nr_pages); 5772 __mod_lruvec_state(to_vec, NR_ANON_THPS, 5773 nr_pages); 5774 } 5775 } 5776 } else { 5777 __mod_lruvec_state(from_vec, NR_FILE_PAGES, -nr_pages); 5778 __mod_lruvec_state(to_vec, NR_FILE_PAGES, nr_pages); 5779 5780 if (folio_test_swapbacked(folio)) { 5781 __mod_lruvec_state(from_vec, NR_SHMEM, -nr_pages); 5782 __mod_lruvec_state(to_vec, NR_SHMEM, nr_pages); 5783 } 5784 5785 if (folio_mapped(folio)) { 5786 __mod_lruvec_state(from_vec, NR_FILE_MAPPED, -nr_pages); 5787 __mod_lruvec_state(to_vec, NR_FILE_MAPPED, nr_pages); 5788 } 5789 5790 if (folio_test_dirty(folio)) { 5791 struct address_space *mapping = folio_mapping(folio); 5792 5793 if (mapping_can_writeback(mapping)) { 5794 __mod_lruvec_state(from_vec, NR_FILE_DIRTY, 5795 -nr_pages); 5796 __mod_lruvec_state(to_vec, NR_FILE_DIRTY, 5797 nr_pages); 5798 } 5799 } 5800 } 5801 5802#ifdef CONFIG_SWAP 5803 if (folio_test_swapcache(folio)) { 5804 __mod_lruvec_state(from_vec, NR_SWAPCACHE, -nr_pages); 5805 __mod_lruvec_state(to_vec, NR_SWAPCACHE, nr_pages); 5806 } 5807#endif 5808 if (folio_test_writeback(folio)) { 5809 __mod_lruvec_state(from_vec, NR_WRITEBACK, -nr_pages); 5810 __mod_lruvec_state(to_vec, NR_WRITEBACK, nr_pages); 5811 } 5812 5813 /* 5814 * All state has been migrated, let's switch to the new memcg. 5815 * 5816 * It is safe to change page's memcg here because the page 5817 * is referenced, charged, isolated, and locked: we can't race 5818 * with (un)charging, migration, LRU putback, or anything else 5819 * that would rely on a stable page's memory cgroup. 5820 * 5821 * Note that folio_memcg_lock is a memcg lock, not a page lock, 5822 * to save space. As soon as we switch page's memory cgroup to a 5823 * new memcg that isn't locked, the above state can change 5824 * concurrently again. Make sure we're truly done with it. 5825 */ 5826 smp_mb(); 5827 5828 css_get(&to->css); 5829 css_put(&from->css); 5830 5831 folio->memcg_data = (unsigned long)to; 5832 5833 __folio_memcg_unlock(from); 5834 5835 ret = 0; 5836 nid = folio_nid(folio); 5837 5838 local_irq_disable(); 5839 mem_cgroup_charge_statistics(to, nr_pages); 5840 memcg_check_events(to, nid); 5841 mem_cgroup_charge_statistics(from, -nr_pages); 5842 memcg_check_events(from, nid); 5843 local_irq_enable(); 5844out: 5845 return ret; 5846} 5847 5848/** 5849 * get_mctgt_type - get target type of moving charge 5850 * @vma: the vma the pte to be checked belongs 5851 * @addr: the address corresponding to the pte to be checked 5852 * @ptent: the pte to be checked 5853 * @target: the pointer the target page or swap ent will be stored(can be NULL) 5854 * 5855 * Returns 5856 * 0(MC_TARGET_NONE): if the pte is not a target for move charge. 5857 * 1(MC_TARGET_PAGE): if the page corresponding to this pte is a target for 5858 * move charge. if @target is not NULL, the page is stored in target->page 5859 * with extra refcnt got(Callers should handle it). 5860 * 2(MC_TARGET_SWAP): if the swap entry corresponding to this pte is a 5861 * target for charge migration. if @target is not NULL, the entry is stored 5862 * in target->ent. 5863 * 3(MC_TARGET_DEVICE): like MC_TARGET_PAGE but page is device memory and 5864 * thus not on the lru. 5865 * For now we such page is charge like a regular page would be as for all 5866 * intent and purposes it is just special memory taking the place of a 5867 * regular page. 5868 * 5869 * See Documentations/vm/hmm.txt and include/linux/hmm.h 5870 * 5871 * Called with pte lock held. 5872 */ 5873 5874static enum mc_target_type get_mctgt_type(struct vm_area_struct *vma, 5875 unsigned long addr, pte_t ptent, union mc_target *target) 5876{ 5877 struct page *page = NULL; 5878 enum mc_target_type ret = MC_TARGET_NONE; 5879 swp_entry_t ent = { .val = 0 }; 5880 5881 if (pte_present(ptent)) 5882 page = mc_handle_present_pte(vma, addr, ptent); 5883 else if (pte_none_mostly(ptent)) 5884 /* 5885 * PTE markers should be treated as a none pte here, separated 5886 * from other swap handling below. 5887 */ 5888 page = mc_handle_file_pte(vma, addr, ptent); 5889 else if (is_swap_pte(ptent)) 5890 page = mc_handle_swap_pte(vma, ptent, &ent); 5891 5892 if (target && page) { 5893 if (!trylock_page(page)) { 5894 put_page(page); 5895 return ret; 5896 } 5897 /* 5898 * page_mapped() must be stable during the move. This 5899 * pte is locked, so if it's present, the page cannot 5900 * become unmapped. If it isn't, we have only partial 5901 * control over the mapped state: the page lock will 5902 * prevent new faults against pagecache and swapcache, 5903 * so an unmapped page cannot become mapped. However, 5904 * if the page is already mapped elsewhere, it can 5905 * unmap, and there is nothing we can do about it. 5906 * Alas, skip moving the page in this case. 5907 */ 5908 if (!pte_present(ptent) && page_mapped(page)) { 5909 unlock_page(page); 5910 put_page(page); 5911 return ret; 5912 } 5913 } 5914 5915 if (!page && !ent.val) 5916 return ret; 5917 if (page) { 5918 /* 5919 * Do only loose check w/o serialization. 5920 * mem_cgroup_move_account() checks the page is valid or 5921 * not under LRU exclusion. 5922 */ 5923 if (page_memcg(page) == mc.from) { 5924 ret = MC_TARGET_PAGE; 5925 if (is_device_private_page(page) || 5926 is_device_coherent_page(page)) 5927 ret = MC_TARGET_DEVICE; 5928 if (target) 5929 target->page = page; 5930 } 5931 if (!ret || !target) { 5932 if (target) 5933 unlock_page(page); 5934 put_page(page); 5935 } 5936 } 5937 /* 5938 * There is a swap entry and a page doesn't exist or isn't charged. 5939 * But we cannot move a tail-page in a THP. 5940 */ 5941 if (ent.val && !ret && (!page || !PageTransCompound(page)) && 5942 mem_cgroup_id(mc.from) == lookup_swap_cgroup_id(ent)) { 5943 ret = MC_TARGET_SWAP; 5944 if (target) 5945 target->ent = ent; 5946 } 5947 return ret; 5948} 5949 5950#ifdef CONFIG_TRANSPARENT_HUGEPAGE 5951/* 5952 * We don't consider PMD mapped swapping or file mapped pages because THP does 5953 * not support them for now. 5954 * Caller should make sure that pmd_trans_huge(pmd) is true. 5955 */ 5956static enum mc_target_type get_mctgt_type_thp(struct vm_area_struct *vma, 5957 unsigned long addr, pmd_t pmd, union mc_target *target) 5958{ 5959 struct page *page = NULL; 5960 enum mc_target_type ret = MC_TARGET_NONE; 5961 5962 if (unlikely(is_swap_pmd(pmd))) { 5963 VM_BUG_ON(thp_migration_supported() && 5964 !is_pmd_migration_entry(pmd)); 5965 return ret; 5966 } 5967 page = pmd_page(pmd); 5968 VM_BUG_ON_PAGE(!page || !PageHead(page), page); 5969 if (!(mc.flags & MOVE_ANON)) 5970 return ret; 5971 if (page_memcg(page) == mc.from) { 5972 ret = MC_TARGET_PAGE; 5973 if (target) { 5974 get_page(page); 5975 if (!trylock_page(page)) { 5976 put_page(page); 5977 return MC_TARGET_NONE; 5978 } 5979 target->page = page; 5980 } 5981 } 5982 return ret; 5983} 5984#else 5985static inline enum mc_target_type get_mctgt_type_thp(struct vm_area_struct *vma, 5986 unsigned long addr, pmd_t pmd, union mc_target *target) 5987{ 5988 return MC_TARGET_NONE; 5989} 5990#endif 5991 5992static int mem_cgroup_count_precharge_pte_range(pmd_t *pmd, 5993 unsigned long addr, unsigned long end, 5994 struct mm_walk *walk) 5995{ 5996 struct vm_area_struct *vma = walk->vma; 5997 pte_t *pte; 5998 spinlock_t *ptl; 5999 6000 ptl = pmd_trans_huge_lock(pmd, vma); 6001 if (ptl) { 6002 /* 6003 * Note their can not be MC_TARGET_DEVICE for now as we do not 6004 * support transparent huge page with MEMORY_DEVICE_PRIVATE but 6005 * this might change. 