[Devel] [PATCH RHEL9 COMMIT] mm/memcontrol: prohibit writing to memory.numa_migrate from container

Thu, 14 Dec 2023 09:49:09 -0800 

The commit is pushed to "branch-rh9-5.14.0-362.8.1.vz9.35.x-ovz" and will 
appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh9-5.14.0-362.8.1.vz9.35.1
------>
commit 8cf1c11d4476d743d228615cefc13f6c76d1b786
Author: Pavel Tikhomirov <ptikhomi...@virtuozzo.com>
Date:   Wed Dec 6 11:19:02 2023 +0800

    mm/memcontrol: prohibit writing to memory.numa_migrate from container
    
    We might want to put containers on designated numa nodes for optimal
    perfomance, it will be all ruinied if container could force its memory
    pages to move to any node it wants.
    
    This memory.numa_migrate file was originaly made for vcmmd which works
    from ve0, so we should be fine with this additional restriction.
    
    Fixes: dfc0b63bfd50c ("mm: memcontrol: add memory.numa_migrate file")
    https://virtuozzo.atlassian.net/browse/PSBM-152372
    Signed-off-by: Pavel Tikhomirov <ptikhomi...@virtuozzo.com>
    
    Feature: mm: interface to migrate memory between NUMA nodes upon userspace 
request
---
 mm/memcontrol.c | 13 +++++++++++--
 1 file changed, 11 insertions(+), 2 deletions(-)

diff --git a/mm/memcontrol.c b/mm/memcontrol.c
index fd706aa1bbbd..b7c6ee09ab9f 100644
--- a/mm/memcontrol.c
+++ b/mm/memcontrol.c
@@ -4700,8 +4700,8 @@ static int memcg_numa_migrate_pages(struct mem_cgroup 
*memcg,
  *
  * The call may be interrupted by a signal, in which case -EINTR is returned.
  */
-static ssize_t memcg_numa_migrate_write(struct kernfs_open_file *of, char *buf,
-                               size_t nbytes, loff_t off)
+static ssize_t __memcg_numa_migrate_write(struct kernfs_open_file *of,
+                                         char *buf, size_t nbytes, loff_t off)
 {
        struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of));
        NODEMASK_ALLOC(nodemask_t, target_nodes, GFP_KERNEL);
@@ -4739,6 +4739,15 @@ static ssize_t memcg_numa_migrate_write(struct 
kernfs_open_file *of, char *buf,
        return ret ?: nbytes;
 }
 
+static ssize_t memcg_numa_migrate_write(struct kernfs_open_file *of, char *buf,
+                                       size_t nbytes, loff_t off)
+{
+       if (!ve_is_super(get_exec_env()))
+               return -EPERM;
+
+       return __memcg_numa_migrate_write(of, buf, nbytes, off);
+}
+
 #endif /* CONFIG_NUMA */
 
 static const unsigned int memcg1_stats[] = {
_______________________________________________
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel

Reply via email to