1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /* memcontrol.c - Memory Controller
4 * Copyright IBM Corporation, 2007
5 * Author Balbir Singh <balbir@linux.vnet.ibm.com>
7 * Copyright 2007 OpenVZ SWsoft Inc
8 * Author: Pavel Emelianov <xemul@openvz.org>
11 * Copyright (C) 2009 Nokia Corporation
12 * Author: Kirill A. Shutemov
14 * Kernel Memory Controller
15 * Copyright (C) 2012 Parallels Inc. and Google Inc.
16 * Authors: Glauber Costa and Suleiman Souhlal
19 * Charge lifetime sanitation
20 * Lockless page tracking & accounting
21 * Unified hierarchy configuration model
22 * Copyright (C) 2015 Red Hat, Inc., Johannes Weiner
24 * Per memcg lru locking
25 * Copyright (C) 2020 Alibaba, Inc, Alex Shi
28 #include <linux/page_counter.h>
29 #include <linux/memcontrol.h>
30 #include <linux/cgroup.h>
31 #include <linux/pagewalk.h>
32 #include <linux/sched/mm.h>
33 #include <linux/shmem_fs.h>
34 #include <linux/hugetlb.h>
35 #include <linux/pagemap.h>
36 #include <linux/vm_event_item.h>
37 #include <linux/smp.h>
38 #include <linux/page-flags.h>
39 #include <linux/backing-dev.h>
40 #include <linux/bit_spinlock.h>
41 #include <linux/rcupdate.h>
42 #include <linux/limits.h>
43 #include <linux/export.h>
44 #include <linux/mutex.h>
45 #include <linux/rbtree.h>
46 #include <linux/slab.h>
47 #include <linux/swap.h>
48 #include <linux/swapops.h>
49 #include <linux/spinlock.h>
50 #include <linux/eventfd.h>
51 #include <linux/poll.h>
52 #include <linux/sort.h>
54 #include <linux/seq_file.h>
55 #include <linux/vmpressure.h>
56 #include <linux/memremap.h>
57 #include <linux/mm_inline.h>
58 #include <linux/swap_cgroup.h>
59 #include <linux/cpu.h>
60 #include <linux/oom.h>
61 #include <linux/lockdep.h>
62 #include <linux/file.h>
63 #include <linux/resume_user_mode.h>
64 #include <linux/psi.h>
65 #include <linux/seq_buf.h>
66 #include <linux/sched/isolation.h>
73 #include <linux/uaccess.h>
75 #include <trace/events/vmscan.h>
77 struct cgroup_subsys memory_cgrp_subsys __read_mostly;
78 EXPORT_SYMBOL(memory_cgrp_subsys);
80 struct mem_cgroup *root_mem_cgroup __read_mostly;
82 /* Active memory cgroup to use from an interrupt context */
83 DEFINE_PER_CPU(struct mem_cgroup *, int_active_memcg);
84 EXPORT_PER_CPU_SYMBOL_GPL(int_active_memcg);
86 /* Socket memory accounting disabled? */
87 static bool cgroup_memory_nosocket __ro_after_init;
89 /* Kernel memory accounting disabled? */
90 static bool cgroup_memory_nokmem __ro_after_init;
92 /* BPF memory accounting disabled? */
93 static bool cgroup_memory_nobpf __ro_after_init;
95 #ifdef CONFIG_CGROUP_WRITEBACK
96 static DECLARE_WAIT_QUEUE_HEAD(memcg_cgwb_frn_waitq);
99 /* Whether legacy memory+swap accounting is active */
100 static bool do_memsw_account(void)
102 return !cgroup_subsys_on_dfl(memory_cgrp_subsys);
105 #define THRESHOLDS_EVENTS_TARGET 128
106 #define SOFTLIMIT_EVENTS_TARGET 1024
109 * Cgroups above their limits are maintained in a RB-Tree, independent of
110 * their hierarchy representation
113 struct mem_cgroup_tree_per_node {
114 struct rb_root rb_root;
115 struct rb_node *rb_rightmost;
119 struct mem_cgroup_tree {
120 struct mem_cgroup_tree_per_node *rb_tree_per_node[MAX_NUMNODES];
123 static struct mem_cgroup_tree soft_limit_tree __read_mostly;
126 struct mem_cgroup_eventfd_list {
127 struct list_head list;
128 struct eventfd_ctx *eventfd;
132 * cgroup_event represents events which userspace want to receive.
134 struct mem_cgroup_event {
136 * memcg which the event belongs to.
138 struct mem_cgroup *memcg;
140 * eventfd to signal userspace about the event.
142 struct eventfd_ctx *eventfd;
144 * Each of these stored in a list by the cgroup.
146 struct list_head list;
148 * register_event() callback will be used to add new userspace
149 * waiter for changes related to this event. Use eventfd_signal()
150 * on eventfd to send notification to userspace.
152 int (*register_event)(struct mem_cgroup *memcg,
153 struct eventfd_ctx *eventfd, const char *args);
155 * unregister_event() callback will be called when userspace closes
156 * the eventfd or on cgroup removing. This callback must be set,
157 * if you want provide notification functionality.
159 void (*unregister_event)(struct mem_cgroup *memcg,
160 struct eventfd_ctx *eventfd);
162 * All fields below needed to unregister event when
163 * userspace closes eventfd.
166 wait_queue_head_t *wqh;
167 wait_queue_entry_t wait;
168 struct work_struct remove;
171 static void mem_cgroup_threshold(struct mem_cgroup *memcg);
172 static void mem_cgroup_oom_notify(struct mem_cgroup *memcg);
174 /* Stuffs for move charges at task migration. */
176 * Types of charges to be moved.
178 #define MOVE_ANON 0x1U
179 #define MOVE_FILE 0x2U
180 #define MOVE_MASK (MOVE_ANON | MOVE_FILE)
182 /* "mc" and its members are protected by cgroup_mutex */
183 static struct move_charge_struct {
184 spinlock_t lock; /* for from, to */
185 struct mm_struct *mm;
186 struct mem_cgroup *from;
187 struct mem_cgroup *to;
189 unsigned long precharge;
190 unsigned long moved_charge;
191 unsigned long moved_swap;
192 struct task_struct *moving_task; /* a task moving charges */
193 wait_queue_head_t waitq; /* a waitq for other context */
195 .lock = __SPIN_LOCK_UNLOCKED(mc.lock),
196 .waitq = __WAIT_QUEUE_HEAD_INITIALIZER(mc.waitq),
200 * Maximum loops in mem_cgroup_soft_reclaim(), used for soft
201 * limit reclaim to prevent infinite loops, if they ever occur.
203 #define MEM_CGROUP_MAX_RECLAIM_LOOPS 100
204 #define MEM_CGROUP_MAX_SOFT_LIMIT_RECLAIM_LOOPS 2
206 /* for encoding cft->private value on file */
214 #define MEMFILE_PRIVATE(x, val) ((x) << 16 | (val))
215 #define MEMFILE_TYPE(val) ((val) >> 16 & 0xffff)
216 #define MEMFILE_ATTR(val) ((val) & 0xffff)
219 * Iteration constructs for visiting all cgroups (under a tree). If
220 * loops are exited prematurely (break), mem_cgroup_iter_break() must
221 * be used for reference counting.
223 #define for_each_mem_cgroup_tree(iter, root) \
224 for (iter = mem_cgroup_iter(root, NULL, NULL); \
226 iter = mem_cgroup_iter(root, iter, NULL))
228 #define for_each_mem_cgroup(iter) \
229 for (iter = mem_cgroup_iter(NULL, NULL, NULL); \
231 iter = mem_cgroup_iter(NULL, iter, NULL))
233 static inline bool task_is_dying(void)
235 return tsk_is_oom_victim(current) || fatal_signal_pending(current) ||
236 (current->flags & PF_EXITING);
239 /* Some nice accessors for the vmpressure. */
240 struct vmpressure *memcg_to_vmpressure(struct mem_cgroup *memcg)
243 memcg = root_mem_cgroup;
244 return &memcg->vmpressure;
247 struct mem_cgroup *vmpressure_to_memcg(struct vmpressure *vmpr)
249 return container_of(vmpr, struct mem_cgroup, vmpressure);
252 #define CURRENT_OBJCG_UPDATE_BIT 0
253 #define CURRENT_OBJCG_UPDATE_FLAG (1UL << CURRENT_OBJCG_UPDATE_BIT)
255 #ifdef CONFIG_MEMCG_KMEM
256 static DEFINE_SPINLOCK(objcg_lock);
258 bool mem_cgroup_kmem_disabled(void)
260 return cgroup_memory_nokmem;
263 static void obj_cgroup_uncharge_pages(struct obj_cgroup *objcg,
264 unsigned int nr_pages);
266 static void obj_cgroup_release(struct percpu_ref *ref)
268 struct obj_cgroup *objcg = container_of(ref, struct obj_cgroup, refcnt);
269 unsigned int nr_bytes;
270 unsigned int nr_pages;
274 * At this point all allocated objects are freed, and
275 * objcg->nr_charged_bytes can't have an arbitrary byte value.
276 * However, it can be PAGE_SIZE or (x * PAGE_SIZE).
278 * The following sequence can lead to it:
279 * 1) CPU0: objcg == stock->cached_objcg
280 * 2) CPU1: we do a small allocation (e.g. 92 bytes),
281 * PAGE_SIZE bytes are charged
282 * 3) CPU1: a process from another memcg is allocating something,
283 * the stock if flushed,
284 * objcg->nr_charged_bytes = PAGE_SIZE - 92
285 * 5) CPU0: we do release this object,
286 * 92 bytes are added to stock->nr_bytes
287 * 6) CPU0: stock is flushed,
288 * 92 bytes are added to objcg->nr_charged_bytes
290 * In the result, nr_charged_bytes == PAGE_SIZE.
291 * This page will be uncharged in obj_cgroup_release().
293 nr_bytes = atomic_read(&objcg->nr_charged_bytes);
294 WARN_ON_ONCE(nr_bytes & (PAGE_SIZE - 1));
295 nr_pages = nr_bytes >> PAGE_SHIFT;
298 obj_cgroup_uncharge_pages(objcg, nr_pages);
300 spin_lock_irqsave(&objcg_lock, flags);
301 list_del(&objcg->list);
302 spin_unlock_irqrestore(&objcg_lock, flags);
304 percpu_ref_exit(ref);
305 kfree_rcu(objcg, rcu);
308 static struct obj_cgroup *obj_cgroup_alloc(void)
310 struct obj_cgroup *objcg;
313 objcg = kzalloc(sizeof(struct obj_cgroup), GFP_KERNEL);
317 ret = percpu_ref_init(&objcg->refcnt, obj_cgroup_release, 0,
323 INIT_LIST_HEAD(&objcg->list);
327 static void memcg_reparent_objcgs(struct mem_cgroup *memcg,
328 struct mem_cgroup *parent)
330 struct obj_cgroup *objcg, *iter;
332 objcg = rcu_replace_pointer(memcg->objcg, NULL, true);
334 spin_lock_irq(&objcg_lock);
336 /* 1) Ready to reparent active objcg. */
337 list_add(&objcg->list, &memcg->objcg_list);
338 /* 2) Reparent active objcg and already reparented objcgs to parent. */
339 list_for_each_entry(iter, &memcg->objcg_list, list)
340 WRITE_ONCE(iter->memcg, parent);
341 /* 3) Move already reparented objcgs to the parent's list */
342 list_splice(&memcg->objcg_list, &parent->objcg_list);
344 spin_unlock_irq(&objcg_lock);
346 percpu_ref_kill(&objcg->refcnt);
350 * A lot of the calls to the cache allocation functions are expected to be
351 * inlined by the compiler. Since the calls to memcg_slab_pre_alloc_hook() are
352 * conditional to this static branch, we'll have to allow modules that does
353 * kmem_cache_alloc and the such to see this symbol as well
355 DEFINE_STATIC_KEY_FALSE(memcg_kmem_online_key);
356 EXPORT_SYMBOL(memcg_kmem_online_key);
358 DEFINE_STATIC_KEY_FALSE(memcg_bpf_enabled_key);
359 EXPORT_SYMBOL(memcg_bpf_enabled_key);
363 * mem_cgroup_css_from_folio - css of the memcg associated with a folio
364 * @folio: folio of interest
366 * If memcg is bound to the default hierarchy, css of the memcg associated
367 * with @folio is returned. The returned css remains associated with @folio
368 * until it is released.
370 * If memcg is bound to a traditional hierarchy, the css of root_mem_cgroup
373 struct cgroup_subsys_state *mem_cgroup_css_from_folio(struct folio *folio)
375 struct mem_cgroup *memcg = folio_memcg(folio);
377 if (!memcg || !cgroup_subsys_on_dfl(memory_cgrp_subsys))
378 memcg = root_mem_cgroup;
384 * page_cgroup_ino - return inode number of the memcg a page is charged to
387 * Look up the closest online ancestor of the memory cgroup @page is charged to
388 * and return its inode number or 0 if @page is not charged to any cgroup. It
389 * is safe to call this function without holding a reference to @page.
391 * Note, this function is inherently racy, because there is nothing to prevent
392 * the cgroup inode from getting torn down and potentially reallocated a moment
393 * after page_cgroup_ino() returns, so it only should be used by callers that
394 * do not care (such as procfs interfaces).
396 ino_t page_cgroup_ino(struct page *page)
398 struct mem_cgroup *memcg;
399 unsigned long ino = 0;
402 /* page_folio() is racy here, but the entire function is racy anyway */
403 memcg = folio_memcg_check(page_folio(page));
405 while (memcg && !(memcg->css.flags & CSS_ONLINE))
406 memcg = parent_mem_cgroup(memcg);
408 ino = cgroup_ino(memcg->css.cgroup);
413 static void __mem_cgroup_insert_exceeded(struct mem_cgroup_per_node *mz,
414 struct mem_cgroup_tree_per_node *mctz,
415 unsigned long new_usage_in_excess)
417 struct rb_node **p = &mctz->rb_root.rb_node;
418 struct rb_node *parent = NULL;
419 struct mem_cgroup_per_node *mz_node;
420 bool rightmost = true;
425 mz->usage_in_excess = new_usage_in_excess;
426 if (!mz->usage_in_excess)
430 mz_node = rb_entry(parent, struct mem_cgroup_per_node,
432 if (mz->usage_in_excess < mz_node->usage_in_excess) {
441 mctz->rb_rightmost = &mz->tree_node;
443 rb_link_node(&mz->tree_node, parent, p);
444 rb_insert_color(&mz->tree_node, &mctz->rb_root);
448 static void __mem_cgroup_remove_exceeded(struct mem_cgroup_per_node *mz,
449 struct mem_cgroup_tree_per_node *mctz)
454 if (&mz->tree_node == mctz->rb_rightmost)
455 mctz->rb_rightmost = rb_prev(&mz->tree_node);
457 rb_erase(&mz->tree_node, &mctz->rb_root);
461 static void mem_cgroup_remove_exceeded(struct mem_cgroup_per_node *mz,
462 struct mem_cgroup_tree_per_node *mctz)
466 spin_lock_irqsave(&mctz->lock, flags);
467 __mem_cgroup_remove_exceeded(mz, mctz);
468 spin_unlock_irqrestore(&mctz->lock, flags);
471 static unsigned long soft_limit_excess(struct mem_cgroup *memcg)
473 unsigned long nr_pages = page_counter_read(&memcg->memory);
474 unsigned long soft_limit = READ_ONCE(memcg->soft_limit);
475 unsigned long excess = 0;
477 if (nr_pages > soft_limit)
478 excess = nr_pages - soft_limit;
483 static void mem_cgroup_update_tree(struct mem_cgroup *memcg, int nid)
485 unsigned long excess;
486 struct mem_cgroup_per_node *mz;
487 struct mem_cgroup_tree_per_node *mctz;
489 if (lru_gen_enabled()) {
490 if (soft_limit_excess(memcg))
491 lru_gen_soft_reclaim(memcg, nid);
495 mctz = soft_limit_tree.rb_tree_per_node[nid];
499 * Necessary to update all ancestors when hierarchy is used.
500 * because their event counter is not touched.
502 for (; memcg; memcg = parent_mem_cgroup(memcg)) {
503 mz = memcg->nodeinfo[nid];
504 excess = soft_limit_excess(memcg);
506 * We have to update the tree if mz is on RB-tree or
507 * mem is over its softlimit.
509 if (excess || mz->on_tree) {
512 spin_lock_irqsave(&mctz->lock, flags);
513 /* if on-tree, remove it */
515 __mem_cgroup_remove_exceeded(mz, mctz);
517 * Insert again. mz->usage_in_excess will be updated.
518 * If excess is 0, no tree ops.
520 __mem_cgroup_insert_exceeded(mz, mctz, excess);
521 spin_unlock_irqrestore(&mctz->lock, flags);
526 static void mem_cgroup_remove_from_trees(struct mem_cgroup *memcg)
528 struct mem_cgroup_tree_per_node *mctz;
529 struct mem_cgroup_per_node *mz;
533 mz = memcg->nodeinfo[nid];
534 mctz = soft_limit_tree.rb_tree_per_node[nid];
536 mem_cgroup_remove_exceeded(mz, mctz);
540 static struct mem_cgroup_per_node *
541 __mem_cgroup_largest_soft_limit_node(struct mem_cgroup_tree_per_node *mctz)
543 struct mem_cgroup_per_node *mz;
547 if (!mctz->rb_rightmost)
548 goto done; /* Nothing to reclaim from */
550 mz = rb_entry(mctz->rb_rightmost,
551 struct mem_cgroup_per_node, tree_node);
553 * Remove the node now but someone else can add it back,
554 * we will to add it back at the end of reclaim to its correct
555 * position in the tree.
557 __mem_cgroup_remove_exceeded(mz, mctz);
558 if (!soft_limit_excess(mz->memcg) ||
559 !css_tryget(&mz->memcg->css))
565 static struct mem_cgroup_per_node *
566 mem_cgroup_largest_soft_limit_node(struct mem_cgroup_tree_per_node *mctz)
568 struct mem_cgroup_per_node *mz;
570 spin_lock_irq(&mctz->lock);
571 mz = __mem_cgroup_largest_soft_limit_node(mctz);
572 spin_unlock_irq(&mctz->lock);
576 /* Subset of vm_event_item to report for memcg event stats */
577 static const unsigned int memcg_vm_event_stat[] = {
593 #if defined(CONFIG_MEMCG_KMEM) && defined(CONFIG_ZSWAP)
598 #ifdef CONFIG_TRANSPARENT_HUGEPAGE
606 #define NR_MEMCG_EVENTS ARRAY_SIZE(memcg_vm_event_stat)
607 static int mem_cgroup_events_index[NR_VM_EVENT_ITEMS] __read_mostly;
609 static void init_memcg_events(void)
613 for (i = 0; i < NR_MEMCG_EVENTS; ++i)
614 mem_cgroup_events_index[memcg_vm_event_stat[i]] = i + 1;
617 static inline int memcg_events_index(enum vm_event_item idx)
619 return mem_cgroup_events_index[idx] - 1;
622 struct memcg_vmstats_percpu {
623 /* Local (CPU and cgroup) page state & events */
624 long state[MEMCG_NR_STAT];
625 unsigned long events[NR_MEMCG_EVENTS];
627 /* Delta calculation for lockless upward propagation */
628 long state_prev[MEMCG_NR_STAT];
629 unsigned long events_prev[NR_MEMCG_EVENTS];
631 /* Cgroup1: threshold notifications & softlimit tree updates */
632 unsigned long nr_page_events;
633 unsigned long targets[MEM_CGROUP_NTARGETS];
635 /* Stats updates since the last flush */
636 unsigned int stats_updates;
639 struct memcg_vmstats {
640 /* Aggregated (CPU and subtree) page state & events */
641 long state[MEMCG_NR_STAT];
642 unsigned long events[NR_MEMCG_EVENTS];
644 /* Non-hierarchical (CPU aggregated) page state & events */
645 long state_local[MEMCG_NR_STAT];
646 unsigned long events_local[NR_MEMCG_EVENTS];
648 /* Pending child counts during tree propagation */
649 long state_pending[MEMCG_NR_STAT];
650 unsigned long events_pending[NR_MEMCG_EVENTS];
652 /* Stats updates since the last flush */
653 atomic64_t stats_updates;
657 * memcg and lruvec stats flushing
659 * Many codepaths leading to stats update or read are performance sensitive and
660 * adding stats flushing in such codepaths is not desirable. So, to optimize the
661 * flushing the kernel does:
663 * 1) Periodically and asynchronously flush the stats every 2 seconds to not let
664 * rstat update tree grow unbounded.
666 * 2) Flush the stats synchronously on reader side only when there are more than
667 * (MEMCG_CHARGE_BATCH * nr_cpus) update events. Though this optimization
668 * will let stats be out of sync by atmost (MEMCG_CHARGE_BATCH * nr_cpus) but
669 * only for 2 seconds due to (1).
671 static void flush_memcg_stats_dwork(struct work_struct *w);
672 static DECLARE_DEFERRABLE_WORK(stats_flush_dwork, flush_memcg_stats_dwork);
673 static atomic_t stats_flush_ongoing = ATOMIC_INIT(0);
674 static u64 flush_last_time;
676 #define FLUSH_TIME (2UL*HZ)
679 * Accessors to ensure that preemption is disabled on PREEMPT_RT because it can
680 * not rely on this as part of an acquired spinlock_t lock. These functions are
681 * never used in hardirq context on PREEMPT_RT and therefore disabling preemtion
684 static void memcg_stats_lock(void)
686 preempt_disable_nested();
687 VM_WARN_ON_IRQS_ENABLED();
690 static void __memcg_stats_lock(void)
692 preempt_disable_nested();
695 static void memcg_stats_unlock(void)
697 preempt_enable_nested();
701 static bool memcg_should_flush_stats(struct mem_cgroup *memcg)
703 return atomic64_read(&memcg->vmstats->stats_updates) >
704 MEMCG_CHARGE_BATCH * num_online_cpus();
707 static inline void memcg_rstat_updated(struct mem_cgroup *memcg, int val)
709 int cpu = smp_processor_id();
715 cgroup_rstat_updated(memcg->css.cgroup, cpu);
717 for (; memcg; memcg = parent_mem_cgroup(memcg)) {
718 x = __this_cpu_add_return(memcg->vmstats_percpu->stats_updates,
721 if (x < MEMCG_CHARGE_BATCH)
725 * If @memcg is already flush-able, increasing stats_updates is
726 * redundant. Avoid the overhead of the atomic update.
728 if (!memcg_should_flush_stats(memcg))
729 atomic64_add(x, &memcg->vmstats->stats_updates);
730 __this_cpu_write(memcg->vmstats_percpu->stats_updates, 0);
734 static void do_flush_stats(void)
737 * We always flush the entire tree, so concurrent flushers can just
738 * skip. This avoids a thundering herd problem on the rstat global lock
739 * from memcg flushers (e.g. reclaim, refault, etc).
741 if (atomic_read(&stats_flush_ongoing) ||
742 atomic_xchg(&stats_flush_ongoing, 1))
745 WRITE_ONCE(flush_last_time, jiffies_64);
747 cgroup_rstat_flush(root_mem_cgroup->css.cgroup);
749 atomic_set(&stats_flush_ongoing, 0);
752 void mem_cgroup_flush_stats(void)
754 if (memcg_should_flush_stats(root_mem_cgroup))
758 void mem_cgroup_flush_stats_ratelimited(void)
760 /* Only flush if the periodic flusher is one full cycle late */
761 if (time_after64(jiffies_64, READ_ONCE(flush_last_time) + 2*FLUSH_TIME))
762 mem_cgroup_flush_stats();
765 static void flush_memcg_stats_dwork(struct work_struct *w)
768 * Deliberately ignore memcg_should_flush_stats() here so that flushing
769 * in latency-sensitive paths is as cheap as possible.
772 queue_delayed_work(system_unbound_wq, &stats_flush_dwork, FLUSH_TIME);
775 unsigned long memcg_page_state(struct mem_cgroup *memcg, int idx)
777 long x = READ_ONCE(memcg->vmstats->state[idx]);
785 static int memcg_page_state_unit(int item);
788 * Normalize the value passed into memcg_rstat_updated() to be in pages. Round
789 * up non-zero sub-page updates to 1 page as zero page updates are ignored.
791 static int memcg_state_val_in_pages(int idx, int val)
793 int unit = memcg_page_state_unit(idx);
795 if (!val || unit == PAGE_SIZE)
798 return max(val * unit / PAGE_SIZE, 1UL);
802 * __mod_memcg_state - update cgroup memory statistics
803 * @memcg: the memory cgroup
804 * @idx: the stat item - can be enum memcg_stat_item or enum node_stat_item
805 * @val: delta to add to the counter, can be negative
807 void __mod_memcg_state(struct mem_cgroup *memcg, int idx, int val)
809 if (mem_cgroup_disabled())
812 __this_cpu_add(memcg->vmstats_percpu->state[idx], val);
813 memcg_rstat_updated(memcg, memcg_state_val_in_pages(idx, val));
816 /* idx can be of type enum memcg_stat_item or node_stat_item. */
817 static unsigned long memcg_page_state_local(struct mem_cgroup *memcg, int idx)
819 long x = READ_ONCE(memcg->vmstats->state_local[idx]);
828 void __mod_memcg_lruvec_state(struct lruvec *lruvec, enum node_stat_item idx,
831 struct mem_cgroup_per_node *pn;
832 struct mem_cgroup *memcg;
834 pn = container_of(lruvec, struct mem_cgroup_per_node, lruvec);
838 * The caller from rmap relies on disabled preemption because they never
839 * update their counter from in-interrupt context. For these two
840 * counters we check that the update is never performed from an
841 * interrupt context while other caller need to have disabled interrupt.
843 __memcg_stats_lock();
844 if (IS_ENABLED(CONFIG_DEBUG_VM)) {
849 case NR_SHMEM_PMDMAPPED:
850 case NR_FILE_PMDMAPPED:
851 WARN_ON_ONCE(!in_task());
854 VM_WARN_ON_IRQS_ENABLED();
859 __this_cpu_add(memcg->vmstats_percpu->state[idx], val);
862 __this_cpu_add(pn->lruvec_stats_percpu->state[idx], val);
864 memcg_rstat_updated(memcg, memcg_state_val_in_pages(idx, val));
865 memcg_stats_unlock();
869 * __mod_lruvec_state - update lruvec memory statistics
870 * @lruvec: the lruvec
871 * @idx: the stat item
872 * @val: delta to add to the counter, can be negative
874 * The lruvec is the intersection of the NUMA node and a cgroup. This
875 * function updates the all three counters that are affected by a
876 * change of state at this level: per-node, per-cgroup, per-lruvec.
878 void __mod_lruvec_state(struct lruvec *lruvec, enum node_stat_item idx,
882 __mod_node_page_state(lruvec_pgdat(lruvec), idx, val);
884 /* Update memcg and lruvec */
885 if (!mem_cgroup_disabled())
886 __mod_memcg_lruvec_state(lruvec, idx, val);
889 void __mod_lruvec_page_state(struct page *page, enum node_stat_item idx,
892 struct page *head = compound_head(page); /* rmap on tail pages */
893 struct mem_cgroup *memcg;
894 pg_data_t *pgdat = page_pgdat(page);
895 struct lruvec *lruvec;
898 memcg = page_memcg(head);
899 /* Untracked pages have no memcg, no lruvec. Update only the node */
902 __mod_node_page_state(pgdat, idx, val);
906 lruvec = mem_cgroup_lruvec(memcg, pgdat);
907 __mod_lruvec_state(lruvec, idx, val);
910 EXPORT_SYMBOL(__mod_lruvec_page_state);
912 void __mod_lruvec_kmem_state(void *p, enum node_stat_item idx, int val)
914 pg_data_t *pgdat = page_pgdat(virt_to_page(p));
915 struct mem_cgroup *memcg;
916 struct lruvec *lruvec;
919 memcg = mem_cgroup_from_slab_obj(p);
922 * Untracked pages have no memcg, no lruvec. Update only the
923 * node. If we reparent the slab objects to the root memcg,
924 * when we free the slab object, we need to update the per-memcg
925 * vmstats to keep it correct for the root memcg.
928 __mod_node_page_state(pgdat, idx, val);
930 lruvec = mem_cgroup_lruvec(memcg, pgdat);
931 __mod_lruvec_state(lruvec, idx, val);
937 * __count_memcg_events - account VM events in a cgroup
938 * @memcg: the memory cgroup
939 * @idx: the event item
940 * @count: the number of events that occurred
942 void __count_memcg_events(struct mem_cgroup *memcg, enum vm_event_item idx,
945 int index = memcg_events_index(idx);
947 if (mem_cgroup_disabled() || index < 0)
951 __this_cpu_add(memcg->vmstats_percpu->events[index], count);
952 memcg_rstat_updated(memcg, count);
953 memcg_stats_unlock();
956 static unsigned long memcg_events(struct mem_cgroup *memcg, int event)
958 int index = memcg_events_index(event);
962 return READ_ONCE(memcg->vmstats->events[index]);
965 static unsigned long memcg_events_local(struct mem_cgroup *memcg, int event)
967 int index = memcg_events_index(event);
972 return READ_ONCE(memcg->vmstats->events_local[index]);
975 static void mem_cgroup_charge_statistics(struct mem_cgroup *memcg,
978 /* pagein of a big page is an event. So, ignore page size */
980 __count_memcg_events(memcg, PGPGIN, 1);
982 __count_memcg_events(memcg, PGPGOUT, 1);
983 nr_pages = -nr_pages; /* for event */
986 __this_cpu_add(memcg->vmstats_percpu->nr_page_events, nr_pages);
989 static bool mem_cgroup_event_ratelimit(struct mem_cgroup *memcg,
990 enum mem_cgroup_events_target target)
992 unsigned long val, next;
994 val = __this_cpu_read(memcg->vmstats_percpu->nr_page_events);
995 next = __this_cpu_read(memcg->vmstats_percpu->targets[target]);
996 /* from time_after() in jiffies.h */
997 if ((long)(next - val) < 0) {
999 case MEM_CGROUP_TARGET_THRESH:
1000 next = val + THRESHOLDS_EVENTS_TARGET;
1002 case MEM_CGROUP_TARGET_SOFTLIMIT:
1003 next = val + SOFTLIMIT_EVENTS_TARGET;
1008 __this_cpu_write(memcg->vmstats_percpu->targets[target], next);
1015 * Check events in order.