6006 */ 6007 if (get_mctgt_type_thp(vma, addr, *pmd, NULL) == MC_TARGET_PAGE) 6008 mc.precharge += HPAGE_PMD_NR; 6009 spin_unlock(ptl); 6010 return 0; 6011 } 6012 6013 pte = pte_offset_map_lock(vma->vm_mm, pmd, addr, &ptl); 6014 if (!pte) 6015 return 0; 6016 for (; addr != end; pte++, addr += PAGE_SIZE) 6017 if (get_mctgt_type(vma, addr, ptep_get(pte), NULL)) 6018 mc.precharge++; /* increment precharge temporarily */ 6019 pte_unmap_unlock(pte - 1, ptl); 6020 cond_resched(); 6021 6022 return 0; 6023} 6024 6025static const struct mm_walk_ops precharge_walk_ops = { 6026 .pmd_entry = mem_cgroup_count_precharge_pte_range, 6027}; 6028 6029static unsigned long mem_cgroup_count_precharge(struct mm_struct *mm) 6030{ 6031 unsigned long precharge; 6032 6033 mmap_read_lock(mm); 6034 walk_page_range(mm, 0, ULONG_MAX, &precharge_walk_ops, NULL); 6035 mmap_read_unlock(mm); 6036 6037 precharge = mc.precharge; 6038 mc.precharge = 0; 6039 6040 return precharge; 6041} 6042 6043static int mem_cgroup_precharge_mc(struct mm_struct *mm) 6044{ 6045 unsigned long precharge = mem_cgroup_count_precharge(mm); 6046 6047 VM_BUG_ON(mc.moving_task); 6048 mc.moving_task = current; 6049 return mem_cgroup_do_precharge(precharge); 6050} 6051 6052/* cancels all extra charges on mc.from and mc.to, and wakes up all waiters. */ 6053static void __mem_cgroup_clear_mc(void) 6054{ 6055 struct mem_cgroup *from = mc.from; 6056 struct mem_cgroup *to = mc.to; 6057 6058 /* we must uncharge all the leftover precharges from mc.to */ 6059 if (mc.precharge) { 6060 cancel_charge(mc.to, mc.precharge); 6061 mc.precharge = 0; 6062 } 6063 /* 6064 * we didn't uncharge from mc.from at mem_cgroup_move_account(), so 6065 * we must uncharge here. 6066 */ 6067 if (mc.moved_charge) { 6068 cancel_charge(mc.from, mc.moved_charge); 6069 mc.moved_charge = 0; 6070 } 6071 /* we must fixup refcnts and charges */ 6072 if (mc.moved_swap) { 6073 /* uncharge swap account from the old cgroup */ 6074 if (!mem_cgroup_is_root(mc.from)) 6075 page_counter_uncharge(&mc.from->memsw, mc.moved_swap); 6076 6077 mem_cgroup_id_put_many(mc.from, mc.moved_swap); 6078 6079 /* 6080 * we charged both to->memory and to->memsw, so we 6081 * should uncharge to->memory. 6082 */ 6083 if (!mem_cgroup_is_root(mc.to)) 6084 page_counter_uncharge(&mc.to->memory, mc.moved_swap); 6085 6086 mc.moved_swap = 0; 6087 } 6088 memcg_oom_recover(from); 6089 memcg_oom_recover(to); 6090 wake_up_all(&mc.waitq); 6091} 6092 6093static void mem_cgroup_clear_mc(void) 6094{ 6095 struct mm_struct *mm = mc.mm; 6096 6097 /* 6098 * we must clear moving_task before waking up waiters at the end of 6099 * task migration. 6100 */ 6101 mc.moving_task = NULL; 6102 __mem_cgroup_clear_mc(); 6103 spin_lock(&mc.lock); 6104 mc.from = NULL; 6105 mc.to = NULL; 6106 mc.mm = NULL; 6107 spin_unlock(&mc.lock); 6108 6109 mmput(mm); 6110} 6111 6112static int mem_cgroup_can_attach(struct cgroup_taskset *tset) 6113{ 6114 struct cgroup_subsys_state *css; 6115 struct mem_cgroup *memcg = NULL; /* unneeded init to make gcc happy */ 6116 struct mem_cgroup *from; 6117 struct task_struct *leader, *p; 6118 struct mm_struct *mm; 6119 unsigned long move_flags; 6120 int ret = 0; 6121 6122 /* charge immigration isn't supported on the default hierarchy */ 6123 if (cgroup_subsys_on_dfl(memory_cgrp_subsys)) 6124 return 0; 6125 6126 /* 6127 * Multi-process migrations only happen on the default hierarchy 6128 * where charge immigration is not used. Perform charge 6129 * immigration if @tset contains a leader and whine if there are 6130 * multiple. 6131 */ 6132 p = NULL; 6133 cgroup_taskset_for_each_leader(leader, css, tset) { 6134 WARN_ON_ONCE(p); 6135 p = leader; 6136 memcg = mem_cgroup_from_css(css); 6137 } 6138 if (!p) 6139 return 0; 6140 6141 /* 6142 * We are now committed to this value whatever it is. Changes in this 6143 * tunable will only affect upcoming migrations, not the current one. 6144 * So we need to save it, and keep it going. 6145 */ 6146 move_flags = READ_ONCE(memcg->move_charge_at_immigrate); 6147 if (!move_flags) 6148 return 0; 6149 6150 from = mem_cgroup_from_task(p); 6151 6152 VM_BUG_ON(from == memcg); 6153 6154 mm = get_task_mm(p); 6155 if (!mm) 6156 return 0; 6157 /* We move charges only when we move a owner of the mm */ 6158 if (mm->owner == p) { 6159 VM_BUG_ON(mc.from); 6160 VM_BUG_ON(mc.to); 6161 VM_BUG_ON(mc.precharge); 6162 VM_BUG_ON(mc.moved_charge); 6163 VM_BUG_ON(mc.moved_swap); 6164 6165 spin_lock(&mc.lock); 6166 mc.mm = mm; 6167 mc.from = from; 6168 mc.to = memcg; 6169 mc.flags = move_flags; 6170 spin_unlock(&mc.lock); 6171 /* We set mc.moving_task later */ 6172 6173 ret = mem_cgroup_precharge_mc(mm); 6174 if (ret) 6175 mem_cgroup_clear_mc(); 6176 } else { 6177 mmput(mm); 6178 } 6179 return ret; 6180} 6181 6182static void mem_cgroup_cancel_attach(struct cgroup_taskset *tset) 6183{ 6184 if (mc.to) 6185 mem_cgroup_clear_mc(); 6186} 6187 6188static int mem_cgroup_move_charge_pte_range(pmd_t *pmd, 6189 unsigned long addr, unsigned long end, 6190 struct mm_walk *walk) 6191{ 6192 int ret = 0; 6193 struct vm_area_struct *vma = walk->vma; 6194 pte_t *pte; 6195 spinlock_t *ptl; 6196 enum mc_target_type target_type; 6197 union mc_target target; 6198 struct page *page; 6199 6200 ptl = pmd_trans_huge_lock(pmd, vma); 6201 if (ptl) { 6202 if (mc.precharge < HPAGE_PMD_NR) { 6203 spin_unlock(ptl); 6204 return 0; 6205 } 6206 target_type = get_mctgt_type_thp(vma, addr, *pmd, &target); 6207 if (target_type == MC_TARGET_PAGE) { 6208 page = target.page; 6209 if (isolate_lru_page(page)) { 6210 if (!mem_cgroup_move_account(page, true, 6211 mc.from, mc.to)) { 6212 mc.precharge -= HPAGE_PMD_NR; 6213 mc.moved_charge += HPAGE_PMD_NR; 6214 } 6215 putback_lru_page(page); 6216 } 6217 unlock_page(page); 6218 put_page(page); 6219 } else if (target_type == MC_TARGET_DEVICE) { 6220 page = target.page; 6221 if (!mem_cgroup_move_account(page, true, 6222 mc.from, mc.to)) { 6223 mc.precharge -= HPAGE_PMD_NR; 6224 mc.moved_charge += HPAGE_PMD_NR; 6225 } 6226 unlock_page(page); 6227 put_page(page); 6228 } 6229 spin_unlock(ptl); 6230 return 0; 6231 } 6232 6233retry: 6234 pte = pte_offset_map_lock(vma->vm_mm, pmd, addr, &ptl); 6235 if (!pte) 6236 return 0; 6237 for (; addr != end; addr += PAGE_SIZE) { 6238 pte_t ptent = ptep_get(pte++); 6239 bool device = false; 6240 swp_entry_t ent; 6241 6242 if (!mc.precharge) 6243 break; 6244 6245 switch (get_mctgt_type(vma, addr, ptent, &target)) { 6246 case MC_TARGET_DEVICE: 6247 device = true; 6248 fallthrough; 6249 case MC_TARGET_PAGE: 6250 page = target.page; 6251 /* 6252 * We can have a part of the split pmd here. Moving it 6253 * can be done but it would be too convoluted so simply 6254 * ignore such a partial THP and keep it in original 6255 * memcg. There should be somebody mapping the head. 6256 */ 6257 if (PageTransCompound(page)) 6258 goto put; 6259 if (!device && !isolate_lru_page(page)) 6260 goto put; 6261 if (!mem_cgroup_move_account(page, false, 6262 mc.from, mc.to)) { 6263 mc.precharge--; 6264 /* we uncharge from mc.from later. */ 6265 mc.moved_charge++; 6266 } 6267 if (!device) 6268 putback_lru_page(page); 6269put: /* get_mctgt_type() gets & locks the page */ 6270 unlock_page(page); 6271 put_page(page); 6272 break; 6273 case MC_TARGET_SWAP: 6274 ent = target.ent; 6275 if (!mem_cgroup_move_swap_account(ent, mc.from, mc.to)) { 6276 mc.precharge--; 6277 mem_cgroup_id_get_many(mc.to, 1); 6278 /* we fixup other refcnts and charges later. */ 6279 mc.moved_swap++; 6280 } 6281 break; 6282 default: 6283 break; 6284 } 6285 } 6286 pte_unmap_unlock(pte - 1, ptl); 6287 cond_resched(); 6288 6289 if (addr != end) { 6290 /* 6291 * We have consumed all precharges we got in can_attach(). 6292 * We try charge one by one, but don't do any additional 6293 * charges to mc.to if we have failed in charge once in attach() 6294 * phase. 