From: Andrea Arcangeli <aarcange@redhat.com>
To: Daniel Colascione <dancol@google.com>
Cc: Andy Lutomirski <luto@kernel.org>, Jann Horn <jannh@google.com>,
Linus Torvalds <torvalds@linux-foundation.org>,
Pavel Emelyanov <xemul@virtuozzo.com>,
Lokesh Gidra <lokeshgidra@google.com>,
Nick Kralevich <nnk@google.com>, Nosh Minwalla <nosh@google.com>,
Tim Murray <timmurray@google.com>,
Mike Rapoport <rppt@linux.vnet.ibm.com>,
Linux API <linux-api@vger.kernel.org>,
LKML <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH 3/7] Add a UFFD_SECURE flag to the userfaultfd API.
Date: Wed, 23 Oct 2019 20:23:12 -0400 [thread overview]
Message-ID: <20191024002312.GB433@redhat.com> (raw)
In-Reply-To: <CAKOZuetKkM=PK2QA8LdXwM8cM8qJvFu4u5bjePWai3XRnHe-pA@mail.gmail.com>
On Wed, Oct 23, 2019 at 01:05:47PM -0700, Daniel Colascione wrote:
> This is a debate that won't get resolved here. A ton of work has gone
> into namespaces, migration, various cgroup things, and so on, and I
> don't see that work getting torn out.
This is precisely why I thought it was a good idea to support the
non-cooperative use case too even though we had no immediate use for
it.
> Sure they can. Can't we stick processes in a memcg and set a
> memory.high threshold beyond which threads in that cgroup will enter
> direct reclaim on page allocations? I'd call that throttling.
The uffd-wp solution during the throttling can resolve a wrprotect
fault in the parent for every 4k page that has been written to disk
and it'll prioritize writing to disk those userfaults that are
currently blocked. I don't see how you could reach an equivalent
optimal runtime without uffd-wp and just with memcg because the
snapshot process won't have a clue which pages are been duped by the
COWs. The uffd-wp by avoding fork will also avoid more expensive MM
switches during the snapshot.
> This issue *has* to get fixed one way or another.
Sure.
next prev parent reply other threads:[~2019-10-24 0:23 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-12 19:15 [PATCH 0/7] Harden userfaultfd Daniel Colascione
2019-10-12 19:15 ` [PATCH 1/7] Add a new flags-accepting interface for anonymous inodes Daniel Colascione
2019-10-14 4:26 ` kbuild test robot
2019-10-14 4:26 ` kbuild test robot
2019-10-14 4:26 ` kbuild test robot
2019-10-14 15:38 ` Jann Horn
2019-10-14 18:15 ` Daniel Colascione
2019-10-14 18:30 ` Jann Horn
2019-10-15 8:08 ` Christoph Hellwig
2019-10-12 19:15 ` [PATCH 2/7] Add a concept of a "secure" anonymous file Daniel Colascione
2019-10-14 3:01 ` kbuild test robot
2019-10-14 3:01 ` kbuild test robot
2019-10-14 3:01 ` kbuild test robot
2019-10-15 8:08 ` Christoph Hellwig
2019-10-12 19:15 ` [PATCH 3/7] Add a UFFD_SECURE flag to the userfaultfd API Daniel Colascione
2019-10-12 23:10 ` Andy Lutomirski
2019-10-13 0:51 ` Daniel Colascione
2019-10-13 1:14 ` Andy Lutomirski
2019-10-13 1:38 ` Daniel Colascione
2019-10-14 16:04 ` Jann Horn
2019-10-23 19:09 ` Andrea Arcangeli
2019-10-23 19:21 ` Andy Lutomirski
2019-10-23 21:16 ` Andrea Arcangeli
2019-10-23 21:25 ` Andy Lutomirski
2019-10-23 22:41 ` Andrea Arcangeli
2019-10-23 23:01 ` Andy Lutomirski
2019-10-23 23:27 ` Andrea Arcangeli
2019-10-23 20:05 ` Daniel Colascione
2019-10-24 0:23 ` Andrea Arcangeli [this message]
2019-10-23 20:15 ` Linus Torvalds
2019-10-24 9:02 ` Mike Rapoport
2019-10-24 15:10 ` Andrea Arcangeli
2019-10-25 20:12 ` Mike Rapoport
2019-10-22 21:27 ` Daniel Colascione
2019-10-23 4:11 ` Andy Lutomirski
2019-10-23 7:29 ` Cyrill Gorcunov
2019-10-23 12:43 ` Mike Rapoport
2019-10-23 17:13 ` Andy Lutomirski
2019-10-12 19:15 ` [PATCH 4/7] Teach SELinux about a new userfaultfd class Daniel Colascione
2019-10-12 23:08 ` Andy Lutomirski
2019-10-13 0:11 ` Daniel Colascione
2019-10-13 0:46 ` Andy Lutomirski
2019-10-12 19:16 ` [PATCH 5/7] Let userfaultfd opt out of handling kernel-mode faults Daniel Colascione
2019-10-12 19:16 ` [PATCH 6/7] Allow users to require UFFD_SECURE Daniel Colascione
2019-10-12 23:12 ` Andy Lutomirski
2019-10-12 19:16 ` [PATCH 7/7] Add a new sysctl for limiting userfaultfd to user mode faults Daniel Colascione
2019-10-16 0:02 ` [PATCH 0/7] Harden userfaultfd James Morris
2019-11-15 15:09 ` Stephen Smalley
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191024002312.GB433@redhat.com \
--to=aarcange@redhat.com \
--cc=dancol@google.com \
--cc=jannh@google.com \
--cc=linux-api@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=lokeshgidra@google.com \
--cc=luto@kernel.org \
--cc=nnk@google.com \
--cc=nosh@google.com \
--cc=rppt@linux.vnet.ibm.com \
--cc=timmurray@google.com \
--cc=torvalds@linux-foundation.org \
--cc=xemul@virtuozzo.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.