/* memcontrol.c - Memory Controller
 *
 * Copyright IBM Corporation, 2007
 * Author Balbir Singh <balbir@linux.vnet.ibm.com>
 *
 * Copyright 2007 OpenVZ SWsoft Inc
 * Author: Pavel Emelianov <xemul@openvz.org>
 *
 * Memory thresholds
 * Copyright (C) 2009 Nokia Corporation
 * Author: Kirill A. Shutemov
 *
 * Kernel Memory Controller
 * Copyright (C) 2012 Parallels Inc. and Google Inc.
 * Authors: Glauber Costa and Suleiman Souhlal
 *
 * Native page reclaim
 * Charge lifetime sanitation
 * Lockless page tracking & accounting
 * Unified hierarchy configuration model
 * Copyright (C) 2015 Red Hat, Inc., Johannes Weiner
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 */

#include <linux/page_counter.h>
#include <linux/memcontrol.h>
#include <linux/cgroup.h>
#include <linux/mm.h>
#include <linux/sched/mm.h>
#include <linux/shmem_fs.h>
#include <linux/hugetlb.h>
#include <linux/pagemap.h>
#include <linux/smp.h>
#include <linux/page-flags.h>
#include <linux/backing-dev.h>
#include <linux/bit_spinlock.h>
#include <linux/rcupdate.h>
#include <linux/limits.h>
#include <linux/export.h>
#include <linux/mutex.h>
#include <linux/rbtree.h>
#include <linux/slab.h>
#include <linux/swap.h>
#include <linux/swapops.h>
#include <linux/spinlock.h>
#include <linux/eventfd.h>
#include <linux/poll.h>
#include <linux/sort.h>
#include <linux/fs.h>
#include <linux/seq_file.h>
#include <linux/vmpressure.h>
#include <linux/mm_inline.h>
#include <linux/swap_cgroup.h>
#include <linux/cpu.h>
#include <linux/oom.h>
#include <linux/lockdep.h>
#include <linux/file.h>
#include <linux/tracehook.h>
#include "internal.h"
#include <net/sock.h>
#include <net/ip.h>
#include "slab.h"

#include <linux/uaccess.h>

#include <trace/events/vmscan.h>

struct cgroup_subsys memory_cgrp_subsys __read_mostly;
EXPORT_SYMBOL(memory_cgrp_subsys);

struct mem_cgroup *root_mem_cgroup __read_mostly;

#define MEM_CGROUP_RECLAIM_RETRIES      5

/* Socket memory accounting disabled? */
static bool cgroup_memory_nosocket;

/* Kernel memory accounting disabled? */
static bool cgroup_memory_nokmem;

/* Whether the swap controller is active */
#ifdef CONFIG_MEMCG_SWAP
int do_swap_account __read_mostly;
#else
#define do_swap_account         0
#endif

/* Whether legacy memory+swap accounting is active */
static bool do_memsw_account(void)
{
        return !cgroup_subsys_on_dfl(memory_cgrp_subsys) && do_swap_account;
}

static const char *const mem_cgroup_lru_names[] = {
        "inactive_anon",
        "active_anon",
        "inactive_file",
        "active_file",
        "unevictable",
};

#define THRESHOLDS_EVENTS_TARGET 128
#define SOFTLIMIT_EVENTS_TARGET 1024
#define NUMAINFO_EVENTS_TARGET  1024

/*
 * Cgroups above their limits are maintained in a RB-Tree, independent of
 * their hierarchy representation
 */

struct mem_cgroup_tree_per_node {
        struct rb_root rb_root;
        struct rb_node *rb_rightmost;
        spinlock_t lock;
};

struct mem_cgroup_tree {
        struct mem_cgroup_tree_per_node *rb_tree_per_node[MAX_NUMNODES];
};

static struct mem_cgroup_tree soft_limit_tree __read_mostly;

/* for OOM */
struct mem_cgroup_eventfd_list {
        struct list_head list;
        struct eventfd_ctx *eventfd;
};

/*
 * cgroup_event represents events which userspace want to receive.
 */
struct mem_cgroup_event {
        /*
         * memcg which the event belongs to.
         */
        struct mem_cgroup *memcg;
        /*
         * eventfd to signal userspace about the event.
         */
        struct eventfd_ctx *eventfd;
        /*
         * Each of these stored in a list by the cgroup.
         */
        struct list_head list;
        /*
         * register_event() callback will be used to add new userspace
         * waiter for changes related to this event.  Use eventfd_signal()
         * on eventfd to send notification to userspace.
         */
        int (*register_event)(struct mem_cgroup *memcg,
                              struct eventfd_ctx *eventfd, const char *args);
        /*
         * unregister_event() callback will be called when userspace closes
         * the eventfd or on cgroup removing.  This callback must be set,
         * if you want provide notification functionality.
         */
        void (*unregister_event)(struct mem_cgroup *memcg,
                                 struct eventfd_ctx *eventfd);
        /*
         * All fields below needed to unregister event when
         * userspace closes eventfd.
         */
        poll_table pt;
        wait_queue_head_t *wqh;
        wait_queue_entry_t wait;
        struct work_struct remove;
};

static void mem_cgroup_threshold(struct mem_cgroup *memcg);
static void mem_cgroup_oom_notify(struct mem_cgroup *memcg);

/* Stuffs for move charges at task migration. */
/*
 * Types of charges to be moved.
 */
#define MOVE_ANON       0x1U
#define MOVE_FILE       0x2U
#define MOVE_MASK       (MOVE_ANON | MOVE_FILE)

/* "mc" and its members are protected by cgroup_mutex */
static struct move_charge_struct {
        spinlock_t        lock; /* for from, to */
        struct mm_struct  *mm;
        struct mem_cgroup *from;
        struct mem_cgroup *to;
        unsigned long flags;
        unsigned long precharge;
        unsigned long moved_charge;
        unsigned long moved_swap;
        struct task_struct *moving_task;        /* a task moving charges */
        wait_queue_head_t waitq;                /* a waitq for other context */
} mc = {
        .lock = __SPIN_LOCK_UNLOCKED(mc.lock),
        .waitq = __WAIT_QUEUE_HEAD_INITIALIZER(mc.waitq),
};

/*
 * Maximum loops in mem_cgroup_hierarchical_reclaim(), used for soft
 * limit reclaim to prevent infinite loops, if they ever occur.
 */
#define MEM_CGROUP_MAX_RECLAIM_LOOPS            100
#define MEM_CGROUP_MAX_SOFT_LIMIT_RECLAIM_LOOPS 2

enum charge_type {
        MEM_CGROUP_CHARGE_TYPE_CACHE = 0,
        MEM_CGROUP_CHARGE_TYPE_ANON,
        MEM_CGROUP_CHARGE_TYPE_SWAPOUT, /* for accounting swapcache */
        MEM_CGROUP_CHARGE_TYPE_DROP,    /* a page was unused swap cache */
        NR_CHARGE_TYPE,
};

/* for encoding cft->private value on file */
enum res_type {
        _MEM,
        _MEMSWAP,
        _OOM_TYPE,
        _KMEM,
        _TCP,
};

#define MEMFILE_PRIVATE(x, val) ((x) << 16 | (val))
#define MEMFILE_TYPE(val)       ((val) >> 16 & 0xffff)
#define MEMFILE_ATTR(val)       ((val) & 0xffff)
/* Used for OOM nofiier */
#define OOM_CONTROL             (0)

/* Some nice accessors for the vmpressure. */
struct vmpressure *memcg_to_vmpressure(struct mem_cgroup *memcg)
{
        if (!memcg)
                memcg = root_mem_cgroup;
        return &memcg->vmpressure;
}

struct cgroup_subsys_state *vmpressure_to_css(struct vmpressure *vmpr)
{
        return &container_of(vmpr, struct mem_cgroup, vmpressure)->css;
}

static inline bool mem_cgroup_is_root(struct mem_cgroup *memcg)
{
        return (memcg == root_mem_cgroup);
}

#ifndef CONFIG_SLOB
/*
 * This will be the memcg's index in each cache's ->memcg_params.memcg_caches.
 * The main reason for not using cgroup id for this:
 *  this works better in sparse environments, where we have a lot of memcgs,
 *  but only a few kmem-limited. Or also, if we have, for instance, 200
 *  memcgs, and none but the 200th is kmem-limited, we'd have to have a
 *  200 entry array for that.
 *
 * The current size of the caches array is stored in memcg_nr_cache_ids. It
 * will double each time we have to increase it.
 */
static DEFINE_IDA(memcg_cache_ida);
int memcg_nr_cache_ids;

/* Protects memcg_nr_cache_ids */
static DECLARE_RWSEM(memcg_cache_ids_sem);

void memcg_get_cache_ids(void)
{
        down_read(&memcg_cache_ids_sem);
}

void memcg_put_cache_ids(void)
{
        up_read(&memcg_cache_ids_sem);
}

/*
 * MIN_SIZE is different than 1, because we would like to avoid going through
 * the alloc/free process all the time. In a small machine, 4 kmem-limited
 * cgroups is a reasonable guess. In the future, it could be a parameter or
 * tunable, but that is strictly not necessary.
 *
 * MAX_SIZE should be as large as the number of cgrp_ids. Ideally, we could get
 * this constant directly from cgroup, but it is understandable that this is
 * better kept as an internal representation in cgroup.c. In any case, the
 * cgrp_id space is not getting any smaller, and we don't have to necessarily
 * increase ours as well if it increases.
 */
#define MEMCG_CACHES_MIN_SIZE 4
#define MEMCG_CACHES_MAX_SIZE MEM_CGROUP_ID_MAX

/*
 * A lot of the calls to the cache allocation functions are expected to be
 * inlined by the compiler. Since the calls to memcg_kmem_get_cache are
 * conditional to this static branch, we'll have to allow modules that does
 * kmem_cache_alloc and the such to see this symbol as well
 */
DEFINE_STATIC_KEY_FALSE(memcg_kmem_enabled_key);
EXPORT_SYMBOL(memcg_kmem_enabled_key);

struct workqueue_struct *memcg_kmem_cache_wq;

#endif /* !CONFIG_SLOB */

/**
 * mem_cgroup_css_from_page - css of the memcg associated with a page
 * @page: page of interest
 *
 * If memcg is bound to the default hierarchy, css of the memcg associated
 * with @page is returned.  The returned css remains associated with @page
 * until it is released.
 *
 * If memcg is bound to a traditional hierarchy, the css of root_mem_cgroup
 * is returned.
 */
struct cgroup_subsys_state *mem_cgroup_css_from_page(struct page *page)
{
        struct mem_cgroup *memcg;

        memcg = page->mem_cgroup;

        if (!memcg || !cgroup_subsys_on_dfl(memory_cgrp_subsys))
                memcg = root_mem_cgroup;

        return &memcg->css;
}

/**
 * page_cgroup_ino - return inode number of the memcg a page is charged to
 * @page: the page
 *
 * Look up the closest online ancestor of the memory cgroup @page is charged to
 * and return its inode number or 0 if @page is not charged to any cgroup. It
 * is safe to call this function without holding a reference to @page.
 *
 * Note, this function is inherently racy, because there is nothing to prevent
 * the cgroup inode from getting torn down and potentially reallocated a moment
 * after page_cgroup_ino() returns, so it only should be used by callers that
 * do not care (such as procfs interfaces).
 */
ino_t page_cgroup_ino(struct page *page)
{
        struct mem_cgroup *memcg;
        unsigned long ino = 0;

        rcu_read_lock();
        memcg = READ_ONCE(page->mem_cgroup);
        while (memcg && !(memcg->css.flags & CSS_ONLINE))
                memcg = parent_mem_cgroup(memcg);
        if (memcg)
                ino = cgroup_ino(memcg->css.cgroup);
        rcu_read_unlock();
        return ino;
}

static struct mem_cgroup_per_node *
mem_cgroup_page_nodeinfo(struct mem_cgroup *memcg, struct page *page)
{
        int nid = page_to_nid(page);

        return memcg->nodeinfo[nid];
}

static struct mem_cgroup_tree_per_node *
soft_limit_tree_node(int nid)
{
        return soft_limit_tree.rb_tree_per_node[nid];
}

static struct mem_cgroup_tree_per_node *
soft_limit_tree_from_page(struct page *page)
{
        int nid = page_to_nid(page);

        return soft_limit_tree.rb_tree_per_node[nid];
}

static void __mem_cgroup_insert_exceeded(struct mem_cgroup_per_node *mz,
                                         struct mem_cgroup_tree_per_node *mctz,
                                         unsigned long new_usage_in_excess)
{
        struct rb_node **p = &mctz->rb_root.rb_node;
        struct rb_node *parent = NULL;
        struct mem_cgroup_per_node *mz_node;
        bool rightmost = true;

        if (mz->on_tree)
                return;

        mz->usage_in_excess = new_usage_in_excess;
        if (!mz->usage_in_excess)
                return;
        while (*p) {
                parent = *p;
                mz_node = rb_entry(parent, struct mem_cgroup_per_node,
                                        tree_node);
                if (mz->usage_in_excess < mz_node->usage_in_excess) {
                        p = &(*p)->rb_left;
                        rightmost = false;
                }

                /*
                 * We can't avoid mem cgroups that are over their soft
                 * limit by the same amount
                 */
                else if (mz->usage_in_excess >= mz_node->usage_in_excess)
                        p = &(*p)->rb_right;
        }

        if (rightmost)
                mctz->rb_rightmost = &mz->tree_node;

        rb_link_node(&mz->tree_node, parent, p);
        rb_insert_color(&mz->tree_node, &mctz->rb_root);
        mz->on_tree = true;
}

static void __mem_cgroup_remove_exceeded(struct mem_cgroup_per_node *mz,
                                         struct mem_cgroup_tree_per_node *mctz)
{
        if (!mz->on_tree)
                return;

        if (&mz->tree_node == mctz->rb_rightmost)
                mctz->rb_rightmost = rb_prev(&mz->tree_node);

        rb_erase(&mz->tree_node, &mctz->rb_root);
        mz->on_tree = false;
}

static void mem_cgroup_remove_exceeded(struct mem_cgroup_per_node *mz,
                                       struct mem_cgroup_tree_per_node *mctz)
{
        unsigned long flags;

        spin_lock_irqsave(&mctz->lock, flags);
        __mem_cgroup_remove_exceeded(mz, mctz);
        spin_unlock_irqrestore(&mctz->lock, flags);
}

static unsigned long soft_limit_excess(struct mem_cgroup *memcg)
{
        unsigned long nr_pages = page_counter_read(&memcg->memory);
        unsigned long soft_limit = READ_ONCE(memcg->soft_limit);
        unsigned long excess = 0;

        if (nr_pages > soft_limit)
                excess = nr_pages - soft_limit;

        return excess;
}

static void mem_cgroup_update_tree(struct mem_cgroup *memcg, struct page *page)
{
        unsigned long excess;
        struct mem_cgroup_per_node *mz;
        struct mem_cgroup_tree_per_node *mctz;

        mctz = soft_limit_tree_from_page(page);
        if (!mctz)
                return;
        /*
         * Necessary to update all ancestors when hierarchy is used.
         * because their event counter is not touched.
         */
        for (; memcg; memcg = parent_mem_cgroup(memcg)) {
                mz = mem_cgroup_page_nodeinfo(memcg, page);
                excess = soft_limit_excess(memcg);
                /*
                 * We have to update the tree if mz is on RB-tree or
                 * mem is over its softlimit.
                 */
                if (excess || mz->on_tree) {
                        unsigned long flags;

