From: ebiederm@xmission.com (Eric W. Biederman)
To: Alexey Gladkov <gladkov.alexey@gmail.com>
Cc: Jens Axboe <axboe@kernel.dk>,
feng.tang@intel.com, 0day robot <lkp@intel.com>,
Kernel Hardening <kernel-hardening@lists.openwall.com>,
Linux Containers <containers@lists.linux-foundation.org>,
Jann Horn <jannh@google.com>, LKML <linux-kernel@vger.kernel.org>,
Oleg Nesterov <oleg@redhat.com>,
linux-mm@kvack.org, lkp@lists.01.org,
kernel test robot <oliver.sang@intel.com>,
ying.huang@intel.com, Andrew Morton <akpm@linux-foundation.org>,
zhengjun.xing@intel.com,
Linus Torvalds <torvalds@linux-foundation.org>,
io-uring@vger.kernel.org, Kees Cook <keescook@chromium.org>
Subject: Re: d28296d248: stress-ng.sigsegv.ops_per_sec -82.7% regression
Date: Fri, 05 Mar 2021 11:56:44 -0600 [thread overview]
Message-ID: <m1czwd32n7.fsf@fess.ebiederm.org> (raw)
In-Reply-To: <20210225203657.mjhaqnj5vszna5xw@example.org> (Alexey Gladkov's message of "Thu, 25 Feb 2021 21:36:57 +0100")
Alexey Gladkov <gladkov.alexey@gmail.com> writes:
> On Wed, Feb 24, 2021 at 12:50:21PM -0600, Eric W. Biederman wrote:
>> Alexey Gladkov <gladkov.alexey@gmail.com> writes:
>>
>> > On Wed, Feb 24, 2021 at 10:54:17AM -0600, Eric W. Biederman wrote:
>> >> kernel test robot <oliver.sang@intel.com> writes:
>> >>
>> >> > Greeting,
>> >> >
>> >> > FYI, we noticed a -82.7% regression of stress-ng.sigsegv.ops_per_sec due to commit:
>> >> >
>> >> >
>> >> > commit: d28296d2484fa11e94dff65e93eb25802a443d47 ("[PATCH v7 5/7] Reimplement RLIMIT_SIGPENDING on top of ucounts")
>> >> > url: https://github.com/0day-ci/linux/commits/Alexey-Gladkov/Count-rlimits-in-each-user-namespace/20210222-175836
>> >> > base: https://git.kernel.org/cgit/linux/kernel/git/shuah/linux-kselftest.git next
>> >> >
>> >> > in testcase: stress-ng
>> >> > on test machine: 48 threads Intel(R) Xeon(R) CPU E5-2697 v2 @ 2.70GHz with 112G memory
>> >> > with following parameters:
>> >> >
>> >> > nr_threads: 100%
>> >> > disk: 1HDD
>> >> > testtime: 60s
>> >> > class: interrupt
>> >> > test: sigsegv
>> >> > cpufreq_governor: performance
>> >> > ucode: 0x42e
>> >> >
>> >> >
>> >> > In addition to that, the commit also has significant impact on the
>> >> > following tests:
>> >>
>> >> Thank you. Now we have a sense of where we need to test the performance
>> >> of these changes carefully.
>> >
>> > One of the reasons for this is that I rolled back the patch that changed
>> > the ucounts.count type to atomic_t. Now get_ucounts() is forced to use a
>> > spin_lock to increase the reference count.
>>
>> Which given the hickups with getting a working version seems justified.
>>
>> Now we can add incremental patches on top to improve the performance.
>
> I'm not sure that get_ucounts() should be used in __sigqueue_alloc() [1].
> I tried removing it and running KASAN tests that were failing before. So
> far, I have not found any problems.
>
> [1]
> https://git.kernel.org/pub/scm/linux/kernel/git/legion/linux.git/tree/kernel/signal.c?h=patchset/per-userspace-rlimit/v7.1&id=2d4a2e2be7db42c95acb98abfc2a9b370ddd0604#n428
Hmm. The code you posted still seems to include the get_ucounts.
I like the idea of not needing to increment and decrement the ucount
reference count every time a signal is sent, unfortunately there is a
problem. The way we have implemented setresuid allows different threads
in a threaded application to have different cred->user values.
That is actually an extension of what posix supports and pthreads will
keep the creds of a process in sync. Still I recall looking into this a
few years ago and there were a few applications that take advantage of
the linux behavior.
