From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=uvia=IN=kvack.org=owner-linux-mm@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-13.3 required=3.0 tests=BAYES_00,DKIMWL_WL_MED,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_IN_DEF_DKIM_WL autolearn=no
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id AB6DDC433E6
	for <linux-mm@archiver.kernel.org>; Mon, 15 Mar 2021 16:20:01 +0000 (UTC)
Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17])
	by mail.kernel.org (Postfix) with ESMTP id 3D63164F18
	for <linux-mm@archiver.kernel.org>; Mon, 15 Mar 2021 16:20:01 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.kernel.org 3D63164F18
Authentication-Results: mail.kernel.org; dmarc=fail (p=reject dis=none) header.from=google.com
Authentication-Results: mail.kernel.org; spf=pass smtp.mailfrom=owner-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix)
	id C5BB66B0036; Mon, 15 Mar 2021 12:20:00 -0400 (EDT)
Received: by kanga.kvack.org (Postfix, from userid 40)
	id C30BA6B006C; Mon, 15 Mar 2021 12:20:00 -0400 (EDT)
X-Delivered-To: int-list-linux-mm@kvack.org
Received: by kanga.kvack.org (Postfix, from userid 63042)
	id AF9536B0070; Mon, 15 Mar 2021 12:20:00 -0400 (EDT)
X-Delivered-To: linux-mm@kvack.org
Received: from forelay.hostedemail.com (smtprelay0164.hostedemail.com [216.40.44.164])
	by kanga.kvack.org (Postfix) with ESMTP id 9452A6B0036
	for <linux-mm@kvack.org>; Mon, 15 Mar 2021 12:20:00 -0400 (EDT)
Received: from smtpin27.hostedemail.com (10.5.19.251.rfc1918.com [10.5.19.251])
	by forelay01.hostedemail.com (Postfix) with ESMTP id 42DCE180AD830
	for <linux-mm@kvack.org>; Mon, 15 Mar 2021 16:20:00 +0000 (UTC)
X-FDA: 77922620160.27.1923665
Received: from mail-lf1-f52.google.com (mail-lf1-f52.google.com [209.85.167.52])
	by imf07.hostedemail.com (Postfix) with ESMTP id 17336A18E9F7
	for <linux-mm@kvack.org>; Mon, 15 Mar 2021 15:48:39 +0000 (UTC)
Received: by mail-lf1-f52.google.com with SMTP id t18so9832044lfl.3
        for <linux-mm@kvack.org>; Mon, 15 Mar 2021 08:48:39 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=mime-version:references:in-reply-to:from:date:message-id:subject:to
         :cc;
        bh=uMQX9cSTk4pNl9nGi7mtI/mLokkbjIxGL748SGLyk7Q=;
        b=cyJf+6PyxCCi1Oz5oXDGFThBCrClPxSRsk4OIhR45gZ2yQRY5505jv96pHlPM/tocl
         KPKqQJb+vUy978TiwjWk3UPiulBwwPx58fsQNlVOJKblEvN6u9pCGreAPcktDGh2C2sU
         wKzfAotaFmv1XxCu51PCvql11jzjj2Y0SJbTz4hPCZ1lalDud8yTldxQLM1kbOMh/Uu9
         OPSJwhyq4omWbP7uT8st4DL9pnnbZvr2MwMEuww9YQ9xUKiNW/TZiPls4Ry2k2BsVM7m
         dkK3DT0CwEdJred10Dzs6Bvjx0UWVLhcsglbl/5f/1omrcFR/v8hb89/8egTNRWofpJo
         k3Dg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:references:in-reply-to:from:date
         :message-id:subject:to:cc;
        bh=uMQX9cSTk4pNl9nGi7mtI/mLokkbjIxGL748SGLyk7Q=;
        b=qCecrxJq1MPxVrN8DW6GGSquRGNS9go5lu8Z0j/9qGx00dblR8J+cLs94Mwfe76Bw6
         UqjZRvcCfrDMQPBiNhkCKqMO5hccrsw8SDG+UvfWILL1bfnDvhD7rhFlQhmzA2htjwJh
         RQSXeIaphCmBVGx6KKlCvfNWCSl+Uqv8vFccCmp2gvCB1DhiAATPYlfyZB6pex/P6Z6J
         4PIIOA6TG7i+f89piuHqSuI6BOM9C/jgFOutVHnduG+8LpoWKQrJXYswm3bIArAcrnha
         vq1LFpCuDHOyZJZE3P5eoNXahhmMwGBEFsWTCoC+3EArNmE3URA0l8CyDKH3w/Qw7TgH
         HWzQ==
X-Gm-Message-State: AOAM532eKcqkXOMfUeN6Iya8VY7Cb2Ipyyu1klrEFk3dLsDxRVPf139W
	0ygnj7dmfH9JoIbbYKE0ZdBDH/TxtXhOkpe39YFKzQ==
