Hi TJ,
On Fri, Dec 12, 2025 at 08:25:19AM +0900, T.J. Mercier wrote:
On Fri, Dec 12, 2025 at 4:31 AM Eric Chanudet echanude@redhat.com wrote:
The system dma-buf heap lets userspace allocate buffers from the page allocator. However, these allocations are not accounted for in memcg, allowing processes to escape limits that may be configured.
Pass the __GFP_ACCOUNT for our allocations to account them into memcg.
We had a discussion just last night in the MM track at LPC about how shared memory accounted in memcg is pretty broken. Without a way to identify (and possibly transfer) ownership of a shared buffer, this makes the accounting of shared memory, and zombie memcg problems worse. :\
Are there notes or a report from that discussion anywhere?
The way I see it, the dma-buf heaps *trivial* case is non-existent at the moment and that's definitely broken. Any application can bypass its cgroups limits trivially, and that's a pretty big hole in the system.
The shared ownership is indeed broken, but it's not more or less broken than, say, memfd + udmabuf, and I'm sure plenty of others.
So we really improve the common case, but only make the "advanced" slightly more broken than it already is.
Would you disagree?
Maxime