                        spin_lock_irqsave(&mctz->lock, flags);
                        /* if on-tree, remove it */
                        if (mz->on_tree)
                                __mem_cgroup_remove_exceeded(mz, mctz);
                        /*
                         * Insert again. mz->usage_in_excess will be updated.
                         * If excess is 0, no tree ops.
                         */
                        __mem_cgroup_insert_exceeded(mz, mctz, excess);
                        spin_unlock_irqrestore(&mctz->lock, flags);
                }
        }
}

static void mem_cgroup_remove_from_trees(struct mem_cgroup *memcg)
{
        struct mem_cgroup_tree_per_node *mctz;
        struct mem_cgroup_per_node *mz;
        int nid;

        for_each_node(nid) {
                mz = mem_cgroup_nodeinfo(memcg, nid);
                mctz = soft_limit_tree_node(nid);
                if (mctz)
                        mem_cgroup_remove_exceeded(mz, mctz);
        }
}

static struct mem_cgroup_per_node *
__mem_cgroup_largest_soft_limit_node(struct mem_cgroup_tree_per_node *mctz)
{
        struct mem_cgroup_per_node *mz;

retry:
        mz = NULL;
        if (!mctz->rb_rightmost)
                goto done;              /* Nothing to reclaim from */

        mz = rb_entry(mctz->rb_rightmost,
                      struct mem_cgroup_per_node, tree_node);
        /*
         * Remove the node now but someone else can add it back,
         * we will to add it back at the end of reclaim to its correct
         * position in the tree.
         */
        __mem_cgroup_remove_exceeded(mz, mctz);
        if (!soft_limit_excess(mz->memcg) ||
            !css_tryget_online(&mz->memcg->css))
                goto retry;
done:
        return mz;
}

static struct mem_cgroup_per_node *
mem_cgroup_largest_soft_limit_node(struct mem_cgroup_tree_per_node *mctz)
{
        struct mem_cgroup_per_node *mz;

        spin_lock_irq(&mctz->lock);
        mz = __mem_cgroup_largest_soft_limit_node(mctz);
        spin_unlock_irq(&mctz->lock);
        return mz;
}

static unsigned long memcg_sum_events(struct mem_cgroup *memcg,
                                      int event)
{
        return atomic_long_read(&memcg->events[event]);
}

static void mem_cgroup_charge_statistics(struct mem_cgroup *memcg,
                                         struct page *page,
                                         bool compound, int nr_pages)
{
        /*
         * Here, RSS means 'mapped anon' and anon's SwapCache. Shmem/tmpfs is
         * counted as CACHE even if it's on ANON LRU.
         */
        if (PageAnon(page))
                __mod_memcg_state(memcg, MEMCG_RSS, nr_pages);
        else {
                __mod_memcg_state(memcg, MEMCG_CACHE, nr_pages);
                if (PageSwapBacked(page))
                        __mod_memcg_state(memcg, NR_SHMEM, nr_pages);
        }

        if (compound) {
                VM_BUG_ON_PAGE(!PageTransHuge(page), page);
                __mod_memcg_state(memcg, MEMCG_RSS_HUGE, nr_pages);
        }

        /* pagein of a big page is an event. So, ignore page size */
        if (nr_pages > 0)
                __count_memcg_events(memcg, PGPGIN, 1);
        else {
                __count_memcg_events(memcg, PGPGOUT, 1);
                nr_pages = -nr_pages; /* for event */
        }

        __this_cpu_add(memcg->stat_cpu->nr_page_events, nr_pages);
}

unsigned long mem_cgroup_node_nr_lru_pages(struct mem_cgroup *memcg,
                                           int nid, unsigned int lru_mask)
{
        struct lruvec *lruvec = mem_cgroup_lruvec(NODE_DATA(nid), memcg);
        unsigned long nr = 0;
        enum lru_list lru;

        VM_BUG_ON((unsigned)nid >= nr_node_ids);

        for_each_lru(lru) {
                if (!(BIT(lru) & lru_mask))
                        continue;
                nr += mem_cgroup_get_lru_size(lruvec, lru);
        }
        return nr;
}

static unsigned long mem_cgroup_nr_lru_pages(struct mem_cgroup *memcg,
                        unsigned int lru_mask)
{
        unsigned long nr = 0;
        int nid;

        for_each_node_state(nid, N_MEMORY)
                nr += mem_cgroup_node_nr_lru_pages(memcg, nid, lru_mask);
        return nr;
}

static bool mem_cgroup_event_ratelimit(struct mem_cgroup *memcg,
                                       enum mem_cgroup_events_target target)
{
        unsigned long val, next;

        val = __this_cpu_read(memcg->stat_cpu->nr_page_events);
        next = __this_cpu_read(memcg->stat_cpu->targets[target]);
        /* from time_after() in jiffies.h */
        if ((long)(next - val) < 0) {
                switch (target) {
                case MEM_CGROUP_TARGET_THRESH:
                        next = val + THRESHOLDS_EVENTS_TARGET;
                        break;
                case MEM_CGROUP_TARGET_SOFTLIMIT:
                        next = val + SOFTLIMIT_EVENTS_TARGET;
                        break;
                case MEM_CGROUP_TARGET_NUMAINFO:
                        next = val + NUMAINFO_EVENTS_TARGET;
                        break;
                default:
                        break;
                }
                __this_cpu_write(memcg->stat_cpu->targets[target], next);
                return true;
        }
        return false;
}

/*
 * Check events in order.
 *
 */
static void memcg_check_events(struct mem_cgroup *memcg, struct page *page)
{
        /* threshold event is triggered in finer grain than soft limit */
        if (unlikely(mem_cgroup_event_ratelimit(memcg,
                                                MEM_CGROUP_TARGET_THRESH))) {
                bool do_softlimit;
                bool do_numainfo __maybe_unused;

                do_softlimit = mem_cgroup_event_ratelimit(memcg,
                                                MEM_CGROUP_TARGET_SOFTLIMIT);
#if MAX_NUMNODES > 1
                do_numainfo = mem_cgroup_event_ratelimit(memcg,
                                                MEM_CGROUP_TARGET_NUMAINFO);
#endif
                mem_cgroup_threshold(memcg);
                if (unlikely(do_softlimit))
                        mem_cgroup_update_tree(memcg, page);
#if MAX_NUMNODES > 1
                if (unlikely(do_numainfo))
                        atomic_inc(&memcg->numainfo_events);
#endif
        }
}

struct mem_cgroup *mem_cgroup_from_task(struct task_struct *p)
{
        /*
         * mm_update_next_owner() may clear mm->owner to NULL
         * if it races with swapoff, page migration, etc.
         * So this can be called with p == NULL.
         */
        if (unlikely(!p))
                return NULL;

        return mem_cgroup_from_css(task_css(p, memory_cgrp_id));
}
EXPORT_SYMBOL(mem_cgroup_from_task);

static struct mem_cgroup *get_mem_cgroup_from_mm(struct mm_struct *mm)
{
        struct mem_cgroup *memcg = NULL;

        rcu_read_lock();
        do {
                /*
                 * Page cache insertions can happen withou an
                 * actual mm context, e.g. during disk probing
                 * on boot, loopback IO, acct() writes etc.
                 */
                if (unlikely(!mm))
                        memcg = root_mem_cgroup;
                else {
                        memcg = mem_cgroup_from_task(rcu_dereference(mm->owner));
                        if (unlikely(!memcg))
                                memcg = root_mem_cgroup;
                }
        } while (!css_tryget_online(&memcg->css));
        rcu_read_unlock();
        return memcg;
}

/**
 * mem_cgroup_iter - iterate over memory cgroup hierarchy
 * @root: hierarchy root
 * @prev: previously returned memcg, NULL on first invocation
 * @reclaim: cookie for shared reclaim walks, NULL for full walks
 *
 * Returns references to children of the hierarchy below @root, or
 * @root itself, or %NULL after a full round-trip.
 *
 * Caller must pass the return value in @prev on subsequent
 * invocations for reference counting, or use mem_cgroup_iter_break()
 * to cancel a hierarchy walk before the round-trip is complete.
 *
 * Reclaimers can specify a node and a priority level in @reclaim to
 * divide up the memcgs in the hierarchy among all concurrent
 * reclaimers operating on the same node and priority.
 */
struct mem_cgroup *mem_cgroup_iter(struct mem_cgroup *root,
                                   struct mem_cgroup *prev,
                                   struct mem_cgroup_reclaim_cookie *reclaim)
{
        struct mem_cgroup_reclaim_iter *uninitialized_var(iter);
        struct cgroup_subsys_state *css = NULL;
        struct mem_cgroup *memcg = NULL;
        struct mem_cgroup *pos = NULL;

        if (mem_cgroup_disabled())
                return NULL;

        if (!root)
                root = root_mem_cgroup;

        if (prev && !reclaim)
                pos = prev;

        if (!root->use_hierarchy && root != root_mem_cgroup) {
                if (prev)
                        goto out;
                return root;
        }

        rcu_read_lock();

        if (reclaim) {
                struct mem_cgroup_per_node *mz;

                mz = mem_cgroup_nodeinfo(root, reclaim->pgdat->node_id);
                iter = &mz->iter[reclaim->priority];

                if (prev && reclaim->generation != iter->generation)
                        goto out_unlock;

                while (1) {
                        pos = READ_ONCE(iter->position);
                        if (!pos || css_tryget(&pos->css))
                                break;
                        /*
                         * css reference reached zero, so iter->position will
                         * be cleared by ->css_released. However, we should not
                         * rely on this happening soon, because ->css_released
                         * is called from a work queue, and by busy-waiting we
                         * might block it. So we clear iter->position right
                         * away.
                         */
                        (void)cmpxchg(&iter->position, pos, NULL);
                }
        }

        if (pos)
                css = &pos->css;

        for (;;) {
                css = css_next_descendant_pre(css, &root->css);
                if (!css) {
                        /*
                         * Reclaimers share the hierarchy walk, and a
                         * new one might jump in right at the end of
                         * the hierarchy - make sure they see at least
                         * one group and restart from the beginning.
                         */
                        if (!prev)
                                continue;
                        break;
                }

                /*
                 * Verify the css and acquire a reference.  The root
                 * is provided by the caller, so we know it's alive
                 * and kicking, and don't take an extra reference.
                 */
                memcg = mem_cgroup_from_css(css);

                if (css == &root->css)
                        break;

                if (css_tryget(css))
                        break;

                memcg = NULL;
        }

        if (reclaim) {
                /*
                 * The position could have already been updated by a competing
                 * thread, so check that the value hasn't changed since we read
                 * it to avoid reclaiming from the same cgroup twice.
                 */
                (void)cmpxchg(&iter->position, pos, memcg);

                if (pos)
                        css_put(&pos->css);

                if (!memcg)
                        iter->generation++;
                else if (!prev)
                        reclaim->generation = iter->generation;
        }

out_unlock:
        rcu_read_unlock();
out:
        if (prev && prev != root)
                css_put(&prev->css);

        return memcg;
}

/**
 * mem_cgroup_iter_break - abort a hierarchy walk prematurely
 * @root: hierarchy root
 * @prev: last visited hierarchy member as returned by mem_cgroup_iter()
 */
void mem_cgroup_iter_break(struct mem_cgroup *root,
                           struct mem_cgroup *prev)
{
        if (!root)
                root = root_mem_cgroup;
        if (prev && prev != root)
                css_put(&prev->css);
}

static void invalidate_reclaim_iterators(struct mem_cgroup *dead_memcg)
{
        struct mem_cgroup *memcg = dead_memcg;
        struct mem_cgroup_reclaim_iter *iter;
        struct mem_cgroup_per_node *mz;
        int nid;
        int i;

        while ((memcg = parent_mem_cgroup(memcg))) {
                for_each_node(nid) {
                        mz = mem_cgroup_nodeinfo(memcg, nid);
                        for (i = 0; i <= DEF_PRIORITY; i++) {
                                iter = &mz->iter[i];
                                cmpxchg(&iter->position,
                                        dead_memcg, NULL);
                        }
                }
        }
}

/*
 * Iteration constructs for visiting all cgroups (under a tree).  If
 * loops are exited prematurely (break), mem_cgroup_iter_break() must
 * be used for reference counting.
 */
#define for_each_mem_cgroup_tree(iter, root)            \
        for (iter = mem_cgroup_iter(root, NULL, NULL);  \
             iter != NULL;                              \
             iter = mem_cgroup_iter(root, iter, NULL))

#define for_each_mem_cgroup(iter)                       \
        for (iter = mem_cgroup_iter(NULL, NULL, NULL);  \
             iter != NULL;                              \
             iter = mem_cgroup_iter(NULL, iter, NULL))

/**
 * mem_cgroup_scan_tasks - iterate over tasks of a memory cgroup hierarchy
 * @memcg: hierarchy root
 * @fn: function to call for each task
 * @arg: argument passed to @fn
 *
 * This function iterates over tasks attached to @memcg or to any of its
 * descendants and calls @fn for each task. If @fn returns a non-zero
 * value, the function breaks the iteration loop and returns the value.
 * Otherwise, it will iterate over all tasks and return 0.
 *
 * This function must not be called for the root memory cgroup.
 */
int mem_cgroup_scan_tasks(struct mem_cgroup *memcg,
                          int (*fn)(struct task_struct *, void *), void *arg)
{
        struct mem_cgroup *iter;
        int ret = 0;

        BUG_ON(memcg == root_mem_cgroup);

        for_each_mem_cgroup_tree(iter, memcg) {
                struct css_task_iter it;
                struct task_struct *task;

                css_task_iter_start(&iter->css, 0, &it);
                while (!ret && (task = css_task_iter_next(&it)))
                        ret = fn(task, arg);
                css_task_iter_end(&it);
                if (ret) {
                        mem_cgroup_iter_break(memcg, iter);
                        break;
                }
        }
        return ret;
}

/**
 * mem_cgroup_page_lruvec - return lruvec for isolating/putting an LRU page
 * @page: the page
 * @pgdat: pgdat of the page
 *
 * This function is only safe when following the LRU page isolation
 * and putback protocol: the LRU lock must be held, and the page must
 * either be PageLRU() or the caller must have isolated/allocated it.
 */
struct lruvec *mem_cgroup_page_lruvec(struct page *page, struct pglist_data *pgdat)
{
        struct mem_cgroup_per_node *mz;
        struct mem_cgroup *memcg;
        struct lruvec *lruvec;

        if (mem_cgroup_disabled()) {
                lruvec = &pgdat->lruvec;
                goto out;
        }

        memcg = page->mem_cgroup;
        /*
         * Swapcache readahead pages are added to the LRU - and
         * possibly migrated - before they are charged.
         */
        if (!memcg)
                memcg = root_mem_cgroup;

        mz = mem_cgroup_page_nodeinfo(memcg, page);
        lruvec = &mz->lruvec;
out:
        /*
         * Since a node can be onlined after the mem_cgroup was created,
         * we have to be prepared to initialize lruvec->zone here;
         * and if offlined then reonlined, we need to reinitialize it.
         */
        if (unlikely(lruvec->pgdat != pgdat))
                lruvec->pgdat = pgdat;
        return lruvec;
}

/**
 * mem_cgroup_update_lru_size - account for adding or removing an lru page
 * @lruvec: mem_cgroup per zone lru vector
 * @lru: index of lru list the page is sitting on
 * @zid: zone id of the accounted pages
 * @nr_pages: positive when adding or negative when removing
 *
 * This function must be called under lru_lock, just before a page is added
 * to or just after a page is removed from an lru list (that ordering being
 * so as to allow it to check that lru_size 0 is consistent with list_empty).
 */
void mem_cgroup_update_lru_size(struct lruvec *lruvec, enum lru_list lru,
                                int zid, int nr_pages)
{
        struct mem_cgroup_per_node *mz;
        unsigned long *lru_size;
        long size;

        if (mem_cgroup_disabled())
                return;

        mz = container_of(lruvec, struct mem_cgroup_per_node, lruvec);
        lru_size = &mz->lru_zone_size[zid][lru];

        if (nr_pages < 0)
                *lru_size += nr_pages;

        size = *lru_size;
        if (WARN_ONCE(size < 0,
                "%s(%p, %d, %d): lru_size %ld\n",
                __func__, lruvec, lru, nr_pages, size)) {
                VM_BUG_ON(1);
                *lru_size = 0;
        }

        if (nr_pages > 0)
                *lru_size += nr_pages;
}

bool task_in_mem_cgroup(struct task_struct *task, struct mem_cgroup *memcg)
{
        struct mem_cgroup *task_memcg;
        struct task_struct *p;

        bool ret;

        p = find_lock_task_mm(task);
        if (p) {
                task_memcg = get_mem_cgroup_from_mm(p->mm);
                task_unlock(p);
        } else {
                /*
                 * All threads may have already detached their mm's, but the oom
                 * killer still needs to detect if they have already been oom
                 * killed to prevent needlessly killing additional tasks.
                 */
                rcu_read_lock();
                task_memcg = mem_cgroup_from_task(task);
                css_get(&task_memcg->css);
                rcu_read_unlock();
        }
        ret = mem_cgroup_is_descendant(task_memcg, memcg);
        css_put(&task_memcg->css);
        return ret;
}