X-Google-Smtp-Source: ABdhPJyBvJJTNobhkMcsNMWUHz0l/kEKAnfXiE9uvivfXxfu7wuG5j+kXwwsAwReel/C9A8uvf+UI1u7FpmvwIK4xzI=
X-Received: by 2002:a19:e0d:: with SMTP id 13mr8300885lfo.549.1615823317678;
 Mon, 15 Mar 2021 08:48:37 -0700 (PDT)
MIME-Version: 1.0
References: <YEnWUrYOArju66ym@dhcp22.suse.cz> <360b4c94-8713-f621-1049-6bc0865c1867@virtuozzo.com>
 <20210315132740.GB20497@zn.tnic>
In-Reply-To: <20210315132740.GB20497@zn.tnic>
From: Shakeel Butt <shakeelb@google.com>
Date: Mon, 15 Mar 2021 08:48:26 -0700
Message-ID: <CALvZod7aT7t_Yp67CaECbCSzk8CuqBRMUBccthLCpz4osqDLKw@mail.gmail.com>
Subject: Re: [PATCH v2 8/8] memcg: accounting for ldt_struct objects
To: Borislav Petkov <bp@alien8.de>
Cc: Vasily Averin <vvs@virtuozzo.com>, Cgroups <cgroups@vger.kernel.org>, 
	Michal Hocko <mhocko@kernel.org>, Linux MM <linux-mm@kvack.org>, 
	Johannes Weiner <hannes@cmpxchg.org>, Vladimir Davydov <vdavydov.dev@gmail.com>, 
	Thomas Gleixner <tglx@linutronix.de>, Ingo Molnar <mingo@redhat.com>, x86@kernel.org
Content-Type: text/plain; charset="UTF-8"
X-Stat-Signature: mwpnrkibii5sh58bzakp9jeueys7wheu
X-Rspamd-Server: rspam05
X-Rspamd-Queue-Id: 17336A18E9F7
Received-SPF: none (google.com>: No applicable sender policy available) receiver=imf07; identity=mailfrom; envelope-from="<shakeelb@google.com>"; helo=mail-lf1-f52.google.com; client-ip=209.85.167.52
X-HE-DKIM-Result: pass/pass
X-HE-Tag: 1615823319-29762
X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4
Sender: owner-linux-mm@kvack.org
Precedence: bulk
X-Loop: owner-majordomo@kvack.org
List-ID: <linux-mm.kvack.org>

On Mon, Mar 15, 2021 at 6:27 AM Borislav Petkov <bp@alien8.de> wrote:
>
> On Mon, Mar 15, 2021 at 03:24:01PM +0300, Vasily Averin wrote:
> > Unprivileged user inside memcg-limited container can create
> > non-accounted multi-page per-thread kernel objects for LDT
>
> I have hard time parsing this commit message.
>
> And I'm CCed only on patch 8 of what looks like a patchset.
>
> And that patchset is not on lkml so I can't find the rest to read about
> it, perhaps linux-mm.
>
> /me goes and finds it on lore
>
> I can see some bits and pieces, this, for example:
>
> https://lore.kernel.org/linux-mm/05c448c7-d992-8d80-b423-b80bf5446d7c@virtuozzo.com/
>
>  ( Btw, that version has your SOB and this patch doesn't even have a
>    Signed-off-by. Next time, run your whole set through checkpatch please
>    before sending. )
>
> Now, this URL above talks about OOM, ok, that gets me close to the "why"
> this patch.
>
> From a quick look at the ldt.c code, we allow a single LDT struct per
> mm. Manpage says so too:
>
> DESCRIPTION
>        modify_ldt()  reads  or  writes  the local descriptor table (LDT) for a process.
>        The LDT is an array of segment descriptors that can be referenced by user  code.
>        Linux  allows  processes  to configure a per-process (actually per-mm) LDT.
>
> We allow
>
> /* Maximum number of LDT entries supported. */
> #define LDT_ENTRIES     8192
>
> so there's an upper limit per mm.
>
> Now, please explain what is this accounting for?
>

Let me try to provide the reasoning at least from my perspective.
There are legitimate workloads with hundreds of processes and there
can be hundreds of workloads running on large machines. The
unaccounted memory can cause isolation issues between the workloads
particularly on highly utilized machines.