| Message ID | cover.1705507931.git.jpoimboe@kernel.org (mailing list archive) |
|---|---|
| Headers | show
Return-Path: <owner-linux-mm@kvack.org> X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 39C37C47258 for <linux-mm@archiver.kernel.org>; Wed, 17 Jan 2024 16:15:20 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id D8DEA6B0107; Wed, 17 Jan 2024 11:15:14 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id D13D46B0108; Wed, 17 Jan 2024 11:15:14 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id B654F6B010C; Wed, 17 Jan 2024 11:15:14 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id A34996B0108 for <linux-mm@kvack.org>; Wed, 17 Jan 2024 11:15:14 -0500 (EST) Received: from smtpin02.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay06.hostedemail.com (Postfix) with ESMTP id 53878A0F7F for <linux-mm@kvack.org>; Wed, 17 Jan 2024 16:15:14 +0000 (UTC) X-FDA: 81689302548.02.5032D3C Received: from sin.source.kernel.org (sin.source.kernel.org [145.40.73.55]) by imf18.hostedemail.com (Postfix) with ESMTP id F20C11C001B for <linux-mm@kvack.org>; Wed, 17 Jan 2024 16:15:11 +0000 (UTC) Authentication-Results: imf18.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=mQ9qpc6W; spf=pass (imf18.hostedemail.com: domain of jpoimboe@kernel.org designates 145.40.73.55 as permitted sender) smtp.mailfrom=jpoimboe@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1705508112; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:references:dkim-signature; bh=JxcT8OLYmrukWvHC7PIAAWMd6Msb+zoQnCjFnI91Pd4=; b=B7qhYbs838kggt067IcurUnuiWShQ6NS/Ov0D31Ymn0/OZa3oNOvILEh9bJuZ6MBskd7Pq L7Cd2hSKCRSDZb3RIE7tLXeeX35mNiLPtD4/Vzhl98Sp0EELvmewcQLAzeojH0U1oTB3nT Cy+eWhm4A1CyluTEjyzxCJF1zdvq6ns= ARC-Authentication-Results: i=1; imf18.hostedemail.com; dkim=pass header.d=kernel.org header.s=k20201202 header.b=mQ9qpc6W; spf=pass (imf18.hostedemail.com: domain of jpoimboe@kernel.org designates 145.40.73.55 as permitted sender) smtp.mailfrom=jpoimboe@kernel.org; dmarc=pass (policy=none) header.from=kernel.org ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1705508112; a=rsa-sha256; cv=none; b=EIlbb/QD72Ju2cPMm0pN9T/BZqkGZNy72YhHUpEkKD5CEQ1Mk10JLGv5U20P/ctn6O1Hwf 0qPVO0MWUucC/nN9uL9EOAXPbJ3P8Hmg0hFXM6SSXOtLdZEl2Y33dA+fLhduUubMyuWpNy HcDTyxs2B3wMtYqiDjW+jG3dfiYt9GQ= Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by sin.source.kernel.org (Postfix) with ESMTP id E278FCE1BE1; Wed, 17 Jan 2024 16:15:07 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 5E78FC433C7; Wed, 17 Jan 2024 16:15:06 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1705508107; bh=BZYkK+VlcfDaqw7thRWlJNvcpJwXTCI1POX/7V/Pkpc=; h=From:To:Cc:Subject:Date:From; b=mQ9qpc6Wfjcm6fMCU0JAECDMfOUrKCVUhADf0b8TUj4xnhb1bSwEzxo4YG7DyELkM rmzD85Oblm6riC0xqfFVZiMlo8Z/CIY0NGDcVHsMny7AHwoCeOmBG6ROUDa3T76Z/0 