Re: [PATCH] cgroup: fix memory leak caused by missing cgroup_bpf_offline

[Roman Gushchin]

On Mon, Oct 11, 2021 at 06:21:28PM +0200, Michal Koutny wrote:
> Hello.
> 
> On Thu, Oct 07, 2021 at 08:16:03PM +0800, quanyang.wang@xxxxxxxxxxxxx wrote:
> > This is because that root_cgrp->bpf.refcnt.data is allocated by the
> > function percpu_ref_init in cgroup_bpf_inherit which is called by
> > cgroup_setup_root when mounting, but not freed along with root_cgrp
> > when umounting.
> 
> Good catch!

+1

> 
> > Adding cgroup_bpf_offline which calls percpu_ref_kill to
> > cgroup_kill_sb can free root_cgrp->bpf.refcnt.data in umount path.
> 
> That is sensible.
> 
> > Fixes: 2b0d3d3e4fcfb ("percpu_ref: reduce memory footprint of percpu_ref in fast path")
> 
> Why this Fixes:? Is the leak absent before the percpu_ref refactoring?

I agree, the "fixes" tag looks dubious to me.

> I guess the embedded data are free'd together with cgroup. Makes me
> wonder why struct cgroup_bpf has a separate percpu_ref counter from
> struct cgroup...

This is because a cgroup can stay a long time (sometimes effectively forever)
in a dying state, so we want to release bpf structures earlier.

Thanks!