cgroup: Use kernel command line to disable memory cgroup

mairacanal · pelwell · commit 86099deff5ab · 2024-10-25T16:58:34.000+01:00
Commit 94a23e9 ("cgroup: Disable cgroup "memory" by default") disabled the memory cgroup by default when initing the cgroups. However, it's possible to disable the memory cgroup by a kernel command line. Hard-coding such a feature can be problematic as some memory management features depend on the order that things are set. For example, it is possible to see a NULL pointer dereference caused by commit 94a23e9. The NULL pointer dereference is triggered by the memory shrinker and ends up in a kernel crash. [ 50.028629] ================================================================== [ 50.028645] BUG: KASAN: null-ptr-deref in do_shrink_slab+0x1fc/0x978 [ 50.028663] Write of size 8 at addr 0000000000000000 by task gfxrecon-replay/1965 [ 50.028676] CPU: 3 UID: 1000 PID: 1965 Comm: gfxrecon-replay Tainted: G C 6.12.0-rc4-v8-thp-kasan+ #85 [ 50.028685] Tainted: [C]=CRAP [ 50.028689] Hardware name: Raspberry Pi 5 Model B Rev 1.0 (DT) [ 50.028694] Call trace: [ 50.028697] dump_backtrace+0xfc/0x120 [ 50.028706] show_stack+0x24/0x38 [ 50.028711] dump_stack_lvl+0x40/0x88 [ 50.028720] print_report+0xe4/0x708 [ 50.028728] kasan_report+0xcc/0x130 [ 50.028733] kasan_check_range+0x254/0x298 [ 50.028738] __kasan_check_write+0x20/0x30 [ 50.028745] do_shrink_slab+0x1fc/0x978 [ 50.028751] shrink_slab+0x318/0xc38 [ 50.028756] shrink_one+0x254/0x6d8 [ 50.028762] shrink_node+0x26b4/0x2848 [ 50.028767] do_try_to_free_pages+0x3e4/0x1190 [ 50.028773] try_to_free_pages+0x5a4/0xb40 [ 50.028778] __alloc_pages_direct_reclaim+0x144/0x298 [ 50.028787] __alloc_pages_slowpath+0x5c4/0xc70 [ 50.028793] __alloc_pages_noprof+0x4a8/0x6a8 [ 50.028800] __folio_alloc_noprof+0x24/0xa8 [ 50.028806] shmem_alloc_and_add_folio+0x2ec/0xce0 [ 50.028812] shmem_get_folio_gfp+0x380/0xc20 [ 50.028818] shmem_read_folio_gfp+0xe0/0x160 [ 50.028824] drm_gem_get_pages+0x238/0x620 [drm] [ 50.029039] drm_gem_shmem_get_pages_sgt+0xd8/0x4b8 [drm_shmem_helper] [ 50.029053] v3d_bo_create_finish+0x58/0x1e0 [v3d] [ 50.029083] v3d_create_bo_ioctl+0xac/0x210 [v3d] [ 50.029105] drm_ioctl_kernel+0x1d8/0x2b8 [drm] [ 50.029220] drm_ioctl+0x4b4/0x920 [drm] [ 50.029330] __arm64_sys_ioctl+0x11c/0x160 [ 50.029337] invoke_syscall+0x88/0x268 [ 50.029345] el0_svc_common+0x160/0x1d8 [ 50.029351] do_el0_svc+0x50/0x68 [ 50.029358] el0_svc+0x34/0x80 [ 50.029364] el0t_64_sync_handler+0x84/0x100 [ 50.029371] el0t_64_sync+0x190/0x198 [ 50.029376] ================================================================== This happens because the memory shrinker is unaware that we are artificially disabling the memory cgroups and therefore it doesn't allocate `nr_deferred` (as it would if we used the kernel command line). To avoid such an issue, revert the artificial disablement and disable it through the command line. If a user wants to enable the feature, it can use the `cgroup_enable=` command line. Signed-off-by: Maíra Canal <mcanal@igalia.com>
diff --git a/arch/arm/boot/dts/broadcom/bcm2708-rpi-bt.dtsi b/arch/arm/boot/dts/broadcom/bcm2708-rpi-bt.dtsi
@@ -24,7 +24,7 @@
 