1018 static void memcg_check_events(struct mem_cgroup *memcg, int nid)
1020 if (IS_ENABLED(CONFIG_PREEMPT_RT))
1023 /* threshold event is triggered in finer grain than soft limit */
1024 if (unlikely(mem_cgroup_event_ratelimit(memcg,
1025 MEM_CGROUP_TARGET_THRESH))) {
1028 do_softlimit = mem_cgroup_event_ratelimit(memcg,
1029 MEM_CGROUP_TARGET_SOFTLIMIT);
1030 mem_cgroup_threshold(memcg);
1031 if (unlikely(do_softlimit))
1032 mem_cgroup_update_tree(memcg, nid);
1036 struct mem_cgroup *mem_cgroup_from_task(struct task_struct *p)
1039 * mm_update_next_owner() may clear mm->owner to NULL
1040 * if it races with swapoff, page migration, etc.
1041 * So this can be called with p == NULL.
1046 return mem_cgroup_from_css(task_css(p, memory_cgrp_id));
1048 EXPORT_SYMBOL(mem_cgroup_from_task);
1050 static __always_inline struct mem_cgroup *active_memcg(void)
1053 return this_cpu_read(int_active_memcg);
1055 return current->active_memcg;
1059 * get_mem_cgroup_from_mm: Obtain a reference on given mm_struct's memcg.
1060 * @mm: mm from which memcg should be extracted. It can be NULL.
1062 * Obtain a reference on mm->memcg and returns it if successful. If mm
1063 * is NULL, then the memcg is chosen as follows:
1064 * 1) The active memcg, if set.
1065 * 2) current->mm->memcg, if available
1067 * If mem_cgroup is disabled, NULL is returned.
1069 struct mem_cgroup *get_mem_cgroup_from_mm(struct mm_struct *mm)
1071 struct mem_cgroup *memcg;
1073 if (mem_cgroup_disabled())
1077 * Page cache insertions can happen without an
1078 * actual mm context, e.g. during disk probing
1079 * on boot, loopback IO, acct() writes etc.
1081 * No need to css_get on root memcg as the reference
1082 * counting is disabled on the root level in the
1083 * cgroup core. See CSS_NO_REF.
1085 if (unlikely(!mm)) {
1086 memcg = active_memcg();
1087 if (unlikely(memcg)) {
1088 /* remote memcg must hold a ref */
1089 css_get(&memcg->css);
1094 return root_mem_cgroup;
1099 memcg = mem_cgroup_from_task(rcu_dereference(mm->owner));
1100 if (unlikely(!memcg))
1101 memcg = root_mem_cgroup;
1102 } while (!css_tryget(&memcg->css));
1106 EXPORT_SYMBOL(get_mem_cgroup_from_mm);
1109 * get_mem_cgroup_from_current - Obtain a reference on current task's memcg.
1111 struct mem_cgroup *get_mem_cgroup_from_current(void)
1113 struct mem_cgroup *memcg;
1115 if (mem_cgroup_disabled())
1120 memcg = mem_cgroup_from_task(current);
1121 if (!css_tryget(&memcg->css)) {
1130 * mem_cgroup_iter - iterate over memory cgroup hierarchy
1131 * @root: hierarchy root
1132 * @prev: previously returned memcg, NULL on first invocation
1133 * @reclaim: cookie for shared reclaim walks, NULL for full walks
1135 * Returns references to children of the hierarchy below @root, or
1136 * @root itself, or %NULL after a full round-trip.
1138 * Caller must pass the return value in @prev on subsequent
1139 * invocations for reference counting, or use mem_cgroup_iter_break()
1140 * to cancel a hierarchy walk before the round-trip is complete.
1142 * Reclaimers can specify a node in @reclaim to divide up the memcgs
1143 * in the hierarchy among all concurrent reclaimers operating on the
1146 struct mem_cgroup *mem_cgroup_iter(struct mem_cgroup *root,
1147 struct mem_cgroup *prev,
1148 struct mem_cgroup_reclaim_cookie *reclaim)
1150 struct mem_cgroup_reclaim_iter *iter;
1151 struct cgroup_subsys_state *css = NULL;
1152 struct mem_cgroup *memcg = NULL;
1153 struct mem_cgroup *pos = NULL;
1155 if (mem_cgroup_disabled())
1159 root = root_mem_cgroup;
1164 struct mem_cgroup_per_node *mz;
1166 mz = root->nodeinfo[reclaim->pgdat->node_id];
1170 * On start, join the current reclaim iteration cycle.
1171 * Exit when a concurrent walker completes it.
1174 reclaim->generation = iter->generation;
1175 else if (reclaim->generation != iter->generation)
1179 pos = READ_ONCE(iter->position);
1180 if (!pos || css_tryget(&pos->css))
1183 * css reference reached zero, so iter->position will
1184 * be cleared by ->css_released. However, we should not
1185 * rely on this happening soon, because ->css_released
1186 * is called from a work queue, and by busy-waiting we
1187 * might block it. So we clear iter->position right
1190 (void)cmpxchg(&iter->position, pos, NULL);
1200 css = css_next_descendant_pre(css, &root->css);
1203 * Reclaimers share the hierarchy walk, and a
1204 * new one might jump in right at the end of
1205 * the hierarchy - make sure they see at least
1206 * one group and restart from the beginning.
1214 * Verify the css and acquire a reference. The root
1215 * is provided by the caller, so we know it's alive
1216 * and kicking, and don't take an extra reference.
1218 if (css == &root->css || css_tryget(css)) {
1219 memcg = mem_cgroup_from_css(css);
1226 * The position could have already been updated by a competing
1227 * thread, so check that the value hasn't changed since we read
1228 * it to avoid reclaiming from the same cgroup twice.
1230 (void)cmpxchg(&iter->position, pos, memcg);
1241 if (prev && prev != root)
1242 css_put(&prev->css);
1248 * mem_cgroup_iter_break - abort a hierarchy walk prematurely
1249 * @root: hierarchy root
1250 * @prev: last visited hierarchy member as returned by mem_cgroup_iter()
1252 void mem_cgroup_iter_break(struct mem_cgroup *root,
1253 struct mem_cgroup *prev)
1256 root = root_mem_cgroup;
1257 if (prev && prev != root)
1258 css_put(&prev->css);
1261 static void __invalidate_reclaim_iterators(struct mem_cgroup *from,
1262 struct mem_cgroup *dead_memcg)
1264 struct mem_cgroup_reclaim_iter *iter;
1265 struct mem_cgroup_per_node *mz;
1268 for_each_node(nid) {
1269 mz = from->nodeinfo[nid];
1271 cmpxchg(&iter->position, dead_memcg, NULL);
1275 static void invalidate_reclaim_iterators(struct mem_cgroup *dead_memcg)
1277 struct mem_cgroup *memcg = dead_memcg;
1278 struct mem_cgroup *last;
1281 __invalidate_reclaim_iterators(memcg, dead_memcg);
1283 } while ((memcg = parent_mem_cgroup(memcg)));
1286 * When cgroup1 non-hierarchy mode is used,
1287 * parent_mem_cgroup() does not walk all the way up to the
1288 * cgroup root (root_mem_cgroup). So we have to handle
1289 * dead_memcg from cgroup root separately.
1291 if (!mem_cgroup_is_root(last))
1292 __invalidate_reclaim_iterators(root_mem_cgroup,
1297 * mem_cgroup_scan_tasks - iterate over tasks of a memory cgroup hierarchy
1298 * @memcg: hierarchy root
1299 * @fn: function to call for each task
1300 * @arg: argument passed to @fn
1302 * This function iterates over tasks attached to @memcg or to any of its
1303 * descendants and calls @fn for each task. If @fn returns a non-zero
1304 * value, the function breaks the iteration loop. Otherwise, it will iterate
1305 * over all tasks and return 0.
1307 * This function must not be called for the root memory cgroup.
1309 void mem_cgroup_scan_tasks(struct mem_cgroup *memcg,
1310 int (*fn)(struct task_struct *, void *), void *arg)
1312 struct mem_cgroup *iter;
1315 BUG_ON(mem_cgroup_is_root(memcg));
1317 for_each_mem_cgroup_tree(iter, memcg) {
1318 struct css_task_iter it;
1319 struct task_struct *task;
1321 css_task_iter_start(&iter->css, CSS_TASK_ITER_PROCS, &it);
1322 while (!ret && (task = css_task_iter_next(&it)))
1323 ret = fn(task, arg);
1324 css_task_iter_end(&it);
1326 mem_cgroup_iter_break(memcg, iter);
1332 #ifdef CONFIG_DEBUG_VM
1333 void lruvec_memcg_debug(struct lruvec *lruvec, struct folio *folio)
1335 struct mem_cgroup *memcg;
1337 if (mem_cgroup_disabled())
1340 memcg = folio_memcg(folio);
1343 VM_BUG_ON_FOLIO(!mem_cgroup_is_root(lruvec_memcg(lruvec)), folio);
1345 VM_BUG_ON_FOLIO(lruvec_memcg(lruvec) != memcg, folio);
1350 * folio_lruvec_lock - Lock the lruvec for a folio.
1351 * @folio: Pointer to the folio.
1353 * These functions are safe to use under any of the following conditions:
1355 * - folio_test_lru false
1356 * - folio_memcg_lock()
1357 * - folio frozen (refcount of 0)
1359 * Return: The lruvec this folio is on with its lock held.
1361 struct lruvec *folio_lruvec_lock(struct folio *folio)
1363 struct lruvec *lruvec = folio_lruvec(folio);
1365 spin_lock(&lruvec->lru_lock);
1366 lruvec_memcg_debug(lruvec, folio);
1372 * folio_lruvec_lock_irq - Lock the lruvec for a folio.
1373 * @folio: Pointer to the folio.
1375 * These functions are safe to use under any of the following conditions:
1377 * - folio_test_lru false
1378 * - folio_memcg_lock()
1379 * - folio frozen (refcount of 0)
1381 * Return: The lruvec this folio is on with its lock held and interrupts
1384 struct lruvec *folio_lruvec_lock_irq(struct folio *folio)
1386 struct lruvec *lruvec = folio_lruvec(folio);
1388 spin_lock_irq(&lruvec->lru_lock);
1389 lruvec_memcg_debug(lruvec, folio);
1395 * folio_lruvec_lock_irqsave - Lock the lruvec for a folio.
1396 * @folio: Pointer to the folio.
1397 * @flags: Pointer to irqsave flags.
1399 * These functions are safe to use under any of the following conditions:
1401 * - folio_test_lru false
1402 * - folio_memcg_lock()
1403 * - folio frozen (refcount of 0)
1405 * Return: The lruvec this folio is on with its lock held and interrupts
1408 struct lruvec *folio_lruvec_lock_irqsave(struct folio *folio,
1409 unsigned long *flags)
1411 struct lruvec *lruvec = folio_lruvec(folio);
1413 spin_lock_irqsave(&lruvec->lru_lock, *flags);
1414 lruvec_memcg_debug(lruvec, folio);
1420 * mem_cgroup_update_lru_size - account for adding or removing an lru page
1421 * @lruvec: mem_cgroup per zone lru vector
1422 * @lru: index of lru list the page is sitting on
1423 * @zid: zone id of the accounted pages
1424 * @nr_pages: positive when adding or negative when removing
1426 * This function must be called under lru_lock, just before a page is added
1427 * to or just after a page is removed from an lru list.
1429 void mem_cgroup_update_lru_size(struct lruvec *lruvec, enum lru_list lru,
1430 int zid, int nr_pages)
1432 struct mem_cgroup_per_node *mz;
1433 unsigned long *lru_size;
1436 if (mem_cgroup_disabled())
1439 mz = container_of(lruvec, struct mem_cgroup_per_node, lruvec);
1440 lru_size = &mz->lru_zone_size[zid][lru];
1443 *lru_size += nr_pages;
1446 if (WARN_ONCE(size < 0,
1447 "%s(%p, %d, %d): lru_size %ld\n",
1448 __func__, lruvec, lru, nr_pages, size)) {
1454 *lru_size += nr_pages;
1458 * mem_cgroup_margin - calculate chargeable space of a memory cgroup
1459 * @memcg: the memory cgroup
1461 * Returns the maximum amount of memory @mem can be charged with, in
1464 static unsigned long mem_cgroup_margin(struct mem_cgroup *memcg)
1466 unsigned long margin = 0;
1467 unsigned long count;
1468 unsigned long limit;
1470 count = page_counter_read(&memcg->memory);
1471 limit = READ_ONCE(memcg->memory.max);
1473 margin = limit - count;
1475 if (do_memsw_account()) {
1476 count = page_counter_read(&memcg->memsw);
1477 limit = READ_ONCE(memcg->memsw.max);
1479 margin = min(margin, limit - count);
1488 * A routine for checking "mem" is under move_account() or not.
1490 * Checking a cgroup is mc.from or mc.to or under hierarchy of
1491 * moving cgroups. This is for waiting at high-memory pressure
1494 static bool mem_cgroup_under_move(struct mem_cgroup *memcg)
1496 struct mem_cgroup *from;
1497 struct mem_cgroup *to;
1500 * Unlike task_move routines, we access mc.to, mc.from not under
1501 * mutual exclusion by cgroup_mutex. Here, we take spinlock instead.
1503 spin_lock(&mc.lock);
1509 ret = mem_cgroup_is_descendant(from, memcg) ||
1510 mem_cgroup_is_descendant(to, memcg);
1512 spin_unlock(&mc.lock);
1516 static bool mem_cgroup_wait_acct_move(struct mem_cgroup *memcg)
1518 if (mc.moving_task && current != mc.moving_task) {
1519 if (mem_cgroup_under_move(memcg)) {
1521 prepare_to_wait(&mc.waitq, &wait, TASK_INTERRUPTIBLE);
1522 /* moving charge context might have finished. */
1525 finish_wait(&mc.waitq, &wait);
1532 struct memory_stat {
1537 static const struct memory_stat memory_stats[] = {
1538 { "anon", NR_ANON_MAPPED },
1539 { "file", NR_FILE_PAGES },
1540 { "kernel", MEMCG_KMEM },
1541 { "kernel_stack", NR_KERNEL_STACK_KB },
1542 { "pagetables", NR_PAGETABLE },
1543 { "sec_pagetables", NR_SECONDARY_PAGETABLE },
1544 { "percpu", MEMCG_PERCPU_B },
1545 { "sock", MEMCG_SOCK },
1546 { "vmalloc", MEMCG_VMALLOC },
1547 { "shmem", NR_SHMEM },
1548 #if defined(CONFIG_MEMCG_KMEM) && defined(CONFIG_ZSWAP)
1549 { "zswap", MEMCG_ZSWAP_B },
1550 { "zswapped", MEMCG_ZSWAPPED },
1552 { "file_mapped", NR_FILE_MAPPED },
1553 { "file_dirty", NR_FILE_DIRTY },
1554 { "file_writeback", NR_WRITEBACK },
1556 { "swapcached", NR_SWAPCACHE },
1558 #ifdef CONFIG_TRANSPARENT_HUGEPAGE
1559 { "anon_thp", NR_ANON_THPS },
1560 { "file_thp", NR_FILE_THPS },
1561 { "shmem_thp", NR_SHMEM_THPS },
1563 { "inactive_anon", NR_INACTIVE_ANON },
1564 { "active_anon", NR_ACTIVE_ANON },
1565 { "inactive_file", NR_INACTIVE_FILE },
1566 { "active_file", NR_ACTIVE_FILE },
1567 { "unevictable", NR_UNEVICTABLE },
1568 { "slab_reclaimable", NR_SLAB_RECLAIMABLE_B },
1569 { "slab_unreclaimable", NR_SLAB_UNRECLAIMABLE_B },
1571 /* The memory events */
1572 { "workingset_refault_anon", WORKINGSET_REFAULT_ANON },
1573 { "workingset_refault_file", WORKINGSET_REFAULT_FILE },
1574 { "workingset_activate_anon", WORKINGSET_ACTIVATE_ANON },
1575 { "workingset_activate_file", WORKINGSET_ACTIVATE_FILE },
1576 { "workingset_restore_anon", WORKINGSET_RESTORE_ANON },
1577 { "workingset_restore_file", WORKINGSET_RESTORE_FILE },
1578 { "workingset_nodereclaim", WORKINGSET_NODERECLAIM },
1581 /* The actual unit of the state item, not the same as the output unit */
1582 static int memcg_page_state_unit(int item)
1585 case MEMCG_PERCPU_B:
1587 case NR_SLAB_RECLAIMABLE_B:
1588 case NR_SLAB_UNRECLAIMABLE_B:
1590 case NR_KERNEL_STACK_KB:
1597 /* Translate stat items to the correct unit for memory.stat output */
1598 static int memcg_page_state_output_unit(int item)
1601 * Workingset state is actually in pages, but we export it to userspace
1602 * as a scalar count of events, so special case it here.
1605 case WORKINGSET_REFAULT_ANON:
1606 case WORKINGSET_REFAULT_FILE:
1607 case WORKINGSET_ACTIVATE_ANON:
1608 case WORKINGSET_ACTIVATE_FILE:
1609 case WORKINGSET_RESTORE_ANON:
1610 case WORKINGSET_RESTORE_FILE:
1611 case WORKINGSET_NODERECLAIM:
1614 return memcg_page_state_unit(item);
1618 static inline unsigned long memcg_page_state_output(struct mem_cgroup *memcg,
1621 return memcg_page_state(memcg, item) *
1622 memcg_page_state_output_unit(item);
1625 static inline unsigned long memcg_page_state_local_output(
1626 struct mem_cgroup *memcg, int item)
1628 return memcg_page_state_local(memcg, item) *
1629 memcg_page_state_output_unit(item);
1632 static void memcg_stat_format(struct mem_cgroup *memcg, struct seq_buf *s)
1637 * Provide statistics on the state of the memory subsystem as
1638 * well as cumulative event counters that show past behavior.
1640 * This list is ordered following a combination of these gradients:
1641 * 1) generic big picture -> specifics and details
1642 * 2) reflecting userspace activity -> reflecting kernel heuristics
1644 * Current memory state:
1646 mem_cgroup_flush_stats();
1648 for (i = 0; i < ARRAY_SIZE(memory_stats); i++) {
1651 size = memcg_page_state_output(memcg, memory_stats[i].idx);
1652 seq_buf_printf(s, "%s %llu\n", memory_stats[i].name, size);
1654 if (unlikely(memory_stats[i].idx == NR_SLAB_UNRECLAIMABLE_B)) {
1655 size += memcg_page_state_output(memcg,
1656 NR_SLAB_RECLAIMABLE_B);
1657 seq_buf_printf(s, "slab %llu\n", size);
1661 /* Accumulated memory events */
1662 seq_buf_printf(s, "pgscan %lu\n",
1663 memcg_events(memcg, PGSCAN_KSWAPD) +
1664 memcg_events(memcg, PGSCAN_DIRECT) +
1665 memcg_events(memcg, PGSCAN_KHUGEPAGED));
1666 seq_buf_printf(s, "pgsteal %lu\n",
1667 memcg_events(memcg, PGSTEAL_KSWAPD) +
1668 memcg_events(memcg, PGSTEAL_DIRECT) +
1669 memcg_events(memcg, PGSTEAL_KHUGEPAGED));
1671 for (i = 0; i < ARRAY_SIZE(memcg_vm_event_stat); i++) {
1672 if (memcg_vm_event_stat[i] == PGPGIN ||
1673 memcg_vm_event_stat[i] == PGPGOUT)
1676 seq_buf_printf(s, "%s %lu\n",
1677 vm_event_name(memcg_vm_event_stat[i]),
1678 memcg_events(memcg, memcg_vm_event_stat[i]));
1681 /* The above should easily fit into one page */
1682 WARN_ON_ONCE(seq_buf_has_overflowed(s));
1685 static void memcg1_stat_format(struct mem_cgroup *memcg, struct seq_buf *s);
1687 static void memory_stat_format(struct mem_cgroup *memcg, struct seq_buf *s)
1689 if (cgroup_subsys_on_dfl(memory_cgrp_subsys))
1690 memcg_stat_format(memcg, s);
1692 memcg1_stat_format(memcg, s);
1693 WARN_ON_ONCE(seq_buf_has_overflowed(s));
1697 * mem_cgroup_print_oom_context: Print OOM information relevant to
1698 * memory controller.
1699 * @memcg: The memory cgroup that went over limit
1700 * @p: Task that is going to be killed
1702 * NOTE: @memcg and @p's mem_cgroup can be different when hierarchy is
1705 void mem_cgroup_print_oom_context(struct mem_cgroup *memcg, struct task_struct *p)
1710 pr_cont(",oom_memcg=");
1711 pr_cont_cgroup_path(memcg->css.cgroup);
1713 pr_cont(",global_oom");
1715 pr_cont(",task_memcg=");
1716 pr_cont_cgroup_path(task_cgroup(p, memory_cgrp_id));
1722 * mem_cgroup_print_oom_meminfo: Print OOM memory information relevant to
1723 * memory controller.
1724 * @memcg: The memory cgroup that went over limit
1726 void mem_cgroup_print_oom_meminfo(struct mem_cgroup *memcg)
1728 /* Use static buffer, for the caller is holding oom_lock. */
1729 static char buf[PAGE_SIZE];
1732 lockdep_assert_held(&oom_lock);
1734 pr_info("memory: usage %llukB, limit %llukB, failcnt %lu\n",
1735 K((u64)page_counter_read(&memcg->memory)),
1736 K((u64)READ_ONCE(memcg->memory.max)), memcg->memory.failcnt);
1737 if (cgroup_subsys_on_dfl(memory_cgrp_subsys))
1738 pr_info("swap: usage %llukB, limit %llukB, failcnt %lu\n",
1739 K((u64)page_counter_read(&memcg->swap)),
1740 K((u64)READ_ONCE(memcg->swap.max)), memcg->swap.failcnt);
1742 pr_info("memory+swap: usage %llukB, limit %llukB, failcnt %lu\n",
1743 K((u64)page_counter_read(&memcg->memsw)),
1744 K((u64)memcg->memsw.max), memcg->memsw.failcnt);
1745 pr_info("kmem: usage %llukB, limit %llukB, failcnt %lu\n",
1746 K((u64)page_counter_read(&memcg->kmem)),
1747 K((u64)memcg->kmem.max), memcg->kmem.failcnt);
1750 pr_info("Memory cgroup stats for ");
1751 pr_cont_cgroup_path(memcg->css.cgroup);
1753 seq_buf_init(&s, buf, sizeof(buf));
1754 memory_stat_format(memcg, &s);
1755 seq_buf_do_printk(&s, KERN_INFO);
1759 * Return the memory (and swap, if configured) limit for a memcg.
1761 unsigned long mem_cgroup_get_max(struct mem_cgroup *memcg)
1763 unsigned long max = READ_ONCE(memcg->memory.max);
1765 if (do_memsw_account()) {
1766 if (mem_cgroup_swappiness(memcg)) {
1767 /* Calculate swap excess capacity from memsw limit */
1768 unsigned long swap = READ_ONCE(memcg->memsw.max) - max;
1770 max += min(swap, (unsigned long)total_swap_pages);
1773 if (mem_cgroup_swappiness(memcg))
1774 max += min(READ_ONCE(memcg->swap.max),
1775 (unsigned long)total_swap_pages);
1780 unsigned long mem_cgroup_size(struct mem_cgroup *memcg)
1782 return page_counter_read(&memcg->memory);
1785 static bool mem_cgroup_out_of_memory(struct mem_cgroup *memcg, gfp_t gfp_mask,
1788 struct oom_control oc = {
1792 .gfp_mask = gfp_mask,
1797 if (mutex_lock_killable(&oom_lock))
1800 if (mem_cgroup_margin(memcg) >= (1 << order))
1804 * A few threads which were not waiting at mutex_lock_killable() can
1805 * fail to bail out. Therefore, check again after holding oom_lock.
1807 ret = task_is_dying() || out_of_memory(&oc);
1810 mutex_unlock(&oom_lock);
1814 static int mem_cgroup_soft_reclaim(struct mem_cgroup *root_memcg,
1817 unsigned long *total_scanned)
1819 struct mem_cgroup *victim = NULL;
1822 unsigned long excess;
1823 unsigned long nr_scanned;
1824 struct mem_cgroup_reclaim_cookie reclaim = {
1828 excess = soft_limit_excess(root_memcg);
1831 victim = mem_cgroup_iter(root_memcg, victim, &reclaim);
1836 * If we have not been able to reclaim
1837 * anything, it might because there are
1838 * no reclaimable pages under this hierarchy
1843 * We want to do more targeted reclaim.
1844 * excess >> 2 is not to excessive so as to
1845 * reclaim too much, nor too less that we keep
1846 * coming back to reclaim from this cgroup
1848 if (total >= (excess >> 2) ||
1849 (loop > MEM_CGROUP_MAX_RECLAIM_LOOPS))
1854 total += mem_cgroup_shrink_node(victim, gfp_mask, false,
1855 pgdat, &nr_scanned);
1856 *total_scanned += nr_scanned;
1857 if (!soft_limit_excess(root_memcg))
1860 mem_cgroup_iter_break(root_memcg, victim);
1864 #ifdef CONFIG_LOCKDEP
1865 static struct lockdep_map memcg_oom_lock_dep_map = {
1866 .name = "memcg_oom_lock",
1870 static DEFINE_SPINLOCK(memcg_oom_lock);
1873 * Check OOM-Killer is already running under our hierarchy.
1874 * If someone is running, return false.
1876 static bool mem_cgroup_oom_trylock(struct mem_cgroup *memcg)
1878 struct mem_cgroup *iter, *failed = NULL;
1880 spin_lock(&memcg_oom_lock);
1882 for_each_mem_cgroup_tree(iter, memcg) {
1883 if (iter->oom_lock) {
1885 * this subtree of our hierarchy is already locked
1886 * so we cannot give a lock.
1889 mem_cgroup_iter_break(memcg, iter);
1892 iter->oom_lock = true;
1897 * OK, we failed to lock the whole subtree so we have
1898 * to clean up what we set up to the failing subtree
1900 for_each_mem_cgroup_tree(iter, memcg) {
1901 if (iter == failed) {
1902 mem_cgroup_iter_break(memcg, iter);
1905 iter->oom_lock = false;
1908 mutex_acquire(&memcg_oom_lock_dep_map, 0, 1, _RET_IP_);
1910 spin_unlock(&memcg_oom_lock);
1915 static void mem_cgroup_oom_unlock(struct mem_cgroup *memcg)
1917 struct mem_cgroup *iter;
1919 spin_lock(&memcg_oom_lock);
1920 mutex_release(&memcg_oom_lock_dep_map, _RET_IP_);
1921 for_each_mem_cgroup_tree(iter, memcg)
1922 iter->oom_lock = false;
1923 spin_unlock(&memcg_oom_lock);
1926 static void mem_cgroup_mark_under_oom(struct mem_cgroup *memcg)
1928 struct mem_cgroup *iter;
1930 spin_lock(&memcg_oom_lock);
1931 for_each_mem_cgroup_tree(iter, memcg)
1933 spin_unlock(&memcg_oom_lock);
1936 static void mem_cgroup_unmark_under_oom(struct mem_cgroup *memcg)
1938 struct mem_cgroup *iter;
1941 * Be careful about under_oom underflows because a child memcg
1942 * could have been added after mem_cgroup_mark_under_oom.
1944 spin_lock(&memcg_oom_lock);
1945 for_each_mem_cgroup_tree(iter, memcg)
1946 if (iter->under_oom > 0)
1948 spin_unlock(&memcg_oom_lock);
1951 static DECLARE_WAIT_QUEUE_HEAD(memcg_oom_waitq);
1953 struct oom_wait_info {
1954 struct mem_cgroup *memcg;
1955 wait_queue_entry_t wait;
1958 static int memcg_oom_wake_function(wait_queue_entry_t *wait,
1959 unsigned mode, int sync, void *arg)
1961 struct mem_cgroup *wake_memcg = (struct mem_cgroup *)arg;
1962 struct mem_cgroup *oom_wait_memcg;
1963 struct oom_wait_info *oom_wait_info;
1965 oom_wait_info = container_of(wait, struct oom_wait_info, wait);
1966 oom_wait_memcg = oom_wait_info->memcg;
1968 if (!mem_cgroup_is_descendant(wake_memcg, oom_wait_memcg) &&
1969 !mem_cgroup_is_descendant(oom_wait_memcg, wake_memcg))
1971 return autoremove_wake_function(wait, mode, sync, arg);
1974 static void memcg_oom_recover(struct mem_cgroup *memcg)
1977 * For the following lockless ->under_oom test, the only required
1978 * guarantee is that it must see the state asserted by an OOM when
1979 * this function is called as a result of userland actions
1980 * triggered by the notification of the OOM. This is trivially
1981 * achieved by invoking mem_cgroup_mark_under_oom() before
1982 * triggering notification.
1984 if (memcg && memcg->under_oom)
1985 __wake_up(&memcg_oom_waitq, TASK_NORMAL, 0, memcg);
1989 * Returns true if successfully killed one or more processes. Though in some
1990 * corner cases it can return true even without killing any process.
1992 static bool mem_cgroup_oom(struct mem_cgroup *memcg, gfp_t mask, int order)
1996 if (order > PAGE_ALLOC_COSTLY_ORDER)
1999 memcg_memory_event(memcg, MEMCG_OOM);
2002 * We are in the middle of the charge context here, so we
2003 * don't want to block when potentially sitting on a callstack
2004 * that holds all kinds of filesystem and mm locks.
2006 * cgroup1 allows disabling the OOM killer and waiting for outside
2007 * handling until the charge can succeed; remember the context and put
2008 * the task to sleep at the end of the page fault when all locks are
2011 * On the other hand, in-kernel OOM killer allows for an async victim
2012 * memory reclaim (oom_reaper) and that means that we are not solely
2013 * relying on the oom victim to make a forward progress and we can
2014 * invoke the oom killer here.
2016 * Please note that mem_cgroup_out_of_memory might fail to find a
2017 * victim and then we have to bail out from the charge path.
2019 if (READ_ONCE(memcg->oom_kill_disable)) {
2020 if (current->in_user_fault) {
2021 css_get(&memcg->css);
2022 current->memcg_in_oom = memcg;
2023 current->memcg_oom_gfp_mask = mask;
2024 current->memcg_oom_order = order;
2029 mem_cgroup_mark_under_oom(memcg);
2031 locked = mem_cgroup_oom_trylock(memcg);
2034 mem_cgroup_oom_notify(memcg);
2036 mem_cgroup_unmark_under_oom(memcg);
2037 ret = mem_cgroup_out_of_memory(memcg, mask, order);
2040 mem_cgroup_oom_unlock(memcg);
2046 * mem_cgroup_oom_synchronize - complete memcg OOM handling
2047 * @handle: actually kill/wait or just clean up the OOM state
2049 * This has to be called at the end of a page fault if the memcg OOM
2050 * handler was enabled.