In principle I think it is possible to hold a ucount reference in
somewhere such as task->signal. In practice there are enough
complicating factors I don't immediately see how to implement that.
If the creds were stored in signal_struct instead of in task_struct
we could simply move the sigpending counts in set_user, when the uid
of a process changed.
With the current state I don't know how to pick which is the real user.
Eric
_______________________________________________
Containers mailing list
Containers@lists.linux-foundation.org
https://lists.linuxfoundation.org/mailman/listinfo/containers
WARNING: multiple messages have this Message-ID (diff)
From: ebiederm@xmission.com (Eric W. Biederman)
To: Alexey Gladkov <gladkov.alexey@gmail.com>
Cc: kernel test robot <oliver.sang@intel.com>,
0day robot <lkp@intel.com>, LKML <linux-kernel@vger.kernel.org>,
lkp@lists.01.org, ying.huang@intel.com, feng.tang@intel.com,
zhengjun.xing@intel.com, io-uring@vger.kernel.org,
Kernel Hardening <kernel-hardening@lists.openwall.com>,
Linux Containers <containers@lists.linux-foundation.org>,
linux-mm@kvack.org, Andrew Morton <akpm@linux-foundation.org>,
Christian Brauner <christian.brauner@ubuntu.com>,
Jann Horn <jannh@google.com>, Jens Axboe <axboe@kernel.dk>,
Kees Cook <keescook@chromium.org>,
Linus Torvalds <torvalds@linux-foundation.org>,
Oleg Nesterov <oleg@redhat.com>
Subject: Re: d28296d248: stress-ng.sigsegv.ops_per_sec -82.7% regression
Date: Fri, 05 Mar 2021 11:56:44 -0600 [thread overview]
Message-ID: <m1czwd32n7.fsf@fess.ebiederm.org> (raw)
In-Reply-To: <20210225203657.mjhaqnj5vszna5xw@example.org> (Alexey Gladkov's message of "Thu, 25 Feb 2021 21:36:57 +0100")
Alexey Gladkov <gladkov.alexey@gmail.com> writes:
> On Wed, Feb 24, 2021 at 12:50:21PM -0600, Eric W. Biederman wrote:
>> Alexey Gladkov <gladkov.alexey@gmail.com> writes:
>>
>> > On Wed, Feb 24, 2021 at 10:54:17AM -0600, Eric W. Biederman wrote:
>> >> kernel test robot <oliver.sang@intel.com> writes:
>> >>
>> >> > Greeting,
>> >> >
>> >> > FYI, we noticed a -82.7% regression of stress-ng.sigsegv.ops_per_sec due to commit:
>> >> >
>> >> >
>> >> > commit: d28296d2484fa11e94dff65e93eb25802a443d47 ("[PATCH v7 5/7] Reimplement RLIMIT_SIGPENDING on top of ucounts")
>> >> > url: https://github.com/0day-ci/linux/commits/Alexey-Gladkov/Count-rlimits-in-each-user-namespace/20210222-175836
>> >> > base: https://git.kernel.org/cgit/linux/kernel/git/shuah/linux-kselftest.git next
>> >> >
>> >> > in testcase: stress-ng
>> >> > on test machine: 48 threads Intel(R) Xeon(R) CPU E5-2697 v2 @ 2.70GHz with 112G memory
>> >> > with following parameters:
>> >> >
>> >> > nr_threads: 100%
>> >> > disk: 1HDD
>> >> > testtime: 60s
>> >> > class: interrupt
>> >> > test: sigsegv
>> >> > cpufreq_governor: performance
>> >> > ucode: 0x42e
>> >> >
>> >> >
>> >> > In addition to that, the commit also has significant impact on the
>> >> > following tests:
>> >>
>> >> Thank you. Now we have a sense of where we need to test the performance
>> >> of these changes carefully.
>> >
>> > One of the reasons for this is that I rolled back the patch that changed
>> > the ucounts.count type to atomic_t. Now get_ucounts() is forced to use a
>> > spin_lock to increase the reference count.
>>
>> Which given the hickups with getting a working version seems justified.
>>
>> Now we can add incremental patches on top to improve the performance.
>
> I'm not sure that get_ucounts() should be used in __sigqueue_alloc() [1].
> I tried removing it and running KASAN tests that were failing before. So
> far, I have not found any problems.
>
> [1]
> https://git.kernel.org/pub/scm/linux/kernel/git/legion/linux.git/tree/kernel/signal.c?h=patchset/per-userspace-rlimit/v7.1&id=2d4a2e2be7db42c95acb98abfc2a9b370ddd0604#n428
Hmm. The code you posted still seems to include the get_ucounts.
