[Devel] [PATCH rh7 1/2] memcg: never fail kmem allocations

[Vladimir Davydov]

It is too dangerous to fail kmem allocations. E.g. there are lots of
places where the caller just can't tolerate a failure and keep looping
until kmalloc keeps failing. If kmalloc lacks __GFP_FS, which is common,
it might loop forever. Another reason why it's dangerous to fail kmalloc
is that it might result in unpredictable failures of userspace programs:
no-one expects a system call to fail to ENOMEM to handle this gracefully
- a program typically just abort if this happens.

Note, always letting kmalloc go doesn't mean that a container may breach
its limit - sooner or later it will issue a userspace allocation, which
will restore the justice. Besides, kmalloc will still run page reclaim
or even OOM killer, provided the context allows, so this change should
be safe.

Signed-off-by: Vladimir Davydov <vdavydov at virtuozzo.com>
---
 mm/memcontrol.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/mm/memcontrol.c b/mm/memcontrol.c
index 15bbd260a907..aeead6657862 100644
--- a/mm/memcontrol.c
+++ b/mm/memcontrol.c
@@ -3134,8 +3134,8 @@ int memcg_charge_kmem(struct mem_cgroup *memcg, gfp_t gfp, u64 size)
 	may_oom = (gfp & __GFP_FS) && !(gfp & __GFP_NORETRY);
 
 	_memcg = memcg;
-	ret = __mem_cgroup_try_charge(NULL, gfp, size >> PAGE_SHIFT,
-				      &_memcg, may_oom);
+	ret = __mem_cgroup_try_charge(NULL, gfp | __GFP_NOFAIL,
+				      size >> PAGE_SHIFT, &_memcg, may_oom);
 
 	if (ret == -EINTR)  {
 		/*
-- 
2.1.4