From: Roman Gushchin <guro@fb.com>
To: <bpf@vger.kernel.org>
Cc: <ast@kernel.org>, <daniel@iogearbox.net>,
<netdev@vger.kernel.org>, <andrii@kernel.org>,
<akpm@linux-foundation.org>, <linux-mm@kvack.org>,
<linux-kernel@vger.kernel.org>, <kernel-team@fb.com>
Subject: [PATCH bpf-next v6 33/34] bpf: eliminate rlimit-based memory accounting for bpf progs
Date: Mon, 16 Nov 2020 19:41:07 -0800 [thread overview]
Message-ID: <20201117034108.1186569-34-guro@fb.com> (raw)
In-Reply-To: <20201117034108.1186569-1-guro@fb.com>
Do not use rlimit-based memory accounting for bpf progs. It has been
replaced with memcg-based memory accounting.
Signed-off-by: Roman Gushchin <guro@fb.com>
Acked-by: Song Liu <songliubraving@fb.com>
---
include/linux/bpf.h | 11 ------
kernel/bpf/core.c | 12 ++-----
kernel/bpf/syscall.c | 86 ++++++--------------------------------------
3 files changed, 12 insertions(+), 97 deletions(-)
diff --git a/include/linux/bpf.h b/include/linux/bpf.h
index 6f1ef8a1e25f..73f6503d9170 100644
--- a/include/linux/bpf.h
+++ b/include/linux/bpf.h
@@ -1200,8 +1200,6 @@ void bpf_prog_sub(struct bpf_prog *prog, int i);
void bpf_prog_inc(struct bpf_prog *prog);
struct bpf_prog * __must_check bpf_prog_inc_not_zero(struct bpf_prog *prog);
void bpf_prog_put(struct bpf_prog *prog);
-int __bpf_prog_charge(struct user_struct *user, u32 pages);
-void __bpf_prog_uncharge(struct user_struct *user, u32 pages);
void __bpf_free_used_maps(struct bpf_prog_aux *aux,
struct bpf_map **used_maps, u32 len);
@@ -1482,15 +1480,6 @@ bpf_prog_inc_not_zero(struct bpf_prog *prog)
return ERR_PTR(-EOPNOTSUPP);
}
-static inline int __bpf_prog_charge(struct user_struct *user, u32 pages)
-{
- return 0;
-}
-
-static inline void __bpf_prog_uncharge(struct user_struct *user, u32 pages)
-{
-}
-
static inline void bpf_link_init(struct bpf_link *link, enum bpf_link_type type,
const struct bpf_link_ops *ops,
struct bpf_prog *prog)
diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
index fd83e5c65d15..7b983cb55df3 100644
--- a/kernel/bpf/core.c
+++ b/kernel/bpf/core.c
@@ -221,23 +221,15 @@ struct bpf_prog *bpf_prog_realloc(struct bpf_prog *fp_old, unsigned int size,
{
gfp_t gfp_flags = GFP_KERNEL_ACCOUNT | __GFP_ZERO | gfp_extra_flags;
struct bpf_prog *fp;
- u32 pages, delta;
- int ret;
+ u32 pages;
size = round_up(size, PAGE_SIZE);
pages = size / PAGE_SIZE;
if (pages <= fp_old->pages)
return fp_old;
- delta = pages - fp_old->pages;
- ret = __bpf_prog_charge(fp_old->aux->user, delta);
- if (ret)
- return NULL;
-
fp = __vmalloc(size, gfp_flags);
- if (fp == NULL) {
- __bpf_prog_uncharge(fp_old->aux->user, delta);
- } else {
+ if (fp) {
memcpy(fp, fp_old, fp_old->pages * PAGE_SIZE);
fp->pages = pages;
fp->aux->prog = fp;
diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
index 9f41edbae3f8..2ab14fe1af14 100644
--- a/kernel/bpf/syscall.c
+++ b/kernel/bpf/syscall.c
@@ -342,23 +342,6 @@ void bpf_map_init_from_attr(struct bpf_map *map, union bpf_attr *attr)
map->numa_node = bpf_map_attr_numa_node(attr);
}
-static int bpf_charge_memlock(struct user_struct *user, u32 pages)
-{
- unsigned long memlock_limit = rlimit(RLIMIT_MEMLOCK) >> PAGE_SHIFT;
-
- if (atomic_long_add_return(pages, &user->locked_vm) > memlock_limit) {
- atomic_long_sub(pages, &user->locked_vm);
- return -EPERM;
- }
- return 0;
-}
-
-static void bpf_uncharge_memlock(struct user_struct *user, u32 pages)
-{
- if (user)
- atomic_long_sub(pages, &user->locked_vm);
-}
-
static int bpf_map_alloc_id(struct bpf_map *map)
{
int id;
@@ -1594,51 +1577,6 @@ static void bpf_audit_prog(const struct bpf_prog *prog, unsigned int op)
audit_log_end(ab);
}
-int __bpf_prog_charge(struct user_struct *user, u32 pages)
-{
- unsigned long memlock_limit = rlimit(RLIMIT_MEMLOCK) >> PAGE_SHIFT;
- unsigned long user_bufs;
-
- if (user) {