6295 */ 6296 ret = mem_cgroup_do_precharge(1); 6297 if (!ret) 6298 goto retry; 6299 } 6300 6301 return ret; 6302} 6303 6304static const struct mm_walk_ops charge_walk_ops = { 6305 .pmd_entry = mem_cgroup_move_charge_pte_range, 6306}; 6307 6308static void mem_cgroup_move_charge(void) 6309{ 6310 lru_add_drain_all(); 6311 /* 6312 * Signal folio_memcg_lock() to take the memcg's move_lock 6313 * while we're moving its pages to another memcg. Then wait 6314 * for already started RCU-only updates to finish. 6315 */ 6316 atomic_inc(&mc.from->moving_account); 6317 synchronize_rcu(); 6318retry: 6319 if (unlikely(!mmap_read_trylock(mc.mm))) { 6320 /* 6321 * Someone who are holding the mmap_lock might be waiting in 6322 * waitq. So we cancel all extra charges, wake up all waiters, 6323 * and retry. Because we cancel precharges, we might not be able 6324 * to move enough charges, but moving charge is a best-effort 6325 * feature anyway, so it wouldn't be a big problem. 6326 */ 6327 __mem_cgroup_clear_mc(); 6328 cond_resched(); 6329 goto retry; 6330 } 6331 /* 6332 * When we have consumed all precharges and failed in doing 6333 * additional charge, the page walk just aborts. 6334 */ 6335 walk_page_range(mc.mm, 0, ULONG_MAX, &charge_walk_ops, NULL); 6336 mmap_read_unlock(mc.mm); 6337 atomic_dec(&mc.from->moving_account); 6338} 6339 6340static void mem_cgroup_move_task(void) 6341{ 6342 if (mc.to) { 6343 mem_cgroup_move_charge(); 6344 mem_cgroup_clear_mc(); 6345 } 6346} 6347#else /* !CONFIG_MMU */ 6348static int mem_cgroup_can_attach(struct cgroup_taskset *tset) 6349{ 6350 return 0; 6351} 6352static void mem_cgroup_cancel_attach(struct cgroup_taskset *tset) 6353{ 6354} 6355static void mem_cgroup_move_task(void) 6356{ 6357} 6358#endif 6359 6360#ifdef CONFIG_LRU_GEN 6361static void mem_cgroup_attach(struct cgroup_taskset *tset) 6362{ 6363 struct task_struct *task; 6364 struct cgroup_subsys_state *css; 6365 6366 /* find the first leader if there is any */ 6367 cgroup_taskset_for_each_leader(task, css, tset) 6368 break; 6369 6370 if (!task) 6371 return; 6372 6373 task_lock(task); 6374 if (task->mm && READ_ONCE(task->mm->owner) == task) 6375 lru_gen_migrate_mm(task->mm); 6376 task_unlock(task); 6377} 6378#else 6379static void mem_cgroup_attach(struct cgroup_taskset *tset) 6380{ 6381} 6382#endif /* CONFIG_LRU_GEN */ 6383 6384static int seq_puts_memcg_tunable(struct seq_file *m, unsigned long value) 6385{ 6386 if (value == PAGE_COUNTER_MAX) 6387 seq_puts(m, "max\n"); 6388 else 6389 seq_printf(m, "%llu\n", (u64)value * PAGE_SIZE); 6390 6391 return 0; 6392} 6393 6394static u64 memory_current_read(struct cgroup_subsys_state *css, 6395 struct cftype *cft) 6396{ 6397 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 6398 6399 return (u64)page_counter_read(&memcg->memory) * PAGE_SIZE; 6400} 6401 6402static u64 memory_peak_read(struct cgroup_subsys_state *css, 6403 struct cftype *cft) 6404{ 6405 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 6406 6407 return (u64)memcg->memory.watermark * PAGE_SIZE; 6408} 6409 6410static int memory_min_show(struct seq_file *m, void *v) 6411{ 6412 return seq_puts_memcg_tunable(m, 6413 READ_ONCE(mem_cgroup_from_seq(m)->memory.min)); 6414} 6415 6416static ssize_t memory_min_write(struct kernfs_open_file *of, 6417 char *buf, size_t nbytes, loff_t off) 6418{ 6419 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 6420 unsigned long min; 6421 int err; 6422 6423 buf = strstrip(buf); 6424 err = page_counter_memparse(buf, "max", &min); 6425 if (err) 6426 return err; 6427 6428 page_counter_set_min(&memcg->memory, min); 6429 6430 return nbytes; 6431} 6432 6433static int memory_low_show(struct seq_file *m, void *v) 6434{ 6435 return seq_puts_memcg_tunable(m, 6436 READ_ONCE(mem_cgroup_from_seq(m)->memory.low)); 6437} 6438 6439static ssize_t memory_low_write(struct kernfs_open_file *of, 6440 char *buf, size_t nbytes, loff_t off) 6441{ 6442 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 6443 unsigned long low; 6444 int err; 6445 6446 buf = strstrip(buf); 6447 err = page_counter_memparse(buf, "max", &low); 6448 if (err) 6449 return err; 6450 6451 page_counter_set_low(&memcg->memory, low); 6452 6453 return nbytes; 6454} 6455 6456static int memory_high_show(struct seq_file *m, void *v) 6457{ 6458 return seq_puts_memcg_tunable(m, 6459 READ_ONCE(mem_cgroup_from_seq(m)->memory.high)); 6460} 6461 6462static ssize_t memory_high_write(struct kernfs_open_file *of, 6463 char *buf, size_t nbytes, loff_t off) 6464{ 6465 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 6466 unsigned int nr_retries = MAX_RECLAIM_RETRIES; 6467 bool drained = false; 6468 unsigned long high; 6469 int err; 6470 6471 buf = strstrip(buf); 6472 err = page_counter_memparse(buf, "max", &high); 6473 if (err) 6474 return err; 6475 6476 page_counter_set_high(&memcg->memory, high); 6477 6478 for (;;) { 6479 unsigned long nr_pages = page_counter_read(&memcg->memory); 6480 unsigned long reclaimed; 6481 6482 if (nr_pages <= high) 6483 break; 6484 6485 if (signal_pending(current)) 6486 break; 6487 6488 if (!drained) { 6489 drain_all_stock(memcg); 6490 drained = true; 6491 continue; 6492 } 6493 6494 reclaimed = try_to_free_mem_cgroup_pages(memcg, nr_pages - high, 6495 GFP_KERNEL, MEMCG_RECLAIM_MAY_SWAP); 6496 6497 if (!reclaimed && !nr_retries--) 6498 break; 6499 } 6500 6501 memcg_wb_domain_size_changed(memcg); 6502 return nbytes; 6503} 6504 6505static int memory_max_show(struct seq_file *m, void *v) 6506{ 6507 return seq_puts_memcg_tunable(m, 6508 READ_ONCE(mem_cgroup_from_seq(m)->memory.max)); 6509} 6510 6511static ssize_t memory_max_write(struct kernfs_open_file *of, 6512 char *buf, size_t nbytes, loff_t off) 6513{ 6514 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 6515 unsigned int nr_reclaims = MAX_RECLAIM_RETRIES; 6516 bool drained = false; 6517 unsigned long max; 6518 int err; 6519 6520 buf = strstrip(buf); 6521 err = page_counter_memparse(buf, "max", &max); 6522 if (err) 6523 return err; 6524 6525 xchg(&memcg->memory.max, max); 6526 6527 for (;;) { 6528 unsigned long nr_pages = page_counter_read(&memcg->memory); 6529 6530 if (nr_pages <= max) 6531 break; 6532 6533 if (signal_pending(current)) 6534 break; 6535 6536 if (!drained) { 6537 drain_all_stock(memcg); 6538 drained = true; 6539 continue; 6540 } 6541 6542 if (nr_reclaims) { 6543 if (!try_to_free_mem_cgroup_pages(memcg, nr_pages - max, 6544 GFP_KERNEL, MEMCG_RECLAIM_MAY_SWAP)) 6545 nr_reclaims--; 6546 continue; 6547 } 6548 6549 memcg_memory_event(memcg, MEMCG_OOM); 6550 if (!mem_cgroup_out_of_memory(memcg, GFP_KERNEL, 0)) 6551 break; 6552 } 6553 6554 memcg_wb_domain_size_changed(memcg); 6555 return nbytes; 6556} 6557 6558static void __memory_events_show(struct seq_file *m, atomic_long_t *events) 6559{ 6560 seq_printf(m, "low %lu\n", atomic_long_read(&events[MEMCG_LOW])); 6561 seq_printf(m, "high %lu\n", atomic_long_read(&events[MEMCG_HIGH])); 6562 seq_printf(m, "max %lu\n", atomic_long_read(&events[MEMCG_MAX])); 6563 seq_printf(m, "oom %lu\n", atomic_long_read(&events[MEMCG_OOM])); 6564 seq_printf(m, "oom_kill %lu\n", 6565 atomic_long_read(&events[MEMCG_OOM_KILL])); 6566 seq_printf(m, "oom_group_kill %lu\n", 6567 atomic_long_read(&events[MEMCG_OOM_GROUP_KILL])); 6568} 6569 6570static int memory_events_show(struct seq_file *m, void *v) 6571{ 6572 struct mem_cgroup *memcg = mem_cgroup_from_seq(m); 6573 6574 __memory_events_show(m, memcg->memory_events); 6575 return 0; 6576} 6577 6578static int memory_events_local_show(struct seq_file *m, void *v) 6579{ 6580 struct mem_cgroup *memcg = mem_cgroup_from_seq(m); 6581 6582 __memory_events_show(m, memcg->memory_events_local); 6583 return 0; 6584} 6585 6586static int memory_stat_show(struct seq_file *m, void *v) 6587{ 6588 struct mem_cgroup *memcg = mem_cgroup_from_seq(m); 6589 char *buf = kmalloc(PAGE_SIZE, GFP_KERNEL); 