[RFC,0/2] mm: introduce anon_vma flags, reduce kernel allocs

Message ID	cover.1741185865.git.lorenzo.stoakes@oracle.com (mailing list archive)
Headers	show Received: from mx0b-00069f02.pphosted.com (mx0b-00069f02.pphosted.com [205.220.177.32]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 62BEA24394F; Wed, 5 Mar 2025 14:55:48 +0000 (UTC) From: Lorenzo Stoakes <lorenzo.stoakes@oracle.com> To: Andrew Morton <akpm@linux-foundation.org> Cc: Vlastimil Babka <vbabka@suse.cz>, Jann Horn <jannh@google.com>, "Liam R . Howlett" <Liam.Howlett@oracle.com>, Alexander Viro <viro@zeniv.linux.org.uk>, Christian Brauner <brauner@kernel.org>, Jan Kara <jack@suse.cz>, Paul Moore <paul@paul-moore.com>, Stephen Smalley <stephen.smalley.work@gmail.com>, Ondrej Mosnacek <omosnace@redhat.com>, Suren Baghdasaryan <surenb@google.com>, David Hildenbrand <david@redhat.com>, Matthew Wilcox <willy@infradead.org>, linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, selinux@vger.kernel.org Subject: [RFC PATCH 0/2] mm: introduce anon_vma flags, reduce kernel allocs Date: Wed, 5 Mar 2025 14:55:06 +0000 Message-ID: <cover.1741185865.git.lorenzo.stoakes@oracle.com> Content-Transfer-Encoding: 8bit Content-Type: text/plain Precedence: bulk MIME-Version: 1.0
Series	mm: introduce anon_vma flags, reduce kernel allocs \| expand [RFC,0/2] mm: introduce anon_vma flags, reduce kernel allocs [RFC,1/2] mm: introduce anon_vma flags and use wrapper functions [RFC,2/2] mm/madvise: utilise anon_vma unfaulted flag on guard region install

Message ID

cover.1741185865.git.lorenzo.stoakes@oracle.com (mailing list archive)