2052 * Memcg supports userspace OOM handling where failed allocations must
2053 * sleep on a waitqueue until the userspace task resolves the
2054 * situation. Sleeping directly in the charge context with all kinds
2055 * of locks held is not a good idea, instead we remember an OOM state
2056 * in the task and mem_cgroup_oom_synchronize() has to be called at
2057 * the end of the page fault to complete the OOM handling.
2059 * Returns %true if an ongoing memcg OOM situation was detected and
2060 * completed, %false otherwise.
2062 bool mem_cgroup_oom_synchronize(bool handle)
2064 struct mem_cgroup *memcg = current->memcg_in_oom;
2065 struct oom_wait_info owait;
2068 /* OOM is global, do not handle */
2075 owait.memcg = memcg;
2076 owait.wait.flags = 0;
2077 owait.wait.func = memcg_oom_wake_function;
2078 owait.wait.private = current;
2079 INIT_LIST_HEAD(&owait.wait.entry);
2081 prepare_to_wait(&memcg_oom_waitq, &owait.wait, TASK_KILLABLE);
2082 mem_cgroup_mark_under_oom(memcg);
2084 locked = mem_cgroup_oom_trylock(memcg);
2087 mem_cgroup_oom_notify(memcg);
2090 mem_cgroup_unmark_under_oom(memcg);
2091 finish_wait(&memcg_oom_waitq, &owait.wait);
2094 mem_cgroup_oom_unlock(memcg);
2096 current->memcg_in_oom = NULL;
2097 css_put(&memcg->css);
2102 * mem_cgroup_get_oom_group - get a memory cgroup to clean up after OOM
2103 * @victim: task to be killed by the OOM killer
2104 * @oom_domain: memcg in case of memcg OOM, NULL in case of system-wide OOM
2106 * Returns a pointer to a memory cgroup, which has to be cleaned up
2107 * by killing all belonging OOM-killable tasks.
2109 * Caller has to call mem_cgroup_put() on the returned non-NULL memcg.
2111 struct mem_cgroup *mem_cgroup_get_oom_group(struct task_struct *victim,
2112 struct mem_cgroup *oom_domain)
2114 struct mem_cgroup *oom_group = NULL;
2115 struct mem_cgroup *memcg;
2117 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys))
2121 oom_domain = root_mem_cgroup;
2125 memcg = mem_cgroup_from_task(victim);
2126 if (mem_cgroup_is_root(memcg))
2130 * If the victim task has been asynchronously moved to a different
2131 * memory cgroup, we might end up killing tasks outside oom_domain.
2132 * In this case it's better to ignore memory.group.oom.
2134 if (unlikely(!mem_cgroup_is_descendant(memcg, oom_domain)))
2138 * Traverse the memory cgroup hierarchy from the victim task's
2139 * cgroup up to the OOMing cgroup (or root) to find the
2140 * highest-level memory cgroup with oom.group set.
2142 for (; memcg; memcg = parent_mem_cgroup(memcg)) {
2143 if (READ_ONCE(memcg->oom_group))
2146 if (memcg == oom_domain)
2151 css_get(&oom_group->css);
2158 void mem_cgroup_print_oom_group(struct mem_cgroup *memcg)
2160 pr_info("Tasks in ");
2161 pr_cont_cgroup_path(memcg->css.cgroup);
2162 pr_cont(" are going to be killed due to memory.oom.group set\n");
2166 * folio_memcg_lock - Bind a folio to its memcg.
2167 * @folio: The folio.
2169 * This function prevents unlocked LRU folios from being moved to
2172 * It ensures lifetime of the bound memcg. The caller is responsible
2173 * for the lifetime of the folio.
2175 void folio_memcg_lock(struct folio *folio)
2177 struct mem_cgroup *memcg;
2178 unsigned long flags;
2181 * The RCU lock is held throughout the transaction. The fast
2182 * path can get away without acquiring the memcg->move_lock
2183 * because page moving starts with an RCU grace period.
2187 if (mem_cgroup_disabled())
2190 memcg = folio_memcg(folio);
2191 if (unlikely(!memcg))
2194 #ifdef CONFIG_PROVE_LOCKING
2195 local_irq_save(flags);
2196 might_lock(&memcg->move_lock);
2197 local_irq_restore(flags);
2200 if (atomic_read(&memcg->moving_account) <= 0)
2203 spin_lock_irqsave(&memcg->move_lock, flags);
2204 if (memcg != folio_memcg(folio)) {
2205 spin_unlock_irqrestore(&memcg->move_lock, flags);
2210 * When charge migration first begins, we can have multiple
2211 * critical sections holding the fast-path RCU lock and one
2212 * holding the slowpath move_lock. Track the task who has the
2213 * move_lock for folio_memcg_unlock().
2215 memcg->move_lock_task = current;
2216 memcg->move_lock_flags = flags;
2219 static void __folio_memcg_unlock(struct mem_cgroup *memcg)
2221 if (memcg && memcg->move_lock_task == current) {
2222 unsigned long flags = memcg->move_lock_flags;
2224 memcg->move_lock_task = NULL;
2225 memcg->move_lock_flags = 0;
2227 spin_unlock_irqrestore(&memcg->move_lock, flags);
2234 * folio_memcg_unlock - Release the binding between a folio and its memcg.
2235 * @folio: The folio.
2237 * This releases the binding created by folio_memcg_lock(). This does
2238 * not change the accounting of this folio to its memcg, but it does
2239 * permit others to change it.
2241 void folio_memcg_unlock(struct folio *folio)
2243 __folio_memcg_unlock(folio_memcg(folio));
2246 struct memcg_stock_pcp {
2247 local_lock_t stock_lock;
2248 struct mem_cgroup *cached; /* this never be root cgroup */
2249 unsigned int nr_pages;
2251 #ifdef CONFIG_MEMCG_KMEM
2252 struct obj_cgroup *cached_objcg;
2253 struct pglist_data *cached_pgdat;
2254 unsigned int nr_bytes;
2255 int nr_slab_reclaimable_b;
2256 int nr_slab_unreclaimable_b;
2259 struct work_struct work;
2260 unsigned long flags;
2261 #define FLUSHING_CACHED_CHARGE 0
2263 static DEFINE_PER_CPU(struct memcg_stock_pcp, memcg_stock) = {
2264 .stock_lock = INIT_LOCAL_LOCK(stock_lock),
2266 static DEFINE_MUTEX(percpu_charge_mutex);
2268 #ifdef CONFIG_MEMCG_KMEM
2269 static struct obj_cgroup *drain_obj_stock(struct memcg_stock_pcp *stock);
2270 static bool obj_stock_flush_required(struct memcg_stock_pcp *stock,
2271 struct mem_cgroup *root_memcg);
2272 static void memcg_account_kmem(struct mem_cgroup *memcg, int nr_pages);
2275 static inline struct obj_cgroup *drain_obj_stock(struct memcg_stock_pcp *stock)
2279 static bool obj_stock_flush_required(struct memcg_stock_pcp *stock,
2280 struct mem_cgroup *root_memcg)
2284 static void memcg_account_kmem(struct mem_cgroup *memcg, int nr_pages)
2290 * consume_stock: Try to consume stocked charge on this cpu.
2291 * @memcg: memcg to consume from.
2292 * @nr_pages: how many pages to charge.
2294 * The charges will only happen if @memcg matches the current cpu's memcg
2295 * stock, and at least @nr_pages are available in that stock. Failure to
2296 * service an allocation will refill the stock.
2298 * returns true if successful, false otherwise.
2300 static bool consume_stock(struct mem_cgroup *memcg, unsigned int nr_pages)
2302 struct memcg_stock_pcp *stock;
2303 unsigned long flags;
2306 if (nr_pages > MEMCG_CHARGE_BATCH)
2309 local_lock_irqsave(&memcg_stock.stock_lock, flags);
2311 stock = this_cpu_ptr(&memcg_stock);
2312 if (memcg == READ_ONCE(stock->cached) && stock->nr_pages >= nr_pages) {
2313 stock->nr_pages -= nr_pages;
2317 local_unlock_irqrestore(&memcg_stock.stock_lock, flags);
2323 * Returns stocks cached in percpu and reset cached information.
2325 static void drain_stock(struct memcg_stock_pcp *stock)
2327 struct mem_cgroup *old = READ_ONCE(stock->cached);
2332 if (stock->nr_pages) {
2333 page_counter_uncharge(&old->memory, stock->nr_pages);
2334 if (do_memsw_account())
2335 page_counter_uncharge(&old->memsw, stock->nr_pages);
2336 stock->nr_pages = 0;
2340 WRITE_ONCE(stock->cached, NULL);
2343 static void drain_local_stock(struct work_struct *dummy)
2345 struct memcg_stock_pcp *stock;
2346 struct obj_cgroup *old = NULL;
2347 unsigned long flags;
2350 * The only protection from cpu hotplug (memcg_hotplug_cpu_dead) vs.
2351 * drain_stock races is that we always operate on local CPU stock
2352 * here with IRQ disabled
2354 local_lock_irqsave(&memcg_stock.stock_lock, flags);
2356 stock = this_cpu_ptr(&memcg_stock);
2357 old = drain_obj_stock(stock);
2359 clear_bit(FLUSHING_CACHED_CHARGE, &stock->flags);
2361 local_unlock_irqrestore(&memcg_stock.stock_lock, flags);
2363 obj_cgroup_put(old);
2367 * Cache charges(val) to local per_cpu area.
2368 * This will be consumed by consume_stock() function, later.
2370 static void __refill_stock(struct mem_cgroup *memcg, unsigned int nr_pages)
2372 struct memcg_stock_pcp *stock;
2374 stock = this_cpu_ptr(&memcg_stock);
2375 if (READ_ONCE(stock->cached) != memcg) { /* reset if necessary */
2377 css_get(&memcg->css);
2378 WRITE_ONCE(stock->cached, memcg);
2380 stock->nr_pages += nr_pages;
2382 if (stock->nr_pages > MEMCG_CHARGE_BATCH)
2386 static void refill_stock(struct mem_cgroup *memcg, unsigned int nr_pages)
2388 unsigned long flags;
2390 local_lock_irqsave(&memcg_stock.stock_lock, flags);
2391 __refill_stock(memcg, nr_pages);
2392 local_unlock_irqrestore(&memcg_stock.stock_lock, flags);
2396 * Drains all per-CPU charge caches for given root_memcg resp. subtree
2397 * of the hierarchy under it.
2399 static void drain_all_stock(struct mem_cgroup *root_memcg)
2403 /* If someone's already draining, avoid adding running more workers. */
2404 if (!mutex_trylock(&percpu_charge_mutex))
2407 * Notify other cpus that system-wide "drain" is running
2408 * We do not care about races with the cpu hotplug because cpu down
2409 * as well as workers from this path always operate on the local
2410 * per-cpu data. CPU up doesn't touch memcg_stock at all.
2413 curcpu = smp_processor_id();
2414 for_each_online_cpu(cpu) {
2415 struct memcg_stock_pcp *stock = &per_cpu(memcg_stock, cpu);
2416 struct mem_cgroup *memcg;
2420 memcg = READ_ONCE(stock->cached);
2421 if (memcg && stock->nr_pages &&
2422 mem_cgroup_is_descendant(memcg, root_memcg))
2424 else if (obj_stock_flush_required(stock, root_memcg))
2429 !test_and_set_bit(FLUSHING_CACHED_CHARGE, &stock->flags)) {
2431 drain_local_stock(&stock->work);
2432 else if (!cpu_is_isolated(cpu))
2433 schedule_work_on(cpu, &stock->work);
2437 mutex_unlock(&percpu_charge_mutex);
2440 static int memcg_hotplug_cpu_dead(unsigned int cpu)
2442 struct memcg_stock_pcp *stock;
2444 stock = &per_cpu(memcg_stock, cpu);
2450 static unsigned long reclaim_high(struct mem_cgroup *memcg,
2451 unsigned int nr_pages,
2454 unsigned long nr_reclaimed = 0;
2457 unsigned long pflags;
2459 if (page_counter_read(&memcg->memory) <=
2460 READ_ONCE(memcg->memory.high))
2463 memcg_memory_event(memcg, MEMCG_HIGH);
2465 psi_memstall_enter(&pflags);
2466 nr_reclaimed += try_to_free_mem_cgroup_pages(memcg, nr_pages,
2468 MEMCG_RECLAIM_MAY_SWAP);
2469 psi_memstall_leave(&pflags);
2470 } while ((memcg = parent_mem_cgroup(memcg)) &&
2471 !mem_cgroup_is_root(memcg));
2473 return nr_reclaimed;
2476 static void high_work_func(struct work_struct *work)
2478 struct mem_cgroup *memcg;
2480 memcg = container_of(work, struct mem_cgroup, high_work);
2481 reclaim_high(memcg, MEMCG_CHARGE_BATCH, GFP_KERNEL);
2485 * Clamp the maximum sleep time per allocation batch to 2 seconds. This is
2486 * enough to still cause a significant slowdown in most cases, while still
2487 * allowing diagnostics and tracing to proceed without becoming stuck.
2489 #define MEMCG_MAX_HIGH_DELAY_JIFFIES (2UL*HZ)
2492 * When calculating the delay, we use these either side of the exponentiation to
2493 * maintain precision and scale to a reasonable number of jiffies (see the table
2496 * - MEMCG_DELAY_PRECISION_SHIFT: Extra precision bits while translating the
2497 * overage ratio to a delay.
2498 * - MEMCG_DELAY_SCALING_SHIFT: The number of bits to scale down the
2499 * proposed penalty in order to reduce to a reasonable number of jiffies, and
2500 * to produce a reasonable delay curve.
2502 * MEMCG_DELAY_SCALING_SHIFT just happens to be a number that produces a
2503 * reasonable delay curve compared to precision-adjusted overage, not
2504 * penalising heavily at first, but still making sure that growth beyond the
2505 * limit penalises misbehaviour cgroups by slowing them down exponentially. For
2506 * example, with a high of 100 megabytes:
2508 * +-------+------------------------+
2509 * | usage | time to allocate in ms |
2510 * +-------+------------------------+
2532 * +-------+------------------------+
2534 #define MEMCG_DELAY_PRECISION_SHIFT 20
2535 #define MEMCG_DELAY_SCALING_SHIFT 14
2537 static u64 calculate_overage(unsigned long usage, unsigned long high)
2545 * Prevent division by 0 in overage calculation by acting as if
2546 * it was a threshold of 1 page
2548 high = max(high, 1UL);
2550 overage = usage - high;
2551 overage <<= MEMCG_DELAY_PRECISION_SHIFT;
2552 return div64_u64(overage, high);
2555 static u64 mem_find_max_overage(struct mem_cgroup *memcg)
2557 u64 overage, max_overage = 0;
2560 overage = calculate_overage(page_counter_read(&memcg->memory),
2561 READ_ONCE(memcg->memory.high));
2562 max_overage = max(overage, max_overage);
2563 } while ((memcg = parent_mem_cgroup(memcg)) &&
2564 !mem_cgroup_is_root(memcg));
2569 static u64 swap_find_max_overage(struct mem_cgroup *memcg)
2571 u64 overage, max_overage = 0;
2574 overage = calculate_overage(page_counter_read(&memcg->swap),
2575 READ_ONCE(memcg->swap.high));
2577 memcg_memory_event(memcg, MEMCG_SWAP_HIGH);
2578 max_overage = max(overage, max_overage);
2579 } while ((memcg = parent_mem_cgroup(memcg)) &&
2580 !mem_cgroup_is_root(memcg));
2586 * Get the number of jiffies that we should penalise a mischievous cgroup which
2587 * is exceeding its memory.high by checking both it and its ancestors.
2589 static unsigned long calculate_high_delay(struct mem_cgroup *memcg,
2590 unsigned int nr_pages,
2593 unsigned long penalty_jiffies;
2599 * We use overage compared to memory.high to calculate the number of
2600 * jiffies to sleep (penalty_jiffies). Ideally this value should be
2601 * fairly lenient on small overages, and increasingly harsh when the
2602 * memcg in question makes it clear that it has no intention of stopping
2603 * its crazy behaviour, so we exponentially increase the delay based on
2606 penalty_jiffies = max_overage * max_overage * HZ;
2607 penalty_jiffies >>= MEMCG_DELAY_PRECISION_SHIFT;
2608 penalty_jiffies >>= MEMCG_DELAY_SCALING_SHIFT;
2611 * Factor in the task's own contribution to the overage, such that four
2612 * N-sized allocations are throttled approximately the same as one
2613 * 4N-sized allocation.
2615 * MEMCG_CHARGE_BATCH pages is nominal, so work out how much smaller or
2616 * larger the current charge patch is than that.
2618 return penalty_jiffies * nr_pages / MEMCG_CHARGE_BATCH;
2622 * Scheduled by try_charge() to be executed from the userland return path
2623 * and reclaims memory over the high limit.
2625 void mem_cgroup_handle_over_high(gfp_t gfp_mask)
2627 unsigned long penalty_jiffies;
2628 unsigned long pflags;
2629 unsigned long nr_reclaimed;
2630 unsigned int nr_pages = current->memcg_nr_pages_over_high;
2631 int nr_retries = MAX_RECLAIM_RETRIES;
2632 struct mem_cgroup *memcg;
2633 bool in_retry = false;
2635 if (likely(!nr_pages))
2638 memcg = get_mem_cgroup_from_mm(current->mm);
2639 current->memcg_nr_pages_over_high = 0;
2643 * The allocating task should reclaim at least the batch size, but for
2644 * subsequent retries we only want to do what's necessary to prevent oom
2645 * or breaching resource isolation.
2647 * This is distinct from memory.max or page allocator behaviour because
2648 * memory.high is currently batched, whereas memory.max and the page
2649 * allocator run every time an allocation is made.
2651 nr_reclaimed = reclaim_high(memcg,
2652 in_retry ? SWAP_CLUSTER_MAX : nr_pages,
2656 * memory.high is breached and reclaim is unable to keep up. Throttle
2657 * allocators proactively to slow down excessive growth.
2659 penalty_jiffies = calculate_high_delay(memcg, nr_pages,
2660 mem_find_max_overage(memcg));
2662 penalty_jiffies += calculate_high_delay(memcg, nr_pages,
2663 swap_find_max_overage(memcg));
2666 * Clamp the max delay per usermode return so as to still keep the
2667 * application moving forwards and also permit diagnostics, albeit
2670 penalty_jiffies = min(penalty_jiffies, MEMCG_MAX_HIGH_DELAY_JIFFIES);
2673 * Don't sleep if the amount of jiffies this memcg owes us is so low
2674 * that it's not even worth doing, in an attempt to be nice to those who
2675 * go only a small amount over their memory.high value and maybe haven't
2676 * been aggressively reclaimed enough yet.
2678 if (penalty_jiffies <= HZ / 100)
2682 * If reclaim is making forward progress but we're still over
2683 * memory.high, we want to encourage that rather than doing allocator
2686 if (nr_reclaimed || nr_retries--) {
2692 * If we exit early, we're guaranteed to die (since
2693 * schedule_timeout_killable sets TASK_KILLABLE). This means we don't
2694 * need to account for any ill-begotten jiffies to pay them off later.
2696 psi_memstall_enter(&pflags);
2697 schedule_timeout_killable(penalty_jiffies);
2698 psi_memstall_leave(&pflags);
2701 css_put(&memcg->css);
2704 static int try_charge_memcg(struct mem_cgroup *memcg, gfp_t gfp_mask,
2705 unsigned int nr_pages)
2707 unsigned int batch = max(MEMCG_CHARGE_BATCH, nr_pages);
2708 int nr_retries = MAX_RECLAIM_RETRIES;
2709 struct mem_cgroup *mem_over_limit;
2710 struct page_counter *counter;
2711 unsigned long nr_reclaimed;
2712 bool passed_oom = false;
2713 unsigned int reclaim_options = MEMCG_RECLAIM_MAY_SWAP;
2714 bool drained = false;
2715 bool raised_max_event = false;
2716 unsigned long pflags;
2719 if (consume_stock(memcg, nr_pages))
2722 if (!do_memsw_account() ||
2723 page_counter_try_charge(&memcg->memsw, batch, &counter)) {
2724 if (page_counter_try_charge(&memcg->memory, batch, &counter))
2726 if (do_memsw_account())
2727 page_counter_uncharge(&memcg->memsw, batch);
2728 mem_over_limit = mem_cgroup_from_counter(counter, memory);
2730 mem_over_limit = mem_cgroup_from_counter(counter, memsw);
2731 reclaim_options &= ~MEMCG_RECLAIM_MAY_SWAP;
2734 if (batch > nr_pages) {
2740 * Prevent unbounded recursion when reclaim operations need to
2741 * allocate memory. This might exceed the limits temporarily,
2742 * but we prefer facilitating memory reclaim and getting back
2743 * under the limit over triggering OOM kills in these cases.
2745 if (unlikely(current->flags & PF_MEMALLOC))
2748 if (unlikely(task_in_memcg_oom(current)))
2751 if (!gfpflags_allow_blocking(gfp_mask))
2754 memcg_memory_event(mem_over_limit, MEMCG_MAX);
2755 raised_max_event = true;
2757 psi_memstall_enter(&pflags);
2758 nr_reclaimed = try_to_free_mem_cgroup_pages(mem_over_limit, nr_pages,
2759 gfp_mask, reclaim_options);
2760 psi_memstall_leave(&pflags);
2762 if (mem_cgroup_margin(mem_over_limit) >= nr_pages)
2766 drain_all_stock(mem_over_limit);
2771 if (gfp_mask & __GFP_NORETRY)
2774 * Even though the limit is exceeded at this point, reclaim
2775 * may have been able to free some pages. Retry the charge
2776 * before killing the task.
2778 * Only for regular pages, though: huge pages are rather
2779 * unlikely to succeed so close to the limit, and we fall back
2780 * to regular pages anyway in case of failure.
2782 if (nr_reclaimed && nr_pages <= (1 << PAGE_ALLOC_COSTLY_ORDER))
2785 * At task move, charge accounts can be doubly counted. So, it's
2786 * better to wait until the end of task_move if something is going on.
2788 if (mem_cgroup_wait_acct_move(mem_over_limit))
2794 if (gfp_mask & __GFP_RETRY_MAYFAIL)
2797 /* Avoid endless loop for tasks bypassed by the oom killer */
2798 if (passed_oom && task_is_dying())
2802 * keep retrying as long as the memcg oom killer is able to make
2803 * a forward progress or bypass the charge if the oom killer
2804 * couldn't make any progress.
2806 if (mem_cgroup_oom(mem_over_limit, gfp_mask,
2807 get_order(nr_pages * PAGE_SIZE))) {
2809 nr_retries = MAX_RECLAIM_RETRIES;
2814 * Memcg doesn't have a dedicated reserve for atomic
2815 * allocations. But like the global atomic pool, we need to
2816 * put the burden of reclaim on regular allocation requests
2817 * and let these go through as privileged allocations.
2819 if (!(gfp_mask & (__GFP_NOFAIL | __GFP_HIGH)))
2823 * If the allocation has to be enforced, don't forget to raise
2824 * a MEMCG_MAX event.
2826 if (!raised_max_event)
2827 memcg_memory_event(mem_over_limit, MEMCG_MAX);
2830 * The allocation either can't fail or will lead to more memory
2831 * being freed very soon. Allow memory usage go over the limit
2832 * temporarily by force charging it.
2834 page_counter_charge(&memcg->memory, nr_pages);
2835 if (do_memsw_account())
2836 page_counter_charge(&memcg->memsw, nr_pages);
2841 if (batch > nr_pages)
2842 refill_stock(memcg, batch - nr_pages);
2845 * If the hierarchy is above the normal consumption range, schedule
2846 * reclaim on returning to userland. We can perform reclaim here
2847 * if __GFP_RECLAIM but let's always punt for simplicity and so that
2848 * GFP_KERNEL can consistently be used during reclaim. @memcg is
2849 * not recorded as it most likely matches current's and won't
2850 * change in the meantime. As high limit is checked again before
2851 * reclaim, the cost of mismatch is negligible.
2854 bool mem_high, swap_high;
2856 mem_high = page_counter_read(&memcg->memory) >
2857 READ_ONCE(memcg->memory.high);
2858 swap_high = page_counter_read(&memcg->swap) >
2859 READ_ONCE(memcg->swap.high);
2861 /* Don't bother a random interrupted task */
2864 schedule_work(&memcg->high_work);
2870 if (mem_high || swap_high) {
2872 * The allocating tasks in this cgroup will need to do
2873 * reclaim or be throttled to prevent further growth
2874 * of the memory or swap footprints.
2876 * Target some best-effort fairness between the tasks,
2877 * and distribute reclaim work and delay penalties
2878 * based on how much each task is actually allocating.
2880 current->memcg_nr_pages_over_high += batch;
2881 set_notify_resume(current);
2884 } while ((memcg = parent_mem_cgroup(memcg)));
2886 if (current->memcg_nr_pages_over_high > MEMCG_CHARGE_BATCH &&
2887 !(current->flags & PF_MEMALLOC) &&
2888 gfpflags_allow_blocking(gfp_mask)) {
2889 mem_cgroup_handle_over_high(gfp_mask);
2894 static inline int try_charge(struct mem_cgroup *memcg, gfp_t gfp_mask,
2895 unsigned int nr_pages)
2897 if (mem_cgroup_is_root(memcg))
2900 return try_charge_memcg(memcg, gfp_mask, nr_pages);
2904 * mem_cgroup_cancel_charge() - cancel an uncommitted try_charge() call.
2905 * @memcg: memcg previously charged.
2906 * @nr_pages: number of pages previously charged.
2908 void mem_cgroup_cancel_charge(struct mem_cgroup *memcg, unsigned int nr_pages)
2910 if (mem_cgroup_is_root(memcg))
2913 page_counter_uncharge(&memcg->memory, nr_pages);
2914 if (do_memsw_account())
2915 page_counter_uncharge(&memcg->memsw, nr_pages);
2918 static void commit_charge(struct folio *folio, struct mem_cgroup *memcg)
2920 VM_BUG_ON_FOLIO(folio_memcg(folio), folio);
2922 * Any of the following ensures page's memcg stability:
2926 * - folio_memcg_lock()
2927 * - exclusive reference
2928 * - mem_cgroup_trylock_pages()
2930 folio->memcg_data = (unsigned long)memcg;
2934 * mem_cgroup_commit_charge - commit a previously successful try_charge().
2935 * @folio: folio to commit the charge to.
2936 * @memcg: memcg previously charged.
2938 void mem_cgroup_commit_charge(struct folio *folio, struct mem_cgroup *memcg)
2940 css_get(&memcg->css);
2941 commit_charge(folio, memcg);
2943 local_irq_disable();
2944 mem_cgroup_charge_statistics(memcg, folio_nr_pages(folio));
2945 memcg_check_events(memcg, folio_nid(folio));
2949 #ifdef CONFIG_MEMCG_KMEM
2951 * The allocated objcg pointers array is not accounted directly.
2952 * Moreover, it should not come from DMA buffer and is not readily
2953 * reclaimable. So those GFP bits should be masked off.
2955 #define OBJCGS_CLEAR_MASK (__GFP_DMA | __GFP_RECLAIMABLE | \
2956 __GFP_ACCOUNT | __GFP_NOFAIL)
2959 * mod_objcg_mlstate() may be called with irq enabled, so
2960 * mod_memcg_lruvec_state() should be used.
2962 static inline void mod_objcg_mlstate(struct obj_cgroup *objcg,
2963 struct pglist_data *pgdat,
2964 enum node_stat_item idx, int nr)
2966 struct mem_cgroup *memcg;
2967 struct lruvec *lruvec;
2970 memcg = obj_cgroup_memcg(objcg);
2971 lruvec = mem_cgroup_lruvec(memcg, pgdat);
2972 mod_memcg_lruvec_state(lruvec, idx, nr);
2976 int memcg_alloc_slab_cgroups(struct slab *slab, struct kmem_cache *s,
2977 gfp_t gfp, bool new_slab)
2979 unsigned int objects = objs_per_slab(s, slab);
2980 unsigned long memcg_data;
2983 gfp &= ~OBJCGS_CLEAR_MASK;
2984 vec = kcalloc_node(objects, sizeof(struct obj_cgroup *), gfp,
2989 memcg_data = (unsigned long) vec | MEMCG_DATA_OBJCGS;
2992 * If the slab is brand new and nobody can yet access its
2993 * memcg_data, no synchronization is required and memcg_data can
2994 * be simply assigned.
2996 slab->memcg_data = memcg_data;
2997 } else if (cmpxchg(&slab->memcg_data, 0, memcg_data)) {
2999 * If the slab is already in use, somebody can allocate and
3000 * assign obj_cgroups in parallel. In this case the existing
3001 * objcg vector should be reused.
3007 kmemleak_not_leak(vec);
3011 static __always_inline
3012 struct mem_cgroup *mem_cgroup_from_obj_folio(struct folio *folio, void *p)
3015 * Slab objects are accounted individually, not per-page.
3016 * Memcg membership data for each individual object is saved in
3019 if (folio_test_slab(folio)) {
3020 struct obj_cgroup **objcgs;
3024 slab = folio_slab(folio);
3025 objcgs = slab_objcgs(slab);
3029 off = obj_to_index(slab->slab_cache, slab, p);
3031 return obj_cgroup_memcg(objcgs[off]);
3037 * folio_memcg_check() is used here, because in theory we can encounter
3038 * a folio where the slab flag has been cleared already, but
3039 * slab->memcg_data has not been freed yet
3040 * folio_memcg_check() will guarantee that a proper memory
3041 * cgroup pointer or NULL will be returned.
3043 return folio_memcg_check(folio);
3047 * Returns a pointer to the memory cgroup to which the kernel object is charged.
3049 * A passed kernel object can be a slab object, vmalloc object or a generic
3050 * kernel page, so different mechanisms for getting the memory cgroup pointer
3053 * In certain cases (e.g. kernel stacks or large kmallocs with SLUB) the caller
3054 * can not know for sure how the kernel object is implemented.
3055 * mem_cgroup_from_obj() can be safely used in such cases.
3057 * The caller must ensure the memcg lifetime, e.g. by taking rcu_read_lock(),
3058 * cgroup_mutex, etc.
3060 struct mem_cgroup *mem_cgroup_from_obj(void *p)
3062 struct folio *folio;
3064 if (mem_cgroup_disabled())
3067 if (unlikely(is_vmalloc_addr(p)))
3068 folio = page_folio(vmalloc_to_page(p));
3070 folio = virt_to_folio(p);
3072 return mem_cgroup_from_obj_folio(folio, p);
3076 * Returns a pointer to the memory cgroup to which the kernel object is charged.