/**
 * mem_cgroup_margin - calculate chargeable space of a memory cgroup
 * @memcg: the memory cgroup
 *
 * Returns the maximum amount of memory @mem can be charged with, in
 * pages.
 */
static unsigned long mem_cgroup_margin(struct mem_cgroup *memcg)
{
        unsigned long margin = 0;
        unsigned long count;
        unsigned long limit;

        count = page_counter_read(&memcg->memory);
        limit = READ_ONCE(memcg->memory.limit);
        if (count < limit)
                margin = limit - count;

        if (do_memsw_account()) {
                count = page_counter_read(&memcg->memsw);
                limit = READ_ONCE(memcg->memsw.limit);
                if (count <= limit)
                        margin = min(margin, limit - count);
                else
                        margin = 0;
        }

        return margin;
}

/*
 * A routine for checking "mem" is under move_account() or not.
 *
 * Checking a cgroup is mc.from or mc.to or under hierarchy of
 * moving cgroups. This is for waiting at high-memory pressure
 * caused by "move".
 */
static bool mem_cgroup_under_move(struct mem_cgroup *memcg)
{
        struct mem_cgroup *from;
        struct mem_cgroup *to;
        bool ret = false;
        /*
         * Unlike task_move routines, we access mc.to, mc.from not under
         * mutual exclusion by cgroup_mutex. Here, we take spinlock instead.
         */
        spin_lock(&mc.lock);
        from = mc.from;
        to = mc.to;
        if (!from)
                goto unlock;

        ret = mem_cgroup_is_descendant(from, memcg) ||
                mem_cgroup_is_descendant(to, memcg);
unlock:
        spin_unlock(&mc.lock);
        return ret;
}

static bool mem_cgroup_wait_acct_move(struct mem_cgroup *memcg)
{
        if (mc.moving_task && current != mc.moving_task) {
                if (mem_cgroup_under_move(memcg)) {
                        DEFINE_WAIT(wait);
                        prepare_to_wait(&mc.waitq, &wait, TASK_INTERRUPTIBLE);
                        /* moving charge context might have finished. */
                        if (mc.moving_task)
                                schedule();
                        finish_wait(&mc.waitq, &wait);
                        return true;
                }
        }
        return false;
}

static const unsigned int memcg1_stats[] = {
        MEMCG_CACHE,
        MEMCG_RSS,
        MEMCG_RSS_HUGE,
        NR_SHMEM,
        NR_FILE_MAPPED,
        NR_FILE_DIRTY,
        NR_WRITEBACK,
        MEMCG_SWAP,
};

static const char *const memcg1_stat_names[] = {
        "cache",
        "rss",
        "rss_huge",
        "shmem",
        "mapped_file",
        "dirty",
        "writeback",
        "swap",
};

#define K(x) ((x) << (PAGE_SHIFT-10))
/**
 * mem_cgroup_print_oom_info: Print OOM information relevant to memory controller.
 * @memcg: The memory cgroup that went over limit
 * @p: Task that is going to be killed
 *
 * NOTE: @memcg and @p's mem_cgroup can be different when hierarchy is
 * enabled
 */
void mem_cgroup_print_oom_info(struct mem_cgroup *memcg, struct task_struct *p)
{
        struct mem_cgroup *iter;
        unsigned int i;

        rcu_read_lock();

        if (p) {
                pr_info("Task in ");
                pr_cont_cgroup_path(task_cgroup(p, memory_cgrp_id));
                pr_cont(" killed as a result of limit of ");
        } else {
                pr_info("Memory limit reached of cgroup ");
        }

        pr_cont_cgroup_path(memcg->css.cgroup);
        pr_cont("\n");

        rcu_read_unlock();

        pr_info("memory: usage %llukB, limit %llukB, failcnt %lu\n",
                K((u64)page_counter_read(&memcg->memory)),
                K((u64)memcg->memory.limit), memcg->memory.failcnt);
        pr_info("memory+swap: usage %llukB, limit %llukB, failcnt %lu\n",
                K((u64)page_counter_read(&memcg->memsw)),
                K((u64)memcg->memsw.limit), memcg->memsw.failcnt);
        pr_info("kmem: usage %llukB, limit %llukB, failcnt %lu\n",
                K((u64)page_counter_read(&memcg->kmem)),
                K((u64)memcg->kmem.limit), memcg->kmem.failcnt);

        for_each_mem_cgroup_tree(iter, memcg) {
                pr_info("Memory cgroup stats for ");
                pr_cont_cgroup_path(iter->css.cgroup);
                pr_cont(":");

                for (i = 0; i < ARRAY_SIZE(memcg1_stats); i++) {
                        if (memcg1_stats[i] == MEMCG_SWAP && !do_swap_account)
                                continue;
                        pr_cont(" %s:%luKB", memcg1_stat_names[i],
                                K(memcg_page_state(iter, memcg1_stats[i])));
                }

                for (i = 0; i < NR_LRU_LISTS; i++)
                        pr_cont(" %s:%luKB", mem_cgroup_lru_names[i],
                                K(mem_cgroup_nr_lru_pages(iter, BIT(i))));

                pr_cont("\n");
        }
}

/*
 * Return the memory (and swap, if configured) limit for a memcg.
 */
unsigned long mem_cgroup_get_limit(struct mem_cgroup *memcg)
{
        unsigned long limit;

        limit = memcg->memory.limit;
        if (mem_cgroup_swappiness(memcg)) {
                unsigned long memsw_limit;
                unsigned long swap_limit;

                memsw_limit = memcg->memsw.limit;
                swap_limit = memcg->swap.limit;
                swap_limit = min(swap_limit, (unsigned long)total_swap_pages);
                limit = min(limit + swap_limit, memsw_limit);
        }
        return limit;
}

static bool mem_cgroup_out_of_memory(struct mem_cgroup *memcg, gfp_t gfp_mask,
                                     int order)
{
        struct oom_control oc = {
                .zonelist = NULL,
                .nodemask = NULL,
                .memcg = memcg,
                .gfp_mask = gfp_mask,
                .order = order,
        };
        bool ret;

        mutex_lock(&oom_lock);
        ret = out_of_memory(&oc);
        mutex_unlock(&oom_lock);
        return ret;
}

#if MAX_NUMNODES > 1

/**
 * test_mem_cgroup_node_reclaimable
 * @memcg: the target memcg
 * @nid: the node ID to be checked.
 * @noswap : specify true here if the user wants flle only information.
 *
 * This function returns whether the specified memcg contains any
 * reclaimable pages on a node. Returns true if there are any reclaimable
 * pages in the node.
 */
static bool test_mem_cgroup_node_reclaimable(struct mem_cgroup *memcg,
                int nid, bool noswap)
{
        if (mem_cgroup_node_nr_lru_pages(memcg, nid, LRU_ALL_FILE))
                return true;
        if (noswap || !total_swap_pages)
                return false;
        if (mem_cgroup_node_nr_lru_pages(memcg, nid, LRU_ALL_ANON))
                return true;
        return false;

}

/*
 * Always updating the nodemask is not very good - even if we have an empty
 * list or the wrong list here, we can start from some node and traverse all
 * nodes based on the zonelist. So update the list loosely once per 10 secs.
 *
 */
static void mem_cgroup_may_update_nodemask(struct mem_cgroup *memcg)
{
        int nid;
        /*
         * numainfo_events > 0 means there was at least NUMAINFO_EVENTS_TARGET
         * pagein/pageout changes since the last update.
         */
        if (!atomic_read(&memcg->numainfo_events))
                return;
        if (atomic_inc_return(&memcg->numainfo_updating) > 1)
                return;

        /* make a nodemask where this memcg uses memory from */
        memcg->scan_nodes = node_states[N_MEMORY];

        for_each_node_mask(nid, node_states[N_MEMORY]) {

                if (!test_mem_cgroup_node_reclaimable(memcg, nid, false))
                        node_clear(nid, memcg->scan_nodes);
        }

        atomic_set(&memcg->numainfo_events, 0);
        atomic_set(&memcg->numainfo_updating, 0);
}

/*
 * Selecting a node where we start reclaim from. Because what we need is just
 * reducing usage counter, start from anywhere is O,K. Considering
 * memory reclaim from current node, there are pros. and cons.
 *
 * Freeing memory from current node means freeing memory from a node which
 * we'll use or we've used. So, it may make LRU bad. And if several threads
 * hit limits, it will see a contention on a node. But freeing from remote
 * node means more costs for memory reclaim because of memory latency.
 *
 * Now, we use round-robin. Better algorithm is welcomed.
 */
int mem_cgroup_select_victim_node(struct mem_cgroup *memcg)
{
        int node;

        mem_cgroup_may_update_nodemask(memcg);
        node = memcg->last_scanned_node;

        node = next_node_in(node, memcg->scan_nodes);
        /*
         * mem_cgroup_may_update_nodemask might have seen no reclaimmable pages
         * last time it really checked all the LRUs due to rate limiting.
         * Fallback to the current node in that case for simplicity.
         */
        if (unlikely(node == MAX_NUMNODES))
                node = numa_node_id();

        memcg->last_scanned_node = node;
        return node;
}
#else
int mem_cgroup_select_victim_node(struct mem_cgroup *memcg)
{
        return 0;
}
#endif

static int mem_cgroup_soft_reclaim(struct mem_cgroup *root_memcg,
                                   pg_data_t *pgdat,
                                   gfp_t gfp_mask,
                                   unsigned long *total_scanned)
{
        struct mem_cgroup *victim = NULL;
        int total = 0;
        int loop = 0;
        unsigned long excess;
        unsigned long nr_scanned;
        struct mem_cgroup_reclaim_cookie reclaim = {
                .pgdat = pgdat,
                .priority = 0,
        };

        excess = soft_limit_excess(root_memcg);

        while (1) {
                victim = mem_cgroup_iter(root_memcg, victim, &reclaim);
                if (!victim) {
                        loop++;
                        if (loop >= 2) {
                                /*
                                 * If we have not been able to reclaim
                                 * anything, it might because there are
                                 * no reclaimable pages under this hierarchy
                                 */
                                if (!total)
                                        break;
                                /*
                                 * We want to do more targeted reclaim.
                                 * excess >> 2 is not to excessive so as to
                                 * reclaim too much, nor too less that we keep
                                 * coming back to reclaim from this cgroup
                                 */
                                if (total >= (excess >> 2) ||
                                        (loop > MEM_CGROUP_MAX_RECLAIM_LOOPS))
                                        break;
                        }
                        continue;
                }
                total += mem_cgroup_shrink_node(victim, gfp_mask, false,
                                        pgdat, &nr_scanned);
                *total_scanned += nr_scanned;
                if (!soft_limit_excess(root_memcg))
                        break;
        }
        mem_cgroup_iter_break(root_memcg, victim);
        return total;
}

#ifdef CONFIG_LOCKDEP
static struct lockdep_map memcg_oom_lock_dep_map = {
        .name = "memcg_oom_lock",
};
#endif

static DEFINE_SPINLOCK(memcg_oom_lock);

/*
 * Check OOM-Killer is already running under our hierarchy.
 * If someone is running, return false.
 */
static bool mem_cgroup_oom_trylock(struct mem_cgroup *memcg)
{
        struct mem_cgroup *iter, *failed = NULL;

        spin_lock(&memcg_oom_lock);

        for_each_mem_cgroup_tree(iter, memcg) {
                if (iter->oom_lock) {
                        /*
                         * this subtree of our hierarchy is already locked
                         * so we cannot give a lock.
                         */
                        failed = iter;
                        mem_cgroup_iter_break(memcg, iter);
                        break;
                } else
                        iter->oom_lock = true;
        }

        if (failed) {
                /*
                 * OK, we failed to lock the whole subtree so we have
                 * to clean up what we set up to the failing subtree
                 */
                for_each_mem_cgroup_tree(iter, memcg) {
                        if (iter == failed) {
                                mem_cgroup_iter_break(memcg, iter);
                                break;
                        }
                        iter->oom_lock = false;
                }
        } else
                mutex_acquire(&memcg_oom_lock_dep_map, 0, 1, _RET_IP_);

        spin_unlock(&memcg_oom_lock);

        return !failed;
}

static void mem_cgroup_oom_unlock(struct mem_cgroup *memcg)
{
        struct mem_cgroup *iter;

        spin_lock(&memcg_oom_lock);
        mutex_release(&memcg_oom_lock_dep_map, 1, _RET_IP_);
        for_each_mem_cgroup_tree(iter, memcg)
                iter->oom_lock = false;
        spin_unlock(&memcg_oom_lock);
}

static void mem_cgroup_mark_under_oom(struct mem_cgroup *memcg)
{
        struct mem_cgroup *iter;

        spin_lock(&memcg_oom_lock);
        for_each_mem_cgroup_tree(iter, memcg)
                iter->under_oom++;
        spin_unlock(&memcg_oom_lock);
}

static void mem_cgroup_unmark_under_oom(struct mem_cgroup *memcg)
{
        struct mem_cgroup *iter;

        /*
         * When a new child is created while the hierarchy is under oom,
         * mem_cgroup_oom_lock() may not be called. Watch for underflow.
         */
        spin_lock(&memcg_oom_lock);
        for_each_mem_cgroup_tree(iter, memcg)
                if (iter->under_oom > 0)
                        iter->under_oom--;
        spin_unlock(&memcg_oom_lock);
}

static DECLARE_WAIT_QUEUE_HEAD(memcg_oom_waitq);

struct oom_wait_info {
        struct mem_cgroup *memcg;
        wait_queue_entry_t      wait;
};

static int memcg_oom_wake_function(wait_queue_entry_t *wait,
        unsigned mode, int sync, void *arg)
{
        struct mem_cgroup *wake_memcg = (struct mem_cgroup *)arg;
        struct mem_cgroup *oom_wait_memcg;
        struct oom_wait_info *oom_wait_info;

        oom_wait_info = container_of(wait, struct oom_wait_info, wait);
        oom_wait_memcg = oom_wait_info->memcg;

        if (!mem_cgroup_is_descendant(wake_memcg, oom_wait_memcg) &&
            !mem_cgroup_is_descendant(oom_wait_memcg, wake_memcg))
                return 0;
        return autoremove_wake_function(wait, mode, sync, arg);
}

static void memcg_oom_recover(struct mem_cgroup *memcg)
{
        /*
         * For the following lockless ->under_oom test, the only required
         * guarantee is that it must see the state asserted by an OOM when
         * this function is called as a result of userland actions
         * triggered by the notification of the OOM.  This is trivially
         * achieved by invoking mem_cgroup_mark_under_oom() before
         * triggering notification.
         */
        if (memcg && memcg->under_oom)
                __wake_up(&memcg_oom_waitq, TASK_NORMAL, 0, memcg);
}

static void mem_cgroup_oom(struct mem_cgroup *memcg, gfp_t mask, int order)
{
        if (!current->memcg_may_oom || order > PAGE_ALLOC_COSTLY_ORDER)
                return;
        /*
         * We are in the middle of the charge context here, so we
         * don't want to block when potentially sitting on a callstack
         * that holds all kinds of filesystem and mm locks.
         *
         * Also, the caller may handle a failed allocation gracefully
         * (like optional page cache readahead) and so an OOM killer
         * invocation might not even be necessary.
         *
         * That's why we don't do anything here except remember the
         * OOM context and then deal with it at the end of the page
         * fault when the stack is unwound, the locks are released,
         * and when we know whether the fault was overall successful.
         */
        css_get(&memcg->css);
        current->memcg_in_oom = memcg;
        current->memcg_oom_gfp_mask = mask;
        current->memcg_oom_order = order;
}

/**
 * mem_cgroup_oom_synchronize - complete memcg OOM handling
 * @handle: actually kill/wait or just clean up the OOM state
 *
 * This has to be called at the end of a page fault if the memcg OOM
 * handler was enabled.
 *
 * Memcg supports userspace OOM handling where failed allocations must
 * sleep on a waitqueue until the userspace task resolves the
 * situation.  Sleeping directly in the charge context with all kinds
 * of locks held is not a good idea, instead we remember an OOM state
 * in the task and mem_cgroup_oom_synchronize() has to be called at
 * the end of the page fault to complete the OOM handling.
 *
 * Returns %true if an ongoing memcg OOM situation was detected and
 * completed, %false otherwise.
 */
bool mem_cgroup_oom_synchronize(bool handle)
{
        struct mem_cgroup *memcg = current->memcg_in_oom;
        struct oom_wait_info owait;
        bool locked;

        /* OOM is global, do not handle */
        if (!memcg)
                return false;

        if (!handle)
                goto cleanup;

        owait.memcg = memcg;
        owait.wait.flags = 0;
        owait.wait.func = memcg_oom_wake_function;
        owait.wait.private = current;
        INIT_LIST_HEAD(&owait.wait.entry);

        prepare_to_wait(&memcg_oom_waitq, &owait.wait, TASK_KILLABLE);
        mem_cgroup_mark_under_oom(memcg);

        locked = mem_cgroup_oom_trylock(memcg);

        if (locked)
                mem_cgroup_oom_notify(memcg);

        if (locked && !memcg->oom_kill_disable) {
                mem_cgroup_unmark_under_oom(memcg);
                finish_wait(&memcg_oom_waitq, &owait.wait);
                mem_cgroup_out_of_memory(memcg, current->memcg_oom_gfp_mask,
                                         current->memcg_oom_order);
        } else {
                schedule();
                mem_cgroup_unmark_under_oom(memcg);
                finish_wait(&memcg_oom_waitq, &owait.wait);
        }

        if (locked) {
                mem_cgroup_oom_unlock(memcg);
                /*
                 * There is no guarantee that an OOM-lock contender
                 * sees the wakeups triggered by the OOM kill
                 * uncharges.  Wake any sleepers explicitely.
                 */
                memcg_oom_recover(memcg);
        }
cleanup:
        current->memcg_in_oom = NULL;
        css_put(&memcg->css);
        return true;
}

/**
 * lock_page_memcg - lock a page->mem_cgroup binding
 * @page: the page
 *
 * This function protects unlocked LRU pages from being moved to
 * another cgroup.
 *
 * It ensures lifetime of the returned memcg. Caller is responsible
 * for the lifetime of the page; __unlock_page_memcg() is available
 * when @page might get freed inside the locked section.
 */
struct mem_cgroup *lock_page_memcg(struct page *page)
{
        struct mem_cgroup *memcg;
        unsigned long flags;

        /*
         * The RCU lock is held throughout the transaction.  The fast
         * path can get away without acquiring the memcg->move_lock
         * because page moving starts with an RCU grace period.
         *
         * The RCU lock also protects the memcg from being freed when
         * the page state that is going to change is the only thing
         * preventing the page itself from being freed. E.g. writeback
         * doesn't hold a page reference and relies on PG_writeback to
         * keep off truncation, migration and so forth.
         */
        rcu_read_lock();

        if (mem_cgroup_disabled())
                return NULL;
again:
        memcg = page->mem_cgroup;
        if (unlikely(!memcg))
                return NULL;

        if (atomic_read(&memcg->moving_account) <= 0)
                return memcg;

        spin_lock_irqsave(&memcg->move_lock, flags);
        if (memcg != page->mem_cgroup) {
                spin_unlock_irqrestore(&memcg->move_lock, flags);
                goto again;
        }

        /*
         * When charge migration first begins, we can have locked and
         * unlocked page stat updates happening concurrently.  Track
         * the task who has the lock for unlock_page_memcg().
         */
        memcg->move_lock_task = current;
        memcg->move_lock_flags = flags;

        return memcg;
}
EXPORT_SYMBOL(lock_page_memcg);

/**
 * __unlock_page_memcg - unlock and unpin a memcg
 * @memcg: the memcg
 *
 * Unlock and unpin a memcg returned by lock_page_memcg().
 */
void __unlock_page_memcg(struct mem_cgroup *memcg)
{
        if (memcg && memcg->move_lock_task == current) {
                unsigned long flags = memcg->move_lock_flags;

                memcg->move_lock_task = NULL;
                memcg->move_lock_flags = 0;

                spin_unlock_irqrestore(&memcg->move_lock, flags);
        }

        rcu_read_unlock();
}

/**
 * unlock_page_memcg - unlock a page->mem_cgroup binding
 * @page: the page
 */
void unlock_page_memcg(struct page *page)
{
        __unlock_page_memcg(page->mem_cgroup);
}
EXPORT_SYMBOL(unlock_page_memcg);

struct memcg_stock_pcp {
        struct mem_cgroup *cached; /* this never be root cgroup */
        unsigned int nr_pages;
        struct work_struct work;
        unsigned long flags;
#define FLUSHING_CACHED_CHARGE  0
};
static DEFINE_PER_CPU(struct memcg_stock_pcp, memcg_stock);
static DEFINE_MUTEX(percpu_charge_mutex);

/**
 * consume_stock: Try to consume stocked charge on this cpu.
 * @memcg: memcg to consume from.
 * @nr_pages: how many pages to charge.
 *
 * The charges will only happen if @memcg matches the current cpu's memcg
 * stock, and at least @nr_pages are available in that stock.  Failure to
 * service an allocation will refill the stock.
 *
 * returns true if successful, false otherwise.
 */
static bool consume_stock(struct mem_cgroup *memcg, unsigned int nr_pages)
{
        struct memcg_stock_pcp *stock;
        unsigned long flags;
        bool ret = false;

        if (nr_pages > MEMCG_CHARGE_BATCH)
                return ret;

        local_irq_save(flags);

        stock = this_cpu_ptr(&memcg_stock);
        if (memcg == stock->cached && stock->nr_pages >= nr_pages) {
                stock->nr_pages -= nr_pages;
                ret = true;
        }

        local_irq_restore(flags);

        return ret;
}

/*
 * Returns stocks cached in percpu and reset cached information.
 */
static void drain_stock(struct memcg_stock_pcp *stock)
{
        struct mem_cgroup *old = stock->cached;

        if (stock->nr_pages) {
                page_counter_uncharge(&old->memory, stock->nr_pages);
                if (do_memsw_account())
                        page_counter_uncharge(&old->memsw, stock->nr_pages);
                css_put_many(&old->css, stock->nr_pages);
                stock->nr_pages = 0;
        }
        stock->cached = NULL;
}

static void drain_local_stock(struct work_struct *dummy)
{
        struct memcg_stock_pcp *stock;
        unsigned long flags;

        /*
         * The only protection from memory hotplug vs. drain_stock races is
         * that we always operate on local CPU stock here with IRQ disabled
         */
        local_irq_save(flags);

        stock = this_cpu_ptr(&memcg_stock);
        drain_stock(stock);
        clear_bit(FLUSHING_CACHED_CHARGE, &stock->flags);

        local_irq_restore(flags);
}

/*
 * Cache charges(val) to local per_cpu area.
 * This will be consumed by consume_stock() function, later.
 */
static void refill_stock(struct mem_cgroup *memcg, unsigned int nr_pages)
{
        struct memcg_stock_pcp *stock;
        unsigned long flags;

        local_irq_save(flags);

        stock = this_cpu_ptr(&memcg_stock);
        if (stock->cached != memcg) { /* reset if necessary */
                drain_stock(stock);
                stock->cached = memcg;
        }
        stock->nr_pages += nr_pages;

        if (stock->nr_pages > MEMCG_CHARGE_BATCH)
                drain_stock(stock);

        local_irq_restore(flags);
}

/*
 * Drains all per-CPU charge caches for given root_memcg resp. subtree
 * of the hierarchy under it.
 */
static void drain_all_stock(struct mem_cgroup *root_memcg)
{
        int cpu, curcpu;

        /* If someone's already draining, avoid adding running more workers. */
        if (!mutex_trylock(&percpu_charge_mutex))
                return;
        /*
         * Notify other cpus that system-wide "drain" is running
         * We do not care about races with the cpu hotplug because cpu down
         * as well as workers from this path always operate on the local
         * per-cpu data. CPU up doesn't touch memcg_stock at all.
         */
        curcpu = get_cpu();
        for_each_online_cpu(cpu) {
                struct memcg_stock_pcp *stock = &per_cpu(memcg_stock, cpu);
                struct mem_cgroup *memcg;

                memcg = stock->cached;
                if (!memcg || !stock->nr_pages || !css_tryget(&memcg->css))
                        continue;
                if (!mem_cgroup_is_descendant(memcg, root_memcg)) {
                        css_put(&memcg->css);
                        continue;
                }
                if (!test_and_set_bit(FLUSHING_CACHED_CHARGE, &stock->flags)) {
                        if (cpu == curcpu)
                                drain_local_stock(&stock->work);
                        else
                                schedule_work_on(cpu, &stock->work);
                }
                css_put(&memcg->css);
        }
        put_cpu();
        mutex_unlock(&percpu_charge_mutex);
}

static int memcg_hotplug_cpu_dead(unsigned int cpu)
{
        struct memcg_stock_pcp *stock;
        struct mem_cgroup *memcg;

        stock = &per_cpu(memcg_stock, cpu);
        drain_stock(stock);

        for_each_mem_cgroup(memcg) {
                int i;

                for (i = 0; i < MEMCG_NR_STAT; i++) {
                        int nid;
                        long x;

                        x = this_cpu_xchg(memcg->stat_cpu->count[i], 0);
                        if (x)
                                atomic_long_add(x, &memcg->stat[i]);

                        if (i >= NR_VM_NODE_STAT_ITEMS)
                                continue;

                        for_each_node(nid) {
                                struct mem_cgroup_per_node *pn;

                                pn = mem_cgroup_nodeinfo(memcg, nid);
                                x = this_cpu_xchg(pn->lruvec_stat_cpu->count[i], 0);
                                if (x)
                                        atomic_long_add(x, &pn->lruvec_stat[i]);
                        }
                }

                for (i = 0; i < NR_VM_EVENT_ITEMS; i++) {
                        long x;

                        x = this_cpu_xchg(memcg->stat_cpu->events[i], 0);
                        if (x)
                                atomic_long_add(x, &memcg->events[i]);
                }
        }

        return 0;
}

static void reclaim_high(struct mem_cgroup *memcg,
                         unsigned int nr_pages,
                         gfp_t gfp_mask)
{
        do {
                if (page_counter_read(&memcg->memory) <= memcg->high)
                        continue;
                memcg_memory_event(memcg, MEMCG_HIGH);
                try_to_free_mem_cgroup_pages(memcg, nr_pages, gfp_mask, true);
        } while ((memcg = parent_mem_cgroup(memcg)));
}

static void high_work_func(struct work_struct *work)
{
        struct mem_cgroup *memcg;

        memcg = container_of(work, struct mem_cgroup, high_work);
        reclaim_high(memcg, MEMCG_CHARGE_BATCH, GFP_KERNEL);
}

/*
 * Scheduled by try_charge() to be executed from the userland return path
 * and reclaims memory over the high limit.
 */
void mem_cgroup_handle_over_high(void)
{
        unsigned int nr_pages = current->memcg_nr_pages_over_high;
        struct mem_cgroup *memcg;

        if (likely(!nr_pages))
                return;

        memcg = get_mem_cgroup_from_mm(current->mm);
        reclaim_high(memcg, nr_pages, GFP_KERNEL);
        css_put(&memcg->css);
        current->memcg_nr_pages_over_high = 0;
}

static int try_charge(struct mem_cgroup *memcg, gfp_t gfp_mask,
                      unsigned int nr_pages)
{
        unsigned int batch = max(MEMCG_CHARGE_BATCH, nr_pages);
        int nr_retries = MEM_CGROUP_RECLAIM_RETRIES;
        struct mem_cgroup *mem_over_limit;
        struct page_counter *counter;
        unsigned long nr_reclaimed;
        bool may_swap = true;
        bool drained = false;

        if (mem_cgroup_is_root(memcg))
                return 0;
retry:
        if (consume_stock(memcg, nr_pages))
                return 0;

        if (!do_memsw_account() ||
            page_counter_try_charge(&memcg->memsw, batch, &counter)) {
                if (page_counter_try_charge(&memcg->memory, batch, &counter))
                        goto done_restock;
                if (do_memsw_account())
                        page_counter_uncharge(&memcg->memsw, batch);
                mem_over_limit = mem_cgroup_from_counter(counter, memory);
        } else {
                mem_over_limit = mem_cgroup_from_counter(counter, memsw);
                may_swap = false;
        }

        if (batch > nr_pages) {
                batch = nr_pages;
                goto retry;
        }

        /*
         * Unlike in global OOM situations, memcg is not in a physical
         * memory shortage.  Allow dying and OOM-killed tasks to
         * bypass the last charges so that they can exit quickly and
         * free their memory.
         */
        if (unlikely(tsk_is_oom_victim(current) ||
                     fatal_signal_pending(current) ||
                     current->flags & PF_EXITING))
                goto force;

        /*
         * Prevent unbounded recursion when reclaim operations need to
         * allocate memory. This might exceed the limits temporarily,
         * but we prefer facilitating memory reclaim and getting back
         * under the limit over triggering OOM kills in these cases.
         */
        if (unlikely(current->flags & PF_MEMALLOC))
                goto force;

        if (unlikely(task_in_memcg_oom(current)))
                goto nomem;

        if (!gfpflags_allow_blocking(gfp_mask))
                goto nomem;

        memcg_memory_event(mem_over_limit, MEMCG_MAX);

        nr_reclaimed = try_to_free_mem_cgroup_pages(mem_over_limit, nr_pages,
                                                    gfp_mask, may_swap);

        if (mem_cgroup_margin(mem_over_limit) >= nr_pages)
                goto retry;

        if (!drained) {
                drain_all_stock(mem_over_limit);
                drained = true;
                goto retry;
        }

        if (gfp_mask & __GFP_NORETRY)
                goto nomem;
        /*
         * Even though the limit is exceeded at this point, reclaim
         * may have been able to free some pages.  Retry the charge
         * before killing the task.
         *
         * Only for regular pages, though: huge pages are rather
         * unlikely to succeed so close to the limit, and we fall back
         * to regular pages anyway in case of failure.
         */
        if (nr_reclaimed && nr_pages <= (1 << PAGE_ALLOC_COSTLY_ORDER))
                goto retry;
        /*
         * At task move, charge accounts can be doubly counted. So, it's
         * better to wait until the end of task_move if something is going on.
         */
        if (mem_cgroup_wait_acct_move(mem_over_limit))
                goto retry;

        if (nr_retries--)
                goto retry;

        if (gfp_mask & __GFP_NOFAIL)
                goto force;

        if (fatal_signal_pending(current))
                goto force;

        memcg_memory_event(mem_over_limit, MEMCG_OOM);

        mem_cgroup_oom(mem_over_limit, gfp_mask,
                       get_order(nr_pages * PAGE_SIZE));
nomem:
        if (!(gfp_mask & __GFP_NOFAIL))

                return -ENOMEM;
force:
        /*
         * The allocation either can't fail or will lead to more memory
         * being freed very soon.  Allow memory usage go over the limit
         * temporarily by force charging it.
         */
        page_counter_charge(&memcg->memory, nr_pages);
        if (do_memsw_account())
                page_counter_charge(&memcg->memsw, nr_pages);
        css_get_many(&memcg->css, nr_pages);

        return 0;

done_restock:
        css_get_many(&memcg->css, batch);
        if (batch > nr_pages)
                refill_stock(memcg, batch - nr_pages);

