Re: [PATCH] mm: make page pfmemalloc check more robust

From: Michal Hocko
Date: Thu Aug 13 2015 - 05:31:49 EST

Next message: David Drysdale: "[PATCHv4 0/3] fs: add O_BENEATH flag to openat(2)"
Previous message: Olof Johansson: "Re: [PATCH] ARM/EP93xx/timer: Migrate to new 'set-state' interface"
In reply to: Vlastimil Babka: "Re: [PATCH] mm: make page pfmemalloc check more robust"
Next in thread: Eric Dumazet: "Re: [PATCH] mm: make page pfmemalloc check more robust"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu 13-08-15 11:13:04, Vlastimil Babka wrote:
> On 08/13/2015 10:58 AM, mhocko@xxxxxxxxxx wrote:
> >From: Michal Hocko <mhocko@xxxxxxxx>
> >
> >The patch c48a11c7ad26 ("netvm: propagate page->pfmemalloc to skb")
> >added the checks for page->pfmemalloc to __skb_fill_page_desc():
> >
> > if (page->pfmemalloc && !page->mapping)
> > skb->pfmemalloc = true;
> >
> >It assumes page->mapping == NULL implies that page->pfmemalloc can be
> >trusted. However, __delete_from_page_cache() can set set page->mapping
> >to NULL and leave page->index value alone. Due to being in union, a
> >non-zero page->index will be interpreted as true page->pfmemalloc.
> >
> >So the assumption is invalid if the networking code can see such a
> >page. And it seems it can. We have encountered this with a NFS over
> >loopback setup when such a page is attached to a new skbuf. There is no
> >copying going on in this case so the page confuses __skb_fill_page_desc
> >which interprets the index as pfmemalloc flag and the network stack
> >drops packets that have been allocated using the reserves unless they
> >are to be queued on sockets handling the swapping which is the case here
>
> ^ not ?

Dohh, you are right of course, updated...

> The full story (according to Jiri Bohac and my understanding, I don't know
> much about netdev) is that the __skb_fill_page_desc() is invoked here during
> *sending* and normally the skb->pfmemalloc would be ignored in the end. But
> because it is a localhost connection, the receiving code will think it was a
> memalloc allocation during receive, and then do the socket restriction.
>
> Given that this apparently isn't the first case of this localhost issue, I
> wonder if network code should just clear skb->pfmemalloc during send (or
> maybe just send over localhost). That would be probably easier than
> distinguish the __skb_fill_page_desc() callers for send vs receive.

Maybe the networking code can behave "better" in this particular case
but the core thing remains though. Relying on page->mapping as you have
properly found out during the debugging cannot be used for the reliable
detection of pfmemalloc. So I would argue that a more robust detection
is really worthwhile. Note there are other places which even do not
bother to test for mapping - maybe they are safe but I got lost quickly
when trying to track the allocation source to be clear that nothing
could have stepped in in the meantime.
--
Michal Hocko
SUSE Labs
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: David Drysdale: "[PATCHv4 0/3] fs: add O_BENEATH flag to openat(2)"
Previous message: Olof Johansson: "Re: [PATCH] ARM/EP93xx/timer: Migrate to new 'set-state' interface"
In reply to: Vlastimil Babka: "Re: [PATCH] mm: make page pfmemalloc check more robust"
Next in thread: Eric Dumazet: "Re: [PATCH] mm: make page pfmemalloc check more robust"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]