6590 struct seq_buf s; 6591 6592 if (!buf) 6593 return -ENOMEM; 6594 seq_buf_init(&s, buf, PAGE_SIZE); 6595 memory_stat_format(memcg, &s); 6596 seq_puts(m, buf); 6597 kfree(buf); 6598 return 0; 6599} 6600 6601#ifdef CONFIG_NUMA 6602static inline unsigned long lruvec_page_state_output(struct lruvec *lruvec, 6603 int item) 6604{ 6605 return lruvec_page_state(lruvec, item) * memcg_page_state_unit(item); 6606} 6607 6608static int memory_numa_stat_show(struct seq_file *m, void *v) 6609{ 6610 int i; 6611 struct mem_cgroup *memcg = mem_cgroup_from_seq(m); 6612 6613 mem_cgroup_flush_stats(); 6614 6615 for (i = 0; i < ARRAY_SIZE(memory_stats); i++) { 6616 int nid; 6617 6618 if (memory_stats[i].idx >= NR_VM_NODE_STAT_ITEMS) 6619 continue; 6620 6621 seq_printf(m, "%s", memory_stats[i].name); 6622 for_each_node_state(nid, N_MEMORY) { 6623 u64 size; 6624 struct lruvec *lruvec; 6625 6626 lruvec = mem_cgroup_lruvec(memcg, NODE_DATA(nid)); 6627 size = lruvec_page_state_output(lruvec, 6628 memory_stats[i].idx); 6629 seq_printf(m, " N%d=%llu", nid, size); 6630 } 6631 seq_putc(m, '\n'); 6632 } 6633 6634 return 0; 6635} 6636#endif 6637 6638static int memory_oom_group_show(struct seq_file *m, void *v) 6639{ 6640 struct mem_cgroup *memcg = mem_cgroup_from_seq(m); 6641 6642 seq_printf(m, "%d\n", READ_ONCE(memcg->oom_group)); 6643 6644 return 0; 6645} 6646 6647static ssize_t memory_oom_group_write(struct kernfs_open_file *of, 6648 char *buf, size_t nbytes, loff_t off) 6649{ 6650 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 6651 int ret, oom_group; 6652 6653 buf = strstrip(buf); 6654 if (!buf) 6655 return -EINVAL; 6656 6657 ret = kstrtoint(buf, 0, &oom_group); 6658 if (ret) 6659 return ret; 6660 6661 if (oom_group != 0 && oom_group != 1) 6662 return -EINVAL; 6663 6664 WRITE_ONCE(memcg->oom_group, oom_group); 6665 6666 return nbytes; 6667} 6668 6669static ssize_t memory_reclaim(struct kernfs_open_file *of, char *buf, 6670 size_t nbytes, loff_t off) 6671{ 6672 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 6673 unsigned int nr_retries = MAX_RECLAIM_RETRIES; 6674 unsigned long nr_to_reclaim, nr_reclaimed = 0; 6675 unsigned int reclaim_options; 6676 int err; 6677 6678 buf = strstrip(buf); 6679 err = page_counter_memparse(buf, "", &nr_to_reclaim); 6680 if (err) 6681 return err; 6682 6683 reclaim_options = MEMCG_RECLAIM_MAY_SWAP | MEMCG_RECLAIM_PROACTIVE; 6684 while (nr_reclaimed < nr_to_reclaim) { 6685 unsigned long reclaimed; 6686 6687 if (signal_pending(current)) 6688 return -EINTR; 6689 6690 /* 6691 * This is the final attempt, drain percpu lru caches in the 6692 * hope of introducing more evictable pages for 6693 * try_to_free_mem_cgroup_pages(). 6694 */ 6695 if (!nr_retries) 6696 lru_add_drain_all(); 6697 6698 reclaimed = try_to_free_mem_cgroup_pages(memcg, 6699 nr_to_reclaim - nr_reclaimed, 6700 GFP_KERNEL, reclaim_options); 6701 6702 if (!reclaimed && !nr_retries--) 6703 return -EAGAIN; 6704 6705 nr_reclaimed += reclaimed; 6706 } 6707 6708 return nbytes; 6709} 6710 6711static struct cftype memory_files[] = { 6712 { 6713 .name = "current", 6714 .flags = CFTYPE_NOT_ON_ROOT, 6715 .read_u64 = memory_current_read, 6716 }, 6717 { 6718 .name = "peak", 6719 .flags = CFTYPE_NOT_ON_ROOT, 6720 .read_u64 = memory_peak_read, 6721 }, 6722 { 6723 .name = "min", 6724 .flags = CFTYPE_NOT_ON_ROOT, 6725 .seq_show = memory_min_show, 6726 .write = memory_min_write, 6727 }, 6728 { 6729 .name = "low", 6730 .flags = CFTYPE_NOT_ON_ROOT, 6731 .seq_show = memory_low_show, 6732 .write = memory_low_write, 6733 }, 6734 { 6735 .name = "high", 6736 .flags = CFTYPE_NOT_ON_ROOT, 6737 .seq_show = memory_high_show, 6738 .write = memory_high_write, 6739 }, 6740 { 6741 .name = "max", 6742 .flags = CFTYPE_NOT_ON_ROOT, 6743 .seq_show = memory_max_show, 6744 .write = memory_max_write, 6745 }, 6746 { 6747 .name = "events", 6748 .flags = CFTYPE_NOT_ON_ROOT, 6749 .file_offset = offsetof(struct mem_cgroup, events_file), 6750 .seq_show = memory_events_show, 6751 }, 6752 { 6753 .name = "events.local", 6754 .flags = CFTYPE_NOT_ON_ROOT, 6755 .file_offset = offsetof(struct mem_cgroup, events_local_file), 6756 .seq_show = memory_events_local_show, 6757 }, 6758 { 6759 .name = "stat", 6760 .seq_show = memory_stat_show, 6761 }, 6762#ifdef CONFIG_NUMA 6763 { 6764 .name = "numa_stat", 6765 .seq_show = memory_numa_stat_show, 6766 }, 6767#endif 6768 { 6769 .name = "oom.group", 6770 .flags = CFTYPE_NOT_ON_ROOT | CFTYPE_NS_DELEGATABLE, 6771 .seq_show = memory_oom_group_show, 6772 .write = memory_oom_group_write, 6773 }, 6774 { 6775 .name = "reclaim", 6776 .flags = CFTYPE_NS_DELEGATABLE, 6777 .write = memory_reclaim, 6778 }, 6779 { } /* terminate */ 6780}; 6781 6782struct cgroup_subsys memory_cgrp_subsys = { 6783 .css_alloc = mem_cgroup_css_alloc, 6784 .css_online = mem_cgroup_css_online, 6785 .css_offline = mem_cgroup_css_offline, 6786 .css_released = mem_cgroup_css_released, 6787 .css_free = mem_cgroup_css_free, 6788 .css_reset = mem_cgroup_css_reset, 6789 .css_rstat_flush = mem_cgroup_css_rstat_flush, 6790 .can_attach = mem_cgroup_can_attach, 6791 .attach = mem_cgroup_attach, 6792 .cancel_attach = mem_cgroup_cancel_attach, 6793 .post_attach = mem_cgroup_move_task, 6794 .dfl_cftypes = memory_files, 6795 .legacy_cftypes = mem_cgroup_legacy_files, 6796 .early_init = 0, 6797}; 6798 6799/* 6800 * This function calculates an individual cgroup's effective 6801 * protection which is derived from its own memory.min/low, its 6802 * parent's and siblings' settings, as well as the actual memory 6803 * distribution in the tree. 6804 * 6805 * The following rules apply to the effective protection values: 6806 * 6807 * 1. At the first level of reclaim, effective protection is equal to 6808 * the declared protection in memory.min and memory.low. 6809 * 6810 * 2. To enable safe delegation of the protection configuration, at 6811 * subsequent levels the effective protection is capped to the 6812 * parent's effective protection. 6813 * 6814 * 3. To make complex and dynamic subtrees easier to configure, the 6815 * user is allowed to overcommit the declared protection at a given 6816 * level. If that is the case, the parent's effective protection is 6817 * distributed to the children in proportion to how much protection 6818 * they have declared and how much of it they are utilizing. 6819 * 6820 * This makes distribution proportional, but also work-conserving: 6821 * if one cgroup claims much more protection than it uses memory, 6822 * the unused remainder is available to its siblings. 6823 * 6824 * 4. Conversely, when the declared protection is undercommitted at a 6825 * given level, the distribution of the larger parental protection 6826 * budget is NOT proportional. A cgroup's protection from a sibling 6827 * is capped to its own memory.min/low setting. 6828 * 6829 * 5. However, to allow protecting recursive subtrees from each other 6830 * without having to declare each individual cgroup's fixed share 6831 * of the ancestor's claim to protection, any unutilized - 6832 * "floating" - protection from up the tree is distributed in 6833 * proportion to each cgroup's *usage*. This makes the protection 6834 * neutral wrt sibling cgroups and lets them compete freely over 6835 * the shared parental protection budget, but it protects the 6836 * subtree as a whole from neighboring subtrees. 6837 * 6838 * Note that 4. and 5. are not in conflict: 4. is about protecting 6839 * against immediate siblings whereas 5. is about protecting against 6840 * neighboring subtrees. 