Re: [PATCH] mm: Check for SIGKILL inside dup_mmap() loop.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Matthew Wilcox wrote:
> On Tue, Apr 03, 2018 at 02:19:50PM +0200, Michal Hocko wrote:
> > On Tue 03-04-18 05:14:14, Matthew Wilcox wrote:
> > > On Fri, Mar 30, 2018 at 07:34:59PM +0900, Tetsuo Handa wrote:
> > > > Maybe we can make "give up by default upon SIGKILL" and let callers
> > > > explicitly say "do not give up upon SIGKILL".
> > > 
> > > I really strongly disapprove of this patch.  This GFP flag will be abused
> > > like every other GFP flag.
> > > 
> > > > +++ b/mm/page_alloc.c
> > > > @@ -4183,6 +4183,13 @@ bool gfp_pfmemalloc_allowed(gfp_t gfp_mask)
> > > >  	if (current->flags & PF_MEMALLOC)
> > > >  		goto nopage;
> > > >  
> > > > +	/* Can give up if caller is willing to give up upon fatal signals */
> > > > +	if (fatal_signal_pending(current) &&
> > > > +	    !(gfp_mask & (__GFP_UNKILLABLE | __GFP_NOFAIL))) {
> > > > +		gfp_mask |= __GFP_NOWARN;
> > > > +		goto nopage;
> > > > +	}
> > > > +
> > > >  	/* Try direct reclaim and then allocating */
> > > 
> > > This part is superficially tempting, although without the UNKILLABLE.  ie:
> > > 
> > > +	if (fatal_signal_pending(current) && !(gfp_mask & __GFP_NOFAIL)) {
> > > +		gfp_mask |= __GFP_NOWARN;
> > > +		goto nopage;
> > > +	}
> > > 
> > > It makes some sense to me to prevent tasks with a fatal signal pending
> > > from being able to trigger reclaim.  But I'm worried about what memory
> > > allocation failures it might trigger on paths that aren't accustomed to
> > > seeing failures.
> > 
> > Please be aware that we _do_ allocate in the exit path. I have a strong
> > suspicion that even while fatal signal is pending. Do we really want
> > fail those really easily.
> 
> I agree.  The allocations I'm thinking about are NFS wanting to send
> I/Os in order to fsync each file that gets closed.  We probably don't
> want those to fail.  And we definitely don't want to chase around the
> kernel adding __GFP_KILLABLE to each place that we discover needs to
> allocate on the exit path.
> 

But memory allocations for syscalls are willing to give up upon SIGKILL
regardless of OOM.

If we worry the exit/nofs/noio paths, we can use scoped masking like
memalloc_nofs_save()/memalloc_nofs_restore() for ignoring __GFP_KILLABLE.



[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux