From: Mandeep Singh Baines <msb@chromium.org>
To: David Rientjes <rientjes@google.com>
Cc: Mandeep Singh Baines <msb@chromium.org>,
Andrew Morton <akpm@linux-foundation.org>,
KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>,
KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>,
Rik van Riel <riel@redhat.com>, Ying Han <yinghan@google.com>,
linux-kernel@vger.kernel.org, gspencer@chromium.org,
piman@chromium.org, wad@chromium.org, olofj@chromium.org
Subject: Re: [PATCH] oom: create a resource limit for oom_adj
Date: Thu, 11 Nov 2010 14:25:10 -0800 [thread overview]
Message-ID: <20101111222509.GJ7363@google.com> (raw)
In-Reply-To: <alpine.DEB.2.00.1011111241450.25829@chino.kir.corp.google.com>
David Rientjes (rientjes@google.com) wrote:
> On Thu, 11 Nov 2010, Mandeep Singh Baines wrote:
>
> > > What is the anticipated use case for this? We know that you want to lower
> > > oom_adj without CAP_SYS_RESOURCE, but what's the expected behavior when an
> > > app moves from foreground to background? I assume it's something like
> >
> > The focus here is the web browser's tabs. In our case, each is a process. If
> > OOM is going to kill a process, you'd rather it kill the tab you looked at
> > hours ago instead of the one you're looking at now. So you'd like to have a
> > policy where the LRU tab gets killed first. We'd like to use oom_score_adj
> > as the mechanism to implement an LRU policy like this.
> >
>
> Hmm, at first glance that seems potentially dangerous if the current tab
> generates a burt of memory allocations and it ends up killing all other
> tabs before finally targeting the culprit whereas currently the heuristic
> should do a good job of finding this problematic tab and killing it
> instantly.
>
If you're watching a movie, video chatting, playing a game, etc. What
would you rather have killed: the current tab you are interacting with or
some tab you opened a while back and are no longer interacting with.
> Perhaps that can't happen and it probably doesn't even matter:
> oom_score_adj allows users to determine which process to kill regardless
> of the underlying reason.
>
> > > What do you anticipate will be writing to oom_score_adj with this patch,
> > > the app itself?
> >
> > A process in the browser session will do the adusting. We'd rather not give
> > it CAP_SYS_RESOURCE. It should only be allowed to change oom_score_adj up
> > and down within the bounds set by the administrator. Analagous to renice()
> > which we also do using a similar policy.
> >
>
> So as more and more tabs get used, the least recently used tab gets its
> oom_score_adj raised higher and higher until it is reused itself and then
> it gets reset back to 0 for the current tab?
>
Exactly.
> Is there a reason you don't want to give the underlying browser session
> process CAP_SYS_RESOURCE? Will it not be enforcing resource limits to
Security. We want to use the least-privilege possible. We really want to
avoid giving special privileges to the browser. You shouldn't need
administrative privileges to run the browser. We'd like for oom_score_adj
to work the same as nice. An unprivileged user can nice up and down as
long as the new setting is within the administratively configured
resource limit: ulimit -e.
> ensure tabs don't deplete all memory when certain sites are opened? Are
> you concerned that it may deplete all memory itself (for which case you
> could raise its own oom_score_adj, which is a proportion of available
> memory so you can define where that point of depletiong is)?
next prev parent reply other threads:[~2010-11-11 22:25 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-11-11 4:35 [PATCH] oom: create a resource limit for oom_adj Mandeep Singh Baines
2010-11-11 7:35 ` David Rientjes
2010-11-11 18:30 ` Mandeep Singh Baines
2010-11-11 20:57 ` David Rientjes
2010-11-11 22:25 ` Mandeep Singh Baines [this message]
2010-11-11 23:19 ` David Rientjes
2010-11-11 23:56 ` Mandeep Singh Baines
2010-11-13 0:46 ` [PATCH] oom: allow a non-CAP_SYS_RESOURCE proces to oom_score_adj down Mandeep Singh Baines
2010-11-14 1:37 ` David Rientjes
2010-11-15 22:01 ` [PATCH v2] " Mandeep Singh Baines
2010-11-15 22:06 ` David Rientjes
2010-11-16 0:03 ` [PATCH v3] " Mandeep Singh Baines
2010-11-14 5:07 ` [PATCH] oom: create a resource limit for oom_adj KOSAKI Motohiro
-- strict thread matches above, loose matches on Subject: below --
2010-11-11 5:19 Figo.zhang
[not found] <fNx73-1cI-1@gated-at.bofh.it>
[not found] ` <fNzVf-5UY-3@gated-at.bofh.it>
[not found] ` <fNKdY-6FU-11@gated-at.bofh.it>
[not found] ` <fNMps-1S1-21@gated-at.bofh.it>
2010-11-11 23:15 ` Bodo Eggert
2010-11-11 23:21 ` David Rientjes
2010-11-14 5:07 ` KOSAKI Motohiro
2010-11-14 21:42 ` David Rientjes
2010-11-23 7:16 ` KOSAKI Motohiro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20101111222509.GJ7363@google.com \
--to=msb@chromium.org \
--cc=akpm@linux-foundation.org \
--cc=gspencer@chromium.org \
--cc=kamezawa.hiroyu@jp.fujitsu.com \
--cc=kosaki.motohiro@jp.fujitsu.com \
--cc=linux-kernel@vger.kernel.org \
--cc=olofj@chromium.org \
--cc=piman@chromium.org \
--cc=riel@redhat.com \
--cc=rientjes@google.com \
--cc=wad@chromium.org \
--cc=yinghan@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.