6841 */ 6842static unsigned long effective_protection(unsigned long usage, 6843 unsigned long parent_usage, 6844 unsigned long setting, 6845 unsigned long parent_effective, 6846 unsigned long siblings_protected) 6847{ 6848 unsigned long protected; 6849 unsigned long ep; 6850 6851 protected = min(usage, setting); 6852 /* 6853 * If all cgroups at this level combined claim and use more 6854 * protection than what the parent affords them, distribute 6855 * shares in proportion to utilization. 6856 * 6857 * We are using actual utilization rather than the statically 6858 * claimed protection in order to be work-conserving: claimed 6859 * but unused protection is available to siblings that would 6860 * otherwise get a smaller chunk than what they claimed. 6861 */ 6862 if (siblings_protected > parent_effective) 6863 return protected * parent_effective / siblings_protected; 6864 6865 /* 6866 * Ok, utilized protection of all children is within what the 6867 * parent affords them, so we know whatever this child claims 6868 * and utilizes is effectively protected. 6869 * 6870 * If there is unprotected usage beyond this value, reclaim 6871 * will apply pressure in proportion to that amount. 6872 * 6873 * If there is unutilized protection, the cgroup will be fully 6874 * shielded from reclaim, but we do return a smaller value for 6875 * protection than what the group could enjoy in theory. This 6876 * is okay. With the overcommit distribution above, effective 6877 * protection is always dependent on how memory is actually 6878 * consumed among the siblings anyway. 6879 */ 6880 ep = protected; 6881 6882 /* 6883 * If the children aren't claiming (all of) the protection 6884 * afforded to them by the parent, distribute the remainder in 6885 * proportion to the (unprotected) memory of each cgroup. That 6886 * way, cgroups that aren't explicitly prioritized wrt each 6887 * other compete freely over the allowance, but they are 6888 * collectively protected from neighboring trees. 6889 * 6890 * We're using unprotected memory for the weight so that if 6891 * some cgroups DO claim explicit protection, we don't protect 6892 * the same bytes twice. 6893 * 6894 * Check both usage and parent_usage against the respective 6895 * protected values. One should imply the other, but they 6896 * aren't read atomically - make sure the division is sane. 6897 */ 6898 if (!(cgrp_dfl_root.flags & CGRP_ROOT_MEMORY_RECURSIVE_PROT)) 6899 return ep; 6900 if (parent_effective > siblings_protected && 6901 parent_usage > siblings_protected && 6902 usage > protected) { 6903 unsigned long unclaimed; 6904 6905 unclaimed = parent_effective - siblings_protected; 6906 unclaimed *= usage - protected; 6907 unclaimed /= parent_usage - siblings_protected; 6908 6909 ep += unclaimed; 6910 } 6911 6912 return ep; 6913} 6914 6915/** 6916 * mem_cgroup_calculate_protection - check if memory consumption is in the normal range 6917 * @root: the top ancestor of the sub-tree being checked 6918 * @memcg: the memory cgroup to check 6919 * 6920 * WARNING: This function is not stateless! It can only be used as part 6921 * of a top-down tree iteration, not for isolated queries. 6922 */ 6923void mem_cgroup_calculate_protection(struct mem_cgroup *root, 6924 struct mem_cgroup *memcg) 6925{ 6926 unsigned long usage, parent_usage; 6927 struct mem_cgroup *parent; 6928 6929 if (mem_cgroup_disabled()) 6930 return; 6931 6932 if (!root) 6933 root = root_mem_cgroup; 6934 6935 /* 6936 * Effective values of the reclaim targets are ignored so they 6937 * can be stale. Have a look at mem_cgroup_protection for more 6938 * details. 6939 * TODO: calculation should be more robust so that we do not need 6940 * that special casing. 6941 */ 6942 if (memcg == root) 6943 return; 6944 6945 usage = page_counter_read(&memcg->memory); 6946 if (!usage) 6947 return; 6948 6949 parent = parent_mem_cgroup(memcg); 6950 6951 if (parent == root) { 6952 memcg->memory.emin = READ_ONCE(memcg->memory.min); 6953 memcg->memory.elow = READ_ONCE(memcg->memory.low); 6954 return; 6955 } 6956 6957 parent_usage = page_counter_read(&parent->memory); 6958 6959 WRITE_ONCE(memcg->memory.emin, effective_protection(usage, parent_usage, 6960 READ_ONCE(memcg->memory.min), 6961 READ_ONCE(parent->memory.emin), 6962 atomic_long_read(&parent->memory.children_min_usage))); 6963 6964 WRITE_ONCE(memcg->memory.elow, effective_protection(usage, parent_usage, 6965 READ_ONCE(memcg->memory.low), 6966 READ_ONCE(parent->memory.elow), 6967 atomic_long_read(&parent->memory.children_low_usage))); 6968} 6969 6970static int charge_memcg(struct folio *folio, struct mem_cgroup *memcg, 6971 gfp_t gfp) 6972{ 6973 long nr_pages = folio_nr_pages(folio); 6974 int ret; 6975 6976 ret = try_charge(memcg, gfp, nr_pages); 6977 if (ret) 6978 goto out; 6979 6980 css_get(&memcg->css); 6981 commit_charge(folio, memcg); 6982 6983 local_irq_disable(); 6984 mem_cgroup_charge_statistics(memcg, nr_pages); 6985 memcg_check_events(memcg, folio_nid(folio)); 6986 local_irq_enable(); 6987out: 6988 return ret; 6989} 6990 6991int __mem_cgroup_charge(struct folio *folio, struct mm_struct *mm, gfp_t gfp) 6992{ 6993 struct mem_cgroup *memcg; 6994 int ret; 6995 6996 memcg = get_mem_cgroup_from_mm(mm); 6997 ret = charge_memcg(folio, memcg, gfp); 6998 css_put(&memcg->css); 6999 7000 return ret; 7001} 7002 7003/** 7004 * mem_cgroup_swapin_charge_folio - Charge a newly allocated folio for swapin. 7005 * @folio: folio to charge. 7006 * @mm: mm context of the victim 7007 * @gfp: reclaim mode 7008 * @entry: swap entry for which the folio is allocated 7009 * 7010 * This function charges a folio allocated for swapin. Please call this before 7011 * adding the folio to the swapcache. 7012 * 7013 * Returns 0 on success. Otherwise, an error code is returned. 7014 */ 7015int mem_cgroup_swapin_charge_folio(struct folio *folio, struct mm_struct *mm, 7016 gfp_t gfp, swp_entry_t entry) 7017{ 7018 struct mem_cgroup *memcg; 7019 unsigned short id; 7020 int ret; 7021 7022 if (mem_cgroup_disabled()) 7023 return 0; 7024 7025 id = lookup_swap_cgroup_id(entry); 7026 rcu_read_lock(); 7027 memcg = mem_cgroup_from_id(id); 7028 if (!memcg || !css_tryget_online(&memcg->css)) 7029 memcg = get_mem_cgroup_from_mm(mm); 7030 rcu_read_unlock(); 7031 7032 ret = charge_memcg(folio, memcg, gfp); 7033 7034 css_put(&memcg->css); 7035 return ret; 7036} 7037 7038/* 7039 * mem_cgroup_swapin_uncharge_swap - uncharge swap slot 7040 * @entry: swap entry for which the page is charged 7041 * 7042 * Call this function after successfully adding the charged page to swapcache. 7043 * 7044 * Note: This function assumes the page for which swap slot is being uncharged 7045 * is order 0 page. 7046 */ 7047void mem_cgroup_swapin_uncharge_swap(swp_entry_t entry) 7048{ 7049 /* 7050 * Cgroup1's unified memory+swap counter has been charged with the 7051 * new swapcache page, finish the transfer by uncharging the swap 7052 * slot. The swap slot would also get uncharged when it dies, but 7053 * it can stick around indefinitely and we'd count the page twice 7054 * the entire time. 7055 * 7056 * Cgroup2 has separate resource counters for memory and swap, 7057 * so this is a non-issue here. Memory and swap charge lifetimes 7058 * correspond 1:1 to page and swap slot lifetimes: we charge the 7059 * page to memory here, and uncharge swap when the slot is freed. 7060 */ 7061 if (!mem_cgroup_disabled() && do_memsw_account()) { 7062 /* 7063 * The swap entry might not get freed for a long time, 7064 * let's not wait for it. The page already received a 7065 * memory+swap charge, drop the swap entry duplicate. 