I like the idea of not needing to increment and decrement the ucount
reference count every time a signal is sent, unfortunately there is a
problem. The way we have implemented setresuid allows different threads
in a threaded application to have different cred->user values.
That is actually an extension of what posix supports and pthreads will
keep the creds of a process in sync. Still I recall looking into this a
few years ago and there were a few applications that take advantage of
the linux behavior.
In principle I think it is possible to hold a ucount reference in
somewhere such as task->signal. In practice there are enough
complicating factors I don't immediately see how to implement that.
If the creds were stored in signal_struct instead of in task_struct
we could simply move the sigpending counts in set_user, when the uid
of a process changed.
With the current state I don't know how to pick which is the real user.
Eric
WARNING: multiple messages have this Message-ID (diff)
From: Eric W. Biederman <ebiederm@xmission.com>
To: lkp@lists.01.org
Subject: Re: d28296d248: stress-ng.sigsegv.ops_per_sec -82.7% regression
Date: Fri, 05 Mar 2021 11:56:44 -0600 [thread overview]
Message-ID: <m1czwd32n7.fsf@fess.ebiederm.org> (raw)
In-Reply-To: <20210225203657.mjhaqnj5vszna5xw@example.org>
[-- Attachment #1: Type: text/plain, Size: 3199 bytes --]
Alexey Gladkov <gladkov.alexey@gmail.com> writes:
> On Wed, Feb 24, 2021 at 12:50:21PM -0600, Eric W. Biederman wrote:
>> Alexey Gladkov <gladkov.alexey@gmail.com> writes:
>>
>> > On Wed, Feb 24, 2021 at 10:54:17AM -0600, Eric W. Biederman wrote:
>> >> kernel test robot <oliver.sang@intel.com> writes:
>> >>
>> >> > Greeting,
>> >> >
>> >> > FYI, we noticed a -82.7% regression of stress-ng.sigsegv.ops_per_sec due to commit:
>> >> >
>> >> >
>> >> > commit: d28296d2484fa11e94dff65e93eb25802a443d47 ("[PATCH v7 5/7] Reimplement RLIMIT_SIGPENDING on top of ucounts")
>> >> > url: https://github.com/0day-ci/linux/commits/Alexey-Gladkov/Count-rlimits-in-each-user-namespace/20210222-175836
>> >> > base: https://git.kernel.org/cgit/linux/kernel/git/shuah/linux-kselftest.git next
>> >> >
>> >> > in testcase: stress-ng
>> >> > on test machine: 48 threads Intel(R) Xeon(R) CPU E5-2697 v2 @ 2.70GHz with 112G memory
>> >> > with following parameters:
>> >> >
>> >> > nr_threads: 100%
>> >> > disk: 1HDD
>> >> > testtime: 60s
>> >> > class: interrupt
>> >> > test: sigsegv
>> >> > cpufreq_governor: performance
>> >> > ucode: 0x42e
>> >> >
>> >> >
>> >> > In addition to that, the commit also has significant impact on the
>> >> > following tests:
>> >>
>> >> Thank you. Now we have a sense of where we need to test the performance
>> >> of these changes carefully.
>> >
>> > One of the reasons for this is that I rolled back the patch that changed
>> > the ucounts.count type to atomic_t. Now get_ucounts() is forced to use a
>> > spin_lock to increase the reference count.
>>
>> Which given the hickups with getting a working version seems justified.
>>
>> Now we can add incremental patches on top to improve the performance.
>
> I'm not sure that get_ucounts() should be used in __sigqueue_alloc() [1].
> I tried removing it and running KASAN tests that were failing before. So
> far, I have not found any problems.
>
> [1]
> https://git.kernel.org/pub/scm/linux/kernel/git/legion/linux.git/tree/kernel/signal.c?h=patchset/per-userspace-rlimit/v7.1&id=2d4a2e2be7db42c95acb98abfc2a9b370ddd0604#n428
Hmm. The code you posted still seems to include the get_ucounts.
I like the idea of not needing to increment and decrement the ucount
reference count every time a signal is sent, unfortunately there is a
problem. The way we have implemented setresuid allows different threads
in a threaded application to have different cred->user values.
That is actually an extension of what posix supports and pthreads will
keep the creds of a process in sync. Still I recall looking into this a
few years ago and there were a few applications that take advantage of
the linux behavior.
