> @@ -411,9 +453,22 @@ struct files_struct *dup_fd(struct files_struct *oldf, unsigned int max_fds, int > > rcu_assign_pointer(newf->fdt, new_fdt); > > - return newf; > + if (!charge_current_fds(newf, count_open_files(new_fdt))) > + return newf; > @@ -542,6 +600,10 @@ static int alloc_fd(unsigned start, unsigned end, unsigned flags) > if (error) > goto repeat; > > + error = -EMFILE; > + if (charge_current_fds(files, 1) < 0) > + goto out; Whoops, I had that message ready to fire but didn't send it. This may have a noticeable performance impact as charge_current_fds() calls misc_cg_try_charge() which looks pretty expensive in this codepath. We're constantly getting patches to tweak performance during file open and closing and adding a function that does require multiple atomics and spinlocks won't exactly improve this. On top of that I really dislike that we're pulling cgroups into this code here at all. Can you get a similar effect through a bpf program somehow that you don't even tie this to cgroups?