Headers

From: Lorenzo Stoakes <lorenzo.stoakes@oracle.com>
To: Andrew Morton <akpm@linux-foundation.org>
Cc: Vlastimil Babka <vbabka@suse.cz>, Jann Horn <jannh@google.com>,
        "Liam R . Howlett" <Liam.Howlett@oracle.com>,
        Alexander Viro <viro@zeniv.linux.org.uk>,
        Christian Brauner <brauner@kernel.org>, Jan Kara <jack@suse.cz>,
        Paul Moore <paul@paul-moore.com>,
        Stephen Smalley <stephen.smalley.work@gmail.com>,
        Ondrej Mosnacek <omosnace@redhat.com>,
        Suren Baghdasaryan <surenb@google.com>,
        David Hildenbrand <david@redhat.com>,
        Matthew Wilcox <willy@infradead.org>, linux-mm@kvack.org,
        linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
        selinux@vger.kernel.org
Subject: [RFC PATCH 0/2] mm: introduce anon_vma flags, reduce kernel allocs
Date: Wed,  5 Mar 2025 14:55:06 +0000
Message-ID: <cover.1741185865.git.lorenzo.stoakes@oracle.com>
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
Precedence: bulk
MIME-Version: 1.0
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
 iA8DgMqlZ4CTwSGa1fhiOeMeNHMCzUJEjL3DrvTWadvPZGKPIgLh1221E1OguHJNiOxZZpv+BQ1woEsSDfQxV+XFBzntUK6Y9+Bm/6KpjlRvcKHFwpQq2jbQytAX0VCy0w8js+64MrvVvpiH6Yjy7cSdRd8lxdhdg+8a/Swr7bT3hs6t/KxgUAHJruKfYZu+E3rcSwPgk2WFEyKKAo6s7U+S9gGL9M3VTS64R7dq53qN6jPrxjXjRD9KK5NvK8tQPr5t+XsamzhkOfnmwWZSpVvxH78kUQoUUBXfs/totmfOgHE6gbNiv9KrA0LM67uBUqvddx15auX9cIG28n4nVGQaVTKwZq2MrC6Y2I/AxgUuwCprD857yKtWzVCXUJd8Z55PkPrQF30M1GBeWvXejltx0DltyE8o3/nltbbcWyYfPVZ1GR5e8xBZ1kwj3JEs05LyXLn17NkA4xYVbNO1kOYSvClZF/kLLAitqDu0fEVbiKLcl2/5YfJ01Y8lUylMB6h46hBOBUETGriUUxENQdvfRB89cXJnyEFMtsIIdVOtubZejiDbcT76DN5BJYEncJ3X41JMEz0GDaZs7KwnESrDclPBQCCMvnfUb7/OTGIgxO478GXTXdw4St+KMdKOR4A35p7bwyV7NU6T1KA0XA5lnEccxJA/9wUMmq4328z8JhqBQa0GLMgrWNlaVLiC5Hb5Q2xfbAMJ7VPVxjOpS/6KQYDyujY5O/mRggT2TPpJ4ZBavLFRwdXTgoLsxx3c/ao3zBUBoiuMQHz3pYXElxCakCGSP1LpUWHGdbjUoYBNo+niJCFH1WNPLrOAh38bA9fQaWDtlQVxKvv12am/NcN1d+/t+JTOmduCA3TinMs9WpeonDm4VqAk5s4s6cu52t28LHZD007L0tbhnqo0Vu79IY7IaUJvIGdDDdsvSmI5ixsmwko0f1CS09QKqHEzMLHwSgEmKhhOPjnJn8MR1sI0RCOV8jnwSI5zg/Q6lhS2cqgqN5Q7FXMU5Cz+z62zPZj4HtKBlW6LBvmjBk6JopXzYmoxSuRTxEkYMQ2jd6DAHSvKbcSwwqS4KOF/M6kCZViwBqQ1bdk6/erx45LBOZO5HOWqUIbglzq2c6k1RixY94XbxUP4cFMBPMFLJnBYm7UkNfHwcAYmArXH942YRpXZpcAgHeO+Z9u68/VcZ/ovZ7nV6u3QdrxFu1PhWeGYk2WKvWGRcg2yB9Qx4gIDao3vPd8lJ4L/2xByi+oGKmspt3XPQFEPXTb4rmMeK+U1ANItWJz9hCG8CUelUEEKYOqMQPwmVRYoULfiZuddCh+zh19vwgPOoEwEnwYVEjCFFjQ+G32x4qMKvOIIfhPkBGxSxgvQuBJ1IeEOdI84o34H3IvijiG8xU0VtqWSNYsN++XhFIRMx/9Zd7Cu6J0aaMICDjIXBBLJ+D6fwYyf7bbsfzf7XR3R1wrrSaZGst3PItkpQWgZ2B2uPgLnnB8jT+Kho+sjKlLha4ZxRBPgbsQdrNQGkQvtqRF6lFy7SCpjz4R/MMsttOVc8xboDppylm3vWzENmAh7LehE3ZN5Qmayboac2p3Lta3cH3E3AxEGxN7egeacrjLCQeT3jd3lcg==
X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: 
	bPqrRee74FzX++psfr8q5gsjG2nOayBCLXKExl0ShLqnQVGJmsn4LzTsyOE6aZOA0tyzhDEVCAVmfLJ4spASY0swiik5R4w8vh53a1MS449MI0RgiygZ7yBNCu+ktRvyWj0RtoAMr7HdmZBZi4Y+lIIRmseQqGrD22+GqOQJMcV/kYOGJEK7q1X9GkHryf8A2cWSAPQCbTn7183/Ec/RV6Jm0XppoVZ4lHG7UsgW4JzyhwWbcLHnKD5JFe/muBEL1cPmaTVMnbfsy+Y19pxwiNMBYmyi2DV4dh6tvfpx1EzTKv5PhA88bTqgRd55RqpKe9izKcxm9FWJQJKKf9tcsPfvt4d169etQ/AYKw4lRAQ7MzhdpH2oewK6eiR31DStVqSAD5+UmvYo2rkBR+J8fyF6XX9/a43T6SNYuL5uV2oVFsq8UszJ8Dmno835ji7/dVMAqz4hY8KVdo+22dpgirB3ZTTgZDCoNZt+jpjf35pvZYtUKP5wTVJihKN8r08RsYKPE9iEzmZYOcbK04lSZw2Xs/c/ohNpGzTQtBzfcUbZHKqe9zyJSYHQFsFwgjs81NaEA7QPvbVcst920t38/nU0329vONeVgMjPNOOvbtk=
X-OriginatorOrg: oracle.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 bcd7d161-f975-4747-1387-08dd5bf5c1c2
X-MS-Exchange-CrossTenant-AuthSource: MN2PR10MB4112.namprd10.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Mar 2025 14:55:23.4213
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 bwIdQivv9gQicykSRk3qYCqiPhSbjgaLBWPJWrrcoicXL57ZScaPfS54zwLuzPdT5vmKIk9wYI6XmNEr26dUQncEDzJ8ur7UNAuBU9C6jB8=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN7PR10MB6547
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.293,Aquarius:18.0.1093,Hydra:6.0.680,FMLib:17.12.68.34
 definitions=2025-03-05_06,2025-03-05_01,2024-11-22_01
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxlogscore=714
 adultscore=0 mlxscore=0
 spamscore=0 bulkscore=88 suspectscore=0 malwarescore=0 phishscore=0
 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2502100000
 definitions=main-2503050116
X-Proofpoint-ORIG-GUID: Dn5aYXanIi6B0Q_cV6EgV2BxTBKgCP10
X-Proofpoint-GUID: Dn5aYXanIi6B0Q_cV6EgV2BxTBKgCP10

