From: David Hildenbrand <david@redhat.com>
To: Stefan Roesch <shr@devkernel.io>
Cc: linux-mm@kvack.org, linux-doc@vger.kernel.org,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-kselftest@vger.kernel.org,
linux-trace-kernel@vger.kernel.org, CGEL <cgel.zte@gmail.com>,
Michal Hocko <mhocko@kernel.org>, Jann Horn <jannh@google.com>
Subject: Re: [RESEND RFC PATCH v1 00/20] mm: process/cgroup ksm support
Date: Tue, 24 Jan 2023 19:01:49 +0100 [thread overview]
Message-ID: <a391e98c-88af-886c-0426-c41c9980afa1@redhat.com> (raw)
In-Reply-To: <qvqwbkmnj014.fsf@dev0134.prn3.facebook.com>
[...]
>> I'm going to point out the security aspect, and that e.g., Windows used to
>> enable it system-wide before getting taught by security experts otherwise.
>> Details on KSM and security aspects can be found in that thread.
>>
> If I'm not mistaken the security aspect exists today. When KSM is
> enabled with madvise this is the same.
Yes, and we mostly only use it for virtual machines -- and to be
precise, guest memory only -- where it has to be enabled explicitly on a
well documented basis ...
Impossible for an admin to force it on other parts of the hypervisor
process that might be more security sensitive. Or on other arbitrary
applications, for now.
>
>> Long story short: one has to be very careful with that and only enable it for
>> very carefully selected worklads. Letting a workload opt-in on a VMA level is
>> most probably safer than an admin blindly turning this on for random processes
>> ... >>
[...]
>>
>> [1] https://lore.kernel.org/all/20220517092701.1662641-1-xu.xin16@zte.com.cn/
>> [2] https://lore.kernel.org/all/20220609055658.703472-1-xu.xin16@zte.com.cn/
>>
> My understanding is that there were problems with the patch and how it
> exposed KSM. The other objection was the enable-all configuration
> option.
I don't remember all the discussions, but one concern was how to handle
processes that deliberately want to disable it on some parts of memory.
Anyhow, I cc'ed the relevant parties already.
--
Thanks,
David / dhildenb
next prev parent reply other threads:[~2023-01-24 18:02 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-01-23 17:37 [RESEND RFC PATCH v1 00/20] mm: process/cgroup ksm support Stefan Roesch
2023-01-23 17:37 ` [RESEND RFC PATCH v1 01/20] mm: add new flag to enable ksm per process Stefan Roesch
2023-01-23 17:37 ` [RESEND RFC PATCH v1 02/20] mm: add flag to __ksm_enter Stefan Roesch
2023-01-23 17:37 ` [RESEND RFC PATCH v1 03/20] mm: add flag to __ksm_exit call Stefan Roesch
2023-01-23 17:37 ` [RESEND RFC PATCH v1 04/20] mm: invoke madvise for all vmas in scan_get_next_rmap_item Stefan Roesch
2023-01-23 17:37 ` [RESEND RFC PATCH v1 05/20] mm: support disabling of ksm for a process Stefan Roesch
2023-01-23 17:37 ` [RESEND RFC PATCH v1 06/20] mm: add new prctl option to get and set " Stefan Roesch
2023-01-23 17:37 ` [RESEND RFC PATCH v1 07/20] mm: add tracepoints to ksm Stefan Roesch
2023-01-30 17:03 ` Steven Rostedt
2023-01-23 17:37 ` [RESEND RFC PATCH v1 08/20] mm: split off pages_volatile function Stefan Roesch
2023-01-23 17:37 ` [RESEND RFC PATCH v1 09/20] mm: expose general_profit metric Stefan Roesch
2023-01-23 17:37 ` [RESEND RFC PATCH v1 10/20] docs: document general_profit sysfs knob Stefan Roesch
2023-01-24 4:07 ` Bagas Sanjaya
2023-01-24 16:21 ` Jonathan Corbet
2023-01-26 2:31 ` Bagas Sanjaya
2023-01-23 17:37 ` [RESEND RFC PATCH v1 11/20] mm: calculate ksm process profit metric Stefan Roesch
2023-01-23 17:37 ` [RESEND RFC PATCH v1 12/20] mm: add ksm_merge_type() function Stefan Roesch
2023-01-23 17:37 ` [RESEND RFC PATCH v1 13/20] mm: expose ksm process profit metric in ksm_stat Stefan Roesch
2023-01-23 17:37 ` [RESEND RFC PATCH v1 14/20] mm: expose ksm merge type " Stefan Roesch
2023-01-23 17:37 ` [RESEND RFC PATCH v1 15/20] docs: document new procfs ksm knobs Stefan Roesch
2023-01-24 4:09 ` Bagas Sanjaya
2023-01-23 17:37 ` [RESEND RFC PATCH v1 16/20] tools: add new prctl flags to prctl in tools dir Stefan Roesch
2023-01-23 17:37 ` [RESEND RFC PATCH v1 17/20] selftests/vm: add KSM prctl merge test Stefan Roesch
2023-01-23 17:37 ` [RESEND RFC PATCH v1 18/20] selftests/vm: add KSM get merge type test Stefan Roesch
2023-01-23 17:37 ` [RESEND RFC PATCH v1 19/20] selftests/vm: add KSM fork test Stefan Roesch
2023-01-23 17:37 ` [RESEND RFC PATCH v1 20/20] selftests/vm: add two functions for debugging merge outcome Stefan Roesch
2023-01-24 16:38 ` [RESEND RFC PATCH v1 00/20] mm: process/cgroup ksm support David Hildenbrand
2023-01-24 17:37 ` Stefan Roesch
2023-01-24 18:01 ` David Hildenbrand [this message]
2023-01-25 13:01 ` Michal Hocko
2023-01-25 18:43 ` Rik van Riel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a391e98c-88af-886c-0426-c41c9980afa1@redhat.com \
--to=david@redhat.com \
--cc=cgel.zte@gmail.com \
--cc=jannh@google.com \
--cc=linux-doc@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-trace-kernel@vger.kernel.org \
--cc=mhocko@kernel.org \
--cc=shr@devkernel.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.