Re: [PATCH bpf-next 13/15] mm, memcg: Add new helper get_obj_cgroup_from_cgroup

Roman Gushchin <roman.gushchin@xxxxxxxxx> · Fri, 12 Aug 2022 10:40:20 -0700

On Fri, Aug 12, 2022 at 08:35:19AM +0800, Yafang Shao wrote:
> On Fri, Aug 12, 2022 at 12:16 AM Roman Gushchin
> <roman.gushchin@xxxxxxxxx> wrote:
> >
> > On Wed, Aug 10, 2022 at 03:18:38PM +0000, Yafang Shao wrote:
> > > Introduce new helper get_obj_cgroup_from_cgroup() to get obj_cgroup from
> > > a specific cgroup.
> > >
> > > Signed-off-by: Yafang Shao <laoar.shao@xxxxxxxxx>
> > > ---
> > >  include/linux/memcontrol.h |  1 +
> > >  mm/memcontrol.c            | 41 +++++++++++++++++++++++++++++++++++++++++
> > >  2 files changed, 42 insertions(+)
> > >
> > > diff --git a/include/linux/memcontrol.h b/include/linux/memcontrol.h
> > > index 2f0a611..901a921 100644
> > > --- a/include/linux/memcontrol.h
> > > +++ b/include/linux/memcontrol.h
> > > @@ -1713,6 +1713,7 @@ static inline void set_shrinker_bit(struct mem_cgroup *memcg,
> > >  int __memcg_kmem_charge_page(struct page *page, gfp_t gfp, int order);
> > >  void __memcg_kmem_uncharge_page(struct page *page, int order);
> > >
> > > +struct obj_cgroup *get_obj_cgroup_from_cgroup(struct cgroup *cgrp);
> > >  struct obj_cgroup *get_obj_cgroup_from_current(void);
> > >  struct obj_cgroup *get_obj_cgroup_from_page(struct page *page);
> > >
> > > diff --git a/mm/memcontrol.c b/mm/memcontrol.c
> > > index 618c366..762cffa 100644
> > > --- a/mm/memcontrol.c
> > > +++ b/mm/memcontrol.c
> > > @@ -2908,6 +2908,47 @@ static struct obj_cgroup *__get_obj_cgroup_from_memcg(struct mem_cgroup *memcg)
> > >       return objcg;
> > >  }
> > >
> > > +static struct obj_cgroup *get_obj_cgroup_from_memcg(struct mem_cgroup *memcg)
> > > +{
> > > +     struct obj_cgroup *objcg;
> > > +
> > > +     if (memcg_kmem_bypass())
> > > +             return NULL;
> > > +
> > > +     rcu_read_lock();
> > > +     objcg = __get_obj_cgroup_from_memcg(memcg);
> > > +     rcu_read_unlock();
> > > +     return objcg;
> >
> > This code doesn't make sense to me. What does rcu read lock protect here?
> 
> To protect rcu_dereference(memcg->objcg);.
> Doesn't it need the read rcu lock ?

No, it's not how rcu works. Please, take a look at the docs here:
https://docs.kernel.org/RCU/whatisRCU.html#whatisrcu .
In particular, it describes this specific case very well.

In 2 words, you don't protect the rcu_dereference() call, you protect the pointer
you get, cause it's valid only inside the rcu read section. After rcu_read_unlock()
it might point at a random data, because the protected object can be already freed.

Thanks!