Series

mm: introduce anon_vma flags, reduce kernel allocs | expand

Message

Lorenzo Stoakes March 5, 2025, 2:55 p.m. UTC

VMA resources are scarce. This is a data structure whose weight we wish to
reduce (certainly as slab allocations are unreclaimable and - for now -
unmigratable).

So adding additional fields is generally unviable, and VMA flags are
equally as contended, and prevent VMA merge, further impacting overhead.

We can however make use of the time-honoured kernel tradition of grabbing
bits where we can.

Since we can rely upon anon_vma allocations being at least system
word-aligned, we have a handful of bits in the vma->anon_vma available to
use as flags.

In this series we establish doing so, and immediately use this to solve a
problem encountered as part of the guard region feature
(MADV_GUARD_INSTALL, MADV_GUARD_REMOVE).

We absolutely must preserve guard regions over fork, however it turns out
the only reasonable means of doing so is to establish an anon_vma even if
the VMA is unfaulted.

This creates unnecessary overhead, a problem extenuated by the extension of
this functionality to file-backed regions, where such-allocated memory may
never be utilised or freed until the end of the VMA's lifetime.

We can avoid this if we have a means of indicating to fork that we wish to
copy page tables without having to have this overhead.

Having flags available in vma->anon_vma allows us to do so - we can
therefore introduce a flag, ANON_VMA_UNFAULTED, which indicates that this
is the case.

We introduce wrapper functions to mask off these bits, and nearly every
part of the kernel behaves precisely the same as a result, with only the
desired change in behaviour in the forking logic.

On fault, or any operation that actually requires an established anon_vma,
the ANON_VMA_UNFAULTED flag is cleared and replaced by an actual anon_vma.

An additional advantage of having this mechanism is that we can also remove
this flag, should no 'real' anon_vma be established, and the user is
executing MADV_GUARD_REMOVE on the whole VMA, meaning we can prevent future
unneeded page table operations.

A benefit of this change, aside from saving kernel memory allocations, is
that THP page collapse is no longer impacted if we apply guard regions then
remove them in their entirety from a VMA, as otherwise the immediate
collapse of aligned page tables in retract_page_tables() cannot proceed.

Lorenzo Stoakes (2):
  mm: introduce anon_vma flags and use wrapper functions
  mm/madvise: utilise anon_vma unfaulted flag on guard region install

 fs/coredump.c                    |  2 +-
 include/linux/mm_types.h         | 67 ++++++++++++++++++++-
 include/linux/rmap.h             |  4 +-
 kernel/fork.c                    |  4 +-
 mm/debug.c                       |  6 +-
 mm/huge_memory.c                 |  4 +-
 mm/khugepaged.c                  | 12 ++--
 mm/ksm.c                         | 16 +++---
 mm/madvise.c                     | 49 ++++++++++------
 mm/memory.c                      |  6 +-
 mm/mmap.c                        |  2 +-
 mm/mprotect.c                    |  2 +-
 mm/mremap.c                      |  8 +--
 mm/rmap.c                        | 42 +++++++-------
 mm/swapfile.c                    |  2 +-
 mm/userfaultfd.c                 |  2 +-
 mm/vma.c                         | 99 +++++++++++++++++++++++++-------
 mm/vma.h                         |  6 +-
 security/selinux/hooks.c         |  2 +-
 tools/testing/vma/vma.c          | 95 +++++++++++++++---------------
 tools/testing/vma/vma_internal.h | 78 ++++++++++++++++++++++---
 21 files changed, 358 insertions(+), 150 deletions(-)

--
2.48.1

Comments

Matthew Wilcox March 5, 2025, 3:59 p.m. UTC | #1

On Wed, Mar 05, 2025 at 02:55:06PM +0000, Lorenzo Stoakes wrote:
> So adding additional fields is generally unviable, and VMA flags are
> equally as contended, and prevent VMA merge, further impacting overhead.
> 
> We can however make use of the time-honoured kernel tradition of grabbing
> bits where we can.
> 
> Since we can rely upon anon_vma allocations being at least system
> word-aligned, we have a handful of bits in the vma->anon_vma available to
> use as flags.