In principle I think it is possible to hold a ucount reference in
somewhere such as task->signal. In practice there are enough
complicating factors I don't immediately see how to implement that.
If the creds were stored in signal_struct instead of in task_struct
we could simply move the sigpending counts in set_user, when the uid
of a process changed.
With the current state I don't know how to pick which is the real user.
Eric
next prev parent reply other threads:[~2021-03-05 17:56 UTC|newest]
Thread overview: 43+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-22 9:56 [PATCH v7 0/7] Count rlimits in each user namespace Alexey Gladkov
2021-02-22 9:56 ` Alexey Gladkov
2021-02-22 9:56 ` [PATCH v7 1/7] Increase size of ucounts to atomic_long_t Alexey Gladkov
2021-02-22 9:56 ` Alexey Gladkov
2021-02-22 9:56 ` [PATCH v7 2/7] Add a reference to ucounts for each cred Alexey Gladkov
2021-02-22 9:56 ` Alexey Gladkov
2021-03-01 7:32 ` e1e57d56fe: stress-ng.access.ops_per_sec -41.6% regression kernel test robot
2021-03-01 7:32 ` kernel test robot
2021-03-01 7:32 ` kernel test robot
2021-02-22 9:56 ` [PATCH v7 3/7] Reimplement RLIMIT_NPROC on top of ucounts Alexey Gladkov
2021-02-22 9:56 ` Alexey Gladkov
2021-02-22 9:56 ` [PATCH v7 4/7] Reimplement RLIMIT_MSGQUEUE " Alexey Gladkov
2021-02-22 9:56 ` Alexey Gladkov
2021-02-22 9:56 ` [PATCH v7 5/7] Reimplement RLIMIT_SIGPENDING " Alexey Gladkov
2021-02-22 9:56 ` Alexey Gladkov
2021-02-24 5:18 ` d28296d248: stress-ng.sigsegv.ops_per_sec -82.7% regression kernel test robot
2021-02-24 5:18 ` kernel test robot
2021-02-24 5:18 ` kernel test robot
2021-02-24 16:54 ` Eric W. Biederman
2021-02-24 16:54 ` Eric W. Biederman
2021-02-24 16:54 ` Eric W. Biederman
2021-02-24 18:38 ` Alexey Gladkov
2021-02-24 18:38 ` Alexey Gladkov
2021-02-24 18:38 ` Alexey Gladkov
2021-02-24 18:50 ` Eric W. Biederman
2021-02-24 18:50 ` Eric W. Biederman
2021-02-24 18:50 ` Eric W. Biederman
2021-02-25 20:36 ` Alexey Gladkov
2021-02-25 20:36 ` Alexey Gladkov
2021-02-25 20:36 ` Alexey Gladkov
2021-03-05 17:56 ` Eric W. Biederman [this message]
2021-03-05 17:56 ` Eric W. Biederman
2021-03-05 17:56 ` Eric W. Biederman
2021-02-24 19:10 ` Linus Torvalds
2021-02-24 19:10 ` Linus Torvalds
2021-02-24 19:10 ` Linus Torvalds
2021-02-22 9:56 ` [PATCH v7 6/7] Reimplement RLIMIT_MEMLOCK on top of ucounts Alexey Gladkov
2021-02-22 9:56 ` Alexey Gladkov
2021-03-01 6:51 ` 5b5c35b757: BUG:KASAN:use-after-free_in_dec_rlimit_ucounts kernel test robot
2021-03-01 6:51 ` kernel test robot
2021-03-01 6:51 ` kernel test robot
2021-02-22 9:56 ` [PATCH v7 7/7] kselftests: Add test to check for rlimit changes in different user namespaces Alexey Gladkov
2021-02-22 9:56 ` Alexey Gladkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m1czwd32n7.fsf@fess.ebiederm.org \
--to=ebiederm@xmission.com \
--cc=akpm@linux-foundation.org \
--cc=axboe@kernel.dk \
--cc=containers@lists.linux-foundation.org \
--cc=feng.tang@intel.com \
--cc=gladkov.alexey@gmail.com \
--cc=io-uring@vger.kernel.org \
--cc=jannh@google.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=lkp@intel.com \
--cc=lkp@lists.01.org \
--cc=oleg@redhat.com \
--cc=oliver.sang@intel.com \
--cc=torvalds@linux-foundation.org \
--cc=ying.huang@intel.com \
--cc=zhengjun.xing@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.