From: Josh Poimboeuf <jpoimboe@kernel.org>
To: Linus Torvalds <torvalds@linux-foundation.org>,
Jeff Layton <jlayton@kernel.org>,
Chuck Lever <chuck.lever@oracle.com>,
Shakeel Butt <shakeelb@google.com>,
Roman Gushchin <roman.gushchin@linux.dev>,
Johannes Weiner <hannes@cmpxchg.org>,
Michal Hocko <mhocko@kernel.org>
Cc: linux-kernel@vger.kernel.org, Jens Axboe <axboe@kernel.dk>,
Tejun Heo <tj@kernel.org>,
Vasily Averin <vasily.averin@linux.dev>,
Michal Koutny <mkoutny@suse.com>,
Waiman Long <longman@redhat.com>,
Muchun Song <muchun.song@linux.dev>,
Jiri Kosina <jikos@kernel.org>,
cgroups@vger.kernel.org, linux-mm@kvack.org
Subject: [PATCH RFC 0/4] Fix file lock cache accounting, again
Date: Wed, 17 Jan 2024 08:14:42 -0800 [thread overview]
Message-ID: <cover.1705507931.git.jpoimboe@kernel.org> (raw)
This is an attempt to fix file lock cache accounting (again). The bug
was originally reported 2+ years ago [1] but was quickly reverted [2]
for performance reasons.
A few years ago some ideas [3] were floated about how to improve the
performance. Did any of those ever get implemented?
Testing shows "mm: improve performance of accounted kernel memory
allocations" [4] helping some. But even with those patches, much of the
original performance regression still remains, at least according to
microbenchmarks.
Despite that regression, this being a security and correctness issue, it
really needs to be fixed by default. Those who want to live on the edge
(or have trusted user space) can disable it.
Patch 1 enables the fix by default, but allows disabling it at boot
time.
Patch 2 allows disabling it at build time.
Patches 3 and 4 allow disabling it (along with all the CPU mitigations)
using mitigations=off.
[1] 0f12156dff28 ("memcg: enable accounting for file lock caches")
[2] 3754707bcc3e ("Revert "memcg: enable accounting for file lock caches"")
[3] https://lore.kernel.org/lkml/dbc9955d-6c28-1dd5-b842-ef39a762aa3b@kernel.dk/
[4] https://lore.kernel.org/lkml/20231019225346.1822282-1-roman.gushchin@linux.dev/
Josh Poimboeuf (4):
fs/locks: Fix file lock cache accounting, again
fs/locks: Add CONFIG_FLOCK_ACCOUNTING
mitigations: Expand 'mitigations=off' to include optional software
mitigations
mitigations: Add flock cache accounting to 'mitigations=off'
.../admin-guide/kernel-parameters.txt | 48 ++++++++++++++----
arch/arm64/kernel/cpufeature.c | 2 +-
arch/arm64/kernel/proton-pack.c | 6 +--
arch/powerpc/kernel/security.c | 14 +++---
arch/s390/kernel/nospec-branch.c | 2 +-
arch/x86/kernel/cpu/bugs.c | 35 ++++++-------
arch/x86/kvm/mmu/mmu.c | 2 +-
arch/x86/mm/pti.c | 3 +-
fs/Kconfig | 15 ++++++
fs/locks.c | 31 +++++++++++-
include/linux/bpf.h | 5 +-
include/linux/cpu.h | 3 --
include/linux/mitigations.h | 4 ++
kernel/Makefile | 3 +-
kernel/cpu.c | 43 ----------------
kernel/mitigations.c | 50 +++++++++++++++++++
16 files changed, 174 insertions(+), 92 deletions(-)
create mode 100644 include/linux/mitigations.h
create mode 100644 kernel/mitigations.c
--
2.43.0
next reply other threads:[~2024-01-17 16:15 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-01-17 16:14 Josh Poimboeuf [this message]
2024-01-17 16:14 ` [PATCH RFC 1/4] fs/locks: Fix file lock cache accounting, again Josh Poimboeuf
2024-01-17 19:00 ` Jeff Layton
2024-01-17 19:39 ` Josh Poimboeuf
2024-01-17 20:20 ` Linus Torvalds
2024-01-17 21:02 ` Shakeel Butt
2024-01-17 22:20 ` Roman Gushchin
2024-01-17 22:56 ` Shakeel Butt
2024-01-22 5:10 ` Linus Torvalds
2024-01-22 17:38 ` Shakeel Butt
2024-01-26 9:50 ` Vlastimil Babka
2024-01-30 11:04 ` Vlastimil Babka
2024-01-19 7:47 ` Shakeel Butt
2024-01-17 21:19 ` Vlastimil Babka
2024-01-17 21:50 ` Roman Gushchin
2024-01-18 9:49 ` Michal Hocko
2024-01-17 16:14 ` [PATCH RFC 2/4] fs/locks: Add CONFIG_FLOCK_ACCOUNTING Josh Poimboeuf
2024-01-17 16:14 ` [PATCH RFC 3/4] mitigations: Expand 'mitigations=off' to include optional software mitigations Josh Poimboeuf
2024-01-17 16:14 ` [PATCH RFC 4/4] mitigations: Add flock cache accounting to 'mitigations=off' Josh Poimboeuf
2024-01-18 9:04 ` Michal Koutný
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1705507931.git.jpoimboe@kernel.org \
--to=jpoimboe@kernel.org \
--cc=axboe@kernel.dk \
--cc=cgroups@vger.kernel.org \
--cc=chuck.lever@oracle.com \
--cc=hannes@cmpxchg.org \
--cc=jikos@kernel.org \
--cc=jlayton@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=longman@redhat.com \
--cc=mhocko@kernel.org \
--cc=mkoutny@suse.com \
--cc=muchun.song@linux.dev \
--cc=roman.gushchin@linux.dev \
--cc=shakeelb@google.com \
--cc=tj@kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=vasily.averin@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.