I'm not a huge fan when there's a much better solution.  It's an
unsigned long, but we can only use the first 32 bits because of 32-bit
compatibility?  This is a noose we've made for our own neck.

(there are many more places to fix up; this is illustrative):

diff --git a/include/linux/hugetlb_inline.h b/include/linux/hugetlb_inline.h
index 0660a03d37d9..c6ea81ff4afe 100644
--- a/include/linux/hugetlb_inline.h
+++ b/include/linux/hugetlb_inline.h
@@ -8,7 +8,7 @@
 
 static inline bool is_vm_hugetlb_page(struct vm_area_struct *vma)
 {
-	return !!(vma->vm_flags & VM_HUGETLB);
+	return test_bit(VM_HUGETLB, vma->vm_flags);
 }
 
 #else
diff --git a/include/linux/mm_types.h b/include/linux/mm_types.h
index 0ca9feec67b8..763210ba70b6 100644
--- a/include/linux/mm_types.h
+++ b/include/linux/mm_types.h
@@ -571,7 +571,8 @@ static inline void *folio_get_private(struct folio *folio)
 	return folio->private;
 }
 
-typedef unsigned long vm_flags_t;
+#define VM_FLAGS_COUNT	(8 / sizeof(unsigned long))
+typedef unsigned long vm_flags_t[VM_FLAGS_COUNT];
 
 /*
  * A region containing a mapping of a non-memory backed file under NOMMU

Lorenzo Stoakes March 5, 2025, 4:27 p.m. UTC | #2

On Wed, Mar 05, 2025 at 03:59:28PM +0000, Matthew Wilcox wrote:
> On Wed, Mar 05, 2025 at 02:55:06PM +0000, Lorenzo Stoakes wrote:
> > So adding additional fields is generally unviable, and VMA flags are
> > equally as contended, and prevent VMA merge, further impacting overhead.
> >
> > We can however make use of the time-honoured kernel tradition of grabbing
> > bits where we can.
> >
> > Since we can rely upon anon_vma allocations being at least system
> > word-aligned, we have a handful of bits in the vma->anon_vma available to
> > use as flags.
>
> I'm not a huge fan when there's a much better solution.  It's an
> unsigned long, but we can only use the first 32 bits because of 32-bit
> compatibility?  This is a noose we've made for our own neck.

Sure, as discussed off-list this is something I'm going to look at, it's
not either/or at all :)

I have in the back of my mind _other uses_ for these flags which isn't
stated here (perhaps should be), perhaps we can have other kinds of data
type we reference here.

But perhaps it's a bit early for that...

Other than that was a morning's work to see if this _could_ work as a
_immediate_ 'what can we do to address this issue?' solution.

The vm_flags solution is viable, as we can modify merging behaviour for a
'sticky' VMA flag that doesn't impact merging, i.e. mask out for merge
compatibility testing, but ensure propagated on split/merge (same behaviour
as what the anon_vma flags achieve).

>
> (there are many more places to fix up; this is illustrative):
>
> diff --git a/include/linux/hugetlb_inline.h b/include/linux/hugetlb_inline.h
> index 0660a03d37d9..c6ea81ff4afe 100644
> --- a/include/linux/hugetlb_inline.h
> +++ b/include/linux/hugetlb_inline.h
> @@ -8,7 +8,7 @@
>
>  static inline bool is_vm_hugetlb_page(struct vm_area_struct *vma)
>  {
> -	return !!(vma->vm_flags & VM_HUGETLB);
> +	return test_bit(VM_HUGETLB, vma->vm_flags);
>  }
>
>  #else
> diff --git a/include/linux/mm_types.h b/include/linux/mm_types.h
> index 0ca9feec67b8..763210ba70b6 100644
> --- a/include/linux/mm_types.h
> +++ b/include/linux/mm_types.h
> @@ -571,7 +571,8 @@ static inline void *folio_get_private(struct folio *folio)
>  	return folio->private;
>  }
>
> -typedef unsigned long vm_flags_t;
> +#define VM_FLAGS_COUNT	(8 / sizeof(unsigned long))
> +typedef unsigned long vm_flags_t[VM_FLAGS_COUNT];
>
>  /*
>   * A region containing a mapping of a non-memory backed file under NOMMU

Ohhhh does test_bit() automagically figure things out for sizeof(addr)
including on 32-bit?

Maybe I can quickly slap together something for that quicker than I thought
then? I was _very concerned_ about tearing and that being a total PITA
hence deferring a bit.

But... if you're saying I can churn this to death and it'll 'just work'
then say no more... ;)

Let's put this on hold then until/when I have actual reasons to have
different anon_vma types and I'll look at the 'make vm_flags 64-bit
everywhere' thing instead.