The dma_buf_transfer_charge function provides a way for processes to
transfer charge of a buffer to a different cgroup. This is essential
for the cases where a central allocator process does allocations for
various subsystems, hands over the fd to the client who requested the
memory, and drops all references to the allocated memory.
Signed-off-by: T.J. Mercier <tjmercier@xxxxxxxxxx>
---
drivers/dma-buf/dma-buf.c | 45 ++++++++++++++++++++++++++++++++++++++
include/linux/dma-buf.h | 1 +
include/linux/memcontrol.h | 6 +++++
3 files changed, 52 insertions(+)
diff --git a/drivers/dma-buf/dma-buf.c b/drivers/dma-buf/dma-buf.c
index ac45dd101c4d..fd6c5002032b 100644
--- a/drivers/dma-buf/dma-buf.c
+++ b/drivers/dma-buf/dma-buf.c
@@ -11,6 +11,7 @@
* refining of this idea.
*/
+#include <linux/atomic.h>
#include <linux/fs.h>
#include <linux/slab.h>
#include <linux/dma-buf.h>
@@ -1618,6 +1619,50 @@ void dma_buf_vunmap_unlocked(struct dma_buf *dmabuf, struct iosys_map *map)
}
EXPORT_SYMBOL_NS_GPL(dma_buf_vunmap_unlocked, DMA_BUF);
+/**
+ * dma_buf_transfer_charge - Change the cgroup to which the provided dma_buf is charged.
+ * @dmabuf: [in] buffer whose charge will be migrated to a different cgroup
+ * @target: [in] the task_struct of the destination process for the cgroup charge
+ *
+ * Only tasks that belong to the same cgroup the buffer is currently charged to
+ * may call this function, otherwise it will return -EPERM.
+ *
+ * Returns 0 on success, or a negative errno code otherwise.
+ */
+int dma_buf_transfer_charge(struct dma_buf *dmabuf, struct task_struct *target)
+{
+ struct mem_cgroup *current_cg, *target_cg;
+ int ret = 0;
+
+ if (!IS_ENABLED(CONFIG_MEMCG))
+ return 0;
+
+ if (WARN_ON(!dmabuf) || WARN_ON(!target))
+ return -EINVAL;
+
+ current_cg = mem_cgroup_from_task(current);
+ target_cg = get_mem_cgroup_from_mm(target->mm);
+
+ if (current_cg == target_cg)
+ goto skip_transfer;
+
+ if (cmpxchg(&dmabuf->memcg, current_cg, target_cg) != current_cg) {
+ /* Only the current owner can transfer the charge */
+ ret = -EPERM;
+ goto skip_transfer;
+ }
+
+ mod_memcg_state(current_cg, MEMCG_DMABUF, -dmabuf->size);
+ mod_memcg_state(target_cg, MEMCG_DMABUF, dmabuf->size);
+
+ mem_cgroup_put(current_cg); /* unref from buffer - buffer keeps new ref to target_cg */
+ return 0;
+
+skip_transfer:
+ mem_cgroup_put(target_cg);
+ return ret;
+}
+
#ifdef CONFIG_DEBUG_FS
static int dma_buf_debug_show(struct seq_file *s, void *unused)
{
diff --git a/include/linux/dma-buf.h b/include/linux/dma-buf.h
index 1f0ffb8e4bf5..6aa128d76aa7 100644
--- a/include/linux/dma-buf.h
+++ b/include/linux/dma-buf.h
@@ -634,4 +634,5 @@ int dma_buf_vmap(struct dma_buf *dmabuf, struct iosys_map *map);
void dma_buf_vunmap(struct dma_buf *dmabuf, struct iosys_map *map);
int dma_buf_vmap_unlocked(struct dma_buf *dmabuf, struct iosys_map *map);
void dma_buf_vunmap_unlocked(struct dma_buf *dmabuf, struct iosys_map *map);
+int dma_buf_transfer_charge(struct dma_buf *dmabuf, struct task_struct *target);
#endif /* __DMA_BUF_H__ */
diff --git a/include/linux/memcontrol.h b/include/linux/memcontrol.h
index 1c1da2da20a6..e5aec27044c7 100644
--- a/include/linux/memcontrol.h
+++ b/include/linux/memcontrol.h
@@ -1298,6 +1298,12 @@ struct mem_cgroup *mem_cgroup_from_css(struct cgroup_subsys_state *css)
return NULL;
}
+static inline
+struct mem_cgroup *mem_cgroup_from_task(struct task_struct *p)
+{
+ return NULL;
+}
+
static inline void obj_cgroup_put(struct obj_cgroup *objcg)
{
}
--
2.39.0.314.g84b9a713c41-goog