- user_bufs = atomic_long_add_return(pages, &user->locked_vm);
- if (user_bufs > memlock_limit) {
- atomic_long_sub(pages, &user->locked_vm);
- return -EPERM;
- }
- }
-
- return 0;
-}
-
-void __bpf_prog_uncharge(struct user_struct *user, u32 pages)
-{
- if (user)
- atomic_long_sub(pages, &user->locked_vm);
-}
-
-static int bpf_prog_charge_memlock(struct bpf_prog *prog)
-{
- struct user_struct *user = get_current_user();
- int ret;
-
- ret = __bpf_prog_charge(user, prog->pages);
- if (ret) {
- free_uid(user);
- return ret;
- }
-
- prog->aux->user = user;
- return 0;
-}
-
-static void bpf_prog_uncharge_memlock(struct bpf_prog *prog)
-{
- struct user_struct *user = prog->aux->user;
-
- __bpf_prog_uncharge(user, prog->pages);
- free_uid(user);
-}
-
static int bpf_prog_alloc_id(struct bpf_prog *prog)
{
int id;
@@ -1688,7 +1626,7 @@ static void __bpf_prog_put_rcu(struct rcu_head *rcu)
kvfree(aux->func_info);
kfree(aux->func_info_aux);
- bpf_prog_uncharge_memlock(aux->prog);
+ free_uid(aux->user);
security_bpf_prog_free(aux);
bpf_prog_free(aux->prog);
}
@@ -2126,7 +2064,7 @@ static int bpf_prog_load(union bpf_attr *attr, union bpf_attr __user *uattr)
dst_prog = bpf_prog_get(attr->attach_prog_fd);
if (IS_ERR(dst_prog)) {
err = PTR_ERR(dst_prog);
- goto free_prog_nouncharge;
+ goto free_prog;
}
prog->aux->dst_prog = dst_prog;
}
@@ -2136,18 +2074,15 @@ static int bpf_prog_load(union bpf_attr *attr, union bpf_attr __user *uattr)
err = security_bpf_prog_alloc(prog->aux);
if (err)
- goto free_prog_nouncharge;
-
- err = bpf_prog_charge_memlock(prog);
- if (err)
- goto free_prog_sec;
+ goto free_prog;
+ prog->aux->user = get_current_user();
prog->len = attr->insn_cnt;
err = -EFAULT;
if (copy_from_user(prog->insns, u64_to_user_ptr(attr->insns),
bpf_prog_insn_size(prog)) != 0)
- goto free_prog;
+ goto free_prog_sec;
prog->orig_prog = NULL;
prog->jited = 0;
@@ -2158,19 +2093,19 @@ static int bpf_prog_load(union bpf_attr *attr, union bpf_attr __user *uattr)
if (bpf_prog_is_dev_bound(prog->aux)) {
err = bpf_prog_offload_init(prog, attr);
if (err)
- goto free_prog;
+ goto free_prog_sec;
}
/* find program type: socket_filter vs tracing_filter */
err = find_prog_type(type, prog);
if (err < 0)
- goto free_prog;
+ goto free_prog_sec;
prog->aux->load_time = ktime_get_boottime_ns();
err = bpf_obj_name_cpy(prog->aux->name, attr->prog_name,
sizeof(attr->prog_name));
if (err < 0)
- goto free_prog;
+ goto free_prog_sec;
/* run eBPF verifier */
err = bpf_check(&prog, attr, uattr);
@@ -2215,11 +2150,10 @@ static int bpf_prog_load(union bpf_attr *attr, union bpf_attr __user *uattr)
*/
__bpf_prog_put_noref(prog, prog->aux->func_cnt);
return err;
-free_prog:
- bpf_prog_uncharge_memlock(prog);
free_prog_sec:
+ free_uid(prog->aux->user);
security_bpf_prog_free(prog->aux);
-free_prog_nouncharge:
+free_prog:
bpf_prog_free(prog);
return err;
}
--
2.26.2
next prev parent reply other threads:[~2020-11-17 3:42 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-17 3:40 [PATCH bpf-next v6 00/34] bpf: switch to memcg-based memory accounting Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 01/34] mm: memcontrol: use helpers to read page's memcg data Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 02/34] mm: memcontrol/slab: use helpers to access slab page's memcg_data Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 03/34] mm: introduce page memcg flags Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 04/34] mm: convert page kmemcg type to a page memcg flag Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 05/34] bpf: memcg-based memory accounting for bpf progs Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 06/34] bpf: prepare for memcg-based memory accounting for bpf maps Roman Gushchin
2020-11-18 0:06 ` Daniel Borkmann