        /*
         * If the hierarchy is above the normal consumption range, schedule
         * reclaim on returning to userland.  We can perform reclaim here
         * if __GFP_RECLAIM but let's always punt for simplicity and so that
         * GFP_KERNEL can consistently be used during reclaim.  @memcg is
         * not recorded as it most likely matches current's and won't
         * change in the meantime.  As high limit is checked again before
         * reclaim, the cost of mismatch is negligible.
         */
        do {
                if (page_counter_read(&memcg->memory) > memcg->high) {
                        /* Don't bother a random interrupted task */
                        if (in_interrupt()) {
                                schedule_work(&memcg->high_work);
                                break;
                        }
                        current->memcg_nr_pages_over_high += batch;
                        set_notify_resume(current);
                        break;
                }
        } while ((memcg = parent_mem_cgroup(memcg)));

        return 0;
}

static void cancel_charge(struct mem_cgroup *memcg, unsigned int nr_pages)
{
        if (mem_cgroup_is_root(memcg))
                return;

        page_counter_uncharge(&memcg->memory, nr_pages);
        if (do_memsw_account())
                page_counter_uncharge(&memcg->memsw, nr_pages);

        css_put_many(&memcg->css, nr_pages);
}

static void lock_page_lru(struct page *page, int *isolated)
{
        struct zone *zone = page_zone(page);

        spin_lock_irq(zone_lru_lock(zone));
        if (PageLRU(page)) {
                struct lruvec *lruvec;

                lruvec = mem_cgroup_page_lruvec(page, zone->zone_pgdat);
                ClearPageLRU(page);
                del_page_from_lru_list(page, lruvec, page_lru(page));
                *isolated = 1;
        } else
                *isolated = 0;
}

static void unlock_page_lru(struct page *page, int isolated)
{
        struct zone *zone = page_zone(page);

        if (isolated) {
                struct lruvec *lruvec;

                lruvec = mem_cgroup_page_lruvec(page, zone->zone_pgdat);
                VM_BUG_ON_PAGE(PageLRU(page), page);
                SetPageLRU(page);
                add_page_to_lru_list(page, lruvec, page_lru(page));
        }
        spin_unlock_irq(zone_lru_lock(zone));
}

static void commit_charge(struct page *page, struct mem_cgroup *memcg,
                          bool lrucare)
{
        int isolated;

        VM_BUG_ON_PAGE(page->mem_cgroup, page);

        /*
         * In some cases, SwapCache and FUSE(splice_buf->radixtree), the page
         * may already be on some other mem_cgroup's LRU.  Take care of it.
         */
        if (lrucare)
                lock_page_lru(page, &isolated);

        /*
         * Nobody should be changing or seriously looking at
         * page->mem_cgroup at this point:
         *
         * - the page is uncharged
         *
         * - the page is off-LRU
         *
         * - an anonymous fault has exclusive page access, except for
         *   a locked page table
         *
         * - a page cache insertion, a swapin fault, or a migration
         *   have the page locked
         */
        page->mem_cgroup = memcg;

        if (lrucare)
                unlock_page_lru(page, isolated);
}

#ifndef CONFIG_SLOB
static int memcg_alloc_cache_id(void)
{
        int id, size;
        int err;

        id = ida_simple_get(&memcg_cache_ida,
                            0, MEMCG_CACHES_MAX_SIZE, GFP_KERNEL);
        if (id < 0)
                return id;

        if (id < memcg_nr_cache_ids)
                return id;

        /*
         * There's no space for the new id in memcg_caches arrays,
         * so we have to grow them.
         */
        down_write(&memcg_cache_ids_sem);

        size = 2 * (id + 1);
        if (size < MEMCG_CACHES_MIN_SIZE)
                size = MEMCG_CACHES_MIN_SIZE;
        else if (size > MEMCG_CACHES_MAX_SIZE)
                size = MEMCG_CACHES_MAX_SIZE;

        err = memcg_update_all_caches(size);
        if (!err)
                err = memcg_update_all_list_lrus(size);
        if (!err)
                memcg_nr_cache_ids = size;

        up_write(&memcg_cache_ids_sem);

        if (err) {
                ida_simple_remove(&memcg_cache_ida, id);
                return err;
        }
        return id;
}

static void memcg_free_cache_id(int id)
{
        ida_simple_remove(&memcg_cache_ida, id);
}

struct memcg_kmem_cache_create_work {
        struct mem_cgroup *memcg;
        struct kmem_cache *cachep;
        struct work_struct work;
};

static void memcg_kmem_cache_create_func(struct work_struct *w)
{
        struct memcg_kmem_cache_create_work *cw =
                container_of(w, struct memcg_kmem_cache_create_work, work);
        struct mem_cgroup *memcg = cw->memcg;
        struct kmem_cache *cachep = cw->cachep;

        memcg_create_kmem_cache(memcg, cachep);

        css_put(&memcg->css);
        kfree(cw);
}

/*
 * Enqueue the creation of a per-memcg kmem_cache.
 */
static void __memcg_schedule_kmem_cache_create(struct mem_cgroup *memcg,
                                               struct kmem_cache *cachep)
{
        struct memcg_kmem_cache_create_work *cw;

        cw = kmalloc(sizeof(*cw), GFP_NOWAIT | __GFP_NOWARN);
        if (!cw)
                return;

        css_get(&memcg->css);

        cw->memcg = memcg;
        cw->cachep = cachep;
        INIT_WORK(&cw->work, memcg_kmem_cache_create_func);

        queue_work(memcg_kmem_cache_wq, &cw->work);
}

static void memcg_schedule_kmem_cache_create(struct mem_cgroup *memcg,
                                             struct kmem_cache *cachep)
{
        /*
         * We need to stop accounting when we kmalloc, because if the
         * corresponding kmalloc cache is not yet created, the first allocation
         * in __memcg_schedule_kmem_cache_create will recurse.
         *
         * However, it is better to enclose the whole function. Depending on
         * the debugging options enabled, INIT_WORK(), for instance, can
         * trigger an allocation. This too, will make us recurse. Because at
         * this point we can't allow ourselves back into memcg_kmem_get_cache,
         * the safest choice is to do it like this, wrapping the whole function.
         */
        current->memcg_kmem_skip_account = 1;
        __memcg_schedule_kmem_cache_create(memcg, cachep);
        current->memcg_kmem_skip_account = 0;
}

static inline bool memcg_kmem_bypass(void)
{
        if (in_interrupt() || !current->mm || (current->flags & PF_KTHREAD))
                return true;
        return false;
}

/**
 * memcg_kmem_get_cache: select the correct per-memcg cache for allocation
 * @cachep: the original global kmem cache
 *
 * Return the kmem_cache we're supposed to use for a slab allocation.
 * We try to use the current memcg's version of the cache.
 *
 * If the cache does not exist yet, if we are the first user of it, we
 * create it asynchronously in a workqueue and let the current allocation
 * go through with the original cache.
 *
 * This function takes a reference to the cache it returns to assure it
 * won't get destroyed while we are working with it. Once the caller is
 * done with it, memcg_kmem_put_cache() must be called to release the
 * reference.
 */
struct kmem_cache *memcg_kmem_get_cache(struct kmem_cache *cachep)
{
        struct mem_cgroup *memcg;
        struct kmem_cache *memcg_cachep;
        int kmemcg_id;

        VM_BUG_ON(!is_root_cache(cachep));

        if (memcg_kmem_bypass())
                return cachep;

        if (current->memcg_kmem_skip_account)
                return cachep;

        memcg = get_mem_cgroup_from_mm(current->mm);
        kmemcg_id = READ_ONCE(memcg->kmemcg_id);
        if (kmemcg_id < 0)
                goto out;

        memcg_cachep = cache_from_memcg_idx(cachep, kmemcg_id);
        if (likely(memcg_cachep))
                return memcg_cachep;

        /*
         * If we are in a safe context (can wait, and not in interrupt
         * context), we could be be predictable and return right away.
         * This would guarantee that the allocation being performed
         * already belongs in the new cache.
         *
         * However, there are some clashes that can arrive from locking.
         * For instance, because we acquire the slab_mutex while doing
         * memcg_create_kmem_cache, this means no further allocation
         * could happen with the slab_mutex held. So it's better to
         * defer everything.
         */
        memcg_schedule_kmem_cache_create(memcg, cachep);
out:
        css_put(&memcg->css);
        return cachep;
}

/**
 * memcg_kmem_put_cache: drop reference taken by memcg_kmem_get_cache
 * @cachep: the cache returned by memcg_kmem_get_cache
 */
void memcg_kmem_put_cache(struct kmem_cache *cachep)
{
        if (!is_root_cache(cachep))
                css_put(&cachep->memcg_params.memcg->css);
}

/**
 * memcg_kmem_charge_memcg: charge a kmem page
 * @page: page to charge
 * @gfp: reclaim mode
 * @order: allocation order
 * @memcg: memory cgroup to charge
 *
 * Returns 0 on success, an error code on failure.
 */
int memcg_kmem_charge_memcg(struct page *page, gfp_t gfp, int order,
                            struct mem_cgroup *memcg)
{
        unsigned int nr_pages = 1 << order;
        struct page_counter *counter;
        int ret;

        ret = try_charge(memcg, gfp, nr_pages);
        if (ret)
                return ret;

        if (!cgroup_subsys_on_dfl(memory_cgrp_subsys) &&
            !page_counter_try_charge(&memcg->kmem, nr_pages, &counter)) {
                cancel_charge(memcg, nr_pages);
                return -ENOMEM;
        }

        page->mem_cgroup = memcg;

        return 0;
}

/**
 * memcg_kmem_charge: charge a kmem page to the current memory cgroup
 * @page: page to charge
 * @gfp: reclaim mode
 * @order: allocation order
 *
 * Returns 0 on success, an error code on failure.
 */
int memcg_kmem_charge(struct page *page, gfp_t gfp, int order)
{
        struct mem_cgroup *memcg;
        int ret = 0;

        if (memcg_kmem_bypass())
                return 0;

        memcg = get_mem_cgroup_from_mm(current->mm);
        if (!mem_cgroup_is_root(memcg)) {
                ret = memcg_kmem_charge_memcg(page, gfp, order, memcg);
                if (!ret)
                        __SetPageKmemcg(page);
        }
        css_put(&memcg->css);
        return ret;
}
/**
 * memcg_kmem_uncharge: uncharge a kmem page
 * @page: page to uncharge
 * @order: allocation order
 */
void memcg_kmem_uncharge(struct page *page, int order)
{
        struct mem_cgroup *memcg = page->mem_cgroup;
        unsigned int nr_pages = 1 << order;

        if (!memcg)
                return;

        VM_BUG_ON_PAGE(mem_cgroup_is_root(memcg), page);

        if (!cgroup_subsys_on_dfl(memory_cgrp_subsys))
                page_counter_uncharge(&memcg->kmem, nr_pages);

        page_counter_uncharge(&memcg->memory, nr_pages);
        if (do_memsw_account())
                page_counter_uncharge(&memcg->memsw, nr_pages);

        page->mem_cgroup = NULL;

        /* slab pages do not have PageKmemcg flag set */
        if (PageKmemcg(page))
                __ClearPageKmemcg(page);

        css_put_many(&memcg->css, nr_pages);
}
#endif /* !CONFIG_SLOB */

#ifdef CONFIG_TRANSPARENT_HUGEPAGE

/*
 * Because tail pages are not marked as "used", set it. We're under
 * zone_lru_lock and migration entries setup in all page mappings.
 */
void mem_cgroup_split_huge_fixup(struct page *head)
{
        int i;

        if (mem_cgroup_disabled())
                return;

        for (i = 1; i < HPAGE_PMD_NR; i++)
                head[i].mem_cgroup = head->mem_cgroup;

        __mod_memcg_state(head->mem_cgroup, MEMCG_RSS_HUGE, -HPAGE_PMD_NR);
}
#endif /* CONFIG_TRANSPARENT_HUGEPAGE */

#ifdef CONFIG_MEMCG_SWAP
/**
 * mem_cgroup_move_swap_account - move swap charge and swap_cgroup's record.
 * @entry: swap entry to be moved
 * @from:  mem_cgroup which the entry is moved from
 * @to:  mem_cgroup which the entry is moved to
 *
 * It succeeds only when the swap_cgroup's record for this entry is the same
 * as the mem_cgroup's id of @from.
 *
 * Returns 0 on success, -EINVAL on failure.
 *
 * The caller must have charged to @to, IOW, called page_counter_charge() about
 * both res and memsw, and called css_get().
 */
static int mem_cgroup_move_swap_account(swp_entry_t entry,
                                struct mem_cgroup *from, struct mem_cgroup *to)
{
        unsigned short old_id, new_id;

        old_id = mem_cgroup_id(from);
        new_id = mem_cgroup_id(to);

        if (swap_cgroup_cmpxchg(entry, old_id, new_id) == old_id) {
                mod_memcg_state(from, MEMCG_SWAP, -1);
                mod_memcg_state(to, MEMCG_SWAP, 1);
                return 0;
        }
        return -EINVAL;
}
#else
static inline int mem_cgroup_move_swap_account(swp_entry_t entry,
                                struct mem_cgroup *from, struct mem_cgroup *to)
{
        return -EINVAL;
}
#endif

static DEFINE_MUTEX(memcg_limit_mutex);

static int mem_cgroup_resize_limit(struct mem_cgroup *memcg,
                                   unsigned long limit, bool memsw)
{
        bool enlarge = false;
        int ret;
        bool limits_invariant;
        struct page_counter *counter = memsw ? &memcg->memsw : &memcg->memory;

        do {
                if (signal_pending(current)) {
                        ret = -EINTR;
                        break;
                }

                mutex_lock(&memcg_limit_mutex);
                /*
                 * Make sure that the new limit (memsw or memory limit) doesn't
                 * break our basic invariant rule memory.limit <= memsw.limit.
                 */
                limits_invariant = memsw ? limit >= memcg->memory.limit :
                                           limit <= memcg->memsw.limit;
                if (!limits_invariant) {
                        mutex_unlock(&memcg_limit_mutex);
                        ret = -EINVAL;
                        break;
                }
                if (limit > counter->limit)
                        enlarge = true;
                ret = page_counter_limit(counter, limit);
                mutex_unlock(&memcg_limit_mutex);

                if (!ret)
                        break;

                if (!try_to_free_mem_cgroup_pages(memcg, 1,
                                        GFP_KERNEL, !memsw)) {
                        ret = -EBUSY;
                        break;
                }
        } while (true);

        if (!ret && enlarge)
                memcg_oom_recover(memcg);

        return ret;
}

unsigned long mem_cgroup_soft_limit_reclaim(pg_data_t *pgdat, int order,
                                            gfp_t gfp_mask,
                                            unsigned long *total_scanned)
{
        unsigned long nr_reclaimed = 0;
        struct mem_cgroup_per_node *mz, *next_mz = NULL;
        unsigned long reclaimed;
        int loop = 0;
        struct mem_cgroup_tree_per_node *mctz;
        unsigned long excess;
        unsigned long nr_scanned;

        if (order > 0)
                return 0;

        mctz = soft_limit_tree_node(pgdat->node_id);

        /*
         * Do not even bother to check the largest node if the root
         * is empty. Do it lockless to prevent lock bouncing. Races
         * are acceptable as soft limit is best effort anyway.
         */
        if (!mctz || RB_EMPTY_ROOT(&mctz->rb_root))
                return 0;