Gc18XY1Sxmzs87DqwgV2okqgnjPD19KNHkUwN6xezCAwOGeOMJ6q+HcPmkHEu4Elqs hsC8/V6yfuErskJ/eSmOG9WCSaDzYqm3esH7z8uWGwgPiKe4BDlMf9oyjPLtreFeE9 gBqWqQZgDf6vIKfO1fOtYiAnFvPLcXMMh9QB2Hwpp9d3AqcQsG5jFuZ1FY6Chm3Q4h d7mGJ8JqSRLbQ== From: Josh Poimboeuf <jpoimboe@kernel.org> To: Linus Torvalds <torvalds@linux-foundation.org>, Jeff Layton <jlayton@kernel.org>, Chuck Lever <chuck.lever@oracle.com>, Shakeel Butt <shakeelb@google.com>, Roman Gushchin <roman.gushchin@linux.dev>, Johannes Weiner <hannes@cmpxchg.org>, Michal Hocko <mhocko@kernel.org> Cc: linux-kernel@vger.kernel.org, Jens Axboe <axboe@kernel.dk>, Tejun Heo <tj@kernel.org>, Vasily Averin <vasily.averin@linux.dev>, Michal Koutny <mkoutny@suse.com>, Waiman Long <longman@redhat.com>, Muchun Song <muchun.song@linux.dev>, Jiri Kosina <jikos@kernel.org>, cgroups@vger.kernel.org, linux-mm@kvack.org Subject: [PATCH RFC 0/4] Fix file lock cache accounting, again Date: Wed, 17 Jan 2024 08:14:42 -0800 Message-ID: <cover.1705507931.git.jpoimboe@kernel.org> X-Mailer: git-send-email 2.43.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: F20C11C001B X-Rspam-User: X-Stat-Signature: e3mt1pkoph6go5s9oqwsuig58e91tj65 X-Rspamd-Server: rspam01 X-HE-Tag: 1705508111-399858 X-HE-Meta: U2FsdGVkX1+oSP9KSh0AyzFSfZIfdQzOSjpBUcAeNuu+X26FSQzZDmjcgd3wQB3Uxt0trEMdoNzX5z0FcRiYBdMTimehuDzQy0xa4qlXIWidCii9U91xJfjLeSxqGR2bun9EAhBOWBU7geC+iDAoJjEJKsgkrtWEoZkUuwDqIL9sVTBcP0L5qyb5kHiXiSEoxRXk2A+LsOaDNnC6VkIeShzINlhGstYsNu3KGE8pSOtYuRbxZsXUQARw4jLc76R71Zokw/Hx/Fm0GjBEIN6ukPDp73NiTea08Zgv1PrOgbxgcSBWepXgeqCSAmy20WO0tnV4RcfYcol8fkrCepkcHgqYIYzInfZqoOd1d0TvDkaVHzKGeykssGCT1JIxLrxmtimF/ltfvG+xxgEbZhIIqMrnr6XVilJV8vthixsZDYh3KifdCKAZxXzDLflVJK+oHyajMGo4v8basH92H1Ldf1oNcEg2fezE4tqY2Fyyj9TYT+ebJYZ5SWqf8G9JA728PLYv0NSZNrciaOuPluS+c9IhtgFy9uHnsmUbA+b/jLzT2LX7Z8z9rmXMK9igNTLJ6Hq+efMCO3GcVfkkQ9rH5HvyYHxdMNsmO1qFNYgZnYDUww/jYXwwpJ+TOTcT4YR/Im646t8KaBl42EvvTCtiqGU238i0O5/w00jleldNqztvegehqGjDZ3oCn6T9qCAKYSYkm4c2HxJAasn83TAemx1G8Cqq+MgQlSa+/yR9U/y4Jsyp3/G+GJpSRTrL3Gbqj7sAoqVX9RAAxo24QS+WquU5e1Kba9Oi/WiGKmhibQVvtz4QicuL4YoF7gE5rK6gAlHcaS2Md/b+FNEc9ySE8L3d9r9vAl1mzHMBgeVf9/tFaPeVHwtawNiFtPZwDRx2r/dzogU5F9Nd26tPaYbcvDq4rlQff15paaGPGMkQUrmrAnUAkW2CkC3oiaPqQhRg1YqL7F24SwM68ZMW242 6j6e8pvq cTbQiXHXDtJ3mbu7mh4Lz5oiGxU3iZ0X65pPs38K/CaQv2v9qC5S5HGWnDWXll+/R9VP3fsA4Fy3oC++x1Hyr6L9lGM6l6CiK2xB51BuMJKOY503800cTGjItx+vL3QkrSAlSg8u6XWKvPbesQdd710QNd2roq2PhPJR9zsohinvLuxeZwhIkVyaLOrPdikQlqxMRxiksJBufEMCiLxrmY8m5F8vgPSU4zXUfj15hqJD1O1g= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: <linux-mm.kvack.org> List-Subscribe: <mailto:majordomo@kvack.org> List-Unsubscribe: <mailto:majordomo@kvack.org> |
| Series |
Fix file lock cache accounting, again
|
expand
|