3077 * Similar to mem_cgroup_from_obj(), but faster and not suitable for objects,
3078 * allocated using vmalloc().
3080 * A passed kernel object must be a slab object or a generic kernel page.
3082 * The caller must ensure the memcg lifetime, e.g. by taking rcu_read_lock(),
3083 * cgroup_mutex, etc.
3085 struct mem_cgroup *mem_cgroup_from_slab_obj(void *p)
3087 if (mem_cgroup_disabled())
3090 return mem_cgroup_from_obj_folio(virt_to_folio(p), p);
3093 static struct obj_cgroup *__get_obj_cgroup_from_memcg(struct mem_cgroup *memcg)
3095 struct obj_cgroup *objcg = NULL;
3097 for (; !mem_cgroup_is_root(memcg); memcg = parent_mem_cgroup(memcg)) {
3098 objcg = rcu_dereference(memcg->objcg);
3099 if (likely(objcg && obj_cgroup_tryget(objcg)))
3106 static struct obj_cgroup *current_objcg_update(void)
3108 struct mem_cgroup *memcg;
3109 struct obj_cgroup *old, *objcg = NULL;
3112 /* Atomically drop the update bit. */
3113 old = xchg(¤t->objcg, NULL);
3115 old = (struct obj_cgroup *)
3116 ((unsigned long)old & ~CURRENT_OBJCG_UPDATE_FLAG);
3118 obj_cgroup_put(old);
3123 /* If new objcg is NULL, no reason for the second atomic update. */
3124 if (!current->mm || (current->flags & PF_KTHREAD))
3128 * Release the objcg pointer from the previous iteration,
3129 * if try_cmpxcg() below fails.
3131 if (unlikely(objcg)) {
3132 obj_cgroup_put(objcg);
3137 * Obtain the new objcg pointer. The current task can be
3138 * asynchronously moved to another memcg and the previous
3139 * memcg can be offlined. So let's get the memcg pointer
3140 * and try get a reference to objcg under a rcu read lock.
3144 memcg = mem_cgroup_from_task(current);
3145 objcg = __get_obj_cgroup_from_memcg(memcg);
3149 * Try set up a new objcg pointer atomically. If it
3150 * fails, it means the update flag was set concurrently, so
3151 * the whole procedure should be repeated.
3153 } while (!try_cmpxchg(¤t->objcg, &old, objcg));
3158 __always_inline struct obj_cgroup *current_obj_cgroup(void)
3160 struct mem_cgroup *memcg;
3161 struct obj_cgroup *objcg;
3164 memcg = current->active_memcg;
3165 if (unlikely(memcg))
3168 objcg = READ_ONCE(current->objcg);
3169 if (unlikely((unsigned long)objcg & CURRENT_OBJCG_UPDATE_FLAG))
3170 objcg = current_objcg_update();
3172 * Objcg reference is kept by the task, so it's safe
3173 * to use the objcg by the current task.
3178 memcg = this_cpu_read(int_active_memcg);
3179 if (unlikely(memcg))
3186 for (; !mem_cgroup_is_root(memcg); memcg = parent_mem_cgroup(memcg)) {
3188 * Memcg pointer is protected by scope (see set_active_memcg())
3189 * and is pinning the corresponding objcg, so objcg can't go
3190 * away and can be used within the scope without any additional
3193 objcg = rcu_dereference_check(memcg->objcg, 1);
3201 struct obj_cgroup *get_obj_cgroup_from_folio(struct folio *folio)
3203 struct obj_cgroup *objcg;
3205 if (!memcg_kmem_online())
3208 if (folio_memcg_kmem(folio)) {
3209 objcg = __folio_objcg(folio);
3210 obj_cgroup_get(objcg);
3212 struct mem_cgroup *memcg;
3215 memcg = __folio_memcg(folio);
3217 objcg = __get_obj_cgroup_from_memcg(memcg);
3225 static void memcg_account_kmem(struct mem_cgroup *memcg, int nr_pages)
3227 mod_memcg_state(memcg, MEMCG_KMEM, nr_pages);
3228 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys)) {
3230 page_counter_charge(&memcg->kmem, nr_pages);
3232 page_counter_uncharge(&memcg->kmem, -nr_pages);
3238 * obj_cgroup_uncharge_pages: uncharge a number of kernel pages from a objcg
3239 * @objcg: object cgroup to uncharge
3240 * @nr_pages: number of pages to uncharge
3242 static void obj_cgroup_uncharge_pages(struct obj_cgroup *objcg,
3243 unsigned int nr_pages)
3245 struct mem_cgroup *memcg;
3247 memcg = get_mem_cgroup_from_objcg(objcg);
3249 memcg_account_kmem(memcg, -nr_pages);
3250 refill_stock(memcg, nr_pages);
3252 css_put(&memcg->css);
3256 * obj_cgroup_charge_pages: charge a number of kernel pages to a objcg
3257 * @objcg: object cgroup to charge
3258 * @gfp: reclaim mode
3259 * @nr_pages: number of pages to charge
3261 * Returns 0 on success, an error code on failure.
3263 static int obj_cgroup_charge_pages(struct obj_cgroup *objcg, gfp_t gfp,
3264 unsigned int nr_pages)
3266 struct mem_cgroup *memcg;
3269 memcg = get_mem_cgroup_from_objcg(objcg);
3271 ret = try_charge_memcg(memcg, gfp, nr_pages);
3275 memcg_account_kmem(memcg, nr_pages);
3277 css_put(&memcg->css);
3283 * __memcg_kmem_charge_page: charge a kmem page to the current memory cgroup
3284 * @page: page to charge
3285 * @gfp: reclaim mode
3286 * @order: allocation order
3288 * Returns 0 on success, an error code on failure.
3290 int __memcg_kmem_charge_page(struct page *page, gfp_t gfp, int order)
3292 struct obj_cgroup *objcg;
3295 objcg = current_obj_cgroup();
3297 ret = obj_cgroup_charge_pages(objcg, gfp, 1 << order);
3299 obj_cgroup_get(objcg);
3300 page->memcg_data = (unsigned long)objcg |
3309 * __memcg_kmem_uncharge_page: uncharge a kmem page
3310 * @page: page to uncharge
3311 * @order: allocation order
3313 void __memcg_kmem_uncharge_page(struct page *page, int order)
3315 struct folio *folio = page_folio(page);
3316 struct obj_cgroup *objcg;
3317 unsigned int nr_pages = 1 << order;
3319 if (!folio_memcg_kmem(folio))
3322 objcg = __folio_objcg(folio);
3323 obj_cgroup_uncharge_pages(objcg, nr_pages);
3324 folio->memcg_data = 0;
3325 obj_cgroup_put(objcg);
3328 void mod_objcg_state(struct obj_cgroup *objcg, struct pglist_data *pgdat,
3329 enum node_stat_item idx, int nr)
3331 struct memcg_stock_pcp *stock;
3332 struct obj_cgroup *old = NULL;
3333 unsigned long flags;
3336 local_lock_irqsave(&memcg_stock.stock_lock, flags);
3337 stock = this_cpu_ptr(&memcg_stock);
3340 * Save vmstat data in stock and skip vmstat array update unless
3341 * accumulating over a page of vmstat data or when pgdat or idx
3344 if (READ_ONCE(stock->cached_objcg) != objcg) {
3345 old = drain_obj_stock(stock);
3346 obj_cgroup_get(objcg);
3347 stock->nr_bytes = atomic_read(&objcg->nr_charged_bytes)
3348 ? atomic_xchg(&objcg->nr_charged_bytes, 0) : 0;
3349 WRITE_ONCE(stock->cached_objcg, objcg);
3350 stock->cached_pgdat = pgdat;
3351 } else if (stock->cached_pgdat != pgdat) {
3352 /* Flush the existing cached vmstat data */
3353 struct pglist_data *oldpg = stock->cached_pgdat;
3355 if (stock->nr_slab_reclaimable_b) {
3356 mod_objcg_mlstate(objcg, oldpg, NR_SLAB_RECLAIMABLE_B,
3357 stock->nr_slab_reclaimable_b);
3358 stock->nr_slab_reclaimable_b = 0;
3360 if (stock->nr_slab_unreclaimable_b) {
3361 mod_objcg_mlstate(objcg, oldpg, NR_SLAB_UNRECLAIMABLE_B,
3362 stock->nr_slab_unreclaimable_b);
3363 stock->nr_slab_unreclaimable_b = 0;
3365 stock->cached_pgdat = pgdat;
3368 bytes = (idx == NR_SLAB_RECLAIMABLE_B) ? &stock->nr_slab_reclaimable_b
3369 : &stock->nr_slab_unreclaimable_b;
3371 * Even for large object >= PAGE_SIZE, the vmstat data will still be
3372 * cached locally at least once before pushing it out.
3379 if (abs(*bytes) > PAGE_SIZE) {
3387 mod_objcg_mlstate(objcg, pgdat, idx, nr);
3389 local_unlock_irqrestore(&memcg_stock.stock_lock, flags);
3391 obj_cgroup_put(old);
3394 static bool consume_obj_stock(struct obj_cgroup *objcg, unsigned int nr_bytes)
3396 struct memcg_stock_pcp *stock;
3397 unsigned long flags;
3400 local_lock_irqsave(&memcg_stock.stock_lock, flags);
3402 stock = this_cpu_ptr(&memcg_stock);
3403 if (objcg == READ_ONCE(stock->cached_objcg) && stock->nr_bytes >= nr_bytes) {
3404 stock->nr_bytes -= nr_bytes;
3408 local_unlock_irqrestore(&memcg_stock.stock_lock, flags);
3413 static struct obj_cgroup *drain_obj_stock(struct memcg_stock_pcp *stock)
3415 struct obj_cgroup *old = READ_ONCE(stock->cached_objcg);
3420 if (stock->nr_bytes) {
3421 unsigned int nr_pages = stock->nr_bytes >> PAGE_SHIFT;
3422 unsigned int nr_bytes = stock->nr_bytes & (PAGE_SIZE - 1);
3425 struct mem_cgroup *memcg;
3427 memcg = get_mem_cgroup_from_objcg(old);
3429 memcg_account_kmem(memcg, -nr_pages);
3430 __refill_stock(memcg, nr_pages);
3432 css_put(&memcg->css);
3436 * The leftover is flushed to the centralized per-memcg value.
3437 * On the next attempt to refill obj stock it will be moved
3438 * to a per-cpu stock (probably, on an other CPU), see
3439 * refill_obj_stock().
3441 * How often it's flushed is a trade-off between the memory
3442 * limit enforcement accuracy and potential CPU contention,
3443 * so it might be changed in the future.
3445 atomic_add(nr_bytes, &old->nr_charged_bytes);
3446 stock->nr_bytes = 0;
3450 * Flush the vmstat data in current stock
3452 if (stock->nr_slab_reclaimable_b || stock->nr_slab_unreclaimable_b) {
3453 if (stock->nr_slab_reclaimable_b) {
3454 mod_objcg_mlstate(old, stock->cached_pgdat,
3455 NR_SLAB_RECLAIMABLE_B,
3456 stock->nr_slab_reclaimable_b);
3457 stock->nr_slab_reclaimable_b = 0;
3459 if (stock->nr_slab_unreclaimable_b) {
3460 mod_objcg_mlstate(old, stock->cached_pgdat,
3461 NR_SLAB_UNRECLAIMABLE_B,
3462 stock->nr_slab_unreclaimable_b);
3463 stock->nr_slab_unreclaimable_b = 0;
3465 stock->cached_pgdat = NULL;
3468 WRITE_ONCE(stock->cached_objcg, NULL);
3470 * The `old' objects needs to be released by the caller via
3471 * obj_cgroup_put() outside of memcg_stock_pcp::stock_lock.
3476 static bool obj_stock_flush_required(struct memcg_stock_pcp *stock,
3477 struct mem_cgroup *root_memcg)
3479 struct obj_cgroup *objcg = READ_ONCE(stock->cached_objcg);
3480 struct mem_cgroup *memcg;
3483 memcg = obj_cgroup_memcg(objcg);
3484 if (memcg && mem_cgroup_is_descendant(memcg, root_memcg))
3491 static void refill_obj_stock(struct obj_cgroup *objcg, unsigned int nr_bytes,
3492 bool allow_uncharge)
3494 struct memcg_stock_pcp *stock;
3495 struct obj_cgroup *old = NULL;
3496 unsigned long flags;
3497 unsigned int nr_pages = 0;
3499 local_lock_irqsave(&memcg_stock.stock_lock, flags);
3501 stock = this_cpu_ptr(&memcg_stock);
3502 if (READ_ONCE(stock->cached_objcg) != objcg) { /* reset if necessary */
3503 old = drain_obj_stock(stock);
3504 obj_cgroup_get(objcg);
3505 WRITE_ONCE(stock->cached_objcg, objcg);
3506 stock->nr_bytes = atomic_read(&objcg->nr_charged_bytes)
3507 ? atomic_xchg(&objcg->nr_charged_bytes, 0) : 0;
3508 allow_uncharge = true; /* Allow uncharge when objcg changes */
3510 stock->nr_bytes += nr_bytes;
3512 if (allow_uncharge && (stock->nr_bytes > PAGE_SIZE)) {
3513 nr_pages = stock->nr_bytes >> PAGE_SHIFT;
3514 stock->nr_bytes &= (PAGE_SIZE - 1);
3517 local_unlock_irqrestore(&memcg_stock.stock_lock, flags);
3519 obj_cgroup_put(old);
3522 obj_cgroup_uncharge_pages(objcg, nr_pages);
3525 int obj_cgroup_charge(struct obj_cgroup *objcg, gfp_t gfp, size_t size)
3527 unsigned int nr_pages, nr_bytes;
3530 if (consume_obj_stock(objcg, size))
3534 * In theory, objcg->nr_charged_bytes can have enough
3535 * pre-charged bytes to satisfy the allocation. However,
3536 * flushing objcg->nr_charged_bytes requires two atomic
3537 * operations, and objcg->nr_charged_bytes can't be big.
3538 * The shared objcg->nr_charged_bytes can also become a
3539 * performance bottleneck if all tasks of the same memcg are
3540 * trying to update it. So it's better to ignore it and try
3541 * grab some new pages. The stock's nr_bytes will be flushed to
3542 * objcg->nr_charged_bytes later on when objcg changes.
3544 * The stock's nr_bytes may contain enough pre-charged bytes
3545 * to allow one less page from being charged, but we can't rely
3546 * on the pre-charged bytes not being changed outside of
3547 * consume_obj_stock() or refill_obj_stock(). So ignore those
3548 * pre-charged bytes as well when charging pages. To avoid a
3549 * page uncharge right after a page charge, we set the
3550 * allow_uncharge flag to false when calling refill_obj_stock()
3551 * to temporarily allow the pre-charged bytes to exceed the page
3552 * size limit. The maximum reachable value of the pre-charged
3553 * bytes is (sizeof(object) + PAGE_SIZE - 2) if there is no data
3556 nr_pages = size >> PAGE_SHIFT;
3557 nr_bytes = size & (PAGE_SIZE - 1);
3562 ret = obj_cgroup_charge_pages(objcg, gfp, nr_pages);
3563 if (!ret && nr_bytes)
3564 refill_obj_stock(objcg, PAGE_SIZE - nr_bytes, false);
3569 void obj_cgroup_uncharge(struct obj_cgroup *objcg, size_t size)
3571 refill_obj_stock(objcg, size, true);
3574 #endif /* CONFIG_MEMCG_KMEM */
3577 * Because page_memcg(head) is not set on tails, set it now.
3579 void split_page_memcg(struct page *head, unsigned int nr)
3581 struct folio *folio = page_folio(head);
3582 struct mem_cgroup *memcg = folio_memcg(folio);
3585 if (mem_cgroup_disabled() || !memcg)
3588 for (i = 1; i < nr; i++)
3589 folio_page(folio, i)->memcg_data = folio->memcg_data;
3591 if (folio_memcg_kmem(folio))
3592 obj_cgroup_get_many(__folio_objcg(folio), nr - 1);
3594 css_get_many(&memcg->css, nr - 1);
3599 * mem_cgroup_move_swap_account - move swap charge and swap_cgroup's record.
3600 * @entry: swap entry to be moved
3601 * @from: mem_cgroup which the entry is moved from
3602 * @to: mem_cgroup which the entry is moved to
3604 * It succeeds only when the swap_cgroup's record for this entry is the same
3605 * as the mem_cgroup's id of @from.
3607 * Returns 0 on success, -EINVAL on failure.
3609 * The caller must have charged to @to, IOW, called page_counter_charge() about
3610 * both res and memsw, and called css_get().
3612 static int mem_cgroup_move_swap_account(swp_entry_t entry,
3613 struct mem_cgroup *from, struct mem_cgroup *to)
3615 unsigned short old_id, new_id;
3617 old_id = mem_cgroup_id(from);
3618 new_id = mem_cgroup_id(to);
3620 if (swap_cgroup_cmpxchg(entry, old_id, new_id) == old_id) {
3621 mod_memcg_state(from, MEMCG_SWAP, -1);
3622 mod_memcg_state(to, MEMCG_SWAP, 1);
3628 static inline int mem_cgroup_move_swap_account(swp_entry_t entry,
3629 struct mem_cgroup *from, struct mem_cgroup *to)
3635 static DEFINE_MUTEX(memcg_max_mutex);
3637 static int mem_cgroup_resize_max(struct mem_cgroup *memcg,
3638 unsigned long max, bool memsw)
3640 bool enlarge = false;
3641 bool drained = false;
3643 bool limits_invariant;
3644 struct page_counter *counter = memsw ? &memcg->memsw : &memcg->memory;
3647 if (signal_pending(current)) {
3652 mutex_lock(&memcg_max_mutex);
3654 * Make sure that the new limit (memsw or memory limit) doesn't
3655 * break our basic invariant rule memory.max <= memsw.max.
3657 limits_invariant = memsw ? max >= READ_ONCE(memcg->memory.max) :
3658 max <= memcg->memsw.max;
3659 if (!limits_invariant) {
3660 mutex_unlock(&memcg_max_mutex);
3664 if (max > counter->max)
3666 ret = page_counter_set_max(counter, max);
3667 mutex_unlock(&memcg_max_mutex);
3673 drain_all_stock(memcg);
3678 if (!try_to_free_mem_cgroup_pages(memcg, 1, GFP_KERNEL,
3679 memsw ? 0 : MEMCG_RECLAIM_MAY_SWAP)) {
3685 if (!ret && enlarge)
3686 memcg_oom_recover(memcg);
3691 unsigned long mem_cgroup_soft_limit_reclaim(pg_data_t *pgdat, int order,
3693 unsigned long *total_scanned)
3695 unsigned long nr_reclaimed = 0;
3696 struct mem_cgroup_per_node *mz, *next_mz = NULL;
3697 unsigned long reclaimed;
3699 struct mem_cgroup_tree_per_node *mctz;
3700 unsigned long excess;
3702 if (lru_gen_enabled())
3708 mctz = soft_limit_tree.rb_tree_per_node[pgdat->node_id];
3711 * Do not even bother to check the largest node if the root
3712 * is empty. Do it lockless to prevent lock bouncing. Races
3713 * are acceptable as soft limit is best effort anyway.
3715 if (!mctz || RB_EMPTY_ROOT(&mctz->rb_root))
3719 * This loop can run a while, specially if mem_cgroup's continuously
3720 * keep exceeding their soft limit and putting the system under
3727 mz = mem_cgroup_largest_soft_limit_node(mctz);
3731 reclaimed = mem_cgroup_soft_reclaim(mz->memcg, pgdat,
3732 gfp_mask, total_scanned);
3733 nr_reclaimed += reclaimed;
3734 spin_lock_irq(&mctz->lock);
3737 * If we failed to reclaim anything from this memory cgroup
3738 * it is time to move on to the next cgroup
3742 next_mz = __mem_cgroup_largest_soft_limit_node(mctz);
3744 excess = soft_limit_excess(mz->memcg);
3746 * One school of thought says that we should not add
3747 * back the node to the tree if reclaim returns 0.
3748 * But our reclaim could return 0, simply because due
3749 * to priority we are exposing a smaller subset of
3750 * memory to reclaim from. Consider this as a longer
3753 /* If excess == 0, no tree ops */
3754 __mem_cgroup_insert_exceeded(mz, mctz, excess);
3755 spin_unlock_irq(&mctz->lock);
3756 css_put(&mz->memcg->css);
3759 * Could not reclaim anything and there are no more
3760 * mem cgroups to try or we seem to be looping without
3761 * reclaiming anything.
3763 if (!nr_reclaimed &&
3765 loop > MEM_CGROUP_MAX_SOFT_LIMIT_RECLAIM_LOOPS))
3767 } while (!nr_reclaimed);
3769 css_put(&next_mz->memcg->css);
3770 return nr_reclaimed;
3774 * Reclaims as many pages from the given memcg as possible.
3776 * Caller is responsible for holding css reference for memcg.
3778 static int mem_cgroup_force_empty(struct mem_cgroup *memcg)
3780 int nr_retries = MAX_RECLAIM_RETRIES;
3782 /* we call try-to-free pages for make this cgroup empty */
3783 lru_add_drain_all();
3785 drain_all_stock(memcg);
3787 /* try to free all pages in this cgroup */
3788 while (nr_retries && page_counter_read(&memcg->memory)) {
3789 if (signal_pending(current))
3792 if (!try_to_free_mem_cgroup_pages(memcg, 1, GFP_KERNEL,
3793 MEMCG_RECLAIM_MAY_SWAP))
3800 static ssize_t mem_cgroup_force_empty_write(struct kernfs_open_file *of,
3801 char *buf, size_t nbytes,
3804 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of));
3806 if (mem_cgroup_is_root(memcg))
3808 return mem_cgroup_force_empty(memcg) ?: nbytes;
3811 static u64 mem_cgroup_hierarchy_read(struct cgroup_subsys_state *css,
3817 static int mem_cgroup_hierarchy_write(struct cgroup_subsys_state *css,
3818 struct cftype *cft, u64 val)
3823 pr_warn_once("Non-hierarchical mode is deprecated. "
3824 "Please report your usecase to linux-mm@kvack.org if you "
3825 "depend on this functionality.\n");
3830 static unsigned long mem_cgroup_usage(struct mem_cgroup *memcg, bool swap)
3834 if (mem_cgroup_is_root(memcg)) {
3836 * Approximate root's usage from global state. This isn't
3837 * perfect, but the root usage was always an approximation.
3839 val = global_node_page_state(NR_FILE_PAGES) +
3840 global_node_page_state(NR_ANON_MAPPED);
3842 val += total_swap_pages - get_nr_swap_pages();
3845 val = page_counter_read(&memcg->memory);
3847 val = page_counter_read(&memcg->memsw);
3860 static u64 mem_cgroup_read_u64(struct cgroup_subsys_state *css,
3863 struct mem_cgroup *memcg = mem_cgroup_from_css(css);
3864 struct page_counter *counter;
3866 switch (MEMFILE_TYPE(cft->private)) {
3868 counter = &memcg->memory;
3871 counter = &memcg->memsw;
3874 counter = &memcg->kmem;
3877 counter = &memcg->tcpmem;
3883 switch (MEMFILE_ATTR(cft->private)) {
3885 if (counter == &memcg->memory)
3886 return (u64)mem_cgroup_usage(memcg, false) * PAGE_SIZE;
3887 if (counter == &memcg->memsw)
3888 return (u64)mem_cgroup_usage(memcg, true) * PAGE_SIZE;
3889 return (u64)page_counter_read(counter) * PAGE_SIZE;
3891 return (u64)counter->max * PAGE_SIZE;
3893 return (u64)counter->watermark * PAGE_SIZE;
3895 return counter->failcnt;
3896 case RES_SOFT_LIMIT:
3897 return (u64)READ_ONCE(memcg->soft_limit) * PAGE_SIZE;
3904 * This function doesn't do anything useful. Its only job is to provide a read
3905 * handler for a file so that cgroup_file_mode() will add read permissions.
3907 static int mem_cgroup_dummy_seq_show(__always_unused struct seq_file *m,
3908 __always_unused void *v)
3913 #ifdef CONFIG_MEMCG_KMEM
3914 static int memcg_online_kmem(struct mem_cgroup *memcg)
3916 struct obj_cgroup *objcg;
3918 if (mem_cgroup_kmem_disabled())
3921 if (unlikely(mem_cgroup_is_root(memcg)))
3924 objcg = obj_cgroup_alloc();
3928 objcg->memcg = memcg;
3929 rcu_assign_pointer(memcg->objcg, objcg);
3930 obj_cgroup_get(objcg);
3931 memcg->orig_objcg = objcg;
3933 static_branch_enable(&memcg_kmem_online_key);
3935 memcg->kmemcg_id = memcg->id.id;
3940 static void memcg_offline_kmem(struct mem_cgroup *memcg)
3942 struct mem_cgroup *parent;
3944 if (mem_cgroup_kmem_disabled())
3947 if (unlikely(mem_cgroup_is_root(memcg)))
3950 parent = parent_mem_cgroup(memcg);
3952 parent = root_mem_cgroup;
3954 memcg_reparent_objcgs(memcg, parent);
3957 * After we have finished memcg_reparent_objcgs(), all list_lrus
3958 * corresponding to this cgroup are guaranteed to remain empty.
3959 * The ordering is imposed by list_lru_node->lock taken by
3960 * memcg_reparent_list_lrus().
3962 memcg_reparent_list_lrus(memcg, parent);
3965 static int memcg_online_kmem(struct mem_cgroup *memcg)
3969 static void memcg_offline_kmem(struct mem_cgroup *memcg)
3972 #endif /* CONFIG_MEMCG_KMEM */
3974 static int memcg_update_tcp_max(struct mem_cgroup *memcg, unsigned long max)
3978 mutex_lock(&memcg_max_mutex);
3980 ret = page_counter_set_max(&memcg->tcpmem, max);
3984 if (!memcg->tcpmem_active) {
3986 * The active flag needs to be written after the static_key
3987 * update. This is what guarantees that the socket activation
3988 * function is the last one to run. See mem_cgroup_sk_alloc()
3989 * for details, and note that we don't mark any socket as
3990 * belonging to this memcg until that flag is up.
3992 * We need to do this, because static_keys will span multiple
3993 * sites, but we can't control their order. If we mark a socket
3994 * as accounted, but the accounting functions are not patched in
3995 * yet, we'll lose accounting.
3997 * We never race with the readers in mem_cgroup_sk_alloc(),
3998 * because when this value change, the code to process it is not
4001 static_branch_inc(&memcg_sockets_enabled_key);
4002 memcg->tcpmem_active = true;
4005 mutex_unlock(&memcg_max_mutex);
4010 * The user of this function is...
4013 static ssize_t mem_cgroup_write(struct kernfs_open_file *of,
4014 char *buf, size_t nbytes, loff_t off)
4016 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of));
4017 unsigned long nr_pages;
4020 buf = strstrip(buf);
4021 ret = page_counter_memparse(buf, "-1", &nr_pages);
4025 switch (MEMFILE_ATTR(of_cft(of)->private)) {
4027 if (mem_cgroup_is_root(memcg)) { /* Can't set limit on root */
4031 switch (MEMFILE_TYPE(of_cft(of)->private)) {
4033 ret = mem_cgroup_resize_max(memcg, nr_pages, false);
4036 ret = mem_cgroup_resize_max(memcg, nr_pages, true);
4039 pr_warn_once("kmem.limit_in_bytes is deprecated and will be removed. "
4040 "Writing any value to this file has no effect. "
4041 "Please report your usecase to linux-mm@kvack.org if you "
4042 "depend on this functionality.\n");
4046 ret = memcg_update_tcp_max(memcg, nr_pages);
4050 case RES_SOFT_LIMIT:
4051 if (IS_ENABLED(CONFIG_PREEMPT_RT)) {
4054 WRITE_ONCE(memcg->soft_limit, nr_pages);
4059 return ret ?: nbytes;
4062 static ssize_t mem_cgroup_reset(struct kernfs_open_file *of, char *buf,
4063 size_t nbytes, loff_t off)
4065 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of));
4066 struct page_counter *counter;
4068 switch (MEMFILE_TYPE(of_cft(of)->private)) {
4070 counter = &memcg->memory;
4073 counter = &memcg->memsw;
4076 counter = &memcg->kmem;
4079 counter = &memcg->tcpmem;
4085 switch (MEMFILE_ATTR(of_cft(of)->private)) {
4087 page_counter_reset_watermark(counter);
4090 counter->failcnt = 0;
4099 static u64 mem_cgroup_move_charge_read(struct cgroup_subsys_state *css,
4102 return mem_cgroup_from_css(css)->move_charge_at_immigrate;
4106 static int mem_cgroup_move_charge_write(struct cgroup_subsys_state *css,
4107 struct cftype *cft, u64 val)
4109 struct mem_cgroup *memcg = mem_cgroup_from_css(css);
4111 pr_warn_once("Cgroup memory moving (move_charge_at_immigrate) is deprecated. "
4112 "Please report your usecase to linux-mm@kvack.org if you "
4113 "depend on this functionality.\n");
4115 if (val & ~MOVE_MASK)
4119 * No kind of locking is needed in here, because ->can_attach() will
4120 * check this value once in the beginning of the process, and then carry
4121 * on with stale data. This means that changes to this value will only
4122 * affect task migrations starting after the change.