        /*
         * This loop can run a while, specially if mem_cgroup's continuously
         * keep exceeding their soft limit and putting the system under
         * pressure
         */
        do {
                if (next_mz)
                        mz = next_mz;
                else
                        mz = mem_cgroup_largest_soft_limit_node(mctz);
                if (!mz)
                        break;

                nr_scanned = 0;
                reclaimed = mem_cgroup_soft_reclaim(mz->memcg, pgdat,
                                                    gfp_mask, &nr_scanned);
                nr_reclaimed += reclaimed;
                *total_scanned += nr_scanned;
                spin_lock_irq(&mctz->lock);
                __mem_cgroup_remove_exceeded(mz, mctz);

                /*
                 * If we failed to reclaim anything from this memory cgroup
                 * it is time to move on to the next cgroup
                 */
                next_mz = NULL;
                if (!reclaimed)
                        next_mz = __mem_cgroup_largest_soft_limit_node(mctz);

                excess = soft_limit_excess(mz->memcg);
                /*
                 * One school of thought says that we should not add
                 * back the node to the tree if reclaim returns 0.
                 * But our reclaim could return 0, simply because due
                 * to priority we are exposing a smaller subset of
                 * memory to reclaim from. Consider this as a longer
                 * term TODO.
                 */
                /* If excess == 0, no tree ops */
                __mem_cgroup_insert_exceeded(mz, mctz, excess);
                spin_unlock_irq(&mctz->lock);
                css_put(&mz->memcg->css);
                loop++;
                /*
                 * Could not reclaim anything and there are no more
                 * mem cgroups to try or we seem to be looping without
                 * reclaiming anything.
                 */
                if (!nr_reclaimed &&
                        (next_mz == NULL ||
                        loop > MEM_CGROUP_MAX_SOFT_LIMIT_RECLAIM_LOOPS))
                        break;
        } while (!nr_reclaimed);
        if (next_mz)
                css_put(&next_mz->memcg->css);
        return nr_reclaimed;
}

/*
 * Test whether @memcg has children, dead or alive.  Note that this
 * function doesn't care whether @memcg has use_hierarchy enabled and
 * returns %true if there are child csses according to the cgroup
 * hierarchy.  Testing use_hierarchy is the caller's responsiblity.
 */
static inline bool memcg_has_children(struct mem_cgroup *memcg)
{
        bool ret;

        rcu_read_lock();
        ret = css_next_child(NULL, &memcg->css);
        rcu_read_unlock();
        return ret;
}

/*
 * Reclaims as many pages from the given memcg as possible.
 *
 * Caller is responsible for holding css reference for memcg.
 */
static int mem_cgroup_force_empty(struct mem_cgroup *memcg)
{
        int nr_retries = MEM_CGROUP_RECLAIM_RETRIES;

        /* we call try-to-free pages for make this cgroup empty */
        lru_add_drain_all();
        /* try to free all pages in this cgroup */
        while (nr_retries && page_counter_read(&memcg->memory)) {
                int progress;

                if (signal_pending(current))
                        return -EINTR;

                progress = try_to_free_mem_cgroup_pages(memcg, 1,
                                                        GFP_KERNEL, true);
                if (!progress) {
                        nr_retries--;
                        /* maybe some writeback is necessary */
                        congestion_wait(BLK_RW_ASYNC, HZ/10);
                }

        }

        return 0;
}

static ssize_t mem_cgroup_force_empty_write(struct kernfs_open_file *of,
                                            char *buf, size_t nbytes,
                                            loff_t off)
{
        struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of));

        if (mem_cgroup_is_root(memcg))
                return -EINVAL;
        return mem_cgroup_force_empty(memcg) ?: nbytes;
}

static u64 mem_cgroup_hierarchy_read(struct cgroup_subsys_state *css,
                                     struct cftype *cft)
{
        return mem_cgroup_from_css(css)->use_hierarchy;
}

static int mem_cgroup_hierarchy_write(struct cgroup_subsys_state *css,
                                      struct cftype *cft, u64 val)
{
        int retval = 0;
        struct mem_cgroup *memcg = mem_cgroup_from_css(css);
        struct mem_cgroup *parent_memcg = mem_cgroup_from_css(memcg->css.parent);

        if (memcg->use_hierarchy == val)
                return 0;

        /*
         * If parent's use_hierarchy is set, we can't make any modifications
         * in the child subtrees. If it is unset, then the change can
         * occur, provided the current cgroup has no children.
         *
         * For the root cgroup, parent_mem is NULL, we allow value to be
         * set if there are no children.
         */
        if ((!parent_memcg || !parent_memcg->use_hierarchy) &&
                                (val == 1 || val == 0)) {
                if (!memcg_has_children(memcg))
                        memcg->use_hierarchy = val;
                else
                        retval = -EBUSY;
        } else
                retval = -EINVAL;

        return retval;
}

static void tree_stat(struct mem_cgroup *memcg, unsigned long *stat)
{
        struct mem_cgroup *iter;
        int i;

        memset(stat, 0, sizeof(*stat) * MEMCG_NR_STAT);

        for_each_mem_cgroup_tree(iter, memcg) {
                for (i = 0; i < MEMCG_NR_STAT; i++)
                        stat[i] += memcg_page_state(iter, i);
        }
}

static void tree_events(struct mem_cgroup *memcg, unsigned long *events)
{
        struct mem_cgroup *iter;
        int i;

        memset(events, 0, sizeof(*events) * NR_VM_EVENT_ITEMS);

        for_each_mem_cgroup_tree(iter, memcg) {
                for (i = 0; i < NR_VM_EVENT_ITEMS; i++)
                        events[i] += memcg_sum_events(iter, i);
        }
}

static unsigned long mem_cgroup_usage(struct mem_cgroup *memcg, bool swap)
{
        unsigned long val = 0;

        if (mem_cgroup_is_root(memcg)) {
                struct mem_cgroup *iter;

                for_each_mem_cgroup_tree(iter, memcg) {
                        val += memcg_page_state(iter, MEMCG_CACHE);
                        val += memcg_page_state(iter, MEMCG_RSS);
                        if (swap)
                                val += memcg_page_state(iter, MEMCG_SWAP);
                }
        } else {
                if (!swap)
                        val = page_counter_read(&memcg->memory);
                else
                        val = page_counter_read(&memcg->memsw);
        }
        return val;
}

enum {
        RES_USAGE,
        RES_LIMIT,
        RES_MAX_USAGE,
        RES_FAILCNT,
        RES_SOFT_LIMIT,
};

static u64 mem_cgroup_read_u64(struct cgroup_subsys_state *css,
                               struct cftype *cft)
{
        struct mem_cgroup *memcg = mem_cgroup_from_css(css);
        struct page_counter *counter;

        switch (MEMFILE_TYPE(cft->private)) {
        case _MEM:
                counter = &memcg->memory;
                break;
        case _MEMSWAP:
                counter = &memcg->memsw;
                break;
        case _KMEM:
                counter = &memcg->kmem;
                break;
        case _TCP:
                counter = &memcg->tcpmem;
                break;
        default:
                BUG();
        }

        switch (MEMFILE_ATTR(cft->private)) {
        case RES_USAGE:
                if (counter == &memcg->memory)
                        return (u64)mem_cgroup_usage(memcg, false) * PAGE_SIZE;
                if (counter == &memcg->memsw)
                        return (u64)mem_cgroup_usage(memcg, true) * PAGE_SIZE;
                return (u64)page_counter_read(counter) * PAGE_SIZE;
        case RES_LIMIT:
                return (u64)counter->limit * PAGE_SIZE;
        case RES_MAX_USAGE:
                return (u64)counter->watermark * PAGE_SIZE;
        case RES_FAILCNT:
                return counter->failcnt;
        case RES_SOFT_LIMIT:
                return (u64)memcg->soft_limit * PAGE_SIZE;
        default:
                BUG();
        }
}

#ifndef CONFIG_SLOB
static int memcg_online_kmem(struct mem_cgroup *memcg)
{
        int memcg_id;

        if (cgroup_memory_nokmem)
                return 0;

        BUG_ON(memcg->kmemcg_id >= 0);
        BUG_ON(memcg->kmem_state);

        memcg_id = memcg_alloc_cache_id();
        if (memcg_id < 0)
                return memcg_id;

        static_branch_inc(&memcg_kmem_enabled_key);
        /*
         * A memory cgroup is considered kmem-online as soon as it gets
         * kmemcg_id. Setting the id after enabling static branching will
         * guarantee no one starts accounting before all call sites are
         * patched.
         */
        memcg->kmemcg_id = memcg_id;
        memcg->kmem_state = KMEM_ONLINE;
        INIT_LIST_HEAD(&memcg->kmem_caches);

        return 0;
}

static void memcg_offline_kmem(struct mem_cgroup *memcg)
{
        struct cgroup_subsys_state *css;
        struct mem_cgroup *parent, *child;
        int kmemcg_id;

        if (memcg->kmem_state != KMEM_ONLINE)
                return;
        /*
         * Clear the online state before clearing memcg_caches array
         * entries. The slab_mutex in memcg_deactivate_kmem_caches()
         * guarantees that no cache will be created for this cgroup
         * after we are done (see memcg_create_kmem_cache()).
         */
        memcg->kmem_state = KMEM_ALLOCATED;

        memcg_deactivate_kmem_caches(memcg);

        kmemcg_id = memcg->kmemcg_id;
        BUG_ON(kmemcg_id < 0);

        parent = parent_mem_cgroup(memcg);
        if (!parent)
                parent = root_mem_cgroup;

        /*
         * Change kmemcg_id of this cgroup and all its descendants to the
         * parent's id, and then move all entries from this cgroup's list_lrus
         * to ones of the parent. After we have finished, all list_lrus
         * corresponding to this cgroup are guaranteed to remain empty. The
         * ordering is imposed by list_lru_node->lock taken by
         * memcg_drain_all_list_lrus().
         */
        rcu_read_lock(); /* can be called from css_free w/o cgroup_mutex */
        css_for_each_descendant_pre(css, &memcg->css) {
                child = mem_cgroup_from_css(css);
                BUG_ON(child->kmemcg_id != kmemcg_id);
                child->kmemcg_id = parent->kmemcg_id;
                if (!memcg->use_hierarchy)
                        break;
        }
        rcu_read_unlock();

        memcg_drain_all_list_lrus(kmemcg_id, parent->kmemcg_id);

        memcg_free_cache_id(kmemcg_id);
}

static void memcg_free_kmem(struct mem_cgroup *memcg)
{
        /* css_alloc() failed, offlining didn't happen */
        if (unlikely(memcg->kmem_state == KMEM_ONLINE))
                memcg_offline_kmem(memcg);

        if (memcg->kmem_state == KMEM_ALLOCATED) {
                memcg_destroy_kmem_caches(memcg);
                static_branch_dec(&memcg_kmem_enabled_key);
                WARN_ON(page_counter_read(&memcg->kmem));
        }
}
#else
static int memcg_online_kmem(struct mem_cgroup *memcg)
{
        return 0;
}
static void memcg_offline_kmem(struct mem_cgroup *memcg)
{
}
static void memcg_free_kmem(struct mem_cgroup *memcg)
{
}
#endif /* !CONFIG_SLOB */

static int memcg_update_kmem_limit(struct mem_cgroup *memcg,
                                   unsigned long limit)
{
        int ret;

        mutex_lock(&memcg_limit_mutex);
        ret = page_counter_limit(&memcg->kmem, limit);
        mutex_unlock(&memcg_limit_mutex);
        return ret;
}

static int memcg_update_tcp_limit(struct mem_cgroup *memcg, unsigned long limit)
{
        int ret;

        mutex_lock(&memcg_limit_mutex);

        ret = page_counter_limit(&memcg->tcpmem, limit);
        if (ret)
                goto out;

        if (!memcg->tcpmem_active) {
                /*
                 * The active flag needs to be written after the static_key
                 * update. This is what guarantees that the socket activation
                 * function is the last one to run. See mem_cgroup_sk_alloc()
                 * for details, and note that we don't mark any socket as
                 * belonging to this memcg until that flag is up.
                 *
                 * We need to do this, because static_keys will span multiple
                 * sites, but we can't control their order. If we mark a socket
                 * as accounted, but the accounting functions are not patched in
                 * yet, we'll lose accounting.
                 *
                 * We never race with the readers in mem_cgroup_sk_alloc(),
                 * because when this value change, the code to process it is not
                 * patched in yet.
                 */
                static_branch_inc(&memcg_sockets_enabled_key);
                memcg->tcpmem_active = true;
        }
out:
        mutex_unlock(&memcg_limit_mutex);
        return ret;
}

/*
 * The user of this function is...
 * RES_LIMIT.
 */
static ssize_t mem_cgroup_write(struct kernfs_open_file *of,
                                char *buf, size_t nbytes, loff_t off)
{
        struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of));
        unsigned long nr_pages;
        int ret;

        buf = strstrip(buf);
        ret = page_counter_memparse(buf, "-1", &nr_pages);
        if (ret)
                return ret;

        switch (MEMFILE_ATTR(of_cft(of)->private)) {
        case RES_LIMIT:
                if (mem_cgroup_is_root(memcg)) { /* Can't set limit on root */
                        ret = -EINVAL;
                        break;
                }
                switch (MEMFILE_TYPE(of_cft(of)->private)) {
                case _MEM:
                        ret = mem_cgroup_resize_limit(memcg, nr_pages, false);
                        break;
                case _MEMSWAP:
                        ret = mem_cgroup_resize_limit(memcg, nr_pages, true);
                        break;
                case _KMEM:
                        ret = memcg_update_kmem_limit(memcg, nr_pages);
                        break;
                case _TCP:
                        ret = memcg_update_tcp_limit(memcg, nr_pages);
                        break;
                }
                break;
        case RES_SOFT_LIMIT:
                memcg->soft_limit = nr_pages;
                ret = 0;
                break;
        }
        return ret ?: nbytes;
}

static ssize_t mem_cgroup_reset(struct kernfs_open_file *of, char *buf,
                                size_t nbytes, loff_t off)
{
        struct mem_cgroup *memcg = mem_cgroup_from_css(of_css(of));
        struct page_counter *counter;

        switch (MEMFILE_TYPE(of_cft(of)->private)) {
        case _MEM:
                counter = &memcg->memory;
                break;
        case _MEMSWAP:
                counter = &memcg->memsw;
                break;
        case _KMEM:
                counter = &memcg->kmem;
                break;
        case _TCP:
                counter = &memcg->tcpmem;
                break;
        default:
                BUG();
        }

        switch (MEMFILE_ATTR(of_cft(of)->private)) {
        case RES_MAX_USAGE:
                page_counter_reset_watermark(counter);
                break;
        case RES_FAILCNT:
                counter->failcnt = 0;
                break;
        default:
                BUG();
        }

        return nbytes;
}

static u64 mem_cgroup_move_charge_read(struct cgroup_subsys_state *css,
                                        struct cftype *cft)
{
        return mem_cgroup_from_css(css)->move_charge_at_immigrate;
}

#ifdef CONFIG_MMU
static int mem_cgroup_move_charge_write(struct cgroup_subsys_state *css,
                                        struct cftype *cft, u64 val)
{
        struct mem_cgroup *memcg = mem_cgroup_from_css(css);

        if (val & ~MOVE_MASK)
                return -EINVAL;

        /*
         * No kind of locking is needed in here, because ->can_attach() will
         * check this value once in the beginning of the process, and then carry
         * on with stale data. This means that changes to this value will only
         * affect task migrations starting after the change.
         */
        memcg->move_charge_at_immigrate = val;
        return 0;
}
#else
static int mem_cgroup_move_charge_write(struct cgroup_subsys_state *css,
                                        struct cftype *cft, u64 val)
{
        return -ENOSYS;
}
#endif