7066 */ 7067 mem_cgroup_uncharge_swap(entry, 1); 7068 } 7069} 7070 7071struct uncharge_gather { 7072 struct mem_cgroup *memcg; 7073 unsigned long nr_memory; 7074 unsigned long pgpgout; 7075 unsigned long nr_kmem; 7076 int nid; 7077}; 7078 7079static inline void uncharge_gather_clear(struct uncharge_gather *ug) 7080{ 7081 memset(ug, 0, sizeof(*ug)); 7082} 7083 7084static void uncharge_batch(const struct uncharge_gather *ug) 7085{ 7086 unsigned long flags; 7087 7088 if (ug->nr_memory) { 7089 page_counter_uncharge(&ug->memcg->memory, ug->nr_memory); 7090 if (do_memsw_account()) 7091 page_counter_uncharge(&ug->memcg->memsw, ug->nr_memory); 7092 if (ug->nr_kmem) 7093 memcg_account_kmem(ug->memcg, -ug->nr_kmem); 7094 memcg_oom_recover(ug->memcg); 7095 } 7096 7097 local_irq_save(flags); 7098 __count_memcg_events(ug->memcg, PGPGOUT, ug->pgpgout); 7099 __this_cpu_add(ug->memcg->vmstats_percpu->nr_page_events, ug->nr_memory); 7100 memcg_check_events(ug->memcg, ug->nid); 7101 local_irq_restore(flags); 7102 7103 /* drop reference from uncharge_folio */ 7104 css_put(&ug->memcg->css); 7105} 7106 7107static void uncharge_folio(struct folio *folio, struct uncharge_gather *ug) 7108{ 7109 long nr_pages; 7110 struct mem_cgroup *memcg; 7111 struct obj_cgroup *objcg; 7112 7113 VM_BUG_ON_FOLIO(folio_test_lru(folio), folio); 7114 7115 /* 7116 * Nobody should be changing or seriously looking at 7117 * folio memcg or objcg at this point, we have fully 7118 * exclusive access to the folio. 7119 */ 7120 if (folio_memcg_kmem(folio)) { 7121 objcg = __folio_objcg(folio); 7122 /* 7123 * This get matches the put at the end of the function and 7124 * kmem pages do not hold memcg references anymore. 7125 */ 7126 memcg = get_mem_cgroup_from_objcg(objcg); 7127 } else { 7128 memcg = __folio_memcg(folio); 7129 } 7130 7131 if (!memcg) 7132 return; 7133 7134 if (ug->memcg != memcg) { 7135 if (ug->memcg) { 7136 uncharge_batch(ug); 7137 uncharge_gather_clear(ug); 7138 } 7139 ug->memcg = memcg; 7140 ug->nid = folio_nid(folio); 7141 7142 /* pairs with css_put in uncharge_batch */ 7143 css_get(&memcg->css); 7144 } 7145 7146 nr_pages = folio_nr_pages(folio); 7147 7148 if (folio_memcg_kmem(folio)) { 7149 ug->nr_memory += nr_pages; 7150 ug->nr_kmem += nr_pages; 7151 7152 folio->memcg_data = 0; 7153 obj_cgroup_put(objcg); 7154 } else { 7155 /* LRU pages aren't accounted at the root level */ 7156 if (!mem_cgroup_is_root(memcg)) 7157 ug->nr_memory += nr_pages; 7158 ug->pgpgout++; 7159 7160 folio->memcg_data = 0; 7161 } 7162 7163 css_put(&memcg->css); 7164} 7165 7166void __mem_cgroup_uncharge(struct folio *folio) 7167{ 7168 struct uncharge_gather ug; 7169 7170 /* Don't touch folio->lru of any random page, pre-check: */ 7171 if (!folio_memcg(folio)) 7172 return; 7173 7174 uncharge_gather_clear(&ug); 7175 uncharge_folio(folio, &ug); 7176 uncharge_batch(&ug); 7177} 7178 7179/** 7180 * __mem_cgroup_uncharge_list - uncharge a list of page 7181 * @page_list: list of pages to uncharge 7182 * 7183 * Uncharge a list of pages previously charged with 7184 * __mem_cgroup_charge(). 7185 */ 7186void __mem_cgroup_uncharge_list(struct list_head *page_list) 7187{ 7188 struct uncharge_gather ug; 7189 struct folio *folio; 7190 7191 uncharge_gather_clear(&ug); 7192 list_for_each_entry(folio, page_list, lru) 7193 uncharge_folio(folio, &ug); 7194 if (ug.memcg) 7195 uncharge_batch(&ug); 7196} 7197 7198/** 7199 * mem_cgroup_migrate - Charge a folio's replacement. 7200 * @old: Currently circulating folio. 7201 * @new: Replacement folio. 7202 * 7203 * Charge @new as a replacement folio for @old. @old will 7204 * be uncharged upon free. 7205 * 7206 * Both folios must be locked, @new->mapping must be set up. 7207 */ 7208void mem_cgroup_migrate(struct folio *old, struct folio *new) 7209{ 7210 struct mem_cgroup *memcg; 7211 long nr_pages = folio_nr_pages(new); 7212 unsigned long flags; 7213 7214 VM_BUG_ON_FOLIO(!folio_test_locked(old), old); 7215 VM_BUG_ON_FOLIO(!folio_test_locked(new), new); 7216 VM_BUG_ON_FOLIO(folio_test_anon(old) != folio_test_anon(new), new); 7217 VM_BUG_ON_FOLIO(folio_nr_pages(old) != nr_pages, new); 7218 7219 if (mem_cgroup_disabled()) 7220 return; 7221 7222 /* Page cache replacement: new folio already charged? */ 7223 if (folio_memcg(new)) 7224 return; 7225 7226 memcg = folio_memcg(old); 7227 VM_WARN_ON_ONCE_FOLIO(!memcg, old); 7228 if (!memcg) 7229 return; 7230 7231 /* Force-charge the new page. The old one will be freed soon */ 7232 if (!mem_cgroup_is_root(memcg)) { 7233 page_counter_charge(&memcg->memory, nr_pages); 7234 if (do_memsw_account()) 7235 page_counter_charge(&memcg->memsw, nr_pages); 7236 } 7237 7238 css_get(&memcg->css); 7239 commit_charge(new, memcg); 7240 7241 local_irq_save(flags); 7242 mem_cgroup_charge_statistics(memcg, nr_pages); 7243 memcg_check_events(memcg, folio_nid(new)); 7244 local_irq_restore(flags); 7245} 7246 7247DEFINE_STATIC_KEY_FALSE(memcg_sockets_enabled_key); 7248EXPORT_SYMBOL(memcg_sockets_enabled_key); 7249 7250void mem_cgroup_sk_alloc(struct sock *sk) 7251{ 7252 struct mem_cgroup *memcg; 7253 7254 if (!mem_cgroup_sockets_enabled) 7255 return; 7256 7257 /* Do not associate the sock with unrelated interrupted task's memcg. */ 7258 if (!in_task()) 7259 return; 7260 7261 rcu_read_lock(); 7262 memcg = mem_cgroup_from_task(current); 7263 if (mem_cgroup_is_root(memcg)) 7264 goto out; 7265 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys) && !memcg->tcpmem_active) 7266 goto out; 7267 if (css_tryget(&memcg->css)) 7268 sk->sk_memcg = memcg; 7269out: 7270 rcu_read_unlock(); 7271} 7272 7273void mem_cgroup_sk_free(struct sock *sk) 7274{ 7275 if (sk->sk_memcg) 7276 css_put(&sk->sk_memcg->css); 7277} 7278 7279/** 7280 * mem_cgroup_charge_skmem - charge socket memory 7281 * @memcg: memcg to charge 7282 * @nr_pages: number of pages to charge 7283 * @gfp_mask: reclaim mode 7284 * 7285 * Charges @nr_pages to @memcg. Returns %true if the charge fit within 7286 * @memcg's configured limit, %false if it doesn't. 7287 */ 7288bool mem_cgroup_charge_skmem(struct mem_cgroup *memcg, unsigned int nr_pages, 7289 gfp_t gfp_mask) 7290{ 7291 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys)) { 7292 struct page_counter *fail; 7293 7294 if (page_counter_try_charge(&memcg->tcpmem, nr_pages, &fail)) { 7295 memcg->tcpmem_pressure = 0; 7296 return true; 7297 } 7298 memcg->tcpmem_pressure = 1; 7299 if (gfp_mask & __GFP_NOFAIL) { 7300 page_counter_charge(&memcg->tcpmem, nr_pages); 7301 return true; 7302 } 7303 return false; 7304 } 7305 7306 if (try_charge(memcg, gfp_mask, nr_pages) == 0) { 7307 mod_memcg_state(memcg, MEMCG_SOCK, nr_pages); 7308 return true; 7309 } 7310 7311 return false; 7312} 7313 7314/** 7315 * mem_cgroup_uncharge_skmem - uncharge socket memory 7316 * @memcg: memcg to uncharge 7317 * @nr_pages: number of pages to uncharge 7318 */ 7319void mem_cgroup_uncharge_skmem(struct mem_cgroup *memcg, unsigned int nr_pages) 7320{ 7321 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys)) { 7322 page_counter_uncharge(&memcg->tcpmem, nr_pages); 7323 return; 7324 } 7325 7326 mod_memcg_state(memcg, MEMCG_SOCK, -nr_pages); 7327 7328 refill_stock(memcg, nr_pages); 7329} 7330 7331static int __init cgroup_memory(char *s) 7332{ 7333 char *token; 7334 7335 while ((token = strsep(&s, ",")) != NULL) { 7336 if (!*token) 7337 continue; 7338 if (!strcmp(token, "nosocket")) 7339 cgroup_memory_nosocket = true; 7340 if (!strcmp(token, "nokmem")) 7341 cgroup_memory_nokmem = true; 7342 if (!strcmp(token, "nobpf")) 7343 cgroup_memory_nobpf = true; 7344 } 7345 return 1; 7346} 7347__setup("cgroup.memory=", cgroup_memory); 7348 7349/* 7350 * subsys_initcall() for memory controller. 