4124 memcg->move_charge_at_immigrate = val;
4128 static int mem_cgroup_move_charge_write(struct cgroup_subsys_state *css,
4129 struct cftype *cft, u64 val)
4137 #define LRU_ALL_FILE (BIT(LRU_INACTIVE_FILE) | BIT(LRU_ACTIVE_FILE))
4138 #define LRU_ALL_ANON (BIT(LRU_INACTIVE_ANON) | BIT(LRU_ACTIVE_ANON))
4139 #define LRU_ALL ((1 << NR_LRU_LISTS) - 1)
4141 static unsigned long mem_cgroup_node_nr_lru_pages(struct mem_cgroup *memcg,
4142 int nid, unsigned int lru_mask, bool tree)
4144 struct lruvec *lruvec = mem_cgroup_lruvec(memcg, NODE_DATA(nid));
4145 unsigned long nr = 0;
4148 VM_BUG_ON((unsigned)nid >= nr_node_ids);
4151 if (!(BIT(lru) & lru_mask))
4154 nr += lruvec_page_state(lruvec, NR_LRU_BASE + lru);
4156 nr += lruvec_page_state_local(lruvec, NR_LRU_BASE + lru);
4161 static unsigned long mem_cgroup_nr_lru_pages(struct mem_cgroup *memcg,
4162 unsigned int lru_mask,
4165 unsigned long nr = 0;
4169 if (!(BIT(lru) & lru_mask))
4172 nr += memcg_page_state(memcg, NR_LRU_BASE + lru);
4174 nr += memcg_page_state_local(memcg, NR_LRU_BASE + lru);
4179 static int memcg_numa_stat_show(struct seq_file *m, void *v)
4183 unsigned int lru_mask;
4186 static const struct numa_stat stats[] = {
4187 { "total", LRU_ALL },
4188 { "file", LRU_ALL_FILE },
4189 { "anon", LRU_ALL_ANON },
4190 { "unevictable", BIT(LRU_UNEVICTABLE) },
4192 const struct numa_stat *stat;
4194 struct mem_cgroup *memcg = mem_cgroup_from_seq(m);
4196 mem_cgroup_flush_stats();
4198 for (stat = stats; stat < stats + ARRAY_SIZE(stats); stat++) {
4199 seq_printf(m, "%s=%lu", stat->name,
4200 mem_cgroup_nr_lru_pages(memcg, stat->lru_mask,
4202 for_each_node_state(nid, N_MEMORY)
4203 seq_printf(m, " N%d=%lu", nid,
4204 mem_cgroup_node_nr_lru_pages(memcg, nid,
4205 stat->lru_mask, false));
4209 for (stat = stats; stat < stats + ARRAY_SIZE(stats); stat++) {
4211 seq_printf(m, "hierarchical_%s=%lu", stat->name,
4212 mem_cgroup_nr_lru_pages(memcg, stat->lru_mask,
4214 for_each_node_state(nid, N_MEMORY)
4215 seq_printf(m, " N%d=%lu", nid,
4216 mem_cgroup_node_nr_lru_pages(memcg, nid,
4217 stat->lru_mask, true));
4223 #endif /* CONFIG_NUMA */
4225 static const unsigned int memcg1_stats[] = {
4228 #ifdef CONFIG_TRANSPARENT_HUGEPAGE
4235 WORKINGSET_REFAULT_ANON,
4236 WORKINGSET_REFAULT_FILE,
4243 static const char *const memcg1_stat_names[] = {
4246 #ifdef CONFIG_TRANSPARENT_HUGEPAGE
4253 "workingset_refault_anon",
4254 "workingset_refault_file",
4261 /* Universal VM events cgroup1 shows, original sort order */
4262 static const unsigned int memcg1_events[] = {
4269 static void memcg1_stat_format(struct mem_cgroup *memcg, struct seq_buf *s)
4271 unsigned long memory, memsw;
4272 struct mem_cgroup *mi;
4275 BUILD_BUG_ON(ARRAY_SIZE(memcg1_stat_names) != ARRAY_SIZE(memcg1_stats));
4277 mem_cgroup_flush_stats();
4279 for (i = 0; i < ARRAY_SIZE(memcg1_stats); i++) {
4282 nr = memcg_page_state_local_output(memcg, memcg1_stats[i]);
4283 seq_buf_printf(s, "%s %lu\n", memcg1_stat_names[i], nr);
4286 for (i = 0; i < ARRAY_SIZE(memcg1_events); i++)
4287 seq_buf_printf(s, "%s %lu\n", vm_event_name(memcg1_events[i]),
4288 memcg_events_local(memcg, memcg1_events[i]));
4290 for (i = 0; i < NR_LRU_LISTS; i++)
4291 seq_buf_printf(s, "%s %lu\n", lru_list_name(i),
4292 memcg_page_state_local(memcg, NR_LRU_BASE + i) *
4295 /* Hierarchical information */
4296 memory = memsw = PAGE_COUNTER_MAX;
4297 for (mi = memcg; mi; mi = parent_mem_cgroup(mi)) {
4298 memory = min(memory, READ_ONCE(mi->memory.max));
4299 memsw = min(memsw, READ_ONCE(mi->memsw.max));
4301 seq_buf_printf(s, "hierarchical_memory_limit %llu\n",
4302 (u64)memory * PAGE_SIZE);
4303 seq_buf_printf(s, "hierarchical_memsw_limit %llu\n",
4304 (u64)memsw * PAGE_SIZE);
4306 for (i = 0; i < ARRAY_SIZE(memcg1_stats); i++) {
4309 nr = memcg_page_state_output(memcg, memcg1_stats[i]);
4310 seq_buf_printf(s, "total_%s %llu\n", memcg1_stat_names[i],
4314 for (i = 0; i < ARRAY_SIZE(memcg1_events); i++)
4315 seq_buf_printf(s, "total_%s %llu\n",
4316 vm_event_name(memcg1_events[i]),
4317 (u64)memcg_events(memcg, memcg1_events[i]));
4319 for (i = 0; i < NR_LRU_LISTS; i++)
4320 seq_buf_printf(s, "total_%s %llu\n", lru_list_name(i),
4321 (u64)memcg_page_state(memcg, NR_LRU_BASE + i) *
4324 #ifdef CONFIG_DEBUG_VM
4327 struct mem_cgroup_per_node *mz;
4328 unsigned long anon_cost = 0;
4329 unsigned long file_cost = 0;
4331 for_each_online_pgdat(pgdat) {
4332 mz = memcg->nodeinfo[pgdat->node_id];
4334 anon_cost += mz->lruvec.anon_cost;
4335 file_cost += mz->lruvec.file_cost;
4337 seq_buf_printf(s, "anon_cost %lu\n", anon_cost);
4338 seq_buf_printf(s, "file_cost %lu\n", file_cost);
4343 static u64 mem_cgroup_swappiness_read(struct cgroup_subsys_state *css,
4346 struct mem_cgroup *memcg = mem_cgroup_from_css(css);
4348 return mem_cgroup_swappiness(memcg);
4351 static int mem_cgroup_swappiness_write(struct cgroup_subsys_state *css,
4352 struct cftype *cft, u64 val)
4354 struct mem_cgroup *memcg = mem_cgroup_from_css(css);
4359 if (!mem_cgroup_is_root(memcg))
4360 WRITE_ONCE(memcg->swappiness, val);
4362 WRITE_ONCE(vm_swappiness, val);
4367 static void __mem_cgroup_threshold(struct mem_cgroup *memcg, bool swap)
4369 struct mem_cgroup_threshold_ary *t;
4370 unsigned long usage;
4375 t = rcu_dereference(memcg->thresholds.primary);
4377 t = rcu_dereference(memcg->memsw_thresholds.primary);
4382 usage = mem_cgroup_usage(memcg, swap);
4385 * current_threshold points to threshold just below or equal to usage.
4386 * If it's not true, a threshold was crossed after last
4387 * call of __mem_cgroup_threshold().
4389 i = t->current_threshold;
4392 * Iterate backward over array of thresholds starting from
4393 * current_threshold and check if a threshold is crossed.
4394 * If none of thresholds below usage is crossed, we read
4395 * only one element of the array here.
4397 for (; i >= 0 && unlikely(t->entries[i].threshold > usage); i--)
4398 eventfd_signal(t->entries[i].eventfd, 1);
4400 /* i = current_threshold + 1 */
4404 * Iterate forward over array of thresholds starting from
4405 * current_threshold+1 and check if a threshold is crossed.
4406 * If none of thresholds above usage is crossed, we read
4407 * only one element of the array here.
4409 for (; i < t->size && unlikely(t->entries[i].threshold <= usage); i++)
4410 eventfd_signal(t->entries[i].eventfd, 1);
4412 /* Update current_threshold */
4413 t->current_threshold = i - 1;
4418 static void mem_cgroup_threshold(struct mem_cgroup *memcg)
4421 __mem_cgroup_threshold(memcg, false);
4422 if (do_memsw_account())
4423 __mem_cgroup_threshold(memcg, true);
4425 memcg = parent_mem_cgroup(memcg);
4429 static int compare_thresholds(const void *a, const void *b)
4431 const struct mem_cgroup_threshold *_a = a;
4432 const struct mem_cgroup_threshold *_b = b;
4434 if (_a->threshold > _b->threshold)
4437 if (_a->threshold < _b->threshold)
4443 static int mem_cgroup_oom_notify_cb(struct mem_cgroup *memcg)
4445 struct mem_cgroup_eventfd_list *ev;
4447 spin_lock(&memcg_oom_lock);
4449 list_for_each_entry(ev, &memcg->oom_notify, list)
4450 eventfd_signal(ev->eventfd, 1);
4452 spin_unlock(&memcg_oom_lock);
4456 static void mem_cgroup_oom_notify(struct mem_cgroup *memcg)
4458 struct mem_cgroup *iter;
4460 for_each_mem_cgroup_tree(iter, memcg)
4461 mem_cgroup_oom_notify_cb(iter);
4464 static int __mem_cgroup_usage_register_event(struct mem_cgroup *memcg,
4465 struct eventfd_ctx *eventfd, const char *args, enum res_type type)
4467 struct mem_cgroup_thresholds *thresholds;
4468 struct mem_cgroup_threshold_ary *new;
4469 unsigned long threshold;
4470 unsigned long usage;
4473 ret = page_counter_memparse(args, "-1", &threshold);
4477 mutex_lock(&memcg->thresholds_lock);
4480 thresholds = &memcg->thresholds;
4481 usage = mem_cgroup_usage(memcg, false);
4482 } else if (type == _MEMSWAP) {
4483 thresholds = &memcg->memsw_thresholds;
4484 usage = mem_cgroup_usage(memcg, true);
4488 /* Check if a threshold crossed before adding a new one */
4489 if (thresholds->primary)
4490 __mem_cgroup_threshold(memcg, type == _MEMSWAP);
4492 size = thresholds->primary ? thresholds->primary->size + 1 : 1;
4494 /* Allocate memory for new array of thresholds */
4495 new = kmalloc(struct_size(new, entries, size), GFP_KERNEL);
4502 /* Copy thresholds (if any) to new array */
4503 if (thresholds->primary)
4504 memcpy(new->entries, thresholds->primary->entries,
4505 flex_array_size(new, entries, size - 1));
4507 /* Add new threshold */
4508 new->entries[size - 1].eventfd = eventfd;
4509 new->entries[size - 1].threshold = threshold;
4511 /* Sort thresholds. Registering of new threshold isn't time-critical */
4512 sort(new->entries, size, sizeof(*new->entries),
4513 compare_thresholds, NULL);
4515 /* Find current threshold */
4516 new->current_threshold = -1;
4517 for (i = 0; i < size; i++) {
4518 if (new->entries[i].threshold <= usage) {
4520 * new->current_threshold will not be used until
4521 * rcu_assign_pointer(), so it's safe to increment
4524 ++new->current_threshold;
4529 /* Free old spare buffer and save old primary buffer as spare */
4530 kfree(thresholds->spare);
4531 thresholds->spare = thresholds->primary;
4533 rcu_assign_pointer(thresholds->primary, new);
4535 /* To be sure that nobody uses thresholds */
4539 mutex_unlock(&memcg->thresholds_lock);
4544 static int mem_cgroup_usage_register_event(struct mem_cgroup *memcg,
4545 struct eventfd_ctx *eventfd, const char *args)
4547 return __mem_cgroup_usage_register_event(memcg, eventfd, args, _MEM);
4550 static int memsw_cgroup_usage_register_event(struct mem_cgroup *memcg,
4551 struct eventfd_ctx *eventfd, const char *args)
4553 return __mem_cgroup_usage_register_event(memcg, eventfd, args, _MEMSWAP);
4556 static void __mem_cgroup_usage_unregister_event(struct mem_cgroup *memcg,
4557 struct eventfd_ctx *eventfd, enum res_type type)
4559 struct mem_cgroup_thresholds *thresholds;
4560 struct mem_cgroup_threshold_ary *new;
4561 unsigned long usage;
4562 int i, j, size, entries;
4564 mutex_lock(&memcg->thresholds_lock);
4567 thresholds = &memcg->thresholds;
4568 usage = mem_cgroup_usage(memcg, false);
4569 } else if (type == _MEMSWAP) {
4570 thresholds = &memcg->memsw_thresholds;
4571 usage = mem_cgroup_usage(memcg, true);
4575 if (!thresholds->primary)
4578 /* Check if a threshold crossed before removing */
4579 __mem_cgroup_threshold(memcg, type == _MEMSWAP);
4581 /* Calculate new number of threshold */
4583 for (i = 0; i < thresholds->primary->size; i++) {
4584 if (thresholds->primary->entries[i].eventfd != eventfd)
4590 new = thresholds->spare;
4592 /* If no items related to eventfd have been cleared, nothing to do */
4596 /* Set thresholds array to NULL if we don't have thresholds */
4605 /* Copy thresholds and find current threshold */
4606 new->current_threshold = -1;
4607 for (i = 0, j = 0; i < thresholds->primary->size; i++) {
4608 if (thresholds->primary->entries[i].eventfd == eventfd)
4611 new->entries[j] = thresholds->primary->entries[i];
4612 if (new->entries[j].threshold <= usage) {
4614 * new->current_threshold will not be used
4615 * until rcu_assign_pointer(), so it's safe to increment
4618 ++new->current_threshold;
4624 /* Swap primary and spare array */
4625 thresholds->spare = thresholds->primary;
4627 rcu_assign_pointer(thresholds->primary, new);
4629 /* To be sure that nobody uses thresholds */
4632 /* If all events are unregistered, free the spare array */
4634 kfree(thresholds->spare);
4635 thresholds->spare = NULL;
4638 mutex_unlock(&memcg->thresholds_lock);
4641 static void mem_cgroup_usage_unregister_event(struct mem_cgroup *memcg,
4642 struct eventfd_ctx *eventfd)
4644 return __mem_cgroup_usage_unregister_event(memcg, eventfd, _MEM);
4647 static void memsw_cgroup_usage_unregister_event(struct mem_cgroup *memcg,
4648 struct eventfd_ctx *eventfd)
4650 return __mem_cgroup_usage_unregister_event(memcg, eventfd, _MEMSWAP);
4653 static int mem_cgroup_oom_register_event(struct mem_cgroup *memcg,
4654 struct eventfd_ctx *eventfd, const char *args)
4656 struct mem_cgroup_eventfd_list *event;
4658 event = kmalloc(sizeof(*event), GFP_KERNEL);
4662 spin_lock(&memcg_oom_lock);
4664 event->eventfd = eventfd;
4665 list_add(&event->list, &memcg->oom_notify);
4667 /* already in OOM ? */
4668 if (memcg->under_oom)
4669 eventfd_signal(eventfd, 1);
4670 spin_unlock(&memcg_oom_lock);
4675 static void mem_cgroup_oom_unregister_event(struct mem_cgroup *memcg,
4676 struct eventfd_ctx *eventfd)
4678 struct mem_cgroup_eventfd_list *ev, *tmp;
4680 spin_lock(&memcg_oom_lock);
4682 list_for_each_entry_safe(ev, tmp, &memcg->oom_notify, list) {
4683 if (ev->eventfd == eventfd) {
4684 list_del(&ev->list);
4689 spin_unlock(&memcg_oom_lock);
4692 static int mem_cgroup_oom_control_read(struct seq_file *sf, void *v)
4694 struct mem_cgroup *memcg = mem_cgroup_from_seq(sf);
4696 seq_printf(sf, "oom_kill_disable %d\n", READ_ONCE(memcg->oom_kill_disable));
4697 seq_printf(sf, "under_oom %d\n", (bool)memcg->under_oom);
4698 seq_printf(sf, "oom_kill %lu\n",
4699 atomic_long_read(&memcg->memory_events[MEMCG_OOM_KILL]));
4703 static int mem_cgroup_oom_control_write(struct cgroup_subsys_state *css,
4704 struct cftype *cft, u64 val)
4706 struct mem_cgroup *memcg = mem_cgroup_from_css(css);
4708 /* cannot set to root cgroup and only 0 and 1 are allowed */
4709 if (mem_cgroup_is_root(memcg) || !((val == 0) || (val == 1)))
4712 WRITE_ONCE(memcg->oom_kill_disable, val);
4714 memcg_oom_recover(memcg);
4719 #ifdef CONFIG_CGROUP_WRITEBACK
4721 #include <trace/events/writeback.h>
4723 static int memcg_wb_domain_init(struct mem_cgroup *memcg, gfp_t gfp)
4725 return wb_domain_init(&memcg->cgwb_domain, gfp);
4728 static void memcg_wb_domain_exit(struct mem_cgroup *memcg)
4730 wb_domain_exit(&memcg->cgwb_domain);
4733 static void memcg_wb_domain_size_changed(struct mem_cgroup *memcg)
4735 wb_domain_size_changed(&memcg->cgwb_domain);
4738 struct wb_domain *mem_cgroup_wb_domain(struct bdi_writeback *wb)
4740 struct mem_cgroup *memcg = mem_cgroup_from_css(wb->memcg_css);
4742 if (!memcg->css.parent)
4745 return &memcg->cgwb_domain;
4749 * mem_cgroup_wb_stats - retrieve writeback related stats from its memcg
4750 * @wb: bdi_writeback in question
4751 * @pfilepages: out parameter for number of file pages
4752 * @pheadroom: out parameter for number of allocatable pages according to memcg
4753 * @pdirty: out parameter for number of dirty pages
4754 * @pwriteback: out parameter for number of pages under writeback
4756 * Determine the numbers of file, headroom, dirty, and writeback pages in
4757 * @wb's memcg. File, dirty and writeback are self-explanatory. Headroom
4758 * is a bit more involved.
4760 * A memcg's headroom is "min(max, high) - used". In the hierarchy, the
4761 * headroom is calculated as the lowest headroom of itself and the
4762 * ancestors. Note that this doesn't consider the actual amount of
4763 * available memory in the system. The caller should further cap
4764 * *@pheadroom accordingly.
4766 void mem_cgroup_wb_stats(struct bdi_writeback *wb, unsigned long *pfilepages,
4767 unsigned long *pheadroom, unsigned long *pdirty,
4768 unsigned long *pwriteback)
4770 struct mem_cgroup *memcg = mem_cgroup_from_css(wb->memcg_css);
4771 struct mem_cgroup *parent;
4773 mem_cgroup_flush_stats();
4775 *pdirty = memcg_page_state(memcg, NR_FILE_DIRTY);
4776 *pwriteback = memcg_page_state(memcg, NR_WRITEBACK);
4777 *pfilepages = memcg_page_state(memcg, NR_INACTIVE_FILE) +
4778 memcg_page_state(memcg, NR_ACTIVE_FILE);
4780 *pheadroom = PAGE_COUNTER_MAX;
4781 while ((parent = parent_mem_cgroup(memcg))) {
4782 unsigned long ceiling = min(READ_ONCE(memcg->memory.max),
4783 READ_ONCE(memcg->memory.high));
4784 unsigned long used = page_counter_read(&memcg->memory);
4786 *pheadroom = min(*pheadroom, ceiling - min(ceiling, used));
4792 * Foreign dirty flushing
4794 * There's an inherent mismatch between memcg and writeback. The former
4795 * tracks ownership per-page while the latter per-inode. This was a
4796 * deliberate design decision because honoring per-page ownership in the
4797 * writeback path is complicated, may lead to higher CPU and IO overheads
4798 * and deemed unnecessary given that write-sharing an inode across
4799 * different cgroups isn't a common use-case.
4801 * Combined with inode majority-writer ownership switching, this works well
4802 * enough in most cases but there are some pathological cases. For
4803 * example, let's say there are two cgroups A and B which keep writing to
4804 * different but confined parts of the same inode. B owns the inode and
4805 * A's memory is limited far below B's. A's dirty ratio can rise enough to
4806 * trigger balance_dirty_pages() sleeps but B's can be low enough to avoid
4807 * triggering background writeback. A will be slowed down without a way to
4808 * make writeback of the dirty pages happen.
4810 * Conditions like the above can lead to a cgroup getting repeatedly and
4811 * severely throttled after making some progress after each
4812 * dirty_expire_interval while the underlying IO device is almost
4815 * Solving this problem completely requires matching the ownership tracking
4816 * granularities between memcg and writeback in either direction. However,
4817 * the more egregious behaviors can be avoided by simply remembering the
4818 * most recent foreign dirtying events and initiating remote flushes on
4819 * them when local writeback isn't enough to keep the memory clean enough.
4821 * The following two functions implement such mechanism. When a foreign
4822 * page - a page whose memcg and writeback ownerships don't match - is
4823 * dirtied, mem_cgroup_track_foreign_dirty() records the inode owning
4824 * bdi_writeback on the page owning memcg. When balance_dirty_pages()
4825 * decides that the memcg needs to sleep due to high dirty ratio, it calls
4826 * mem_cgroup_flush_foreign() which queues writeback on the recorded
4827 * foreign bdi_writebacks which haven't expired. Both the numbers of
4828 * recorded bdi_writebacks and concurrent in-flight foreign writebacks are
4829 * limited to MEMCG_CGWB_FRN_CNT.
4831 * The mechanism only remembers IDs and doesn't hold any object references.
4832 * As being wrong occasionally doesn't matter, updates and accesses to the
4833 * records are lockless and racy.
4835 void mem_cgroup_track_foreign_dirty_slowpath(struct folio *folio,
4836 struct bdi_writeback *wb)
4838 struct mem_cgroup *memcg = folio_memcg(folio);
4839 struct memcg_cgwb_frn *frn;
4840 u64 now = get_jiffies_64();
4841 u64 oldest_at = now;
4845 trace_track_foreign_dirty(folio, wb);
4848 * Pick the slot to use. If there is already a slot for @wb, keep
4849 * using it. If not replace the oldest one which isn't being
4852 for (i = 0; i < MEMCG_CGWB_FRN_CNT; i++) {
4853 frn = &memcg->cgwb_frn[i];
4854 if (frn->bdi_id == wb->bdi->id &&
4855 frn->memcg_id == wb->memcg_css->id)
4857 if (time_before64(frn->at, oldest_at) &&
4858 atomic_read(&frn->done.cnt) == 1) {
4860 oldest_at = frn->at;
4864 if (i < MEMCG_CGWB_FRN_CNT) {
4866 * Re-using an existing one. Update timestamp lazily to
4867 * avoid making the cacheline hot. We want them to be
4868 * reasonably up-to-date and significantly shorter than
4869 * dirty_expire_interval as that's what expires the record.
4870 * Use the shorter of 1s and dirty_expire_interval / 8.
4872 unsigned long update_intv =
4873 min_t(unsigned long, HZ,
4874 msecs_to_jiffies(dirty_expire_interval * 10) / 8);
4876 if (time_before64(frn->at, now - update_intv))
4878 } else if (oldest >= 0) {
4879 /* replace the oldest free one */
4880 frn = &memcg->cgwb_frn[oldest];
4881 frn->bdi_id = wb->bdi->id;
4882 frn->memcg_id = wb->memcg_css->id;
4887 /* issue foreign writeback flushes for recorded foreign dirtying events */
4888 void mem_cgroup_flush_foreign(struct bdi_writeback *wb)
4890 struct mem_cgroup *memcg = mem_cgroup_from_css(wb->memcg_css);
4891 unsigned long intv = msecs_to_jiffies(dirty_expire_interval * 10);
4892 u64 now = jiffies_64;
4895 for (i = 0; i < MEMCG_CGWB_FRN_CNT; i++) {
4896 struct memcg_cgwb_frn *frn = &memcg->cgwb_frn[i];
4899 * If the record is older than dirty_expire_interval,
4900 * writeback on it has already started. No need to kick it
4901 * off again. Also, don't start a new one if there's
4902 * already one in flight.
4904 if (time_after64(frn->at, now - intv) &&
4905 atomic_read(&frn->done.cnt) == 1) {
4907 trace_flush_foreign(wb, frn->bdi_id, frn->memcg_id);
4908 cgroup_writeback_by_id(frn->bdi_id, frn->memcg_id,
4909 WB_REASON_FOREIGN_FLUSH,
4915 #else /* CONFIG_CGROUP_WRITEBACK */
4917 static int memcg_wb_domain_init(struct mem_cgroup *memcg, gfp_t gfp)
4922 static void memcg_wb_domain_exit(struct mem_cgroup *memcg)
4926 static void memcg_wb_domain_size_changed(struct mem_cgroup *memcg)
4930 #endif /* CONFIG_CGROUP_WRITEBACK */
4933 * DO NOT USE IN NEW FILES.
4935 * "cgroup.event_control" implementation.
4937 * This is way over-engineered. It tries to support fully configurable
4938 * events for each user. Such level of flexibility is completely
4939 * unnecessary especially in the light of the planned unified hierarchy.
4941 * Please deprecate this and replace with something simpler if at all
4946 * Unregister event and free resources.
4948 * Gets called from workqueue.
4950 static void memcg_event_remove(struct work_struct *work)
4952 struct mem_cgroup_event *event =
4953 container_of(work, struct mem_cgroup_event, remove);
4954 struct mem_cgroup *memcg = event->memcg;
4956 remove_wait_queue(event->wqh, &event->wait);
4958 event->unregister_event(memcg, event->eventfd);
4960 /* Notify userspace the event is going away. */
4961 eventfd_signal(event->eventfd, 1);
4963 eventfd_ctx_put(event->eventfd);
4965 css_put(&memcg->css);
4969 * Gets called on EPOLLHUP on eventfd when user closes it.
4971 * Called with wqh->lock held and interrupts disabled.
4973 static int memcg_event_wake(wait_queue_entry_t *wait, unsigned mode,
4974 int sync, void *key)
4976 struct mem_cgroup_event *event =
4977 container_of(wait, struct mem_cgroup_event, wait);
4978 struct mem_cgroup *memcg = event->memcg;
4979 __poll_t flags = key_to_poll(key);
4981 if (flags & EPOLLHUP) {
4983 * If the event has been detached at cgroup removal, we
4984 * can simply return knowing the other side will cleanup
4987 * We can't race against event freeing since the other
4988 * side will require wqh->lock via remove_wait_queue(),
4991 spin_lock(&memcg->event_list_lock);
4992 if (!list_empty(&event->list)) {
4993 list_del_init(&event->list);
4995 * We are in atomic context, but cgroup_event_remove()
4996 * may sleep, so we have to call it in workqueue.
4998 schedule_work(&event->remove);
5000 spin_unlock(&memcg->event_list_lock);
5006 static void memcg_event_ptable_queue_proc(struct file *file,
5007 wait_queue_head_t *wqh, poll_table *pt)
5009 struct mem_cgroup_event *event =
5010 container_of(pt, struct mem_cgroup_event, pt);
5013 add_wait_queue(wqh, &event->wait);
5017 * DO NOT USE IN NEW FILES.
5019 * Parse input and register new cgroup event handler.
5021 * Input must be in format '<event_fd> <control_fd> <args>'.
5022 * Interpretation of args is defined by control file implementation.
5024 static ssize_t memcg_write_event_control(struct kernfs_open_file *of,
5025 char *buf, size_t nbytes, loff_t off)
5027 struct cgroup_subsys_state *css = of_css(of);
5028 struct mem_cgroup *memcg = mem_cgroup_from_css(css);
5029 struct mem_cgroup_event *event;
5030 struct cgroup_subsys_state *cfile_css;
5031 unsigned int efd, cfd;
5034 struct dentry *cdentry;
5039 if (IS_ENABLED(CONFIG_PREEMPT_RT))
5042 buf = strstrip(buf);
5044 efd = simple_strtoul(buf, &endp, 10);
5049 cfd = simple_strtoul(buf, &endp, 10);
5050 if ((*endp != ' ') && (*endp != '\0'))
5054 event = kzalloc(sizeof(*event), GFP_KERNEL);
5058 event->memcg = memcg;
5059 INIT_LIST_HEAD(&event->list);
5060 init_poll_funcptr(&event->pt, memcg_event_ptable_queue_proc);
5061 init_waitqueue_func_entry(&event->wait, memcg_event_wake);
5062 INIT_WORK(&event->remove, memcg_event_remove);
5070 event->eventfd = eventfd_ctx_fileget(efile.file);
5071 if (IS_ERR(event->eventfd)) {
5072 ret = PTR_ERR(event->eventfd);
5079 goto out_put_eventfd;
5082 /* the process need read permission on control file */
5083 /* AV: shouldn't we check that it's been opened for read instead? */
5084 ret = file_permission(cfile.file, MAY_READ);
5089 * The control file must be a regular cgroup1 file. As a regular cgroup
5090 * file can't be renamed, it's safe to access its name afterwards.
5092 cdentry = cfile.file->f_path.dentry;
5093 if (cdentry->d_sb->s_type != &cgroup_fs_type || !d_is_reg(cdentry)) {
5099 * Determine the event callbacks and set them in @event. This used
5100 * to be done via struct cftype but cgroup core no longer knows
5101 * about these events. The following is crude but the whole thing
5102 * is for compatibility anyway.
5104 * DO NOT ADD NEW FILES.
5106 name = cdentry->d_name.name;
5108 if (!strcmp(name, "memory.usage_in_bytes")) {
5109 event->register_event = mem_cgroup_usage_register_event;
5110 event->unregister_event = mem_cgroup_usage_unregister_event;
5111 } else if (!strcmp(name, "memory.oom_control")) {
5112 event->register_event = mem_cgroup_oom_register_event;
5113 event->unregister_event = mem_cgroup_oom_unregister_event;
5114 } else if (!strcmp(name, "memory.pressure_level")) {
5115 event->register_event = vmpressure_register_event;
5116 event->unregister_event = vmpressure_unregister_event;
5117 } else if (!strcmp(name, "memory.memsw.usage_in_bytes")) {
5118 event->register_event = memsw_cgroup_usage_register_event;
5119 event->unregister_event = memsw_cgroup_usage_unregister_event;
5126 * Verify @cfile should belong to @css. Also, remaining events are
5127 * automatically removed on cgroup destruction but the removal is
5128 * asynchronous, so take an extra ref on @css.
5130 cfile_css = css_tryget_online_from_dir(cdentry->d_parent,
5131 &memory_cgrp_subsys);
5133 if (IS_ERR(cfile_css))
5135 if (cfile_css != css) {
5140 ret = event->register_event(memcg, event->eventfd, buf);
5144 vfs_poll(efile.file, &event->pt);
5146 spin_lock_irq(&memcg->event_list_lock);
5147 list_add(&event->list, &memcg->event_list);
5148 spin_unlock_irq(&memcg->event_list_lock);
5160 eventfd_ctx_put(event->eventfd);
5169 #if defined(CONFIG_MEMCG_KMEM) && (defined(CONFIG_SLAB) || defined(CONFIG_SLUB_DEBUG))
5170 static int mem_cgroup_slab_show(struct seq_file *m, void *p)
5174 * Please, take a look at tools/cgroup/memcg_slabinfo.py .