On Wed, Jan 17, 2024 at 08:14:46AM -0800, Josh Poimboeuf <jpoimboe@kernel.org> wrote: > Allow flock cache accounting to be disabled with 'mitigations=off', as > it fits the profile for that option: trusted user space combined with a > performance-impacting mitigation. Note that some other kernel objects that don't have any other tight limit are already charged too (but their charging likely did not stand out in any performance regression tests). In the situation you describe, users can already pass `cgroup.memory=nokmem` and get rid of charging overhead in general. IOW, if flock objects are charged, there already is a boot option to turn off such behavior. Regards, Michal
This is an attempt to fix file lock cache accounting (again). The bug was originally reported 2+ years ago [1] but was quickly reverted [2] for performance reasons. A few years ago some ideas [3] were floated about how to improve the performance. Did any of those ever get implemented? Testing shows "mm: improve performance of accounted kernel memory allocations" [4] helping some. But even with those patches, much of the original performance regression still remains, at least according to microbenchmarks. Despite that regression, this being a security and correctness issue, it really needs to be fixed by default. Those who want to live on the edge (or have trusted user space) can disable it. Patch 1 enables the fix by default, but allows disabling it at boot time. Patch 2 allows disabling it at build time. Patches 3 and 4 allow disabling it (along with all the CPU mitigations) using mitigations=off. [1] 0f12156dff28 ("memcg: enable accounting for file lock caches") [2] 3754707bcc3e ("Revert "memcg: enable accounting for file lock caches"") [3] https://lore.kernel.org/lkml/dbc9955d-6c28-1dd5-b842-ef39a762aa3b@kernel.dk/ [4] https://lore.kernel.org/lkml/20231019225346.1822282-1-roman.gushchin@linux.dev/ Josh Poimboeuf (4): fs/locks: Fix file lock cache accounting, again fs/locks: Add CONFIG_FLOCK_ACCOUNTING mitigations: Expand 'mitigations=off' to include optional software mitigations mitigations: Add flock cache accounting to 'mitigations=off' .../admin-guide/kernel-parameters.txt | 48 ++++++++++++++---- arch/arm64/kernel/cpufeature.c | 2 +- arch/arm64/kernel/proton-pack.c | 6 +-- arch/powerpc/kernel/security.c | 14 +++--- arch/s390/kernel/nospec-branch.c | 2 +- arch/x86/kernel/cpu/bugs.c | 35 ++++++------- arch/x86/kvm/mmu/mmu.c | 2 +- arch/x86/mm/pti.c | 3 +- fs/Kconfig | 15 ++++++ fs/locks.c | 31 +++++++++++- include/linux/bpf.h | 5 +- include/linux/cpu.h | 3 -- include/linux/mitigations.h | 4 ++ kernel/Makefile | 3 +- kernel/cpu.c | 43 ---------------- kernel/mitigations.c | 50 +++++++++++++++++++ 16 files changed, 174 insertions(+), 92 deletions(-) create mode 100644 include/linux/mitigations.h create mode 100644 kernel/mitigations.c