2020-11-18 0:46 ` Roman Gushchin
2020-11-18 1:07 ` Roman Gushchin
2020-11-18 1:11 ` Alexei Starovoitov
2020-11-18 1:11 ` Alexei Starovoitov
2020-11-18 1:28 ` Roman Gushchin
2020-11-18 10:22 ` Daniel Borkmann
2020-11-18 17:15 ` Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 07/34] bpf: " Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 08/34] bpf: refine memcg-based memory accounting for arraymap maps Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 09/34] bpf: refine memcg-based memory accounting for cpumap maps Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 10/34] bpf: memcg-based memory accounting for cgroup storage maps Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 11/34] bpf: refine memcg-based memory accounting for devmap maps Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 12/34] bpf: refine memcg-based memory accounting for hashtab maps Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 13/34] bpf: memcg-based memory accounting for lpm_trie maps Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 14/34] bpf: memcg-based memory accounting for bpf ringbuffer Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 15/34] bpf: memcg-based memory accounting for bpf local storage maps Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 16/34] bpf: refine memcg-based memory accounting for sockmap and sockhash maps Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 17/34] bpf: refine memcg-based memory accounting for xskmap maps Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 18/34] bpf: eliminate rlimit-based memory accounting for arraymap maps Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 19/34] bpf: eliminate rlimit-based memory accounting for bpf_struct_ops maps Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 20/34] bpf: eliminate rlimit-based memory accounting for cpumap maps Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 21/34] bpf: eliminate rlimit-based memory accounting for cgroup storage maps Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 22/34] bpf: eliminate rlimit-based memory accounting for devmap maps Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 23/34] bpf: eliminate rlimit-based memory accounting for hashtab maps Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 24/34] bpf: eliminate rlimit-based memory accounting for lpm_trie maps Roman Gushchin
2020-11-17 3:40 ` [PATCH bpf-next v6 25/34] bpf: eliminate rlimit-based memory accounting for queue_stack_maps maps Roman Gushchin
2020-11-17 3:41 ` [PATCH bpf-next v6 26/34] bpf: eliminate rlimit-based memory accounting for reuseport_array maps Roman Gushchin
2020-11-17 3:41 ` [PATCH bpf-next v6 27/34] bpf: eliminate rlimit-based memory accounting for bpf ringbuffer Roman Gushchin
2020-11-17 3:41 ` [PATCH bpf-next v6 28/34] bpf: eliminate rlimit-based memory accounting for sockmap and sockhash maps Roman Gushchin
2020-11-17 3:41 ` [PATCH bpf-next v6 29/34] bpf: eliminate rlimit-based memory accounting for stackmap maps Roman Gushchin
2020-11-17 3:41 ` [PATCH bpf-next v6 30/34] bpf: eliminate rlimit-based memory accounting for xskmap maps Roman Gushchin
2020-11-17 3:41 ` [PATCH bpf-next v6 31/34] bpf: eliminate rlimit-based memory accounting for bpf local storage maps Roman Gushchin
2020-11-17 3:41 ` [PATCH bpf-next v6 32/34] bpf: eliminate rlimit-based memory accounting infra for bpf maps Roman Gushchin
2020-11-17 3:41 ` Roman Gushchin [this message]
2020-11-17 3:41 ` [PATCH bpf-next v6 34/34] bpf: samples: do not touch RLIMIT_MEMLOCK Roman Gushchin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201117034108.1186569-34-guro@fb.com \
--to=guro@fb.com \
--cc=akpm@linux-foundation.org \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=kernel-team@fb.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.