#ifdef CONFIG_NUMA
static int memcg_numa_stat_show(struct seq_file *m, void *v)
{
        struct numa_stat {
                const char *name;
                unsigned int lru_mask;
        };

        static const struct numa_stat stats[] = {
                { "total", LRU_ALL },
                { "file", LRU_ALL_FILE },
                { "anon", LRU_ALL_ANON },
                { "unevictable", BIT(LRU_UNEVICTABLE) },
        };
        const struct numa_stat *stat;
        int nid;
        unsigned long nr;
        struct mem_cgroup *memcg = mem_cgroup_from_css(seq_css(m));

        for (stat = stats; stat < stats + ARRAY_SIZE(stats); stat++) {
                nr = mem_cgroup_nr_lru_pages(memcg, stat->lru_mask);
                seq_printf(m, "%s=%lu", stat->name, nr);
                for_each_node_state(nid, N_MEMORY) {
                        nr = mem_cgroup_node_nr_lru_pages(memcg, nid,
                                                          stat->lru_mask);
                        seq_printf(m, " N%d=%lu", nid, nr);
                }
                seq_putc(m, '\n');
        }

        for (stat = stats; stat < stats + ARRAY_SIZE(stats); stat++) {
                struct mem_cgroup *iter;

                nr = 0;
                for_each_mem_cgroup_tree(iter, memcg)
                        nr += mem_cgroup_nr_lru_pages(iter, stat->lru_mask);
                seq_printf(m, "hierarchical_%s=%lu", stat->name, nr);
                for_each_node_state(nid, N_MEMORY) {
                        nr = 0;
                        for_each_mem_cgroup_tree(iter, memcg)
                                nr += mem_cgroup_node_nr_lru_pages(
                                        iter, nid, stat->lru_mask);
                        seq_printf(m, " N%d=%lu", nid, nr);
                }
                seq_putc(m, '\n');
        }

        return 0;
}
#endif /* CONFIG_NUMA */

/* Universal VM events cgroup1 shows, original sort order */
unsigned int memcg1_events[] = {
        PGPGIN,
        PGPGOUT,
        PGFAULT,
        PGMAJFAULT,
};

static const char *const memcg1_event_names[] = {
        "pgpgin",
        "pgpgout",
        "pgfault",
        "pgmajfault",
};

static int memcg_stat_show(struct seq_file *m, void *v)
{
        struct mem_cgroup *memcg = mem_cgroup_from_css(seq_css(m));
        unsigned long memory, memsw;
        struct mem_cgroup *mi;
        unsigned int i;

        BUILD_BUG_ON(ARRAY_SIZE(memcg1_stat_names) != ARRAY_SIZE(memcg1_stats));
        BUILD_BUG_ON(ARRAY_SIZE(mem_cgroup_lru_names) != NR_LRU_LISTS);

        for (i = 0; i < ARRAY_SIZE(memcg1_stats); i++) {
                if (memcg1_stats[i] == MEMCG_SWAP && !do_memsw_account())
                        continue;
                seq_printf(m, "%s %lu\n", memcg1_stat_names[i],
                           memcg_page_state(memcg, memcg1_stats[i]) *
                           PAGE_SIZE);
        }

        for (i = 0; i < ARRAY_SIZE(memcg1_events); i++)
                seq_printf(m, "%s %lu\n", memcg1_event_names[i],
                           memcg_sum_events(memcg, memcg1_events[i]));

        for (i = 0; i < NR_LRU_LISTS; i++)
                seq_printf(m, "%s %lu\n", mem_cgroup_lru_names[i],
                           mem_cgroup_nr_lru_pages(memcg, BIT(i)) * PAGE_SIZE);

        /* Hierarchical information */
        memory = memsw = PAGE_COUNTER_MAX;
        for (mi = memcg; mi; mi = parent_mem_cgroup(mi)) {
                memory = min(memory, mi->memory.limit);
                memsw = min(memsw, mi->memsw.limit);
        }
        seq_printf(m, "hierarchical_memory_limit %llu\n",
                   (u64)memory * PAGE_SIZE);
        if (do_memsw_account())
                seq_printf(m, "hierarchical_memsw_limit %llu\n",
                           (u64)memsw * PAGE_SIZE);

        for (i = 0; i < ARRAY_SIZE(memcg1_stats); i++) {
                unsigned long long val = 0;

                if (memcg1_stats[i] == MEMCG_SWAP && !do_memsw_account())
                        continue;
                for_each_mem_cgroup_tree(mi, memcg)
                        val += memcg_page_state(mi, memcg1_stats[i]) *
                        PAGE_SIZE;
                seq_printf(m, "total_%s %llu\n", memcg1_stat_names[i], val);
        }

        for (i = 0; i < ARRAY_SIZE(memcg1_events); i++) {
                unsigned long long val = 0;

                for_each_mem_cgroup_tree(mi, memcg)
                        val += memcg_sum_events(mi, memcg1_events[i]);
                seq_printf(m, "total_%s %llu\n", memcg1_event_names[i], val);
        }

        for (i = 0; i < NR_LRU_LISTS; i++) {
                unsigned long long val = 0;

                for_each_mem_cgroup_tree(mi, memcg)
                        val += mem_cgroup_nr_lru_pages(mi, BIT(i)) * PAGE_SIZE;
                seq_printf(m, "total_%s %llu\n", mem_cgroup_lru_names[i], val);
        }

#ifdef CONFIG_DEBUG_VM
        {
                pg_data_t *pgdat;
                struct mem_cgroup_per_node *mz;
                struct zone_reclaim_stat *rstat;
                unsigned long recent_rotated[2] = {0, 0};
                unsigned long recent_scanned[2] = {0, 0};

                for_each_online_pgdat(pgdat) {
                        mz = mem_cgroup_nodeinfo(memcg, pgdat->node_id);
                        rstat = &mz->lruvec.reclaim_stat;

                        recent_rotated[0] += rstat->recent_rotated[0];
                        recent_rotated[1] += rstat->recent_rotated[1];
                        recent_scanned[0] += rstat->recent_scanned[0];
                        recent_scanned[1] += rstat->recent_scanned[1];
                }
                seq_printf(m, "recent_rotated_anon %lu\n", recent_rotated[0]);
                seq_printf(m, "recent_rotated_file %lu\n", recent_rotated[1]);
                seq_printf(m, "recent_scanned_anon %lu\n", recent_scanned[0]);
                seq_printf(m, "recent_scanned_file %lu\n", recent_scanned[1]);
        }
#endif

        return 0;
}

static u64 mem_cgroup_swappiness_read(struct cgroup_subsys_state *css,
                                      struct cftype *cft)
{
        struct mem_cgroup *memcg = mem_cgroup_from_css(css);

        return mem_cgroup_swappiness(memcg);
}

static int mem_cgroup_swappiness_write(struct cgroup_subsys_state *css,
                                       struct cftype *cft, u64 val)
{
        struct mem_cgroup *memcg = mem_cgroup_from_css(css);

        if (val > 100)
                return -EINVAL;

        if (css->parent)
                memcg->swappiness = val;
        else
                vm_swappiness = val;

        return 0;
}

static void __mem_cgroup_threshold(struct mem_cgroup *memcg, bool swap)
{
        struct mem_cgroup_threshold_ary *t;
        unsigned long usage;
        int i;

        rcu_read_lock();
        if (!swap)
                t = rcu_dereference(memcg->thresholds.primary);
        else
                t = rcu_dereference(memcg->memsw_thresholds.primary);

        if (!t)
                goto unlock;

        usage = mem_cgroup_usage(memcg, swap);

        /*
         * current_threshold points to threshold just below or equal to usage.
         * If it's not true, a threshold was crossed after last
         * call of __mem_cgroup_threshold().
         */
        i = t->current_threshold;

        /*
         * Iterate backward over array of thresholds starting from
         * current_threshold and check if a threshold is crossed.
         * If none of thresholds below usage is crossed, we read
         * only one element of the array here.
         */
        for (; i >= 0 && unlikely(t->entries[i].threshold > usage); i--)
                eventfd_signal(t->entries[i].eventfd, 1);

        /* i = current_threshold + 1 */
        i++;

        /*
         * Iterate forward over array of thresholds starting from
         * current_threshold+1 and check if a threshold is crossed.
         * If none of thresholds above usage is crossed, we read
         * only one element of the array here.
         */
        for (; i < t->size && unlikely(t->entries[i].threshold <= usage); i++)
                eventfd_signal(t->entries[i].eventfd, 1);

        /* Update current_threshold */
        t->current_threshold = i - 1;
unlock:
        rcu_read_unlock();
}

static void mem_cgroup_threshold(struct mem_cgroup *memcg)
{
        while (memcg) {
                __mem_cgroup_threshold(memcg, false);
                if (do_memsw_account())
                        __mem_cgroup_threshold(memcg, true);

                memcg = parent_mem_cgroup(memcg);
        }
}

static int compare_thresholds(const void *a, const void *b)
{
        const struct mem_cgroup_threshold *_a = a;
        const struct mem_cgroup_threshold *_b = b;

        if (_a->threshold > _b->threshold)
                return 1;

        if (_a->threshold < _b->threshold)
                return -1;

        return 0;
}

static int mem_cgroup_oom_notify_cb(struct mem_cgroup *memcg)
{
        struct mem_cgroup_eventfd_list *ev;

        spin_lock(&memcg_oom_lock);

        list_for_each_entry(ev, &memcg->oom_notify, list)
                eventfd_signal(ev->eventfd, 1);

        spin_unlock(&memcg_oom_lock);
        return 0;
}

static void mem_cgroup_oom_notify(struct mem_cgroup *memcg)
{
        struct mem_cgroup *iter;

        for_each_mem_cgroup_tree(iter, memcg)
                mem_cgroup_oom_notify_cb(iter);
}

static int __mem_cgroup_usage_register_event(struct mem_cgroup *memcg,
        struct eventfd_ctx *eventfd, const char *args, enum res_type type)
{
        struct mem_cgroup_thresholds *thresholds;
        struct mem_cgroup_threshold_ary *new;
        unsigned long threshold;
        unsigned long usage;
        int i, size, ret;

        ret = page_counter_memparse(args, "-1", &threshold);
        if (ret)
                return ret;

        mutex_lock(&memcg->thresholds_lock);

        if (type == _MEM) {
                thresholds = &memcg->thresholds;
                usage = mem_cgroup_usage(memcg, false);
        } else if (type == _MEMSWAP) {
                thresholds = &memcg->memsw_thresholds;
                usage = mem_cgroup_usage(memcg, true);
        } else
                BUG();

        /* Check if a threshold crossed before adding a new one */
        if (thresholds->primary)
                __mem_cgroup_threshold(memcg, type == _MEMSWAP);

        size = thresholds->primary ? thresholds->primary->size + 1 : 1;

        /* Allocate memory for new array of thresholds */
        new = kmalloc(sizeof(*new) + size * sizeof(struct mem_cgroup_threshold),
                        GFP_KERNEL);
        if (!new) {
                ret = -ENOMEM;
                goto unlock;
        }
        new->size = size;

        /* Copy thresholds (if any) to new array */
        if (thresholds->primary) {
                memcpy(new->entries, thresholds->primary->entries, (size - 1) *
                                sizeof(struct mem_cgroup_threshold));
        }

        /* Add new threshold */
        new->entries[size - 1].eventfd = eventfd;
        new->entries[size - 1].threshold = threshold;

        /* Sort thresholds. Registering of new threshold isn't time-critical */
        sort(new->entries, size, sizeof(struct mem_cgroup_threshold),
                        compare_thresholds, NULL);

        /* Find current threshold */
        new->current_threshold = -1;
        for (i = 0; i < size; i++) {
                if (new->entries[i].threshold <= usage) {
                        /*
                         * new->current_threshold will not be used until
                         * rcu_assign_pointer(), so it's safe to increment
                         * it here.
                         */
                        ++new->current_threshold;
                } else
                        break;
        }

        /* Free old spare buffer and save old primary buffer as spare */
        kfree(thresholds->spare);
        thresholds->spare = thresholds->primary;

        rcu_assign_pointer(thresholds->primary, new);

        /* To be sure that nobody uses thresholds */
        synchronize_rcu();

unlock:
        mutex_unlock(&memcg->thresholds_lock);

        return ret;
}

static int mem_cgroup_usage_register_event(struct mem_cgroup *memcg,
        struct eventfd_ctx *eventfd, const char *args)
{
        return __mem_cgroup_usage_register_event(memcg, eventfd, args, _MEM);
}

static int memsw_cgroup_usage_register_event(struct mem_cgroup *memcg,
        struct eventfd_ctx *eventfd, const char *args)
{
        return __mem_cgroup_usage_register_event(memcg, eventfd, args, _MEMSWAP);
}

static void __mem_cgroup_usage_unregister_event(struct mem_cgroup *memcg,
        struct eventfd_ctx *eventfd, enum res_type type)
{
        struct mem_cgroup_thresholds *thresholds;
        struct mem_cgroup_threshold_ary *new;
        unsigned long usage;
        int i, j, size;

        mutex_lock(&memcg->thresholds_lock);

        if (type == _MEM) {
                thresholds = &memcg->thresholds;
                usage = mem_cgroup_usage(memcg, false);
        } else if (type == _MEMSWAP) {
                thresholds = &memcg->memsw_thresholds;
                usage = mem_cgroup_usage(memcg, true);
        } else
                BUG();

        if (!thresholds->primary)
                goto unlock;

        /* Check if a threshold crossed before removing */
        __mem_cgroup_threshold(memcg, type == _MEMSWAP);

        /* Calculate new number of threshold */
        size = 0;
        for (i = 0; i < thresholds->primary->size; i++) {
                if (thresholds->primary->entries[i].eventfd != eventfd)
                        size++;
        }

        new = thresholds->spare;

        /* Set thresholds array to NULL if we don't have thresholds */
        if (!size) {
                kfree(new);
                new = NULL;
                goto swap_buffers;
        }

        new->size = size;

        /* Copy thresholds and find current threshold */
        new->current_threshold = -1;
        for (i = 0, j = 0; i < thresholds->primary->size; i++) {
                if (thresholds->primary->entries[i].eventfd == eventfd)
                        continue;

                new->entries[j] = thresholds->primary->entries[i];
                if (new->entries[j].threshold <= usage) {
                        /*
                         * new->current_threshold will not be used
                         * until rcu_assign_pointer(), so it's safe to increment
                         * it here.
                         */
                        ++new->current_threshold;
                }
                j++;
        }

swap_buffers:
        /* Swap primary and spare array */
        thresholds->spare = thresholds->primary;

        rcu_assign_pointer(thresholds->primary, new);

        /* To be sure that nobody uses thresholds */
        synchronize_rcu();

        /* If all events are unregistered, free the spare array */
        if (!new) {
                kfree(thresholds->spare);
                thresholds->spare = NULL;
        }
unlock:
        mutex_unlock(&memcg->thresholds_lock);
}

static void mem_cgroup_usage_unregister_event(struct mem_cgroup *memcg,
        struct eventfd_ctx *eventfd)
{
        return __mem_cgroup_usage_unregister_event(memcg, eventfd, _MEM);
}

static void memsw_cgroup_usage_unregister_event(struct mem_cgroup *memcg,
        struct eventfd_ctx *eventfd)
{
        return __mem_cgroup_usage_unregister_event(memcg, eventfd, _MEMSWAP);
}

static int mem_cgroup_oom_register_event(struct mem_cgroup *memcg,
        struct eventfd_ctx *eventfd, const char *args)
{
        struct mem_cgroup_eventfd_list *event;

        event = kmalloc(sizeof(*event), GFP_KERNEL);
        if (!event)
                return -ENOMEM;

        spin_lock(&memcg_oom_lock);

        event->eventfd = eventfd;
        list_add(&event->list, &memcg->oom_notify);