5180 static int memory_stat_show(struct seq_file *m, void *v);
5182 static struct cftype mem_cgroup_legacy_files[] = {
5184 .name = "usage_in_bytes",
5185 .private = MEMFILE_PRIVATE(_MEM, RES_USAGE),
5186 .read_u64 = mem_cgroup_read_u64,
5189 .name = "max_usage_in_bytes",
5190 .private = MEMFILE_PRIVATE(_MEM, RES_MAX_USAGE),
5191 .write = mem_cgroup_reset,
5192 .read_u64 = mem_cgroup_read_u64,
5195 .name = "limit_in_bytes",
5196 .private = MEMFILE_PRIVATE(_MEM, RES_LIMIT),
5197 .write = mem_cgroup_write,
5198 .read_u64 = mem_cgroup_read_u64,
5201 .name = "soft_limit_in_bytes",
5202 .private = MEMFILE_PRIVATE(_MEM, RES_SOFT_LIMIT),
5203 .write = mem_cgroup_write,
5204 .read_u64 = mem_cgroup_read_u64,
5208 .private = MEMFILE_PRIVATE(_MEM, RES_FAILCNT),
5209 .write = mem_cgroup_reset,
5210 .read_u64 = mem_cgroup_read_u64,
5214 .seq_show = memory_stat_show,
5217 .name = "force_empty",
5218 .write = mem_cgroup_force_empty_write,
5221 .name = "use_hierarchy",
5222 .write_u64 = mem_cgroup_hierarchy_write,
5223 .read_u64 = mem_cgroup_hierarchy_read,
5226 .name = "cgroup.event_control", /* XXX: for compat */
5227 .write = memcg_write_event_control,
5228 .flags = CFTYPE_NO_PREFIX | CFTYPE_WORLD_WRITABLE,
5231 .name = "swappiness",
5232 .read_u64 = mem_cgroup_swappiness_read,
5233 .write_u64 = mem_cgroup_swappiness_write,
5236 .name = "move_charge_at_immigrate",
5237 .read_u64 = mem_cgroup_move_charge_read,
5238 .write_u64 = mem_cgroup_move_charge_write,
5241 .name = "oom_control",
5242 .seq_show = mem_cgroup_oom_control_read,
5243 .write_u64 = mem_cgroup_oom_control_write,
5246 .name = "pressure_level",
5247 .seq_show = mem_cgroup_dummy_seq_show,
5251 .name = "numa_stat",
5252 .seq_show = memcg_numa_stat_show,
5256 .name = "kmem.limit_in_bytes",
5257 .private = MEMFILE_PRIVATE(_KMEM, RES_LIMIT),
5258 .write = mem_cgroup_write,
5259 .read_u64 = mem_cgroup_read_u64,
5262 .name = "kmem.usage_in_bytes",
5263 .private = MEMFILE_PRIVATE(_KMEM, RES_USAGE),
5264 .read_u64 = mem_cgroup_read_u64,
5267 .name = "kmem.failcnt",
5268 .private = MEMFILE_PRIVATE(_KMEM, RES_FAILCNT),
5269 .write = mem_cgroup_reset,
5270 .read_u64 = mem_cgroup_read_u64,
5273 .name = "kmem.max_usage_in_bytes",
5274 .private = MEMFILE_PRIVATE(_KMEM, RES_MAX_USAGE),
5275 .write = mem_cgroup_reset,
5276 .read_u64 = mem_cgroup_read_u64,
5278 #if defined(CONFIG_MEMCG_KMEM) && \
5279 (defined(CONFIG_SLAB) || defined(CONFIG_SLUB_DEBUG))
5281 .name = "kmem.slabinfo",
5282 .seq_show = mem_cgroup_slab_show,
5286 .name = "kmem.tcp.limit_in_bytes",
5287 .private = MEMFILE_PRIVATE(_TCP, RES_LIMIT),
5288 .write = mem_cgroup_write,
5289 .read_u64 = mem_cgroup_read_u64,
5292 .name = "kmem.tcp.usage_in_bytes",
5293 .private = MEMFILE_PRIVATE(_TCP, RES_USAGE),
5294 .read_u64 = mem_cgroup_read_u64,
5297 .name = "kmem.tcp.failcnt",
5298 .private = MEMFILE_PRIVATE(_TCP, RES_FAILCNT),
5299 .write = mem_cgroup_reset,
5300 .read_u64 = mem_cgroup_read_u64,
5303 .name = "kmem.tcp.max_usage_in_bytes",
5304 .private = MEMFILE_PRIVATE(_TCP, RES_MAX_USAGE),
5305 .write = mem_cgroup_reset,
5306 .read_u64 = mem_cgroup_read_u64,
5308 { }, /* terminate */
5312 * Private memory cgroup IDR
5314 * Swap-out records and page cache shadow entries need to store memcg
5315 * references in constrained space, so we maintain an ID space that is
5316 * limited to 16 bit (MEM_CGROUP_ID_MAX), limiting the total number of
5317 * memory-controlled cgroups to 64k.
5319 * However, there usually are many references to the offline CSS after
5320 * the cgroup has been destroyed, such as page cache or reclaimable
5321 * slab objects, that don't need to hang on to the ID. We want to keep
5322 * those dead CSS from occupying IDs, or we might quickly exhaust the
5323 * relatively small ID space and prevent the creation of new cgroups
5324 * even when there are much fewer than 64k cgroups - possibly none.
5326 * Maintain a private 16-bit ID space for memcg, and allow the ID to
5327 * be freed and recycled when it's no longer needed, which is usually
5328 * when the CSS is offlined.
5330 * The only exception to that are records of swapped out tmpfs/shmem
5331 * pages that need to be attributed to live ancestors on swapin. But
5332 * those references are manageable from userspace.
5335 #define MEM_CGROUP_ID_MAX ((1UL << MEM_CGROUP_ID_SHIFT) - 1)
5336 static DEFINE_IDR(mem_cgroup_idr);
5338 static void mem_cgroup_id_remove(struct mem_cgroup *memcg)
5340 if (memcg->id.id > 0) {
5341 idr_remove(&mem_cgroup_idr, memcg->id.id);
5346 static void __maybe_unused mem_cgroup_id_get_many(struct mem_cgroup *memcg,
5349 refcount_add(n, &memcg->id.ref);
5352 static void mem_cgroup_id_put_many(struct mem_cgroup *memcg, unsigned int n)
5354 if (refcount_sub_and_test(n, &memcg->id.ref)) {
5355 mem_cgroup_id_remove(memcg);
5357 /* Memcg ID pins CSS */
5358 css_put(&memcg->css);
5362 static inline void mem_cgroup_id_put(struct mem_cgroup *memcg)
5364 mem_cgroup_id_put_many(memcg, 1);
5368 * mem_cgroup_from_id - look up a memcg from a memcg id
5369 * @id: the memcg id to look up
5371 * Caller must hold rcu_read_lock().
5373 struct mem_cgroup *mem_cgroup_from_id(unsigned short id)
5375 WARN_ON_ONCE(!rcu_read_lock_held());
5376 return idr_find(&mem_cgroup_idr, id);
5379 #ifdef CONFIG_SHRINKER_DEBUG
5380 struct mem_cgroup *mem_cgroup_get_from_ino(unsigned long ino)
5382 struct cgroup *cgrp;
5383 struct cgroup_subsys_state *css;
5384 struct mem_cgroup *memcg;
5386 cgrp = cgroup_get_from_id(ino);
5388 return ERR_CAST(cgrp);
5390 css = cgroup_get_e_css(cgrp, &memory_cgrp_subsys);
5392 memcg = container_of(css, struct mem_cgroup, css);
5394 memcg = ERR_PTR(-ENOENT);
5402 static int alloc_mem_cgroup_per_node_info(struct mem_cgroup *memcg, int node)
5404 struct mem_cgroup_per_node *pn;
5406 pn = kzalloc_node(sizeof(*pn), GFP_KERNEL, node);
5410 pn->lruvec_stats_percpu = alloc_percpu_gfp(struct lruvec_stats_percpu,
5411 GFP_KERNEL_ACCOUNT);
5412 if (!pn->lruvec_stats_percpu) {
5417 lruvec_init(&pn->lruvec);
5420 memcg->nodeinfo[node] = pn;
5424 static void free_mem_cgroup_per_node_info(struct mem_cgroup *memcg, int node)
5426 struct mem_cgroup_per_node *pn = memcg->nodeinfo[node];
5431 free_percpu(pn->lruvec_stats_percpu);
5435 static void __mem_cgroup_free(struct mem_cgroup *memcg)
5439 if (memcg->orig_objcg)
5440 obj_cgroup_put(memcg->orig_objcg);
5443 free_mem_cgroup_per_node_info(memcg, node);
5444 kfree(memcg->vmstats);
5445 free_percpu(memcg->vmstats_percpu);
5449 static void mem_cgroup_free(struct mem_cgroup *memcg)
5451 lru_gen_exit_memcg(memcg);
5452 memcg_wb_domain_exit(memcg);
5453 __mem_cgroup_free(memcg);
5456 static struct mem_cgroup *mem_cgroup_alloc(void)
5458 struct mem_cgroup *memcg;
5460 int __maybe_unused i;
5461 long error = -ENOMEM;
5463 memcg = kzalloc(struct_size(memcg, nodeinfo, nr_node_ids), GFP_KERNEL);
5465 return ERR_PTR(error);
5467 memcg->id.id = idr_alloc(&mem_cgroup_idr, NULL,
5468 1, MEM_CGROUP_ID_MAX + 1, GFP_KERNEL);
5469 if (memcg->id.id < 0) {
5470 error = memcg->id.id;
5474 memcg->vmstats = kzalloc(sizeof(struct memcg_vmstats), GFP_KERNEL);
5475 if (!memcg->vmstats)
5478 memcg->vmstats_percpu = alloc_percpu_gfp(struct memcg_vmstats_percpu,
5479 GFP_KERNEL_ACCOUNT);
5480 if (!memcg->vmstats_percpu)
5484 if (alloc_mem_cgroup_per_node_info(memcg, node))
5487 if (memcg_wb_domain_init(memcg, GFP_KERNEL))
5490 INIT_WORK(&memcg->high_work, high_work_func);
5491 INIT_LIST_HEAD(&memcg->oom_notify);
5492 mutex_init(&memcg->thresholds_lock);
5493 spin_lock_init(&memcg->move_lock);
5494 vmpressure_init(&memcg->vmpressure);
5495 INIT_LIST_HEAD(&memcg->event_list);
5496 spin_lock_init(&memcg->event_list_lock);
5497 memcg->socket_pressure = jiffies;
5498 #ifdef CONFIG_MEMCG_KMEM
5499 memcg->kmemcg_id = -1;
5500 INIT_LIST_HEAD(&memcg->objcg_list);
5502 #ifdef CONFIG_CGROUP_WRITEBACK
5503 INIT_LIST_HEAD(&memcg->cgwb_list);
5504 for (i = 0; i < MEMCG_CGWB_FRN_CNT; i++)
5505 memcg->cgwb_frn[i].done =
5506 __WB_COMPLETION_INIT(&memcg_cgwb_frn_waitq);
5508 #ifdef CONFIG_TRANSPARENT_HUGEPAGE
5509 spin_lock_init(&memcg->deferred_split_queue.split_queue_lock);
5510 INIT_LIST_HEAD(&memcg->deferred_split_queue.split_queue);
5511 memcg->deferred_split_queue.split_queue_len = 0;
5513 lru_gen_init_memcg(memcg);
5516 mem_cgroup_id_remove(memcg);
5517 __mem_cgroup_free(memcg);
5518 return ERR_PTR(error);
5521 static struct cgroup_subsys_state * __ref
5522 mem_cgroup_css_alloc(struct cgroup_subsys_state *parent_css)
5524 struct mem_cgroup *parent = mem_cgroup_from_css(parent_css);
5525 struct mem_cgroup *memcg, *old_memcg;
5527 old_memcg = set_active_memcg(parent);
5528 memcg = mem_cgroup_alloc();
5529 set_active_memcg(old_memcg);
5531 return ERR_CAST(memcg);
5533 page_counter_set_high(&memcg->memory, PAGE_COUNTER_MAX);
5534 WRITE_ONCE(memcg->soft_limit, PAGE_COUNTER_MAX);
5535 #if defined(CONFIG_MEMCG_KMEM) && defined(CONFIG_ZSWAP)
5536 memcg->zswap_max = PAGE_COUNTER_MAX;
5538 page_counter_set_high(&memcg->swap, PAGE_COUNTER_MAX);
5540 WRITE_ONCE(memcg->swappiness, mem_cgroup_swappiness(parent));
5541 WRITE_ONCE(memcg->oom_kill_disable, READ_ONCE(parent->oom_kill_disable));
5543 page_counter_init(&memcg->memory, &parent->memory);
5544 page_counter_init(&memcg->swap, &parent->swap);
5545 page_counter_init(&memcg->kmem, &parent->kmem);
5546 page_counter_init(&memcg->tcpmem, &parent->tcpmem);
5548 init_memcg_events();
5549 page_counter_init(&memcg->memory, NULL);
5550 page_counter_init(&memcg->swap, NULL);
5551 page_counter_init(&memcg->kmem, NULL);
5552 page_counter_init(&memcg->tcpmem, NULL);
5554 root_mem_cgroup = memcg;
5558 if (cgroup_subsys_on_dfl(memory_cgrp_subsys) && !cgroup_memory_nosocket)
5559 static_branch_inc(&memcg_sockets_enabled_key);
5561 #if defined(CONFIG_MEMCG_KMEM)
5562 if (!cgroup_memory_nobpf)
5563 static_branch_inc(&memcg_bpf_enabled_key);
5569 static int mem_cgroup_css_online(struct cgroup_subsys_state *css)
5571 struct mem_cgroup *memcg = mem_cgroup_from_css(css);
5573 if (memcg_online_kmem(memcg))
5577 * A memcg must be visible for expand_shrinker_info()
5578 * by the time the maps are allocated. So, we allocate maps
5579 * here, when for_each_mem_cgroup() can't skip it.
5581 if (alloc_shrinker_info(memcg))
5584 if (unlikely(mem_cgroup_is_root(memcg)))
5585 queue_delayed_work(system_unbound_wq, &stats_flush_dwork,
5587 lru_gen_online_memcg(memcg);
5589 /* Online state pins memcg ID, memcg ID pins CSS */
5590 refcount_set(&memcg->id.ref, 1);
5594 * Ensure mem_cgroup_from_id() works once we're fully online.
5596 * We could do this earlier and require callers to filter with
5597 * css_tryget_online(). But right now there are no users that
5598 * need earlier access, and the workingset code relies on the
5599 * cgroup tree linkage (mem_cgroup_get_nr_swap_pages()). So
5600 * publish it here at the end of onlining. This matches the
5601 * regular ID destruction during offlining.
5603 idr_replace(&mem_cgroup_idr, memcg, memcg->id.id);
5607 memcg_offline_kmem(memcg);
5609 mem_cgroup_id_remove(memcg);
5613 static void mem_cgroup_css_offline(struct cgroup_subsys_state *css)
5615 struct mem_cgroup *memcg = mem_cgroup_from_css(css);
5616 struct mem_cgroup_event *event, *tmp;
5619 * Unregister events and notify userspace.
5620 * Notify userspace about cgroup removing only after rmdir of cgroup
5621 * directory to avoid race between userspace and kernelspace.
5623 spin_lock_irq(&memcg->event_list_lock);
5624 list_for_each_entry_safe(event, tmp, &memcg->event_list, list) {
5625 list_del_init(&event->list);
5626 schedule_work(&event->remove);
5628 spin_unlock_irq(&memcg->event_list_lock);
5630 page_counter_set_min(&memcg->memory, 0);
5631 page_counter_set_low(&memcg->memory, 0);
5633 zswap_memcg_offline_cleanup(memcg);
5635 memcg_offline_kmem(memcg);
5636 reparent_shrinker_deferred(memcg);
5637 wb_memcg_offline(memcg);
5638 lru_gen_offline_memcg(memcg);
5640 drain_all_stock(memcg);
5642 mem_cgroup_id_put(memcg);
5645 static void mem_cgroup_css_released(struct cgroup_subsys_state *css)
5647 struct mem_cgroup *memcg = mem_cgroup_from_css(css);
5649 invalidate_reclaim_iterators(memcg);
5650 lru_gen_release_memcg(memcg);
5653 static void mem_cgroup_css_free(struct cgroup_subsys_state *css)
5655 struct mem_cgroup *memcg = mem_cgroup_from_css(css);
5656 int __maybe_unused i;
5658 #ifdef CONFIG_CGROUP_WRITEBACK
5659 for (i = 0; i < MEMCG_CGWB_FRN_CNT; i++)
5660 wb_wait_for_completion(&memcg->cgwb_frn[i].done);
5662 if (cgroup_subsys_on_dfl(memory_cgrp_subsys) && !cgroup_memory_nosocket)
5663 static_branch_dec(&memcg_sockets_enabled_key);
5665 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys) && memcg->tcpmem_active)
5666 static_branch_dec(&memcg_sockets_enabled_key);
5668 #if defined(CONFIG_MEMCG_KMEM)
5669 if (!cgroup_memory_nobpf)
5670 static_branch_dec(&memcg_bpf_enabled_key);
5673 vmpressure_cleanup(&memcg->vmpressure);
5674 cancel_work_sync(&memcg->high_work);
5675 mem_cgroup_remove_from_trees(memcg);
5676 free_shrinker_info(memcg);
5677 mem_cgroup_free(memcg);
5681 * mem_cgroup_css_reset - reset the states of a mem_cgroup
5682 * @css: the target css
5684 * Reset the states of the mem_cgroup associated with @css. This is
5685 * invoked when the userland requests disabling on the default hierarchy
5686 * but the memcg is pinned through dependency. The memcg should stop
5687 * applying policies and should revert to the vanilla state as it may be
5688 * made visible again.
5690 * The current implementation only resets the essential configurations.
5691 * This needs to be expanded to cover all the visible parts.
5693 static void mem_cgroup_css_reset(struct cgroup_subsys_state *css)
5695 struct mem_cgroup *memcg = mem_cgroup_from_css(css);
5697 page_counter_set_max(&memcg->memory, PAGE_COUNTER_MAX);
5698 page_counter_set_max(&memcg->swap, PAGE_COUNTER_MAX);
5699 page_counter_set_max(&memcg->kmem, PAGE_COUNTER_MAX);
5700 page_counter_set_max(&memcg->tcpmem, PAGE_COUNTER_MAX);
5701 page_counter_set_min(&memcg->memory, 0);
5702 page_counter_set_low(&memcg->memory, 0);
5703 page_counter_set_high(&memcg->memory, PAGE_COUNTER_MAX);
5704 WRITE_ONCE(memcg->soft_limit, PAGE_COUNTER_MAX);
5705 page_counter_set_high(&memcg->swap, PAGE_COUNTER_MAX);
5706 memcg_wb_domain_size_changed(memcg);
5709 static void mem_cgroup_css_rstat_flush(struct cgroup_subsys_state *css, int cpu)
5711 struct mem_cgroup *memcg = mem_cgroup_from_css(css);
5712 struct mem_cgroup *parent = parent_mem_cgroup(memcg);
5713 struct memcg_vmstats_percpu *statc;
5714 long delta, delta_cpu, v;
5717 statc = per_cpu_ptr(memcg->vmstats_percpu, cpu);
5719 for (i = 0; i < MEMCG_NR_STAT; i++) {
5721 * Collect the aggregated propagation counts of groups
5722 * below us. We're in a per-cpu loop here and this is
5723 * a global counter, so the first cycle will get them.
5725 delta = memcg->vmstats->state_pending[i];
5727 memcg->vmstats->state_pending[i] = 0;
5729 /* Add CPU changes on this level since the last flush */
5731 v = READ_ONCE(statc->state[i]);
5732 if (v != statc->state_prev[i]) {
5733 delta_cpu = v - statc->state_prev[i];
5735 statc->state_prev[i] = v;
5738 /* Aggregate counts on this level and propagate upwards */
5740 memcg->vmstats->state_local[i] += delta_cpu;
5743 memcg->vmstats->state[i] += delta;
5745 parent->vmstats->state_pending[i] += delta;
5749 for (i = 0; i < NR_MEMCG_EVENTS; i++) {
5750 delta = memcg->vmstats->events_pending[i];
5752 memcg->vmstats->events_pending[i] = 0;
5755 v = READ_ONCE(statc->events[i]);
5756 if (v != statc->events_prev[i]) {
5757 delta_cpu = v - statc->events_prev[i];
5759 statc->events_prev[i] = v;
5763 memcg->vmstats->events_local[i] += delta_cpu;
5766 memcg->vmstats->events[i] += delta;
5768 parent->vmstats->events_pending[i] += delta;
5772 for_each_node_state(nid, N_MEMORY) {
5773 struct mem_cgroup_per_node *pn = memcg->nodeinfo[nid];
5774 struct mem_cgroup_per_node *ppn = NULL;
5775 struct lruvec_stats_percpu *lstatc;
5778 ppn = parent->nodeinfo[nid];
5780 lstatc = per_cpu_ptr(pn->lruvec_stats_percpu, cpu);
5782 for (i = 0; i < NR_VM_NODE_STAT_ITEMS; i++) {
5783 delta = pn->lruvec_stats.state_pending[i];
5785 pn->lruvec_stats.state_pending[i] = 0;
5788 v = READ_ONCE(lstatc->state[i]);
5789 if (v != lstatc->state_prev[i]) {
5790 delta_cpu = v - lstatc->state_prev[i];
5792 lstatc->state_prev[i] = v;
5796 pn->lruvec_stats.state_local[i] += delta_cpu;
5799 pn->lruvec_stats.state[i] += delta;
5801 ppn->lruvec_stats.state_pending[i] += delta;
5805 statc->stats_updates = 0;
5806 /* We are in a per-cpu loop here, only do the atomic write once */
5807 if (atomic64_read(&memcg->vmstats->stats_updates))
5808 atomic64_set(&memcg->vmstats->stats_updates, 0);
5812 /* Handlers for move charge at task migration. */
5813 static int mem_cgroup_do_precharge(unsigned long count)
5817 /* Try a single bulk charge without reclaim first, kswapd may wake */
5818 ret = try_charge(mc.to, GFP_KERNEL & ~__GFP_DIRECT_RECLAIM, count);
5820 mc.precharge += count;
5824 /* Try charges one by one with reclaim, but do not retry */
5826 ret = try_charge(mc.to, GFP_KERNEL | __GFP_NORETRY, 1);
5840 enum mc_target_type {
5847 static struct page *mc_handle_present_pte(struct vm_area_struct *vma,
5848 unsigned long addr, pte_t ptent)
5850 struct page *page = vm_normal_page(vma, addr, ptent);
5854 if (PageAnon(page)) {
5855 if (!(mc.flags & MOVE_ANON))
5858 if (!(mc.flags & MOVE_FILE))
5866 #if defined(CONFIG_SWAP) || defined(CONFIG_DEVICE_PRIVATE)
5867 static struct page *mc_handle_swap_pte(struct vm_area_struct *vma,
5868 pte_t ptent, swp_entry_t *entry)
5870 struct page *page = NULL;
5871 swp_entry_t ent = pte_to_swp_entry(ptent);
5873 if (!(mc.flags & MOVE_ANON))
5877 * Handle device private pages that are not accessible by the CPU, but
5878 * stored as special swap entries in the page table.
5880 if (is_device_private_entry(ent)) {
5881 page = pfn_swap_entry_to_page(ent);
5882 if (!get_page_unless_zero(page))
5887 if (non_swap_entry(ent))
5891 * Because swap_cache_get_folio() updates some statistics counter,
5892 * we call find_get_page() with swapper_space directly.
5894 page = find_get_page(swap_address_space(ent), swp_offset(ent));
5895 entry->val = ent.val;
5900 static struct page *mc_handle_swap_pte(struct vm_area_struct *vma,
5901 pte_t ptent, swp_entry_t *entry)
5907 static struct page *mc_handle_file_pte(struct vm_area_struct *vma,
5908 unsigned long addr, pte_t ptent)
5910 unsigned long index;
5911 struct folio *folio;
5913 if (!vma->vm_file) /* anonymous vma */
5915 if (!(mc.flags & MOVE_FILE))
5918 /* folio is moved even if it's not RSS of this task(page-faulted). */
5919 /* shmem/tmpfs may report page out on swap: account for that too. */
5920 index = linear_page_index(vma, addr);
5921 folio = filemap_get_incore_folio(vma->vm_file->f_mapping, index);
5924 return folio_file_page(folio, index);
5928 * mem_cgroup_move_account - move account of the page
5930 * @compound: charge the page as compound or small page
5931 * @from: mem_cgroup which the page is moved from.
5932 * @to: mem_cgroup which the page is moved to. @from != @to.
5934 * The page must be locked and not on the LRU.
5936 * This function doesn't do "charge" to new cgroup and doesn't do "uncharge"
5939 static int mem_cgroup_move_account(struct page *page,
5941 struct mem_cgroup *from,
5942 struct mem_cgroup *to)
5944 struct folio *folio = page_folio(page);
5945 struct lruvec *from_vec, *to_vec;
5946 struct pglist_data *pgdat;
5947 unsigned int nr_pages = compound ? folio_nr_pages(folio) : 1;
5950 VM_BUG_ON(from == to);
5951 VM_BUG_ON_FOLIO(!folio_test_locked(folio), folio);
5952 VM_BUG_ON_FOLIO(folio_test_lru(folio), folio);
5953 VM_BUG_ON(compound && !folio_test_large(folio));
5956 if (folio_memcg(folio) != from)
5959 pgdat = folio_pgdat(folio);
5960 from_vec = mem_cgroup_lruvec(from, pgdat);
5961 to_vec = mem_cgroup_lruvec(to, pgdat);
5963 folio_memcg_lock(folio);
5965 if (folio_test_anon(folio)) {
5966 if (folio_mapped(folio)) {
5967 __mod_lruvec_state(from_vec, NR_ANON_MAPPED, -nr_pages);
5968 __mod_lruvec_state(to_vec, NR_ANON_MAPPED, nr_pages);
5969 if (folio_test_pmd_mappable(folio)) {
5970 __mod_lruvec_state(from_vec, NR_ANON_THPS,
5972 __mod_lruvec_state(to_vec, NR_ANON_THPS,
5977 __mod_lruvec_state(from_vec, NR_FILE_PAGES, -nr_pages);
5978 __mod_lruvec_state(to_vec, NR_FILE_PAGES, nr_pages);
5980 if (folio_test_swapbacked(folio)) {
5981 __mod_lruvec_state(from_vec, NR_SHMEM, -nr_pages);
5982 __mod_lruvec_state(to_vec, NR_SHMEM, nr_pages);
5985 if (folio_mapped(folio)) {
5986 __mod_lruvec_state(from_vec, NR_FILE_MAPPED, -nr_pages);
5987 __mod_lruvec_state(to_vec, NR_FILE_MAPPED, nr_pages);
5990 if (folio_test_dirty(folio)) {
5991 struct address_space *mapping = folio_mapping(folio);
5993 if (mapping_can_writeback(mapping)) {
5994 __mod_lruvec_state(from_vec, NR_FILE_DIRTY,
5996 __mod_lruvec_state(to_vec, NR_FILE_DIRTY,
6003 if (folio_test_swapcache(folio)) {
6004 __mod_lruvec_state(from_vec, NR_SWAPCACHE, -nr_pages);
6005 __mod_lruvec_state(to_vec, NR_SWAPCACHE, nr_pages);
6008 if (folio_test_writeback(folio)) {
6009 __mod_lruvec_state(from_vec, NR_WRITEBACK, -nr_pages);
6010 __mod_lruvec_state(to_vec, NR_WRITEBACK, nr_pages);
6014 * All state has been migrated, let's switch to the new memcg.
6016 * It is safe to change page's memcg here because the page
6017 * is referenced, charged, isolated, and locked: we can't race
6018 * with (un)charging, migration, LRU putback, or anything else
6019 * that would rely on a stable page's memory cgroup.
6021 * Note that folio_memcg_lock is a memcg lock, not a page lock,
6022 * to save space. As soon as we switch page's memory cgroup to a
6023 * new memcg that isn't locked, the above state can change
6024 * concurrently again. Make sure we're truly done with it.
6029 css_put(&from->css);
6031 folio->memcg_data = (unsigned long)to;
6033 __folio_memcg_unlock(from);
6036 nid = folio_nid(folio);
6038 local_irq_disable();
6039 mem_cgroup_charge_statistics(to, nr_pages);
6040 memcg_check_events(to, nid);
6041 mem_cgroup_charge_statistics(from, -nr_pages);
6042 memcg_check_events(from, nid);
6049 * get_mctgt_type - get target type of moving charge
6050 * @vma: the vma the pte to be checked belongs
6051 * @addr: the address corresponding to the pte to be checked
6052 * @ptent: the pte to be checked
6053 * @target: the pointer the target page or swap ent will be stored(can be NULL)
6055 * Context: Called with pte lock held.
6057 * * MC_TARGET_NONE - If the pte is not a target for move charge.
6058 * * MC_TARGET_PAGE - If the page corresponding to this pte is a target for
6059 * move charge. If @target is not NULL, the page is stored in target->page
6060 * with extra refcnt taken (Caller should release it).
6061 * * MC_TARGET_SWAP - If the swap entry corresponding to this pte is a
6062 * target for charge migration. If @target is not NULL, the entry is
6063 * stored in target->ent.
6064 * * MC_TARGET_DEVICE - Like MC_TARGET_PAGE but page is device memory and
6065 * thus not on the lru. For now such page is charged like a regular page
6066 * would be as it is just special memory taking the place of a regular page.
6067 * See Documentations/vm/hmm.txt and include/linux/hmm.h
6069 static enum mc_target_type get_mctgt_type(struct vm_area_struct *vma,
6070 unsigned long addr, pte_t ptent, union mc_target *target)
6072 struct page *page = NULL;
6073 enum mc_target_type ret = MC_TARGET_NONE;
6074 swp_entry_t ent = { .val = 0 };
6076 if (pte_present(ptent))
6077 page = mc_handle_present_pte(vma, addr, ptent);
6078 else if (pte_none_mostly(ptent))
6080 * PTE markers should be treated as a none pte here, separated
6081 * from other swap handling below.
6083 page = mc_handle_file_pte(vma, addr, ptent);
6084 else if (is_swap_pte(ptent))
6085 page = mc_handle_swap_pte(vma, ptent, &ent);
6087 if (target && page) {
6088 if (!trylock_page(page)) {
6093 * page_mapped() must be stable during the move. This
6094 * pte is locked, so if it's present, the page cannot
6095 * become unmapped. If it isn't, we have only partial
6096 * control over the mapped state: the page lock will
6097 * prevent new faults against pagecache and swapcache,
6098 * so an unmapped page cannot become mapped. However,
6099 * if the page is already mapped elsewhere, it can
6100 * unmap, and there is nothing we can do about it.
