From: Michal Hocko <mhocko@suse.com>
To: David Hildenbrand <david@redhat.com>
Cc: cgel.zte@gmail.com, linux-mm@kvack.org,
linux-kernel@vger.kernel.org, vbabka@suse.cz, minchan@kernel.org,
oleksandr@redhat.com, xu xin <xu.xin16@zte.com.cn>,
Jann Horn <jannh@google.com>,
Andrew Morton <akpm@linux-foundation.org>
Subject: Re: [PATCH linux-next] mm/madvise: allow KSM hints for process_madvise
Date: Mon, 4 Jul 2022 08:48:06 +0200 [thread overview]
Message-ID: <YsKNJiGA/ruLRS27@dhcp22.suse.cz> (raw)
In-Reply-To: <11d28e6d-edb0-7d11-b476-c5808f3b7c5d@redhat.com>
On Fri 01-07-22 21:12:56, David Hildenbrand wrote:
> On 01.07.22 15:19, Michal Hocko wrote:
> > On Fri 01-07-22 14:39:24, David Hildenbrand wrote:
> >>> I am not sure about exact details of the KSM implementation but if that
> >>> is not a desirable behavior then it should be handled on the KSM level.
> >>> The very sam thing can easily happen in a multithreaded (or in general
> >>> multi-process with shared mm) environment as well.
> >>
> >> I don't quite get what you mean.
> >
> > I meant to say that if KSM needs to be aware of a special CoW semantic
> > then it should be handled on the KSM layer regardless whether the KSM
> > has been set by the process itself or any other process that has acccess
> > to the MM. process_madvise is just another way to access a remote MM
> > other than sharing the full MM.
>
> Okay.
>
> KSM has been a corner case feature that was restricted to well-defined
> and well-tested environments. Until recently, R/O pins of any KSM pages
> was essentially completely unreliably. And applications don't expect
> such surprises. The shared zeropage is most probably the last
> problematic piece.
>
> Yes, we're getting there that it's a real feature that can see more
> (forced) wide-spread use. However, until the known issues in KSM have
> been fixed (e.g., below -- there is a whole list of papers regarding
> attacks on memory deduplication), it should be limited to well defined
> environments and applications only -- IMHO.
Very much agreed on all this! To be completely honest I am not really
sure that all those consequences are widely understood and optmizing
solely on memory savings is a very short sighted strategy IMO. But, it
seems that there is a demand for this feature and previous attempts for
APIs were much worse both from the semantic and maintainability POV. I
am not sure we can get anything more sane than madvise.
I also very much agree that current shortcomings have to be adressed
first before we open this can of worms to 3rd party actors. I was not
aware of those so thank for bringing them up. Maybe I was overly
optimistic here.
So I guess we have following questions to answer:
1) Do we really want to support KSM triggered by 3rd party? Does it
impose new challenges other than existing ones in multi "threaded"
environemnts?
2) If yes, is the process_madvise the most appropriate existing API? Or
do we need a new one?
3) Should this be a highly privileged operation or we want to allow
userspace to shoot its feet because consequences are subtle and not very
well understood?
> So what I want to express here is that if we're adding an interface that
> can be used to just enable KSM on the whole system easily, it might be a
> bit to soon for that. No matter what you document, people will ignore it.
Agreed.
> OTOH, if this is a real debug feature that will only be available in
> specific debug/test scenarios (kernel config? toggle? whatsoever?), then
> it's "better". If that is already the case, good.
No, I think this is aimed to real production deployments.
Thanks!
--
Michal Hocko
SUSE Labs
next prev parent reply other threads:[~2022-07-04 6:48 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-07-01 8:43 [PATCH linux-next] mm/madvise: allow KSM hints for process_madvise cgel.zte
2022-07-01 9:11 ` Michal Hocko
2022-07-01 10:32 ` David Hildenbrand
2022-07-01 10:50 ` David Hildenbrand
2022-07-01 12:02 ` Michal Hocko
2022-07-01 12:09 ` David Hildenbrand
2022-07-01 12:36 ` Michal Hocko
2022-07-01 12:39 ` David Hildenbrand
2022-07-01 13:19 ` Michal Hocko
2022-07-01 19:12 ` David Hildenbrand
2022-07-04 6:48 ` Michal Hocko [this message]
2022-07-04 7:29 ` CGEL
2022-07-04 8:40 ` Michal Hocko
2022-07-04 9:35 ` David Hildenbrand
2022-07-04 8:13 ` CGEL
2022-07-04 9:30 ` David Hildenbrand
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YsKNJiGA/ruLRS27@dhcp22.suse.cz \
--to=mhocko@suse.com \
--cc=akpm@linux-foundation.org \
--cc=cgel.zte@gmail.com \
--cc=david@redhat.com \
--cc=jannh@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=minchan@kernel.org \
--cc=oleksandr@redhat.com \
--cc=vbabka@suse.cz \
--cc=xu.xin16@zte.com.cn \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).