        /* already in OOM ? */
        if (memcg->under_oom)
                eventfd_signal(eventfd, 1);
        spin_unlock(&memcg_oom_lock);

        return 0;
}

static void mem_cgroup_oom_unregister_event(struct mem_cgroup *memcg,
        struct eventfd_ctx *eventfd)
{
        struct mem_cgroup_eventfd_list *ev, *tmp;

        spin_lock(&memcg_oom_lock);

        list_for_each_entry_safe(ev, tmp, &memcg->oom_notify, list) {
                if (ev->eventfd == eventfd) {
                        list_del(&ev->list);
                        kfree(ev);
                }
        }

        spin_unlock(&memcg_oom_lock);
}

static int mem_cgroup_oom_control_read(struct seq_file *sf, void *v)
{
        struct mem_cgroup *memcg = mem_cgroup_from_css(seq_css(sf));

        seq_printf(sf, "oom_kill_disable %d\n", memcg->oom_kill_disable);
        seq_printf(sf, "under_oom %d\n", (bool)memcg->under_oom);
        seq_printf(sf, "oom_kill %lu\n", memcg_sum_events(memcg, OOM_KILL));
        return 0;
}

static int mem_cgroup_oom_control_write(struct cgroup_subsys_state *css,
        struct cftype *cft, u64 val)
{
        struct mem_cgroup *memcg = mem_cgroup_from_css(css);

        /* cannot set to root cgroup and only 0 and 1 are allowed */
        if (!css->parent || !((val == 0) || (val == 1)))
                return -EINVAL;

        memcg->oom_kill_disable = val;
        if (!val)
                memcg_oom_recover(memcg);

        return 0;
}

#ifdef CONFIG_CGROUP_WRITEBACK

struct list_head *mem_cgroup_cgwb_list(struct mem_cgroup *memcg)
{
        return &memcg->cgwb_list;
}

static int memcg_wb_domain_init(struct mem_cgroup *memcg, gfp_t gfp)
{
        return wb_domain_init(&memcg->cgwb_domain, gfp);
}

static void memcg_wb_domain_exit(struct mem_cgroup *memcg)
{
        wb_domain_exit(&memcg->cgwb_domain);
}

static void memcg_wb_domain_size_changed(struct mem_cgroup *memcg)
{
        wb_domain_size_changed(&memcg->cgwb_domain);
}

struct wb_domain *mem_cgroup_wb_domain(struct bdi_writeback *wb)
{
        struct mem_cgroup *memcg = mem_cgroup_from_css(wb->memcg_css);

        if (!memcg->css.parent)
                return NULL;

        return &memcg->cgwb_domain;
}

/**
 * mem_cgroup_wb_stats - retrieve writeback related stats from its memcg
 * @wb: bdi_writeback in question
 * @pfilepages: out parameter for number of file pages
 * @pheadroom: out parameter for number of allocatable pages according to memcg
 * @pdirty: out parameter for number of dirty pages
 * @pwriteback: out parameter for number of pages under writeback
 *
 * Determine the numbers of file, headroom, dirty, and writeback pages in
 * @wb's memcg.  File, dirty and writeback are self-explanatory.  Headroom
 * is a bit more involved.
 *
 * A memcg's headroom is "min(max, high) - used".  In the hierarchy, the
 * headroom is calculated as the lowest headroom of itself and the
 * ancestors.  Note that this doesn't consider the actual amount of
 * available memory in the system.  The caller should further cap
 * *@pheadroom accordingly.
 */
void mem_cgroup_wb_stats(struct bdi_writeback *wb, unsigned long *pfilepages,
                         unsigned long *pheadroom, unsigned long *pdirty,
                         unsigned long *pwriteback)
{
        struct mem_cgroup *memcg = mem_cgroup_from_css(wb->memcg_css);
        struct mem_cgroup *parent;

        *pdirty = memcg_page_state(memcg, NR_FILE_DIRTY);

        /* this should eventually include NR_UNSTABLE_NFS */
        *pwriteback = memcg_page_state(memcg, NR_WRITEBACK);
        *pfilepages = mem_cgroup_nr_lru_pages(memcg, (1 << LRU_INACTIVE_FILE) |
                                                     (1 << LRU_ACTIVE_FILE));
        *pheadroom = PAGE_COUNTER_MAX;

        while ((parent = parent_mem_cgroup(memcg))) {
                unsigned long ceiling = min(memcg->memory.limit, memcg->high);
                unsigned long used = page_counter_read(&memcg->memory);

                *pheadroom = min(*pheadroom, ceiling - min(ceiling, used));
                memcg = parent;
        }
}

#else   /* CONFIG_CGROUP_WRITEBACK */

static int memcg_wb_domain_init(struct mem_cgroup *memcg, gfp_t gfp)
{
        return 0;
}

static void memcg_wb_domain_exit(struct mem_cgroup *memcg)
{
}

static void memcg_wb_domain_size_changed(struct mem_cgroup *memcg)
{
}

#endif  /* CONFIG_CGROUP_WRITEBACK */

/*
 * DO NOT USE IN NEW FILES.
 *
 * "cgroup.event_control" implementation.
 *
 * This is way over-engineered.  It tries to support fully configurable
 * events for each user.  Such level of flexibility is completely
 * unnecessary especially in the light of the planned unified hierarchy.
 *
 * Please deprecate this and replace with something simpler if at all
 * possible.
 */

/*
 * Unregister event and free resources.
 *
 * Gets called from workqueue.
 */
static void memcg_event_remove(struct work_struct *work)
{
        struct mem_cgroup_event *event =
                container_of(work, struct mem_cgroup_event, remove);
        struct mem_cgroup *memcg = event->memcg;

        remove_wait_queue(event->wqh, &event->wait);

        event->unregister_event(memcg, event->eventfd);

        /* Notify userspace the event is going away. */
        eventfd_signal(event->eventfd, 1);

        eventfd_ctx_put(event->eventfd);
        kfree(event);
        css_put(&memcg->css);
}

/*
 * Gets called on EPOLLHUP on eventfd when user closes it.
 *
 * Called with wqh->lock held and interrupts disabled.
 */
static int memcg_event_wake(wait_queue_entry_t *wait, unsigned mode,
                            int sync, void *key)
{
        struct mem_cgroup_event *event =
                container_of(wait, struct mem_cgroup_event, wait);
        struct mem_cgroup *memcg = event->memcg;
        __poll_t flags = key_to_poll(key);

        if (flags & EPOLLHUP) {
                /*
                 * If the event has been detached at cgroup removal, we
                 * can simply return knowing the other side will cleanup
                 * for us.
                 *
                 * We can't race against event freeing since the other
                 * side will require wqh->lock via remove_wait_queue(),
                 * which we hold.
                 */
                spin_lock(&memcg->event_list_lock);
                if (!list_empty(&event->list)) {
                        list_del_init(&event->list);
                        /*
                         * We are in atomic context, but cgroup_event_remove()
                         * may sleep, so we have to call it in workqueue.
                         */
                        schedule_work(&event->remove);
                }
                spin_unlock(&memcg->event_list_lock);
        }

        return 0;
}

static void memcg_event_ptable_queue_proc(struct file *file,
                wait_queue_head_t *wqh, poll_table *pt)
{
        struct mem_cgroup_event *event =
                container_of(pt, struct mem_cgroup_event, pt);

        event->wqh = wqh;
        add_wait_queue(wqh, &event->wait);
}

/*
 * DO NOT USE IN NEW FILES.
 *
 * Parse input and register new cgroup event handler.
 *
 * Input must be in format '<event_fd> <control_fd> <args>'.
 * Interpretation of args is defined by control file implementation.
 */
static ssize_t memcg_write_event_control(struct kernfs_open_file *of,
                                         char *buf, size_t nbytes, loff_t off)
{
        struct cgroup_subsys_state *css = of_css(of);
        struct mem_cgroup *memcg = mem_cgroup_from_css(css);
        struct mem_cgroup_event *event;
        struct cgroup_subsys_state *cfile_css;
        unsigned int efd, cfd;
        struct fd efile;
        struct fd cfile;
        const char *name;
        char *endp;
        int ret;

        buf = strstrip(buf);

        efd = simple_strtoul(buf, &endp, 10);
        if (*endp != ' ')
                return -EINVAL;
        buf = endp + 1;

        cfd = simple_strtoul(buf, &endp, 10);
        if ((*endp != ' ') && (*endp != '\0'))
                return -EINVAL;
        buf = endp + 1;

        event = kzalloc(sizeof(*event), GFP_KERNEL);
        if (!event)
                return -ENOMEM;

        event->memcg = memcg;
        INIT_LIST_HEAD(&event->list);
        init_poll_funcptr(&event->pt, memcg_event_ptable_queue_proc);
        init_waitqueue_func_entry(&event->wait, memcg_event_wake);
        INIT_WORK(&event->remove, memcg_event_remove);

        efile = fdget(efd);
        if (!efile.file) {
                ret = -EBADF;
                goto out_kfree;
        }

        event->eventfd = eventfd_ctx_fileget(efile.file);
        if (IS_ERR(event->eventfd)) {
                ret = PTR_ERR(event->eventfd);
                goto out_put_efile;
        }

        cfile = fdget(cfd);
        if (!cfile.file) {
                ret = -EBADF;
                goto out_put_eventfd;
        }

        /* the process need read permission on control file */
        /* AV: shouldn't we check that it's been opened for read instead? */
        ret = inode_permission(file_inode(cfile.file), MAY_READ);
        if (ret < 0)
                goto out_put_cfile;

        /*
         * Determine the event callbacks and set them in @event.  This used
         * to be done via struct cftype but cgroup core no longer knows
         * about these events.  The following is crude but the whole thing
         * is for compatibility anyway.
         *
         * DO NOT ADD NEW FILES.
         */
        name = cfile.file->f_path.dentry->d_name.name;

        if (!strcmp(name, "memory.usage_in_bytes")) {
                event->register_event = mem_cgroup_usage_register_event;
                event->unregister_event = mem_cgroup_usage_unregister_event;
        } else if (!strcmp(name, "memory.oom_control")) {
                event->register_event = mem_cgroup_oom_register_event;
                event->unregister_event = mem_cgroup_oom_unregister_event;
        } else if (!strcmp(name, "memory.pressure_level")) {
                event->register_event = vmpressure_register_event;
                event->unregister_event = vmpressure_unregister_event;
        } else if (!strcmp(name, "memory.memsw.usage_in_bytes")) {
                event->register_event = memsw_cgroup_usage_register_event;
                event->unregister_event = memsw_cgroup_usage_unregister_event;
        } else {
                ret = -EINVAL;
                goto out_put_cfile;
        }

        /*
         * Verify @cfile should belong to @css.  Also, remaining events are
         * automatically removed on cgroup destruction but the removal is
         * asynchronous, so take an extra ref on @css.
         */
        cfile_css = css_tryget_online_from_dir(cfile.file->f_path.dentry->d_parent,
                                               &memory_cgrp_subsys);
        ret = -EINVAL;
        if (IS_ERR(cfile_css))
                goto out_put_cfile;
        if (cfile_css != css) {
                css_put(cfile_css);
                goto out_put_cfile;
        }

        ret = event->register_event(memcg, event->eventfd, buf);
        if (ret)
                goto out_put_css;

        efile.file->f_op->poll(efile.file, &event->pt);

        spin_lock(&memcg->event_list_lock);
        list_add(&event->list, &memcg->event_list);
        spin_unlock(&memcg->event_list_lock);

        fdput(cfile);
        fdput(efile);

        return nbytes;

out_put_css:
        css_put(css);
out_put_cfile:
        fdput(cfile);
out_put_eventfd:
        eventfd_ctx_put(event->eventfd);
out_put_efile:
        fdput(efile);
out_kfree:
        kfree(event);

        return ret;
}

static struct cftype mem_cgroup_legacy_files[] = {
        {
                .name = "usage_in_bytes",
                .private = MEMFILE_PRIVATE(_MEM, RES_USAGE),
                .read_u64 = mem_cgroup_read_u64,
        },
        {
                .name = "max_usage_in_bytes",
                .private = MEMFILE_PRIVATE(_MEM, RES_MAX_USAGE),
                .write = mem_cgroup_reset,
                .read_u64 = mem_cgroup_read_u64,
        },
        {
                .name = "limit_in_bytes",
                .private = MEMFILE_PRIVATE(_MEM, RES_LIMIT),
                .write = mem_cgroup_write,
                .read_u64 = mem_cgroup_read_u64,
        },
        {
                .name = "soft_limit_in_bytes",
                .private = MEMFILE_PRIVATE(_MEM, RES_SOFT_LIMIT),
                .write = mem_cgroup_write,
                .read_u64 = mem_cgroup_read_u64,
        },
        {
                .name = "failcnt",
                .private = MEMFILE_PRIVATE(_MEM, RES_FAILCNT),
                .write = mem_cgroup_reset,
                .read_u64 = mem_cgroup_read_u64,
        },
        {
                .name = "stat",
                .seq_show = memcg_stat_show,
        },
        {
                .name = "force_empty",
                .write = mem_cgroup_force_empty_write,
        },
        {
                .name = "use_hierarchy",
                .write_u64 = mem_cgroup_hierarchy_write,
                .read_u64 = mem_cgroup_hierarchy_read,
        },
        {
                .name = "cgroup.event_control",         /* XXX: for compat */
                .write = memcg_write_event_control,
                .flags = CFTYPE_NO_PREFIX | CFTYPE_WORLD_WRITABLE,
        },
        {
                .name = "swappiness",
                .read_u64 = mem_cgroup_swappiness_read,
                .write_u64 = mem_cgroup_swappiness_write,
        },
        {
                .name = "move_charge_at_immigrate",
                .read_u64 = mem_cgroup_move_charge_read,
                .write_u64 = mem_cgroup_move_charge_write,
        },
        {
                .name = "oom_control",
                .seq_show = mem_cgroup_oom_control_read,
                .write_u64 = mem_cgroup_oom_control_write,
                .private = MEMFILE_PRIVATE(_OOM_TYPE, OOM_CONTROL),
        },
        {
                .name = "pressure_level",
        },
#ifdef CONFIG_NUMA
        {
                .name = "numa_stat",
                .seq_show = memcg_numa_stat_show,
        },
#endif
        {
                .name = "kmem.limit_in_bytes",
                .private = MEMFILE_PRIVATE(_KMEM, RES_LIMIT),
                .write = mem_cgroup_write,
                .read_u64 = mem_cgroup_read_u64,
        },
        {
                .name = "kmem.usage_in_bytes",
                .private = MEMFILE_PRIVATE(_KMEM, RES_USAGE),
                .read_u64 = mem_cgroup_read_u64,
        },
        {
                .name = "kmem.failcnt",
                .private = MEMFILE_PRIVATE(_KMEM, RES_FAILCNT),
                .write = mem_cgroup_reset,
                .read_u64 = mem_cgroup_read_u64,
        },
        {
                .name = "kmem.max_usage_in_bytes",
                .private = MEMFILE_PRIVATE(_KMEM, RES_MAX_USAGE),
                .write = mem_cgroup_reset,
                .read_u64 = mem_cgroup_read_u64,
        },
#if defined(CONFIG_SLAB) || defined(CONFIG_SLUB_DEBUG)
        {
                .name = "kmem.slabinfo",
                .seq_start = memcg_slab_start,
                .seq_next = memcg_slab_next,
                .seq_stop = memcg_slab_stop,
                .seq_show = memcg_slab_show,
        },
#endif
        {
                .name = "kmem.tcp.limit_in_bytes",
                .private = MEMFILE_PRIVATE(_TCP, RES_LIMIT),
                .write = mem_cgroup_write,
                .read_u64 = mem_cgroup_read_u64,
        },
        {
                .name = "kmem.tcp.usage_in_bytes",
                .private = MEMFILE_PRIVATE(_TCP, RES_USAGE),
                .read_u64 = mem_cgroup_read_u64,
        },
        {
                .name = "kmem.tcp.failcnt",
                .private = MEMFILE_PRIVATE(_TCP, RES_FAILCNT),
                .write = mem_cgroup_reset,
                .read_u64 = mem_cgroup_read_u64,
        },
        {
                .name = "kmem.tcp.max_usage_in_bytes",