From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:45675) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Z2GuA-00052U-Lt for qemu-devel@nongnu.org; Tue, 09 Jun 2015 06:37:15 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1Z2Gu5-0004Ec-4q for qemu-devel@nongnu.org; Tue, 09 Jun 2015 06:37:14 -0400 Received: from e06smtp12.uk.ibm.com ([195.75.94.108]:43524) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1Z2Gu4-0004EJ-Su for qemu-devel@nongnu.org; Tue, 09 Jun 2015 06:37:09 -0400 Received: from /spool/local by e06smtp12.uk.ibm.com with IBM ESMTP SMTP Gateway: Authorized Use Only! Violators will be prosecuted for from ; Tue, 9 Jun 2015 11:37:07 +0100 Received: from b06cxnps3074.portsmouth.uk.ibm.com (d06relay09.portsmouth.uk.ibm.com [9.149.109.194]) by d06dlp01.portsmouth.uk.ibm.com (Postfix) with ESMTP id C46EB17D8063 for ; Tue, 9 Jun 2015 11:38:06 +0100 (BST) Received: from d06av03.portsmouth.uk.ibm.com (d06av03.portsmouth.uk.ibm.com [9.149.37.213]) by b06cxnps3074.portsmouth.uk.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id t59Ab5uP18874494 for ; Tue, 9 Jun 2015 10:37:05 GMT Received: from d06av03.portsmouth.uk.ibm.com (localhost [127.0.0.1]) by d06av03.portsmouth.uk.ibm.com (8.14.4/8.14.4/NCO v10.0 AVout) with ESMTP id t59Ab47E003334 for ; Tue, 9 Jun 2015 04:37:05 -0600 Message-ID: <5576C1CF.40305@de.ibm.com> Date: Tue, 09 Jun 2015 12:37:03 +0200 From: Christian Borntraeger MIME-Version: 1.0 References: <1433845144-26889-1-git-send-email-den@openvz.org> <1433845144-26889-2-git-send-email-den@openvz.org> In-Reply-To: <1433845144-26889-2-git-send-email-den@openvz.org> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH 1/1] balloon: add a feature bit to let Guest OS deflate balloon on oom List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Denis V. Lunev" Cc: James.Bottomley@HansenPartnership.com, Anthony Liguori , qemu-devel@nongnu.org, Raushaniya Maksudova , "Michael S. Tsirkin" Am 09.06.2015 um 12:19 schrieb Denis V. Lunev: > Excessive virtio_balloon inflation can cause invocation of OOM-killer, > when Linux is under severe memory pressure. Various mechanisms are > responsible for correct virtio_balloon memory management. Nevertheless it > is often the case that these control tools does not have enough time to > react on fast changing memory load. As a result OS runs out of memory and > invokes OOM-killer. The balancing of memory by use of the virtio balloon > should not cause the termination of processes while there are pages in the > balloon. Now there is no way for virtio balloon driver to free memory at > the last moment before some process get killed by OOM-killer. > > This does not provide a security breach as balloon itself is running > inside Guest OS and is working in the cooperation with the host. Thus > some improvements from Guest side should be considered as normal. > > To solve the problem, introduce a virtio_balloon callback which is > expected to be called from the oom notifier call chain in out_of_memory() > function. If virtio balloon could release some memory, it will make the > system return and retry the allocation that forced the out of memory > killer to run. > > This behavior should be enabled if and only if appropriate feature bit > is set on the device. It is off by default. The balloon frees pages in this way static void balloon_page(void *addr, int deflate) { #if defined(__linux__) if (!kvm_enabled() || kvm_has_sync_mmu()) qemu_madvise(addr, TARGET_PAGE_SIZE, deflate ? QEMU_MADV_WILLNEED : QEMU_MADV_DONTNEED); #endif } The guest can re-touch that page and get a empty zero or the old page back without tampering the host integrity. This should work for all cases I am aware of (without sync_mmu its a nop anyway) so why not enable that by default? Anything that I missed? Christian > > This functionality was recently merged into vanilla Linux. > > commit 5a10b7dbf904bfe01bb9fcc6298f7df09eed77d5 > Author: Raushaniya Maksudova > Date: Mon Nov 10 09:36:29 2014 +1030 > > This patch adds respective control bits into QEMU. It introduces > deflate-on-oom option for balloon device which does the trick. > > Signed-off-by: Denis V. Lunev > CC: Raushaniya Maksudova > CC: Anthony Liguori > CC: Michael S. Tsirkin > --- > hw/virtio/virtio-balloon.c | 6 ++++-- > include/hw/virtio/virtio-balloon.h | 1 + > 2 files changed, 5 insertions(+), 2 deletions(-) > > diff --git a/hw/virtio/virtio-balloon.c b/hw/virtio/virtio-balloon.c > index f915c7b..d3f36f8 100644 > --- a/hw/virtio/virtio-balloon.c > +++ b/hw/virtio/virtio-balloon.c > @@ -312,8 +312,8 @@ static void virtio_balloon_set_config(VirtIODevice *vdev, > > static uint64_t virtio_balloon_get_features(VirtIODevice *vdev, uint64_t f) > { > - f |= (1 << VIRTIO_BALLOON_F_STATS_VQ); > - return f; > + VirtIOBalloon *dev = VIRTIO_BALLOON(vdev); > + return f | (1u << VIRTIO_BALLOON_F_STATS_VQ) | dev->host_features; > } > > static void virtio_balloon_stat(void *opaque, BalloonInfo *info) > @@ -423,6 +423,8 @@ static void virtio_balloon_instance_init(Object *obj) > } > > static Property virtio_balloon_properties[] = { > + DEFINE_PROP_BIT("deflate-on-oom", VirtIOBalloon, host_features, > + VIRTIO_BALLOON_F_DEFLATE_ON_OOM, false), > DEFINE_PROP_END_OF_LIST(), > }; > > diff --git a/include/hw/virtio/virtio-balloon.h b/include/hw/virtio/virtio-balloon.h > index 4ab8f54..7f49b1f 100644 > --- a/include/hw/virtio/virtio-balloon.h > +++ b/include/hw/virtio/virtio-balloon.h > @@ -36,6 +36,7 @@ typedef struct VirtIOBalloon { > QEMUTimer *stats_timer; > int64_t stats_last_update; > int64_t stats_poll_interval; > + uint32_t host_features; > } VirtIOBalloon; > > #endif >