 / {
 	chosen {
-		bootargs = "coherent_pool=1M 8250.nr_uarts=1 snd_bcm2835.enable_headphones=0";
+		bootargs = "coherent_pool=1M 8250.nr_uarts=1 snd_bcm2835.enable_headphones=0 cgroup_disable=memory";
 	};
 
 	aliases {
diff --git a/arch/arm/boot/dts/broadcom/bcm270x.dtsi b/arch/arm/boot/dts/broadcom/bcm270x.dtsi
@@ -4,7 +4,7 @@
 / {
 	chosen: chosen {
 		// Disable audio by default
-		bootargs = "coherent_pool=1M snd_bcm2835.enable_headphones=0";
+		bootargs = "coherent_pool=1M snd_bcm2835.enable_headphones=0 cgroup_disable=memory";
 		stdout-path = "serial0:115200n8";
 	};
 
diff --git a/arch/arm/boot/dts/broadcom/bcm2711-rpi-cm4s.dts b/arch/arm/boot/dts/broadcom/bcm2711-rpi-cm4s.dts
@@ -148,7 +148,7 @@
 
 / {
 	chosen {
-		bootargs = "coherent_pool=1M snd_bcm2835.enable_headphones=0 numa_policy=interleave";
+		bootargs = "coherent_pool=1M snd_bcm2835.enable_headphones=0 cgroup_disable=memory numa_policy=interleave";
 	};
 
 	aliases {
diff --git a/arch/arm/boot/dts/broadcom/bcm2711-rpi-ds.dtsi b/arch/arm/boot/dts/broadcom/bcm2711-rpi-ds.dtsi
@@ -3,7 +3,7 @@
 
 / {
 	chosen {
-		bootargs = "coherent_pool=1M 8250.nr_uarts=1 snd_bcm2835.enable_headphones=0 numa_policy=interleave";
+		bootargs = "coherent_pool=1M 8250.nr_uarts=1 snd_bcm2835.enable_headphones=0 cgroup_disable=memory numa_policy=interleave";
 	};
 
 	__overrides__ {
diff --git a/arch/arm/boot/dts/broadcom/bcm271x-rpi-bt.dtsi b/arch/arm/boot/dts/broadcom/bcm271x-rpi-bt.dtsi
@@ -24,7 +24,7 @@
 
 / {
 	chosen {
-		bootargs = "coherent_pool=1M 8250.nr_uarts=1 snd_bcm2835.enable_headphones=0";
+		bootargs = "coherent_pool=1M 8250.nr_uarts=1 snd_bcm2835.enable_headphones=0 cgroup_disable=memory";
 	};
 
 	aliases {
diff --git a/arch/arm64/boot/dts/broadcom/bcm2712-rpi.dtsi b/arch/arm64/boot/dts/broadcom/bcm2712-rpi.dtsi
@@ -99,7 +99,7 @@
 
 / {
 	chosen: chosen {
-		bootargs = "reboot=w coherent_pool=1M 8250.nr_uarts=1 pci=pcie_bus_safe numa_policy=interleave iommu_dma_numa_policy=interleave system_heap.max_order=0";
+		bootargs = "reboot=w coherent_pool=1M 8250.nr_uarts=1 pci=pcie_bus_safe cgroup_disable=memory numa_policy=interleave iommu_dma_numa_policy=interleave system_heap.max_order=0";
 		stdout-path = "serial10:115200n8";
 	};
 
diff --git a/kernel/cgroup/cgroup.c b/kernel/cgroup/cgroup.c
@@ -6060,9 +6060,6 @@ int __init cgroup_init_early(void)
 	return 0;
 }
 
-static u16 cgroup_enable_mask __initdata;
-static int __init cgroup_disable(char *str);
-
 /**
  * cgroup_init - cgroup initialization
  *
@@ -6096,12 +6093,6 @@ int __init cgroup_init(void)
 
 	cgroup_unlock();
 
-	/*
-	 * Apply an implicit disable, knowing that an explicit enable will
-	 * prevent if from doing anything.
-	 */
-	cgroup_disable("memory");
-
 	for_each_subsys(ss, ssid) {
 		if (ss->early_init) {
 			struct cgroup_subsys_state *css =
@@ -6742,10 +6733,6 @@ static int __init cgroup_disable(char *str)
 			    strcmp(token, ss->legacy_name))
 				continue;
 
-			/* An explicit cgroup_enable overrides a disable */
-			if (cgroup_enable_mask & (1 << i))
-				continue;
-
 			static_branch_disable(cgroup_subsys_enabled_key[i]);
 			pr_info("Disabling %s control group subsystem\n",
 				ss->name);
@@ -6779,7 +6766,7 @@ static int __init cgroup_enable(char *str)
 			    strcmp(token, ss->legacy_name))
 				continue;
 
-			cgroup_enable_mask |= 1 << i;
+			cgroup_feature_disable_mask &= ~(1 << i);
 			static_branch_enable(cgroup_subsys_enabled_key[i]);
 			pr_info("Enabling %s control group subsystem\n",
 				ss->name);