7351 * 7352 * Some parts like memcg_hotplug_cpu_dead() have to be initialized from this 7353 * context because of lock dependencies (cgroup_lock -> cpu hotplug) but 7354 * basically everything that doesn't depend on a specific mem_cgroup structure 7355 * should be initialized from here. 7356 */ 7357static int __init mem_cgroup_init(void) 7358{ 7359 int cpu, node; 7360 7361 /* 7362 * Currently s32 type (can refer to struct batched_lruvec_stat) is 7363 * used for per-memcg-per-cpu caching of per-node statistics. In order 7364 * to work fine, we should make sure that the overfill threshold can't 7365 * exceed S32_MAX / PAGE_SIZE. 7366 */ 7367 BUILD_BUG_ON(MEMCG_CHARGE_BATCH > S32_MAX / PAGE_SIZE); 7368 7369 cpuhp_setup_state_nocalls(CPUHP_MM_MEMCQ_DEAD, "mm/memctrl:dead", NULL, 7370 memcg_hotplug_cpu_dead); 7371 7372 for_each_possible_cpu(cpu) 7373 INIT_WORK(&per_cpu_ptr(&memcg_stock, cpu)->work, 7374 drain_local_stock); 7375 7376 for_each_node(node) { 7377 struct mem_cgroup_tree_per_node *rtpn; 7378 7379 rtpn = kzalloc_node(sizeof(*rtpn), GFP_KERNEL, node); 7380 7381 rtpn->rb_root = RB_ROOT; 7382 rtpn->rb_rightmost = NULL; 7383 spin_lock_init(&rtpn->lock); 7384 soft_limit_tree.rb_tree_per_node[node] = rtpn; 7385 } 7386 7387 return 0; 7388} 7389subsys_initcall(mem_cgroup_init); 7390 7391#ifdef CONFIG_SWAP 7392static struct mem_cgroup *mem_cgroup_id_get_online(struct mem_cgroup *memcg) 7393{ 7394 while (!refcount_inc_not_zero(&memcg->id.ref)) { 7395 /* 7396 * The root cgroup cannot be destroyed, so it's refcount must 7397 * always be >= 1. 7398 */ 7399 if (WARN_ON_ONCE(mem_cgroup_is_root(memcg))) { 7400 VM_BUG_ON(1); 7401 break; 7402 } 7403 memcg = parent_mem_cgroup(memcg); 7404 if (!memcg) 7405 memcg = root_mem_cgroup; 7406 } 7407 return memcg; 7408} 7409 7410/** 7411 * mem_cgroup_swapout - transfer a memsw charge to swap 7412 * @folio: folio whose memsw charge to transfer 7413 * @entry: swap entry to move the charge to 7414 * 7415 * Transfer the memsw charge of @folio to @entry. 7416 */ 7417void mem_cgroup_swapout(struct folio *folio, swp_entry_t entry) 7418{ 7419 struct mem_cgroup *memcg, *swap_memcg; 7420 unsigned int nr_entries; 7421 unsigned short oldid; 7422 7423 VM_BUG_ON_FOLIO(folio_test_lru(folio), folio); 7424 VM_BUG_ON_FOLIO(folio_ref_count(folio), folio); 7425 7426 if (mem_cgroup_disabled()) 7427 return; 7428 7429 if (!do_memsw_account()) 7430 return; 7431 7432 memcg = folio_memcg(folio); 7433 7434 VM_WARN_ON_ONCE_FOLIO(!memcg, folio); 7435 if (!memcg) 7436 return; 7437 7438 /* 7439 * In case the memcg owning these pages has been offlined and doesn't 7440 * have an ID allocated to it anymore, charge the closest online 7441 * ancestor for the swap instead and transfer the memory+swap charge. 7442 */ 7443 swap_memcg = mem_cgroup_id_get_online(memcg); 7444 nr_entries = folio_nr_pages(folio); 7445 /* Get references for the tail pages, too */ 7446 if (nr_entries > 1) 7447 mem_cgroup_id_get_many(swap_memcg, nr_entries - 1); 7448 oldid = swap_cgroup_record(entry, mem_cgroup_id(swap_memcg), 7449 nr_entries); 7450 VM_BUG_ON_FOLIO(oldid, folio); 7451 mod_memcg_state(swap_memcg, MEMCG_SWAP, nr_entries); 7452 7453 folio->memcg_data = 0; 7454 7455 if (!mem_cgroup_is_root(memcg)) 7456 page_counter_uncharge(&memcg->memory, nr_entries); 7457 7458 if (memcg != swap_memcg) { 7459 if (!mem_cgroup_is_root(swap_memcg)) 7460 page_counter_charge(&swap_memcg->memsw, nr_entries); 7461 page_counter_uncharge(&memcg->memsw, nr_entries); 7462 } 7463 7464 /* 7465 * Interrupts should be disabled here because the caller holds the 7466 * i_pages lock which is taken with interrupts-off. It is 7467 * important here to have the interrupts disabled because it is the 7468 * only synchronisation we have for updating the per-CPU variables. 7469 */ 7470 memcg_stats_lock(); 7471 mem_cgroup_charge_statistics(memcg, -nr_entries); 7472 memcg_stats_unlock(); 7473 memcg_check_events(memcg, folio_nid(folio)); 7474 7475 css_put(&memcg->css); 7476} 7477 7478/** 7479 * __mem_cgroup_try_charge_swap - try charging swap space for a folio 7480 * @folio: folio being added to swap 7481 * @entry: swap entry to charge 7482 * 7483 * Try to charge @folio's memcg for the swap space at @entry. 7484 * 7485 * Returns 0 on success, -ENOMEM on failure. 7486 */ 7487int __mem_cgroup_try_charge_swap(struct folio *folio, swp_entry_t entry) 7488{ 7489 unsigned int nr_pages = folio_nr_pages(folio); 7490 struct page_counter *counter; 7491 struct mem_cgroup *memcg; 7492 unsigned short oldid; 7493 7494 if (do_memsw_account()) 7495 return 0; 7496 7497 memcg = folio_memcg(folio); 7498 7499 VM_WARN_ON_ONCE_FOLIO(!memcg, folio); 7500 if (!memcg) 7501 return 0; 7502 7503 if (!entry.val) { 7504 memcg_memory_event(memcg, MEMCG_SWAP_FAIL); 7505 return 0; 7506 } 7507 7508 memcg = mem_cgroup_id_get_online(memcg); 7509 7510 if (!mem_cgroup_is_root(memcg) && 7511 !page_counter_try_charge(&memcg->swap, nr_pages, &counter)) { 7512 memcg_memory_event(memcg, MEMCG_SWAP_MAX); 7513 memcg_memory_event(memcg, MEMCG_SWAP_FAIL); 7514 mem_cgroup_id_put(memcg); 7515 return -ENOMEM; 7516 } 7517 7518 /* Get references for the tail pages, too */ 7519 if (nr_pages > 1) 7520 mem_cgroup_id_get_many(memcg, nr_pages - 1); 7521 oldid = swap_cgroup_record(entry, mem_cgroup_id(memcg), nr_pages); 7522 VM_BUG_ON_FOLIO(oldid, folio); 7523 mod_memcg_state(memcg, MEMCG_SWAP, nr_pages); 7524 7525 return 0; 7526} 7527 7528/** 7529 * __mem_cgroup_uncharge_swap - uncharge swap space 7530 * @entry: swap entry to uncharge 7531 * @nr_pages: the amount of swap space to uncharge 7532 */ 7533void __mem_cgroup_uncharge_swap(swp_entry_t entry, unsigned int nr_pages) 7534{ 7535 struct mem_cgroup *memcg; 7536 unsigned short id; 7537 7538 if (mem_cgroup_disabled()) 7539 return; 7540 7541 id = swap_cgroup_record(entry, 0, nr_pages); 7542 rcu_read_lock(); 7543 memcg = mem_cgroup_from_id(id); 7544 if (memcg) { 7545 if (!mem_cgroup_is_root(memcg)) { 7546 if (do_memsw_account()) 7547 page_counter_uncharge(&memcg->memsw, nr_pages); 7548 else 7549 page_counter_uncharge(&memcg->swap, nr_pages); 7550 } 7551 mod_memcg_state(memcg, MEMCG_SWAP, -nr_pages); 7552 mem_cgroup_id_put_many(memcg, nr_pages); 7553 } 7554 rcu_read_unlock(); 7555} 7556 7557long mem_cgroup_get_nr_swap_pages(struct mem_cgroup *memcg) 7558{ 7559 long nr_swap_pages = get_nr_swap_pages(); 7560 7561 if (mem_cgroup_disabled() || do_memsw_account()) 7562 return nr_swap_pages; 7563 for (; !mem_cgroup_is_root(memcg); memcg = parent_mem_cgroup(memcg)) 7564 nr_swap_pages = min_t(long, nr_swap_pages, 7565 READ_ONCE(memcg->swap.max) - 7566 page_counter_read(&memcg->swap)); 7567 return nr_swap_pages; 7568} 7569 7570bool mem_cgroup_swap_full(struct folio *folio) 7571{ 7572 struct mem_cgroup *memcg; 7573 7574 VM_BUG_ON_FOLIO(!folio_test_locked(folio), folio); 7575 7576 if (vm_swap_full()) 7577 return true; 7578 if (do_memsw_account()) 7579 return false; 7580 7581 memcg = folio_memcg(folio); 7582 if (!memcg) 7583 return false; 7584 7585 for (; !mem_cgroup_is_root(memcg); memcg = parent_mem_cgroup(memcg)) { 7586 unsigned long usage = page_counter_read(&memcg->swap); 7587 7588 if (usage * 2 >= READ_ONCE(memcg->swap.high) || 7589 usage * 2 >= READ_ONCE(memcg->swap.max)) 7590 return true; 7591 } 7592 7593 return false; 7594} 7595 7596static int __init setup_swap_account(char *s) 7597{ 7598 pr_warn_once("The swapaccount= commandline option is deprecated. " 7599 "Please report your usecase to linux-mm@kvack.org if you " 7600 "depend on this functionality.