6101 * Alas, skip moving the page in this case.
6103 if (!pte_present(ptent) && page_mapped(page)) {
6110 if (!page && !ent.val)
6114 * Do only loose check w/o serialization.
6115 * mem_cgroup_move_account() checks the page is valid or
6116 * not under LRU exclusion.
6118 if (page_memcg(page) == mc.from) {
6119 ret = MC_TARGET_PAGE;
6120 if (is_device_private_page(page) ||
6121 is_device_coherent_page(page))
6122 ret = MC_TARGET_DEVICE;
6124 target->page = page;
6126 if (!ret || !target) {
6133 * There is a swap entry and a page doesn't exist or isn't charged.
6134 * But we cannot move a tail-page in a THP.
6136 if (ent.val && !ret && (!page || !PageTransCompound(page)) &&
6137 mem_cgroup_id(mc.from) == lookup_swap_cgroup_id(ent)) {
6138 ret = MC_TARGET_SWAP;
6145 #ifdef CONFIG_TRANSPARENT_HUGEPAGE
6147 * We don't consider PMD mapped swapping or file mapped pages because THP does
6148 * not support them for now.
6149 * Caller should make sure that pmd_trans_huge(pmd) is true.
6151 static enum mc_target_type get_mctgt_type_thp(struct vm_area_struct *vma,
6152 unsigned long addr, pmd_t pmd, union mc_target *target)
6154 struct page *page = NULL;
6155 enum mc_target_type ret = MC_TARGET_NONE;
6157 if (unlikely(is_swap_pmd(pmd))) {
6158 VM_BUG_ON(thp_migration_supported() &&
6159 !is_pmd_migration_entry(pmd));
6162 page = pmd_page(pmd);
6163 VM_BUG_ON_PAGE(!page || !PageHead(page), page);
6164 if (!(mc.flags & MOVE_ANON))
6166 if (page_memcg(page) == mc.from) {
6167 ret = MC_TARGET_PAGE;
6170 if (!trylock_page(page)) {
6172 return MC_TARGET_NONE;
6174 target->page = page;
6180 static inline enum mc_target_type get_mctgt_type_thp(struct vm_area_struct *vma,
6181 unsigned long addr, pmd_t pmd, union mc_target *target)
6183 return MC_TARGET_NONE;
6187 static int mem_cgroup_count_precharge_pte_range(pmd_t *pmd,
6188 unsigned long addr, unsigned long end,
6189 struct mm_walk *walk)
6191 struct vm_area_struct *vma = walk->vma;
6195 ptl = pmd_trans_huge_lock(pmd, vma);
6198 * Note their can not be MC_TARGET_DEVICE for now as we do not
6199 * support transparent huge page with MEMORY_DEVICE_PRIVATE but
6200 * this might change.
6202 if (get_mctgt_type_thp(vma, addr, *pmd, NULL) == MC_TARGET_PAGE)
6203 mc.precharge += HPAGE_PMD_NR;
6208 pte = pte_offset_map_lock(vma->vm_mm, pmd, addr, &ptl);
6211 for (; addr != end; pte++, addr += PAGE_SIZE)
6212 if (get_mctgt_type(vma, addr, ptep_get(pte), NULL))
6213 mc.precharge++; /* increment precharge temporarily */
6214 pte_unmap_unlock(pte - 1, ptl);
6220 static const struct mm_walk_ops precharge_walk_ops = {
6221 .pmd_entry = mem_cgroup_count_precharge_pte_range,
6222 .walk_lock = PGWALK_RDLOCK,
6225 static unsigned long mem_cgroup_count_precharge(struct mm_struct *mm)
6227 unsigned long precharge;
6230 walk_page_range(mm, 0, ULONG_MAX, &precharge_walk_ops, NULL);
6231 mmap_read_unlock(mm);
6233 precharge = mc.precharge;
6239 static int mem_cgroup_precharge_mc(struct mm_struct *mm)
6241 unsigned long precharge = mem_cgroup_count_precharge(mm);
6243 VM_BUG_ON(mc.moving_task);
6244 mc.moving_task = current;
6245 return mem_cgroup_do_precharge(precharge);
6248 /* cancels all extra charges on mc.from and mc.to, and wakes up all waiters. */
6249 static void __mem_cgroup_clear_mc(void)
6251 struct mem_cgroup *from = mc.from;
6252 struct mem_cgroup *to = mc.to;
6254 /* we must uncharge all the leftover precharges from mc.to */
6256 mem_cgroup_cancel_charge(mc.to, mc.precharge);
6260 * we didn't uncharge from mc.from at mem_cgroup_move_account(), so
6261 * we must uncharge here.
6263 if (mc.moved_charge) {
6264 mem_cgroup_cancel_charge(mc.from, mc.moved_charge);
6265 mc.moved_charge = 0;
6267 /* we must fixup refcnts and charges */
6268 if (mc.moved_swap) {
6269 /* uncharge swap account from the old cgroup */
6270 if (!mem_cgroup_is_root(mc.from))
6271 page_counter_uncharge(&mc.from->memsw, mc.moved_swap);
6273 mem_cgroup_id_put_many(mc.from, mc.moved_swap);
6276 * we charged both to->memory and to->memsw, so we
6277 * should uncharge to->memory.
6279 if (!mem_cgroup_is_root(mc.to))
6280 page_counter_uncharge(&mc.to->memory, mc.moved_swap);
6284 memcg_oom_recover(from);
6285 memcg_oom_recover(to);
6286 wake_up_all(&mc.waitq);
6289 static void mem_cgroup_clear_mc(void)
6291 struct mm_struct *mm = mc.mm;
6294 * we must clear moving_task before waking up waiters at the end of
6297 mc.moving_task = NULL;
6298 __mem_cgroup_clear_mc();
6299 spin_lock(&mc.lock);
6303 spin_unlock(&mc.lock);
6308 static int mem_cgroup_can_attach(struct cgroup_taskset *tset)
6310 struct cgroup_subsys_state *css;
6311 struct mem_cgroup *memcg = NULL; /* unneeded init to make gcc happy */
6312 struct mem_cgroup *from;
6313 struct task_struct *leader, *p;
6314 struct mm_struct *mm;
6315 unsigned long move_flags;
6318 /* charge immigration isn't supported on the default hierarchy */
6319 if (cgroup_subsys_on_dfl(memory_cgrp_subsys))
6323 * Multi-process migrations only happen on the default hierarchy
6324 * where charge immigration is not used. Perform charge
6325 * immigration if @tset contains a leader and whine if there are
6329 cgroup_taskset_for_each_leader(leader, css, tset) {
6332 memcg = mem_cgroup_from_css(css);
6338 * We are now committed to this value whatever it is. Changes in this
6339 * tunable will only affect upcoming migrations, not the current one.
6340 * So we need to save it, and keep it going.
6342 move_flags = READ_ONCE(memcg->move_charge_at_immigrate);
6346 from = mem_cgroup_from_task(p);
6348 VM_BUG_ON(from == memcg);
6350 mm = get_task_mm(p);
6353 /* We move charges only when we move a owner of the mm */
6354 if (mm->owner == p) {
6357 VM_BUG_ON(mc.precharge);
6358 VM_BUG_ON(mc.moved_charge);
6359 VM_BUG_ON(mc.moved_swap);
6361 spin_lock(&mc.lock);
6365 mc.flags = move_flags;
6366 spin_unlock(&mc.lock);
6367 /* We set mc.moving_task later */
6369 ret = mem_cgroup_precharge_mc(mm);
6371 mem_cgroup_clear_mc();
6378 static void mem_cgroup_cancel_attach(struct cgroup_taskset *tset)
6381 mem_cgroup_clear_mc();
6384 static int mem_cgroup_move_charge_pte_range(pmd_t *pmd,
6385 unsigned long addr, unsigned long end,
6386 struct mm_walk *walk)
6389 struct vm_area_struct *vma = walk->vma;
6392 enum mc_target_type target_type;
6393 union mc_target target;
6396 ptl = pmd_trans_huge_lock(pmd, vma);
6398 if (mc.precharge < HPAGE_PMD_NR) {
6402 target_type = get_mctgt_type_thp(vma, addr, *pmd, &target);
6403 if (target_type == MC_TARGET_PAGE) {
6405 if (isolate_lru_page(page)) {
6406 if (!mem_cgroup_move_account(page, true,
6408 mc.precharge -= HPAGE_PMD_NR;
6409 mc.moved_charge += HPAGE_PMD_NR;
6411 putback_lru_page(page);
6415 } else if (target_type == MC_TARGET_DEVICE) {
6417 if (!mem_cgroup_move_account(page, true,
6419 mc.precharge -= HPAGE_PMD_NR;
6420 mc.moved_charge += HPAGE_PMD_NR;
6430 pte = pte_offset_map_lock(vma->vm_mm, pmd, addr, &ptl);
6433 for (; addr != end; addr += PAGE_SIZE) {
6434 pte_t ptent = ptep_get(pte++);
6435 bool device = false;
6441 switch (get_mctgt_type(vma, addr, ptent, &target)) {
6442 case MC_TARGET_DEVICE:
6445 case MC_TARGET_PAGE:
6448 * We can have a part of the split pmd here. Moving it
6449 * can be done but it would be too convoluted so simply
6450 * ignore such a partial THP and keep it in original
6451 * memcg. There should be somebody mapping the head.
6453 if (PageTransCompound(page))
6455 if (!device && !isolate_lru_page(page))
6457 if (!mem_cgroup_move_account(page, false,
6460 /* we uncharge from mc.from later. */
6464 putback_lru_page(page);
6465 put: /* get_mctgt_type() gets & locks the page */
6469 case MC_TARGET_SWAP:
6471 if (!mem_cgroup_move_swap_account(ent, mc.from, mc.to)) {
6473 mem_cgroup_id_get_many(mc.to, 1);
6474 /* we fixup other refcnts and charges later. */
6482 pte_unmap_unlock(pte - 1, ptl);
6487 * We have consumed all precharges we got in can_attach().
6488 * We try charge one by one, but don't do any additional
6489 * charges to mc.to if we have failed in charge once in attach()
6492 ret = mem_cgroup_do_precharge(1);
6500 static const struct mm_walk_ops charge_walk_ops = {
6501 .pmd_entry = mem_cgroup_move_charge_pte_range,
6502 .walk_lock = PGWALK_RDLOCK,
6505 static void mem_cgroup_move_charge(void)
6507 lru_add_drain_all();
6509 * Signal folio_memcg_lock() to take the memcg's move_lock
6510 * while we're moving its pages to another memcg. Then wait
6511 * for already started RCU-only updates to finish.
6513 atomic_inc(&mc.from->moving_account);
6516 if (unlikely(!mmap_read_trylock(mc.mm))) {
6518 * Someone who are holding the mmap_lock might be waiting in
6519 * waitq. So we cancel all extra charges, wake up all waiters,
6520 * and retry. Because we cancel precharges, we might not be able
6521 * to move enough charges, but moving charge is a best-effort
6522 * feature anyway, so it wouldn't be a big problem.
6524 __mem_cgroup_clear_mc();
6529 * When we have consumed all precharges and failed in doing
6530 * additional charge, the page walk just aborts.
6532 walk_page_range(mc.mm, 0, ULONG_MAX, &charge_walk_ops, NULL);
6533 mmap_read_unlock(mc.mm);
6534 atomic_dec(&mc.from->moving_account);
6537 static void mem_cgroup_move_task(void)
6540 mem_cgroup_move_charge();
6541 mem_cgroup_clear_mc();
6545 #else /* !CONFIG_MMU */
6546 static int mem_cgroup_can_attach(struct cgroup_taskset *tset)
6550 static void mem_cgroup_cancel_attach(struct cgroup_taskset *tset)
6553 static void mem_cgroup_move_task(void)
6558 #ifdef CONFIG_MEMCG_KMEM
6559 static void mem_cgroup_fork(struct task_struct *task)
6562 * Set the update flag to cause task->objcg to be initialized lazily
6563 * on the first allocation. It can be done without any synchronization
6564 * because it's always performed on the current task, so does
6565 * current_objcg_update().
6567 task->objcg = (struct obj_cgroup *)CURRENT_OBJCG_UPDATE_FLAG;
6570 static void mem_cgroup_exit(struct task_struct *task)
6572 struct obj_cgroup *objcg = task->objcg;
6574 objcg = (struct obj_cgroup *)
6575 ((unsigned long)objcg & ~CURRENT_OBJCG_UPDATE_FLAG);
6577 obj_cgroup_put(objcg);
6580 * Some kernel allocations can happen after this point,
6581 * but let's ignore them. It can be done without any synchronization
6582 * because it's always performed on the current task, so does
6583 * current_objcg_update().
6589 #ifdef CONFIG_LRU_GEN
6590 static void mem_cgroup_lru_gen_attach(struct cgroup_taskset *tset)
6592 struct task_struct *task;
6593 struct cgroup_subsys_state *css;
6595 /* find the first leader if there is any */
6596 cgroup_taskset_for_each_leader(task, css, tset)
6603 if (task->mm && READ_ONCE(task->mm->owner) == task)
6604 lru_gen_migrate_mm(task->mm);
6608 static void mem_cgroup_lru_gen_attach(struct cgroup_taskset *tset) {}
6609 #endif /* CONFIG_LRU_GEN */
6611 #ifdef CONFIG_MEMCG_KMEM
6612 static void mem_cgroup_kmem_attach(struct cgroup_taskset *tset)
6614 struct task_struct *task;
6615 struct cgroup_subsys_state *css;
6617 cgroup_taskset_for_each(task, css, tset) {
6618 /* atomically set the update bit */
6619 set_bit(CURRENT_OBJCG_UPDATE_BIT, (unsigned long *)&task->objcg);
6623 static void mem_cgroup_kmem_attach(struct cgroup_taskset *tset) {}
6624 #endif /* CONFIG_MEMCG_KMEM */
6626 #if defined(CONFIG_LRU_GEN) || defined(CONFIG_MEMCG_KMEM)
6627 static void mem_cgroup_attach(struct cgroup_taskset *tset)
6629 mem_cgroup_lru_gen_attach(tset);
6630 mem_cgroup_kmem_attach(tset);
6634 static int seq_puts_memcg_tunable(struct seq_file *m, unsigned long value)
6636 if (value == PAGE_COUNTER_MAX)
6637 seq_puts(m, "max\n");
6639 seq_printf(m, "%llu\n", (u64)value * PAGE_SIZE);
6644 static u64 memory_current_read(struct cgroup_subsys_state *css,
6647 struct mem_cgroup *memcg = mem_cgroup_from_css(css);
6649 return (u64)page_counter_read(&memcg->memory) * PAGE_SIZE;
6652 static u64 memory_peak_read(struct cgroup_subsys_state *css,
6655 struct mem_cgroup *memcg = mem_cgroup_from_css(css);
6657 return (u64)memcg->memory.watermark * PAGE_SIZE;
6660 static int memory_min_show(struct seq_file *m, void *v)
6662 return seq_puts_memcg_tunable(m,
6663 READ_ONCE(mem_cgroup_from_seq(m)->memory.min));
6666 static ssize_t memory_min_write(struct kernfs_open_file *of,
6667 char *buf, size_t nbytes, loff_t off)
6669 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of));
6673 buf = strstrip(buf);
6674 err = page_counter_memparse(buf, "max", &min);
6678 page_counter_set_min(&memcg->memory, min);
6683 static int memory_low_show(struct seq_file *m, void *v)
6685 return seq_puts_memcg_tunable(m,
6686 READ_ONCE(mem_cgroup_from_seq(m)->memory.low));
6689 static ssize_t memory_low_write(struct kernfs_open_file *of,
6690 char *buf, size_t nbytes, loff_t off)
6692 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of));
6696 buf = strstrip(buf);
6697 err = page_counter_memparse(buf, "max", &low);
6701 page_counter_set_low(&memcg->memory, low);
6706 static int memory_high_show(struct seq_file *m, void *v)
6708 return seq_puts_memcg_tunable(m,
6709 READ_ONCE(mem_cgroup_from_seq(m)->memory.high));
6712 static ssize_t memory_high_write(struct kernfs_open_file *of,
6713 char *buf, size_t nbytes, loff_t off)
6715 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of));
6716 unsigned int nr_retries = MAX_RECLAIM_RETRIES;
6717 bool drained = false;
6721 buf = strstrip(buf);
6722 err = page_counter_memparse(buf, "max", &high);
6726 page_counter_set_high(&memcg->memory, high);
6729 unsigned long nr_pages = page_counter_read(&memcg->memory);
6730 unsigned long reclaimed;
6732 if (nr_pages <= high)
6735 if (signal_pending(current))
6739 drain_all_stock(memcg);
6744 reclaimed = try_to_free_mem_cgroup_pages(memcg, nr_pages - high,
6745 GFP_KERNEL, MEMCG_RECLAIM_MAY_SWAP);
6747 if (!reclaimed && !nr_retries--)
6751 memcg_wb_domain_size_changed(memcg);
6755 static int memory_max_show(struct seq_file *m, void *v)
6757 return seq_puts_memcg_tunable(m,
6758 READ_ONCE(mem_cgroup_from_seq(m)->memory.max));
6761 static ssize_t memory_max_write(struct kernfs_open_file *of,
6762 char *buf, size_t nbytes, loff_t off)
6764 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of));
6765 unsigned int nr_reclaims = MAX_RECLAIM_RETRIES;
6766 bool drained = false;
6770 buf = strstrip(buf);
6771 err = page_counter_memparse(buf, "max", &max);
6775 xchg(&memcg->memory.max, max);
6778 unsigned long nr_pages = page_counter_read(&memcg->memory);
6780 if (nr_pages <= max)
6783 if (signal_pending(current))
6787 drain_all_stock(memcg);
6793 if (!try_to_free_mem_cgroup_pages(memcg, nr_pages - max,
6794 GFP_KERNEL, MEMCG_RECLAIM_MAY_SWAP))
6799 memcg_memory_event(memcg, MEMCG_OOM);
6800 if (!mem_cgroup_out_of_memory(memcg, GFP_KERNEL, 0))
6804 memcg_wb_domain_size_changed(memcg);
6809 * Note: don't forget to update the 'samples/cgroup/memcg_event_listener'
6810 * if any new events become available.
6812 static void __memory_events_show(struct seq_file *m, atomic_long_t *events)
6814 seq_printf(m, "low %lu\n", atomic_long_read(&events[MEMCG_LOW]));
6815 seq_printf(m, "high %lu\n", atomic_long_read(&events[MEMCG_HIGH]));
6816 seq_printf(m, "max %lu\n", atomic_long_read(&events[MEMCG_MAX]));
6817 seq_printf(m, "oom %lu\n", atomic_long_read(&events[MEMCG_OOM]));
6818 seq_printf(m, "oom_kill %lu\n",
6819 atomic_long_read(&events[MEMCG_OOM_KILL]));
6820 seq_printf(m, "oom_group_kill %lu\n",
6821 atomic_long_read(&events[MEMCG_OOM_GROUP_KILL]));
6824 static int memory_events_show(struct seq_file *m, void *v)
6826 struct mem_cgroup *memcg = mem_cgroup_from_seq(m);
6828 __memory_events_show(m, memcg->memory_events);
6832 static int memory_events_local_show(struct seq_file *m, void *v)
6834 struct mem_cgroup *memcg = mem_cgroup_from_seq(m);
6836 __memory_events_show(m, memcg->memory_events_local);
6840 static int memory_stat_show(struct seq_file *m, void *v)
6842 struct mem_cgroup *memcg = mem_cgroup_from_seq(m);
6843 char *buf = kmalloc(PAGE_SIZE, GFP_KERNEL);
6848 seq_buf_init(&s, buf, PAGE_SIZE);
6849 memory_stat_format(memcg, &s);
6856 static inline unsigned long lruvec_page_state_output(struct lruvec *lruvec,
6859 return lruvec_page_state(lruvec, item) *
6860 memcg_page_state_output_unit(item);
6863 static int memory_numa_stat_show(struct seq_file *m, void *v)
6866 struct mem_cgroup *memcg = mem_cgroup_from_seq(m);
6868 mem_cgroup_flush_stats();
6870 for (i = 0; i < ARRAY_SIZE(memory_stats); i++) {
6873 if (memory_stats[i].idx >= NR_VM_NODE_STAT_ITEMS)
6876 seq_printf(m, "%s", memory_stats[i].name);
6877 for_each_node_state(nid, N_MEMORY) {
6879 struct lruvec *lruvec;
6881 lruvec = mem_cgroup_lruvec(memcg, NODE_DATA(nid));
6882 size = lruvec_page_state_output(lruvec,
6883 memory_stats[i].idx);
6884 seq_printf(m, " N%d=%llu", nid, size);
6893 static int memory_oom_group_show(struct seq_file *m, void *v)
6895 struct mem_cgroup *memcg = mem_cgroup_from_seq(m);
6897 seq_printf(m, "%d\n", READ_ONCE(memcg->oom_group));
6902 static ssize_t memory_oom_group_write(struct kernfs_open_file *of,
6903 char *buf, size_t nbytes, loff_t off)
6905 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of));
6908 buf = strstrip(buf);
6912 ret = kstrtoint(buf, 0, &oom_group);
6916 if (oom_group != 0 && oom_group != 1)
6919 WRITE_ONCE(memcg->oom_group, oom_group);
6924 static ssize_t memory_reclaim(struct kernfs_open_file *of, char *buf,
6925 size_t nbytes, loff_t off)
6927 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of));
6928 unsigned int nr_retries = MAX_RECLAIM_RETRIES;
6929 unsigned long nr_to_reclaim, nr_reclaimed = 0;
6930 unsigned int reclaim_options;
6933 buf = strstrip(buf);
6934 err = page_counter_memparse(buf, "", &nr_to_reclaim);
6938 reclaim_options = MEMCG_RECLAIM_MAY_SWAP | MEMCG_RECLAIM_PROACTIVE;
6939 while (nr_reclaimed < nr_to_reclaim) {
6940 unsigned long reclaimed;
6942 if (signal_pending(current))
6946 * This is the final attempt, drain percpu lru caches in the
6947 * hope of introducing more evictable pages for
6948 * try_to_free_mem_cgroup_pages().
6951 lru_add_drain_all();
6953 reclaimed = try_to_free_mem_cgroup_pages(memcg,
6954 min(nr_to_reclaim - nr_reclaimed, SWAP_CLUSTER_MAX),
6955 GFP_KERNEL, reclaim_options);
6957 if (!reclaimed && !nr_retries--)
6960 nr_reclaimed += reclaimed;
6966 static struct cftype memory_files[] = {
6969 .flags = CFTYPE_NOT_ON_ROOT,
6970 .read_u64 = memory_current_read,
6974 .flags = CFTYPE_NOT_ON_ROOT,
6975 .read_u64 = memory_peak_read,
6979 .flags = CFTYPE_NOT_ON_ROOT,
6980 .seq_show = memory_min_show,
6981 .write = memory_min_write,
6985 .flags = CFTYPE_NOT_ON_ROOT,
6986 .seq_show = memory_low_show,
6987 .write = memory_low_write,
6991 .flags = CFTYPE_NOT_ON_ROOT,
6992 .seq_show = memory_high_show,
6993 .write = memory_high_write,
6997 .flags = CFTYPE_NOT_ON_ROOT,
6998 .seq_show = memory_max_show,
6999 .write = memory_max_write,
7003 .flags = CFTYPE_NOT_ON_ROOT,
7004 .file_offset = offsetof(struct mem_cgroup, events_file),
7005 .seq_show = memory_events_show,
7008 .name = "events.local",
7009 .flags = CFTYPE_NOT_ON_ROOT,
7010 .file_offset = offsetof(struct mem_cgroup, events_local_file),
7011 .seq_show = memory_events_local_show,
7015 .seq_show = memory_stat_show,
7019 .name = "numa_stat",
7020 .seq_show = memory_numa_stat_show,
7024 .name = "oom.group",
7025 .flags = CFTYPE_NOT_ON_ROOT | CFTYPE_NS_DELEGATABLE,
7026 .seq_show = memory_oom_group_show,
7027 .write = memory_oom_group_write,
7031 .flags = CFTYPE_NS_DELEGATABLE,
7032 .write = memory_reclaim,
7037 struct cgroup_subsys memory_cgrp_subsys = {
7038 .css_alloc = mem_cgroup_css_alloc,
7039 .css_online = mem_cgroup_css_online,
7040 .css_offline = mem_cgroup_css_offline,
7041 .css_released = mem_cgroup_css_released,
7042 .css_free = mem_cgroup_css_free,
7043 .css_reset = mem_cgroup_css_reset,
7044 .css_rstat_flush = mem_cgroup_css_rstat_flush,
7045 .can_attach = mem_cgroup_can_attach,
7046 #if defined(CONFIG_LRU_GEN) || defined(CONFIG_MEMCG_KMEM)
7047 .attach = mem_cgroup_attach,
7049 .cancel_attach = mem_cgroup_cancel_attach,
7050 .post_attach = mem_cgroup_move_task,
7051 #ifdef CONFIG_MEMCG_KMEM
7052 .fork = mem_cgroup_fork,
7053 .exit = mem_cgroup_exit,
7055 .dfl_cftypes = memory_files,
7056 .legacy_cftypes = mem_cgroup_legacy_files,
7061 * This function calculates an individual cgroup's effective
7062 * protection which is derived from its own memory.min/low, its
7063 * parent's and siblings' settings, as well as the actual memory
7064 * distribution in the tree.
7066 * The following rules apply to the effective protection values:
7068 * 1. At the first level of reclaim, effective protection is equal to
7069 * the declared protection in memory.min and memory.low.
7071 * 2. To enable safe delegation of the protection configuration, at
7072 * subsequent levels the effective protection is capped to the
7073 * parent's effective protection.
7075 * 3. To make complex and dynamic subtrees easier to configure, the
7076 * user is allowed to overcommit the declared protection at a given
7077 * level. If that is the case, the parent's effective protection is
7078 * distributed to the children in proportion to how much protection
7079 * they have declared and how much of it they are utilizing.
7081 * This makes distribution proportional, but also work-conserving:
7082 * if one cgroup claims much more protection than it uses memory,
7083 * the unused remainder is available to its siblings.
7085 * 4. Conversely, when the declared protection is undercommitted at a
7086 * given level, the distribution of the larger parental protection
7087 * budget is NOT proportional. A cgroup's protection from a sibling
7088 * is capped to its own memory.min/low setting.
7090 * 5. However, to allow protecting recursive subtrees from each other
7091 * without having to declare each individual cgroup's fixed share
7092 * of the ancestor's claim to protection, any unutilized -
7093 * "floating" - protection from up the tree is distributed in
7094 * proportion to each cgroup's *usage*. This makes the protection
7095 * neutral wrt sibling cgroups and lets them compete freely over
7096 * the shared parental protection budget, but it protects the
7097 * subtree as a whole from neighboring subtrees.
7099 * Note that 4. and 5. are not in conflict: 4. is about protecting
7100 * against immediate siblings whereas 5. is about protecting against
7101 * neighboring subtrees.
7103 static unsigned long effective_protection(unsigned long usage,
7104 unsigned long parent_usage,
7105 unsigned long setting,
7106 unsigned long parent_effective,
7107 unsigned long siblings_protected)
7109 unsigned long protected;
7112 protected = min(usage, setting);
7114 * If all cgroups at this level combined claim and use more
7115 * protection than what the parent affords them, distribute
7116 * shares in proportion to utilization.
7118 * We are using actual utilization rather than the statically
7119 * claimed protection in order to be work-conserving: claimed
7120 * but unused protection is available to siblings that would
7121 * otherwise get a smaller chunk than what they claimed.
7123 if (siblings_protected > parent_effective)
7124 return protected * parent_effective / siblings_protected;
7127 * Ok, utilized protection of all children is within what the
7128 * parent affords them, so we know whatever this child claims
7129 * and utilizes is effectively protected.
7131 * If there is unprotected usage beyond this value, reclaim
7132 * will apply pressure in proportion to that amount.
7134 * If there is unutilized protection, the cgroup will be fully
7135 * shielded from reclaim, but we do return a smaller value for
7136 * protection than what the group could enjoy in theory. This
7137 * is okay. With the overcommit distribution above, effective
7138 * protection is always dependent on how memory is actually
7139 * consumed among the siblings anyway.
7144 * If the children aren't claiming (all of) the protection
7145 * afforded to them by the parent, distribute the remainder in
7146 * proportion to the (unprotected) memory of each cgroup. That
7147 * way, cgroups that aren't explicitly prioritized wrt each
7148 * other compete freely over the allowance, but they are
7149 * collectively protected from neighboring trees.
7151 * We're using unprotected memory for the weight so that if
7152 * some cgroups DO claim explicit protection, we don't protect
7153 * the same bytes twice.
7155 * Check both usage and parent_usage against the respective
7156 * protected values. One should imply the other, but they
7157 * aren't read atomically - make sure the division is sane.
7159 if (!(cgrp_dfl_root.flags & CGRP_ROOT_MEMORY_RECURSIVE_PROT))
7161 if (parent_effective > siblings_protected &&
7162 parent_usage > siblings_protected &&
7163 usage > protected) {
7164 unsigned long unclaimed;
7166 unclaimed = parent_effective - siblings_protected;
7167 unclaimed *= usage - protected;
7168 unclaimed /= parent_usage - siblings_protected;
7177 * mem_cgroup_calculate_protection - check if memory consumption is in the normal range
7178 * @root: the top ancestor of the sub-tree being checked
7179 * @memcg: the memory cgroup to check
7181 * WARNING: This function is not stateless! It can only be used as part
7182 * of a top-down tree iteration, not for isolated queries.
7184 void mem_cgroup_calculate_protection(struct mem_cgroup *root,
7185 struct mem_cgroup *memcg)
7187 unsigned long usage, parent_usage;
7188 struct mem_cgroup *parent;
7190 if (mem_cgroup_disabled())
7194 root = root_mem_cgroup;
7197 * Effective values of the reclaim targets are ignored so they
7198 * can be stale. Have a look at mem_cgroup_protection for more
7200 * TODO: calculation should be more robust so that we do not need
7201 * that special casing.