\n"); 7601 return 1; 7602} 7603__setup("swapaccount=", setup_swap_account); 7604 7605static u64 swap_current_read(struct cgroup_subsys_state *css, 7606 struct cftype *cft) 7607{ 7608 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 7609 7610 return (u64)page_counter_read(&memcg->swap) * PAGE_SIZE; 7611} 7612 7613static u64 swap_peak_read(struct cgroup_subsys_state *css, 7614 struct cftype *cft) 7615{ 7616 struct mem_cgroup *memcg = mem_cgroup_from_css(css); 7617 7618 return (u64)memcg->swap.watermark * PAGE_SIZE; 7619} 7620 7621static int swap_high_show(struct seq_file *m, void *v) 7622{ 7623 return seq_puts_memcg_tunable(m, 7624 READ_ONCE(mem_cgroup_from_seq(m)->swap.high)); 7625} 7626 7627static ssize_t swap_high_write(struct kernfs_open_file *of, 7628 char *buf, size_t nbytes, loff_t off) 7629{ 7630 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 7631 unsigned long high; 7632 int err; 7633 7634 buf = strstrip(buf); 7635 err = page_counter_memparse(buf, "max", &high); 7636 if (err) 7637 return err; 7638 7639 page_counter_set_high(&memcg->swap, high); 7640 7641 return nbytes; 7642} 7643 7644static int swap_max_show(struct seq_file *m, void *v) 7645{ 7646 return seq_puts_memcg_tunable(m, 7647 READ_ONCE(mem_cgroup_from_seq(m)->swap.max)); 7648} 7649 7650static ssize_t swap_max_write(struct kernfs_open_file *of, 7651 char *buf, size_t nbytes, loff_t off) 7652{ 7653 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 7654 unsigned long max; 7655 int err; 7656 7657 buf = strstrip(buf); 7658 err = page_counter_memparse(buf, "max", &max); 7659 if (err) 7660 return err; 7661 7662 xchg(&memcg->swap.max, max); 7663 7664 return nbytes; 7665} 7666 7667static int swap_events_show(struct seq_file *m, void *v) 7668{ 7669 struct mem_cgroup *memcg = mem_cgroup_from_seq(m); 7670 7671 seq_printf(m, "high %lu\n", 7672 atomic_long_read(&memcg->memory_events[MEMCG_SWAP_HIGH])); 7673 seq_printf(m, "max %lu\n", 7674 atomic_long_read(&memcg->memory_events[MEMCG_SWAP_MAX])); 7675 seq_printf(m, "fail %lu\n", 7676 atomic_long_read(&memcg->memory_events[MEMCG_SWAP_FAIL])); 7677 7678 return 0; 7679} 7680 7681static struct cftype swap_files[] = { 7682 { 7683 .name = "swap.current", 7684 .flags = CFTYPE_NOT_ON_ROOT, 7685 .read_u64 = swap_current_read, 7686 }, 7687 { 7688 .name = "swap.high", 7689 .flags = CFTYPE_NOT_ON_ROOT, 7690 .seq_show = swap_high_show, 7691 .write = swap_high_write, 7692 }, 7693 { 7694 .name = "swap.max", 7695 .flags = CFTYPE_NOT_ON_ROOT, 7696 .seq_show = swap_max_show, 7697 .write = swap_max_write, 7698 }, 7699 { 7700 .name = "swap.peak", 7701 .flags = CFTYPE_NOT_ON_ROOT, 7702 .read_u64 = swap_peak_read, 7703 }, 7704 { 7705 .name = "swap.events", 7706 .flags = CFTYPE_NOT_ON_ROOT, 7707 .file_offset = offsetof(struct mem_cgroup, swap_events_file), 7708 .seq_show = swap_events_show, 7709 }, 7710 { } /* terminate */ 7711}; 7712 7713static struct cftype memsw_files[] = { 7714 { 7715 .name = "memsw.usage_in_bytes", 7716 .private = MEMFILE_PRIVATE(_MEMSWAP, RES_USAGE), 7717 .read_u64 = mem_cgroup_read_u64, 7718 }, 7719 { 7720 .name = "memsw.max_usage_in_bytes", 7721 .private = MEMFILE_PRIVATE(_MEMSWAP, RES_MAX_USAGE), 7722 .write = mem_cgroup_reset, 7723 .read_u64 = mem_cgroup_read_u64, 7724 }, 7725 { 7726 .name = "memsw.limit_in_bytes", 7727 .private = MEMFILE_PRIVATE(_MEMSWAP, RES_LIMIT), 7728 .write = mem_cgroup_write, 7729 .read_u64 = mem_cgroup_read_u64, 7730 }, 7731 { 7732 .name = "memsw.failcnt", 7733 .private = MEMFILE_PRIVATE(_MEMSWAP, RES_FAILCNT), 7734 .write = mem_cgroup_reset, 7735 .read_u64 = mem_cgroup_read_u64, 7736 }, 7737 { }, /* terminate */ 7738}; 7739 7740#if defined(CONFIG_MEMCG_KMEM) && defined(CONFIG_ZSWAP) 7741/** 7742 * obj_cgroup_may_zswap - check if this cgroup can zswap 7743 * @objcg: the object cgroup 7744 * 7745 * Check if the hierarchical zswap limit has been reached. 7746 * 7747 * This doesn't check for specific headroom, and it is not atomic 7748 * either. But with zswap, the size of the allocation is only known 7749 * once compression has occured, and this optimistic pre-check avoids 7750 * spending cycles on compression when there is already no room left 7751 * or zswap is disabled altogether somewhere in the hierarchy. 7752 */ 7753bool obj_cgroup_may_zswap(struct obj_cgroup *objcg) 7754{ 7755 struct mem_cgroup *memcg, *original_memcg; 7756 bool ret = true; 7757 7758 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys)) 7759 return true; 7760 7761 original_memcg = get_mem_cgroup_from_objcg(objcg); 7762 for (memcg = original_memcg; !mem_cgroup_is_root(memcg); 7763 memcg = parent_mem_cgroup(memcg)) { 7764 unsigned long max = READ_ONCE(memcg->zswap_max); 7765 unsigned long pages; 7766 7767 if (max == PAGE_COUNTER_MAX) 7768 continue; 7769 if (max == 0) { 7770 ret = false; 7771 break; 7772 } 7773 7774 cgroup_rstat_flush(memcg->css.cgroup); 7775 pages = memcg_page_state(memcg, MEMCG_ZSWAP_B) / PAGE_SIZE; 7776 if (pages < max) 7777 continue; 7778 ret = false; 7779 break; 7780 } 7781 mem_cgroup_put(original_memcg); 7782 return ret; 7783} 7784 7785/** 7786 * obj_cgroup_charge_zswap - charge compression backend memory 7787 * @objcg: the object cgroup 7788 * @size: size of compressed object 7789 * 7790 * This forces the charge after obj_cgroup_may_swap() allowed 7791 * compression and storage in zwap for this cgroup to go ahead. 7792 */ 7793void obj_cgroup_charge_zswap(struct obj_cgroup *objcg, size_t size) 7794{ 7795 struct mem_cgroup *memcg; 7796 7797 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys)) 7798 return; 7799 7800 VM_WARN_ON_ONCE(!(current->flags & PF_MEMALLOC)); 7801 7802 /* PF_MEMALLOC context, charging must succeed */ 7803 if (obj_cgroup_charge(objcg, GFP_KERNEL, size)) 7804 VM_WARN_ON_ONCE(1); 7805 7806 rcu_read_lock(); 7807 memcg = obj_cgroup_memcg(objcg); 7808 mod_memcg_state(memcg, MEMCG_ZSWAP_B, size); 7809 mod_memcg_state(memcg, MEMCG_ZSWAPPED, 1); 7810 rcu_read_unlock(); 7811} 7812 7813/** 7814 * obj_cgroup_uncharge_zswap - uncharge compression backend memory 7815 * @objcg: the object cgroup 7816 * @size: size of compressed object 7817 * 7818 * Uncharges zswap memory on page in. 7819 */ 7820void obj_cgroup_uncharge_zswap(struct obj_cgroup *objcg, size_t size) 7821{ 7822 struct mem_cgroup *memcg; 7823 7824 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys)) 7825 return; 7826 7827 obj_cgroup_uncharge(objcg, size); 7828 7829 rcu_read_lock(); 7830 memcg = obj_cgroup_memcg(objcg); 7831 mod_memcg_state(memcg, MEMCG_ZSWAP_B, -size); 7832 mod_memcg_state(memcg, MEMCG_ZSWAPPED, -1); 7833 rcu_read_unlock(); 7834} 7835 7836static u64 zswap_current_read(struct cgroup_subsys_state *css, 7837 struct cftype *cft) 7838{ 7839 cgroup_rstat_flush(css->cgroup); 7840 return memcg_page_state(mem_cgroup_from_css(css), MEMCG_ZSWAP_B); 7841} 7842 7843static int zswap_max_show(struct seq_file *m, void *v) 7844{ 7845 return seq_puts_memcg_tunable(m, 7846 READ_ONCE(mem_cgroup_from_seq(m)->zswap_max)); 7847} 7848 7849static ssize_t zswap_max_write(struct kernfs_open_file *of, 7850 char *buf, size_t nbytes, loff_t off) 7851{ 7852 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of)); 7853 unsigned long max; 7854 int err; 7855 7856 buf = strstrip(buf); 7857 err = page_counter_memparse(buf, "max", &max); 7858 if (err) 7859 return err; 7860 7861 xchg(&memcg->zswap_max, max); 7862 7863 return nbytes; 7864} 7865 7866static struct cftype zswap_files[] = { 7867 { 7868 .name = "zswap.current", 7869 .flags = CFTYPE_NOT_ON_ROOT, 7870 .read_u64 = zswap_current_read, 7871 }, 7872 { 7873 .name = "zswap.max", 7874 .flags = CFTYPE_NOT_ON_ROOT, 7875 .seq_show = zswap_max_show, 7876 .write = zswap_max_write, 7877 }, 7878 { } /* terminate */ 7879}; 7880#endif /* CONFIG_MEMCG_KMEM && CONFIG_ZSWAP */ 7881 7882static int __init mem_cgroup_swap_init(void) 7883{ 7884 if (mem_cgroup_disabled()) 7885 return 0; 7886 7887 WARN_ON(cgroup_add_dfl_cftypes(&memory_cgrp_subsys, swap_files)); 7888 WARN_ON(cgroup_add_legacy_cftypes(&memory_cgrp_subsys, memsw_files)); 7889#if defined(CONFIG_MEMCG_KMEM) && defined(CONFIG_ZSWAP) 7890 WARN_ON(cgroup_add_dfl_cftypes(&memory_cgrp_subsys, zswap_files)); 7891#endif 7892 return 0; 7893} 7894subsys_initcall(mem_cgroup_swap_init); 7895 7896#endif /* CONFIG_SWAP */