7206 usage = page_counter_read(&memcg->memory);
7210 parent = parent_mem_cgroup(memcg);
7212 if (parent == root) {
7213 memcg->memory.emin = READ_ONCE(memcg->memory.min);
7214 memcg->memory.elow = READ_ONCE(memcg->memory.low);
7218 parent_usage = page_counter_read(&parent->memory);
7220 WRITE_ONCE(memcg->memory.emin, effective_protection(usage, parent_usage,
7221 READ_ONCE(memcg->memory.min),
7222 READ_ONCE(parent->memory.emin),
7223 atomic_long_read(&parent->memory.children_min_usage)));
7225 WRITE_ONCE(memcg->memory.elow, effective_protection(usage, parent_usage,
7226 READ_ONCE(memcg->memory.low),
7227 READ_ONCE(parent->memory.elow),
7228 atomic_long_read(&parent->memory.children_low_usage)));
7231 static int charge_memcg(struct folio *folio, struct mem_cgroup *memcg,
7236 ret = try_charge(memcg, gfp, folio_nr_pages(folio));
7240 mem_cgroup_commit_charge(folio, memcg);
7245 int __mem_cgroup_charge(struct folio *folio, struct mm_struct *mm, gfp_t gfp)
7247 struct mem_cgroup *memcg;
7250 memcg = get_mem_cgroup_from_mm(mm);
7251 ret = charge_memcg(folio, memcg, gfp);
7252 css_put(&memcg->css);
7258 * mem_cgroup_hugetlb_try_charge - try to charge the memcg for a hugetlb folio
7259 * @memcg: memcg to charge.
7260 * @gfp: reclaim mode.
7261 * @nr_pages: number of pages to charge.
7263 * This function is called when allocating a huge page folio to determine if
7264 * the memcg has the capacity for it. It does not commit the charge yet,
7265 * as the hugetlb folio itself has not been obtained from the hugetlb pool.
7267 * Once we have obtained the hugetlb folio, we can call
7268 * mem_cgroup_commit_charge() to commit the charge. If we fail to obtain the
7269 * folio, we should instead call mem_cgroup_cancel_charge() to undo the effect
7272 * Returns 0 on success. Otherwise, an error code is returned.
7274 int mem_cgroup_hugetlb_try_charge(struct mem_cgroup *memcg, gfp_t gfp,
7278 * If hugetlb memcg charging is not enabled, do not fail hugetlb allocation,
7279 * but do not attempt to commit charge later (or cancel on error) either.
7281 if (mem_cgroup_disabled() || !memcg ||
7282 !cgroup_subsys_on_dfl(memory_cgrp_subsys) ||
7283 !(cgrp_dfl_root.flags & CGRP_ROOT_MEMORY_HUGETLB_ACCOUNTING))
7286 if (try_charge(memcg, gfp, nr_pages))
7293 * mem_cgroup_swapin_charge_folio - Charge a newly allocated folio for swapin.
7294 * @folio: folio to charge.
7295 * @mm: mm context of the victim
7296 * @gfp: reclaim mode
7297 * @entry: swap entry for which the folio is allocated
7299 * This function charges a folio allocated for swapin. Please call this before
7300 * adding the folio to the swapcache.
7302 * Returns 0 on success. Otherwise, an error code is returned.
7304 int mem_cgroup_swapin_charge_folio(struct folio *folio, struct mm_struct *mm,
7305 gfp_t gfp, swp_entry_t entry)
7307 struct mem_cgroup *memcg;
7311 if (mem_cgroup_disabled())
7314 id = lookup_swap_cgroup_id(entry);
7316 memcg = mem_cgroup_from_id(id);
7317 if (!memcg || !css_tryget_online(&memcg->css))
7318 memcg = get_mem_cgroup_from_mm(mm);
7321 ret = charge_memcg(folio, memcg, gfp);
7323 css_put(&memcg->css);
7328 * mem_cgroup_swapin_uncharge_swap - uncharge swap slot
7329 * @entry: swap entry for which the page is charged
7331 * Call this function after successfully adding the charged page to swapcache.
7333 * Note: This function assumes the page for which swap slot is being uncharged
7336 void mem_cgroup_swapin_uncharge_swap(swp_entry_t entry)
7339 * Cgroup1's unified memory+swap counter has been charged with the
7340 * new swapcache page, finish the transfer by uncharging the swap
7341 * slot. The swap slot would also get uncharged when it dies, but
7342 * it can stick around indefinitely and we'd count the page twice
7345 * Cgroup2 has separate resource counters for memory and swap,
7346 * so this is a non-issue here. Memory and swap charge lifetimes
7347 * correspond 1:1 to page and swap slot lifetimes: we charge the
7348 * page to memory here, and uncharge swap when the slot is freed.
7350 if (!mem_cgroup_disabled() && do_memsw_account()) {
7352 * The swap entry might not get freed for a long time,
7353 * let's not wait for it. The page already received a
7354 * memory+swap charge, drop the swap entry duplicate.
7356 mem_cgroup_uncharge_swap(entry, 1);
7360 struct uncharge_gather {
7361 struct mem_cgroup *memcg;
7362 unsigned long nr_memory;
7363 unsigned long pgpgout;
7364 unsigned long nr_kmem;
7368 static inline void uncharge_gather_clear(struct uncharge_gather *ug)
7370 memset(ug, 0, sizeof(*ug));
7373 static void uncharge_batch(const struct uncharge_gather *ug)
7375 unsigned long flags;
7377 if (ug->nr_memory) {
7378 page_counter_uncharge(&ug->memcg->memory, ug->nr_memory);
7379 if (do_memsw_account())
7380 page_counter_uncharge(&ug->memcg->memsw, ug->nr_memory);
7382 memcg_account_kmem(ug->memcg, -ug->nr_kmem);
7383 memcg_oom_recover(ug->memcg);
7386 local_irq_save(flags);
7387 __count_memcg_events(ug->memcg, PGPGOUT, ug->pgpgout);
7388 __this_cpu_add(ug->memcg->vmstats_percpu->nr_page_events, ug->nr_memory);
7389 memcg_check_events(ug->memcg, ug->nid);
7390 local_irq_restore(flags);
7392 /* drop reference from uncharge_folio */
7393 css_put(&ug->memcg->css);
7396 static void uncharge_folio(struct folio *folio, struct uncharge_gather *ug)
7399 struct mem_cgroup *memcg;
7400 struct obj_cgroup *objcg;
7402 VM_BUG_ON_FOLIO(folio_test_lru(folio), folio);
7405 * Nobody should be changing or seriously looking at
7406 * folio memcg or objcg at this point, we have fully
7407 * exclusive access to the folio.
7409 if (folio_memcg_kmem(folio)) {
7410 objcg = __folio_objcg(folio);
7412 * This get matches the put at the end of the function and
7413 * kmem pages do not hold memcg references anymore.
7415 memcg = get_mem_cgroup_from_objcg(objcg);
7417 memcg = __folio_memcg(folio);
7423 if (ug->memcg != memcg) {
7426 uncharge_gather_clear(ug);
7429 ug->nid = folio_nid(folio);
7431 /* pairs with css_put in uncharge_batch */
7432 css_get(&memcg->css);
7435 nr_pages = folio_nr_pages(folio);
7437 if (folio_memcg_kmem(folio)) {
7438 ug->nr_memory += nr_pages;
7439 ug->nr_kmem += nr_pages;
7441 folio->memcg_data = 0;
7442 obj_cgroup_put(objcg);
7444 /* LRU pages aren't accounted at the root level */
7445 if (!mem_cgroup_is_root(memcg))
7446 ug->nr_memory += nr_pages;
7449 folio->memcg_data = 0;
7452 css_put(&memcg->css);
7455 void __mem_cgroup_uncharge(struct folio *folio)
7457 struct uncharge_gather ug;
7459 /* Don't touch folio->lru of any random page, pre-check: */
7460 if (!folio_memcg(folio))
7463 uncharge_gather_clear(&ug);
7464 uncharge_folio(folio, &ug);
7465 uncharge_batch(&ug);
7469 * __mem_cgroup_uncharge_list - uncharge a list of page
7470 * @page_list: list of pages to uncharge
7472 * Uncharge a list of pages previously charged with
7473 * __mem_cgroup_charge().
7475 void __mem_cgroup_uncharge_list(struct list_head *page_list)
7477 struct uncharge_gather ug;
7478 struct folio *folio;
7480 uncharge_gather_clear(&ug);
7481 list_for_each_entry(folio, page_list, lru)
7482 uncharge_folio(folio, &ug);
7484 uncharge_batch(&ug);
7488 * mem_cgroup_replace_folio - Charge a folio's replacement.
7489 * @old: Currently circulating folio.
7490 * @new: Replacement folio.
7492 * Charge @new as a replacement folio for @old. @old will
7493 * be uncharged upon free. This is only used by the page cache
7494 * (in replace_page_cache_folio()).
7496 * Both folios must be locked, @new->mapping must be set up.
7498 void mem_cgroup_replace_folio(struct folio *old, struct folio *new)
7500 struct mem_cgroup *memcg;
7501 long nr_pages = folio_nr_pages(new);
7502 unsigned long flags;
7504 VM_BUG_ON_FOLIO(!folio_test_locked(old), old);
7505 VM_BUG_ON_FOLIO(!folio_test_locked(new), new);
7506 VM_BUG_ON_FOLIO(folio_test_anon(old) != folio_test_anon(new), new);
7507 VM_BUG_ON_FOLIO(folio_nr_pages(old) != nr_pages, new);
7509 if (mem_cgroup_disabled())
7512 /* Page cache replacement: new folio already charged? */
7513 if (folio_memcg(new))
7516 memcg = folio_memcg(old);
7517 VM_WARN_ON_ONCE_FOLIO(!memcg, old);
7521 /* Force-charge the new page. The old one will be freed soon */
7522 if (!mem_cgroup_is_root(memcg)) {
7523 page_counter_charge(&memcg->memory, nr_pages);
7524 if (do_memsw_account())
7525 page_counter_charge(&memcg->memsw, nr_pages);
7528 css_get(&memcg->css);
7529 commit_charge(new, memcg);
7531 local_irq_save(flags);
7532 mem_cgroup_charge_statistics(memcg, nr_pages);
7533 memcg_check_events(memcg, folio_nid(new));
7534 local_irq_restore(flags);
7538 * mem_cgroup_migrate - Transfer the memcg data from the old to the new folio.
7539 * @old: Currently circulating folio.
7540 * @new: Replacement folio.
7542 * Transfer the memcg data from the old folio to the new folio for migration.
7543 * The old folio's data info will be cleared. Note that the memory counters
7544 * will remain unchanged throughout the process.
7546 * Both folios must be locked, @new->mapping must be set up.
7548 void mem_cgroup_migrate(struct folio *old, struct folio *new)
7550 struct mem_cgroup *memcg;
7552 VM_BUG_ON_FOLIO(!folio_test_locked(old), old);
7553 VM_BUG_ON_FOLIO(!folio_test_locked(new), new);
7554 VM_BUG_ON_FOLIO(folio_test_anon(old) != folio_test_anon(new), new);
7555 VM_BUG_ON_FOLIO(folio_nr_pages(old) != folio_nr_pages(new), new);
7557 if (mem_cgroup_disabled())
7560 memcg = folio_memcg(old);
7562 * Note that it is normal to see !memcg for a hugetlb folio.
7563 * For e.g, itt could have been allocated when memory_hugetlb_accounting
7566 VM_WARN_ON_ONCE_FOLIO(!folio_test_hugetlb(old) && !memcg, old);
7570 /* Transfer the charge and the css ref */
7571 commit_charge(new, memcg);
7572 old->memcg_data = 0;
7575 DEFINE_STATIC_KEY_FALSE(memcg_sockets_enabled_key);
7576 EXPORT_SYMBOL(memcg_sockets_enabled_key);
7578 void mem_cgroup_sk_alloc(struct sock *sk)
7580 struct mem_cgroup *memcg;
7582 if (!mem_cgroup_sockets_enabled)
7585 /* Do not associate the sock with unrelated interrupted task's memcg. */
7590 memcg = mem_cgroup_from_task(current);
7591 if (mem_cgroup_is_root(memcg))
7593 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys) && !memcg->tcpmem_active)
7595 if (css_tryget(&memcg->css))
7596 sk->sk_memcg = memcg;
7601 void mem_cgroup_sk_free(struct sock *sk)
7604 css_put(&sk->sk_memcg->css);
7608 * mem_cgroup_charge_skmem - charge socket memory
7609 * @memcg: memcg to charge
7610 * @nr_pages: number of pages to charge
7611 * @gfp_mask: reclaim mode
7613 * Charges @nr_pages to @memcg. Returns %true if the charge fit within
7614 * @memcg's configured limit, %false if it doesn't.
7616 bool mem_cgroup_charge_skmem(struct mem_cgroup *memcg, unsigned int nr_pages,
7619 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys)) {
7620 struct page_counter *fail;
7622 if (page_counter_try_charge(&memcg->tcpmem, nr_pages, &fail)) {
7623 memcg->tcpmem_pressure = 0;
7626 memcg->tcpmem_pressure = 1;
7627 if (gfp_mask & __GFP_NOFAIL) {
7628 page_counter_charge(&memcg->tcpmem, nr_pages);
7634 if (try_charge(memcg, gfp_mask, nr_pages) == 0) {
7635 mod_memcg_state(memcg, MEMCG_SOCK, nr_pages);
7643 * mem_cgroup_uncharge_skmem - uncharge socket memory
7644 * @memcg: memcg to uncharge
7645 * @nr_pages: number of pages to uncharge
7647 void mem_cgroup_uncharge_skmem(struct mem_cgroup *memcg, unsigned int nr_pages)
7649 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys)) {
7650 page_counter_uncharge(&memcg->tcpmem, nr_pages);
7654 mod_memcg_state(memcg, MEMCG_SOCK, -nr_pages);
7656 refill_stock(memcg, nr_pages);
7659 static int __init cgroup_memory(char *s)
7663 while ((token = strsep(&s, ",")) != NULL) {
7666 if (!strcmp(token, "nosocket"))
7667 cgroup_memory_nosocket = true;
7668 if (!strcmp(token, "nokmem"))
7669 cgroup_memory_nokmem = true;
7670 if (!strcmp(token, "nobpf"))
7671 cgroup_memory_nobpf = true;
7675 __setup("cgroup.memory=", cgroup_memory);
7678 * subsys_initcall() for memory controller.
7680 * Some parts like memcg_hotplug_cpu_dead() have to be initialized from this
7681 * context because of lock dependencies (cgroup_lock -> cpu hotplug) but
7682 * basically everything that doesn't depend on a specific mem_cgroup structure
7683 * should be initialized from here.
7685 static int __init mem_cgroup_init(void)
7690 * Currently s32 type (can refer to struct batched_lruvec_stat) is
7691 * used for per-memcg-per-cpu caching of per-node statistics. In order
7692 * to work fine, we should make sure that the overfill threshold can't
7693 * exceed S32_MAX / PAGE_SIZE.
7695 BUILD_BUG_ON(MEMCG_CHARGE_BATCH > S32_MAX / PAGE_SIZE);
7697 cpuhp_setup_state_nocalls(CPUHP_MM_MEMCQ_DEAD, "mm/memctrl:dead", NULL,
7698 memcg_hotplug_cpu_dead);
7700 for_each_possible_cpu(cpu)
7701 INIT_WORK(&per_cpu_ptr(&memcg_stock, cpu)->work,
7704 for_each_node(node) {
7705 struct mem_cgroup_tree_per_node *rtpn;
7707 rtpn = kzalloc_node(sizeof(*rtpn), GFP_KERNEL, node);
7709 rtpn->rb_root = RB_ROOT;
7710 rtpn->rb_rightmost = NULL;
7711 spin_lock_init(&rtpn->lock);
7712 soft_limit_tree.rb_tree_per_node[node] = rtpn;
7717 subsys_initcall(mem_cgroup_init);
7720 static struct mem_cgroup *mem_cgroup_id_get_online(struct mem_cgroup *memcg)
7722 while (!refcount_inc_not_zero(&memcg->id.ref)) {
7724 * The root cgroup cannot be destroyed, so it's refcount must
7727 if (WARN_ON_ONCE(mem_cgroup_is_root(memcg))) {
7731 memcg = parent_mem_cgroup(memcg);
7733 memcg = root_mem_cgroup;
7739 * mem_cgroup_swapout - transfer a memsw charge to swap
7740 * @folio: folio whose memsw charge to transfer
7741 * @entry: swap entry to move the charge to
7743 * Transfer the memsw charge of @folio to @entry.
7745 void mem_cgroup_swapout(struct folio *folio, swp_entry_t entry)
7747 struct mem_cgroup *memcg, *swap_memcg;
7748 unsigned int nr_entries;
7749 unsigned short oldid;
7751 VM_BUG_ON_FOLIO(folio_test_lru(folio), folio);
7752 VM_BUG_ON_FOLIO(folio_ref_count(folio), folio);
7754 if (mem_cgroup_disabled())
7757 if (!do_memsw_account())
7760 memcg = folio_memcg(folio);
7762 VM_WARN_ON_ONCE_FOLIO(!memcg, folio);
7767 * In case the memcg owning these pages has been offlined and doesn't
7768 * have an ID allocated to it anymore, charge the closest online
7769 * ancestor for the swap instead and transfer the memory+swap charge.
7771 swap_memcg = mem_cgroup_id_get_online(memcg);
7772 nr_entries = folio_nr_pages(folio);
7773 /* Get references for the tail pages, too */
7775 mem_cgroup_id_get_many(swap_memcg, nr_entries - 1);
7776 oldid = swap_cgroup_record(entry, mem_cgroup_id(swap_memcg),
7778 VM_BUG_ON_FOLIO(oldid, folio);
7779 mod_memcg_state(swap_memcg, MEMCG_SWAP, nr_entries);
7781 folio->memcg_data = 0;
7783 if (!mem_cgroup_is_root(memcg))
7784 page_counter_uncharge(&memcg->memory, nr_entries);
7786 if (memcg != swap_memcg) {
7787 if (!mem_cgroup_is_root(swap_memcg))
7788 page_counter_charge(&swap_memcg->memsw, nr_entries);
7789 page_counter_uncharge(&memcg->memsw, nr_entries);
7793 * Interrupts should be disabled here because the caller holds the
7794 * i_pages lock which is taken with interrupts-off. It is
7795 * important here to have the interrupts disabled because it is the
7796 * only synchronisation we have for updating the per-CPU variables.
7799 mem_cgroup_charge_statistics(memcg, -nr_entries);
7800 memcg_stats_unlock();
7801 memcg_check_events(memcg, folio_nid(folio));
7803 css_put(&memcg->css);
7807 * __mem_cgroup_try_charge_swap - try charging swap space for a folio
7808 * @folio: folio being added to swap
7809 * @entry: swap entry to charge
7811 * Try to charge @folio's memcg for the swap space at @entry.
7813 * Returns 0 on success, -ENOMEM on failure.
7815 int __mem_cgroup_try_charge_swap(struct folio *folio, swp_entry_t entry)
7817 unsigned int nr_pages = folio_nr_pages(folio);
7818 struct page_counter *counter;
7819 struct mem_cgroup *memcg;
7820 unsigned short oldid;
7822 if (do_memsw_account())
7825 memcg = folio_memcg(folio);
7827 VM_WARN_ON_ONCE_FOLIO(!memcg, folio);
7832 memcg_memory_event(memcg, MEMCG_SWAP_FAIL);
7836 memcg = mem_cgroup_id_get_online(memcg);
7838 if (!mem_cgroup_is_root(memcg) &&
7839 !page_counter_try_charge(&memcg->swap, nr_pages, &counter)) {
7840 memcg_memory_event(memcg, MEMCG_SWAP_MAX);
7841 memcg_memory_event(memcg, MEMCG_SWAP_FAIL);
7842 mem_cgroup_id_put(memcg);
7846 /* Get references for the tail pages, too */
7848 mem_cgroup_id_get_many(memcg, nr_pages - 1);
7849 oldid = swap_cgroup_record(entry, mem_cgroup_id(memcg), nr_pages);
7850 VM_BUG_ON_FOLIO(oldid, folio);
7851 mod_memcg_state(memcg, MEMCG_SWAP, nr_pages);
7857 * __mem_cgroup_uncharge_swap - uncharge swap space
7858 * @entry: swap entry to uncharge
7859 * @nr_pages: the amount of swap space to uncharge
7861 void __mem_cgroup_uncharge_swap(swp_entry_t entry, unsigned int nr_pages)
7863 struct mem_cgroup *memcg;
7866 id = swap_cgroup_record(entry, 0, nr_pages);
7868 memcg = mem_cgroup_from_id(id);
7870 if (!mem_cgroup_is_root(memcg)) {
7871 if (do_memsw_account())
7872 page_counter_uncharge(&memcg->memsw, nr_pages);
7874 page_counter_uncharge(&memcg->swap, nr_pages);
7876 mod_memcg_state(memcg, MEMCG_SWAP, -nr_pages);
7877 mem_cgroup_id_put_many(memcg, nr_pages);
7882 long mem_cgroup_get_nr_swap_pages(struct mem_cgroup *memcg)
7884 long nr_swap_pages = get_nr_swap_pages();
7886 if (mem_cgroup_disabled() || do_memsw_account())
7887 return nr_swap_pages;
7888 for (; !mem_cgroup_is_root(memcg); memcg = parent_mem_cgroup(memcg))
7889 nr_swap_pages = min_t(long, nr_swap_pages,
7890 READ_ONCE(memcg->swap.max) -
7891 page_counter_read(&memcg->swap));
7892 return nr_swap_pages;
7895 bool mem_cgroup_swap_full(struct folio *folio)
7897 struct mem_cgroup *memcg;
7899 VM_BUG_ON_FOLIO(!folio_test_locked(folio), folio);
7903 if (do_memsw_account())
7906 memcg = folio_memcg(folio);
7910 for (; !mem_cgroup_is_root(memcg); memcg = parent_mem_cgroup(memcg)) {
7911 unsigned long usage = page_counter_read(&memcg->swap);
7913 if (usage * 2 >= READ_ONCE(memcg->swap.high) ||
7914 usage * 2 >= READ_ONCE(memcg->swap.max))
7921 static int __init setup_swap_account(char *s)
7923 pr_warn_once("The swapaccount= commandline option is deprecated. "
7924 "Please report your usecase to linux-mm@kvack.org if you "
7925 "depend on this functionality.\n");
7928 __setup("swapaccount=", setup_swap_account);
7930 static u64 swap_current_read(struct cgroup_subsys_state *css,
7933 struct mem_cgroup *memcg = mem_cgroup_from_css(css);
7935 return (u64)page_counter_read(&memcg->swap) * PAGE_SIZE;
7938 static u64 swap_peak_read(struct cgroup_subsys_state *css,
7941 struct mem_cgroup *memcg = mem_cgroup_from_css(css);
7943 return (u64)memcg->swap.watermark * PAGE_SIZE;
7946 static int swap_high_show(struct seq_file *m, void *v)
7948 return seq_puts_memcg_tunable(m,
7949 READ_ONCE(mem_cgroup_from_seq(m)->swap.high));
7952 static ssize_t swap_high_write(struct kernfs_open_file *of,
7953 char *buf, size_t nbytes, loff_t off)
7955 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of));
7959 buf = strstrip(buf);
7960 err = page_counter_memparse(buf, "max", &high);
7964 page_counter_set_high(&memcg->swap, high);
7969 static int swap_max_show(struct seq_file *m, void *v)
7971 return seq_puts_memcg_tunable(m,
7972 READ_ONCE(mem_cgroup_from_seq(m)->swap.max));
7975 static ssize_t swap_max_write(struct kernfs_open_file *of,
7976 char *buf, size_t nbytes, loff_t off)
7978 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of));
7982 buf = strstrip(buf);
7983 err = page_counter_memparse(buf, "max", &max);
7987 xchg(&memcg->swap.max, max);
7992 static int swap_events_show(struct seq_file *m, void *v)
7994 struct mem_cgroup *memcg = mem_cgroup_from_seq(m);
7996 seq_printf(m, "high %lu\n",
7997 atomic_long_read(&memcg->memory_events[MEMCG_SWAP_HIGH]));
7998 seq_printf(m, "max %lu\n",
7999 atomic_long_read(&memcg->memory_events[MEMCG_SWAP_MAX]));
8000 seq_printf(m, "fail %lu\n",
8001 atomic_long_read(&memcg->memory_events[MEMCG_SWAP_FAIL]));
8006 static struct cftype swap_files[] = {
8008 .name = "swap.current",
8009 .flags = CFTYPE_NOT_ON_ROOT,
8010 .read_u64 = swap_current_read,
8013 .name = "swap.high",
8014 .flags = CFTYPE_NOT_ON_ROOT,
8015 .seq_show = swap_high_show,
8016 .write = swap_high_write,
8020 .flags = CFTYPE_NOT_ON_ROOT,
8021 .seq_show = swap_max_show,
8022 .write = swap_max_write,
8025 .name = "swap.peak",
8026 .flags = CFTYPE_NOT_ON_ROOT,
8027 .read_u64 = swap_peak_read,
8030 .name = "swap.events",
8031 .flags = CFTYPE_NOT_ON_ROOT,
8032 .file_offset = offsetof(struct mem_cgroup, swap_events_file),
8033 .seq_show = swap_events_show,
8038 static struct cftype memsw_files[] = {
8040 .name = "memsw.usage_in_bytes",
8041 .private = MEMFILE_PRIVATE(_MEMSWAP, RES_USAGE),
8042 .read_u64 = mem_cgroup_read_u64,
8045 .name = "memsw.max_usage_in_bytes",
8046 .private = MEMFILE_PRIVATE(_MEMSWAP, RES_MAX_USAGE),
8047 .write = mem_cgroup_reset,
8048 .read_u64 = mem_cgroup_read_u64,
8051 .name = "memsw.limit_in_bytes",
8052 .private = MEMFILE_PRIVATE(_MEMSWAP, RES_LIMIT),
8053 .write = mem_cgroup_write,
8054 .read_u64 = mem_cgroup_read_u64,
8057 .name = "memsw.failcnt",
8058 .private = MEMFILE_PRIVATE(_MEMSWAP, RES_FAILCNT),
8059 .write = mem_cgroup_reset,
8060 .read_u64 = mem_cgroup_read_u64,
8062 { }, /* terminate */
8065 #if defined(CONFIG_MEMCG_KMEM) && defined(CONFIG_ZSWAP)
8067 * obj_cgroup_may_zswap - check if this cgroup can zswap
8068 * @objcg: the object cgroup
8070 * Check if the hierarchical zswap limit has been reached.
8072 * This doesn't check for specific headroom, and it is not atomic
8073 * either. But with zswap, the size of the allocation is only known
8074 * once compression has occurred, and this optimistic pre-check avoids
8075 * spending cycles on compression when there is already no room left
8076 * or zswap is disabled altogether somewhere in the hierarchy.
8078 bool obj_cgroup_may_zswap(struct obj_cgroup *objcg)
8080 struct mem_cgroup *memcg, *original_memcg;
8083 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys))
8086 original_memcg = get_mem_cgroup_from_objcg(objcg);
8087 for (memcg = original_memcg; !mem_cgroup_is_root(memcg);
8088 memcg = parent_mem_cgroup(memcg)) {
8089 unsigned long max = READ_ONCE(memcg->zswap_max);
8090 unsigned long pages;
8092 if (max == PAGE_COUNTER_MAX)
8099 cgroup_rstat_flush(memcg->css.cgroup);
8100 pages = memcg_page_state(memcg, MEMCG_ZSWAP_B) / PAGE_SIZE;
8106 mem_cgroup_put(original_memcg);
8111 * obj_cgroup_charge_zswap - charge compression backend memory
8112 * @objcg: the object cgroup
8113 * @size: size of compressed object
8115 * This forces the charge after obj_cgroup_may_zswap() allowed
8116 * compression and storage in zwap for this cgroup to go ahead.
8118 void obj_cgroup_charge_zswap(struct obj_cgroup *objcg, size_t size)
8120 struct mem_cgroup *memcg;
8122 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys))
8125 VM_WARN_ON_ONCE(!(current->flags & PF_MEMALLOC));
8127 /* PF_MEMALLOC context, charging must succeed */
8128 if (obj_cgroup_charge(objcg, GFP_KERNEL, size))
8132 memcg = obj_cgroup_memcg(objcg);
8133 mod_memcg_state(memcg, MEMCG_ZSWAP_B, size);
8134 mod_memcg_state(memcg, MEMCG_ZSWAPPED, 1);
8139 * obj_cgroup_uncharge_zswap - uncharge compression backend memory
8140 * @objcg: the object cgroup
8141 * @size: size of compressed object
8143 * Uncharges zswap memory on page in.
8145 void obj_cgroup_uncharge_zswap(struct obj_cgroup *objcg, size_t size)
8147 struct mem_cgroup *memcg;
8149 if (!cgroup_subsys_on_dfl(memory_cgrp_subsys))
8152 obj_cgroup_uncharge(objcg, size);
8155 memcg = obj_cgroup_memcg(objcg);
8156 mod_memcg_state(memcg, MEMCG_ZSWAP_B, -size);
8157 mod_memcg_state(memcg, MEMCG_ZSWAPPED, -1);
8161 static u64 zswap_current_read(struct cgroup_subsys_state *css,
8164 cgroup_rstat_flush(css->cgroup);
8165 return memcg_page_state(mem_cgroup_from_css(css), MEMCG_ZSWAP_B);
8168 static int zswap_max_show(struct seq_file *m, void *v)
8170 return seq_puts_memcg_tunable(m,
8171 READ_ONCE(mem_cgroup_from_seq(m)->zswap_max));
8174 static ssize_t zswap_max_write(struct kernfs_open_file *of,
8175 char *buf, size_t nbytes, loff_t off)
8177 struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of));
8181 buf = strstrip(buf);
8182 err = page_counter_memparse(buf, "max", &max);
8186 xchg(&memcg->zswap_max, max);
8191 static struct cftype zswap_files[] = {
8193 .name = "zswap.current",
8194 .flags = CFTYPE_NOT_ON_ROOT,
8195 .read_u64 = zswap_current_read,
8198 .name = "zswap.max",
8199 .flags = CFTYPE_NOT_ON_ROOT,
8200 .seq_show = zswap_max_show,
8201 .write = zswap_max_write,
8205 #endif /* CONFIG_MEMCG_KMEM && CONFIG_ZSWAP */
8207 static int __init mem_cgroup_swap_init(void)
8209 if (mem_cgroup_disabled())
8212 WARN_ON(cgroup_add_dfl_cftypes(&memory_cgrp_subsys, swap_files));
8213 WARN_ON(cgroup_add_legacy_cftypes(&memory_cgrp_subsys, memsw_files));
8214 #if defined(CONFIG_MEMCG_KMEM) && defined(CONFIG_ZSWAP)
8215 WARN_ON(cgroup_add_dfl_cftypes(&memory_cgrp_subsys, zswap_files));
8219 subsys_initcall(mem_cgroup_swap_init);
8221 #endif /* CONFIG_SWAP */
projects / linux-2.6-microblaze.git / blob