From: Michal Hocko <mhocko@kernel.org> To: Alexander Graf <graf@amazon.com> Cc: Jann Horn <jannh@google.com>, Pavel Machek <pavel@ucw.cz>, "Catangiu, Adrian Costin" <acatan@amazon.com>, "linux-mm@kvack.org" <linux-mm@kvack.org>, "linux-pm@vger.kernel.org" <linux-pm@vger.kernel.org>, "virtualization@lists.linux-foundation.org" <virtualization@lists.linux-foundation.org>, "linux-api@vger.kernel.org" <linux-api@vger.kernel.org>, "akpm@linux-foundation.org" <akpm@linux-foundation.org>, "rjw@rjwysocki.net" <rjw@rjwysocki.net>, "len.brown@intel.com" <len.brown@intel.com>, "fweimer@redhat.com" <fweimer@redhat.com>, "keescook@chromium.org" <keescook@chromium.org>, "luto@amacapital.net" <luto@amacapital.net>, "wad@chromium.org" <wad@chromium.org>, "mingo@kernel.org" <mingo@kernel.org>, "bonzini@gnu.org" <bonzini@gnu.org>, "MacCarthaigh, Colm" <colmmacc@amazon.com>, "Singh, Balbir" <sblbir@amazon.com>, "Sandu, Andrei" <sandreim@amazon.com>, "Brooker, Marc" <mbrooker@amazon.com>, "Weiss, Radu" <raduweis@amazon.com>, "Manwaring, Derek" <derekmn@amazon.com> Subject: Re: [RFC]: mm,power: introduce MADV_WIPEONSUSPEND Date: Tue, 7 Jul 2020 11:14:51 +0200 [thread overview] Message-ID: <20200707091451.GB5913@dhcp22.suse.cz> (raw) In-Reply-To: <efa55313-ce8a-bac9-15df-167f93c672b3@amazon.com> On Tue 07-07-20 10:01:23, Alexander Graf wrote: > On 07.07.20 09:44, Michal Hocko wrote: > > On Mon 06-07-20 14:52:07, Jann Horn wrote: > > > On Mon, Jul 6, 2020 at 2:27 PM Alexander Graf <graf@amazon.com> wrote: > > > > Unless we create a vsyscall that returns both the PID as well as the > > > > epoch and thus handles fork *and* suspend. I need to think about this a > > > > bit more :). > > > > > > You can't reliably detect forking by checking the PID if it is > > > possible for multiple forks to be chained before the reuse check runs: > > > > > > - pid 1000 remembers its PID > > > - pid 1000 forks, creating child pid 1001 > > > - pid 1000 exits and is waited on by init > > > - the pid allocator wraps around > > > - pid 1001 forks, creating child pid 1000 > > > - child with pid 1000 tries to check for forking, determines that its > > > PID is 1000, and concludes that it is still the original process > > > > I must be really missing something here because I really fail to see why > > there has to be something new even invented. Sure, checking for pid is > > certainly a suboptimal solution because pids are terrible tokens to work > > with. We do have a concept of file descriptors which a much better and > > supports signaling. There is a clear source of the signal IIUC > > (migration) and there are consumers to act upon that (e.g. crypto > > backends). So what does really prevent to use a standard signal delivery > > over fd for this usecase? > > I wasn't part of the discussions on why things like WIPEONFORK were invented > instead of just using signalling mechanisms, but the main reason I can think > of are libraries. Well, I would argue that WIPEONFORK is conceptually different. It is one time initialization mechanism with a very clear life time semantic. So any programming model is really as easy as, the initial state is always 0 for a new task without any surprises later on because you own the memory (essentially an extension to initialized .data section on exec to any new task). Compare that to a completely async nature of this interface. Any read would essentially have to be properly synchronized with the external event otherwise the state could have been corrupted. Such a consistency model is really cumbersome to work with. > As a library, you are under no control of the main loop usually, which means > you just don't have a way to poll for an fd. As a library author, I would > usually try to avoid very hard to create such a dependency, because it makes > it really hard to glue pieces together. > > The same applies to signals btw, which would also be a possible way to > propagate such events. Just to clarify I didn't really mean posix signals here. Those would be quite clumsy indeed. But I can imagine that a library registers to a system wide means to get a notification. There are many examples for that, including a lot of usage inside libraries. All different *bus interfaces. -- Michal Hocko SUSE Labs
WARNING: multiple messages have this Message-ID (diff)
From: Michal Hocko <mhocko-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org> To: Alexander Graf <graf-vV1OtcyAfmbQT0dZR+AlfA@public.gmane.org> Cc: Jann Horn <jannh-hpIqsD4AKlfQT0dZR+AlfA@public.gmane.org>, Pavel Machek <pavel-+ZI9xUNit7I@public.gmane.org>, "Catangiu, Adrian Costin" <acatan-vV1OtcyAfmbQT0dZR+AlfA@public.gmane.org>, "linux-mm-Bw31MaZKKs3YtjvyW6yDsg@public.gmane.org" <linux-mm-Bw31MaZKKs3YtjvyW6yDsg@public.gmane.org>, "linux-pm-u79uwXL29TY76Z2rM5mHXA@public.gmane.org" <linux-pm-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>, "virtualization-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org" <virtualization-cunTk1MwBs9QetFLy7KEm3xJsTq8ys+cHZ5vskTnxNA@public.gmane.org>, "linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org" <linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>, "akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org" <akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>, "rjw-LthD3rsA81gm4RdzfppkhA@public.gmane.org" <rjw-LthD3rsA81gm4RdzfppkhA@public.gmane.org>, "len.brown-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org" <len.brown-ral2JQCrhuEAvxtiuMwx3w@public.gmane.org>, "fweimer-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org" <fweimer-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>, "keescook-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org" <keescook-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>, "luto-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org" <luto-kltTT9wpgjJwATOyAt5JVQ@public.gmane.org>, "wad-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org" <wad-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>, "mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org" <mingo-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>, "bonzini-mXXj517/zsQ@public.gmane.org" <bonzini-mXXj517/zsQ@public.gmane.org> Subject: Re: [RFC]: mm,power: introduce MADV_WIPEONSUSPEND Date: Tue, 7 Jul 2020 11:14:51 +0200 [thread overview] Message-ID: <20200707091451.GB5913@dhcp22.suse.cz> (raw) In-Reply-To: <efa55313-ce8a-bac9-15df-167f93c672b3-vV1OtcyAfmbQT0dZR+AlfA@public.gmane.org> On Tue 07-07-20 10:01:23, Alexander Graf wrote: > On 07.07.20 09:44, Michal Hocko wrote: > > On Mon 06-07-20 14:52:07, Jann Horn wrote: > > > On Mon, Jul 6, 2020 at 2:27 PM Alexander Graf <graf-vV1OtcyAfmbQT0dZR+AlfA@public.gmane.org> wrote: > > > > Unless we create a vsyscall that returns both the PID as well as the > > > > epoch and thus handles fork *and* suspend. I need to think about this a > > > > bit more :). > > > > > > You can't reliably detect forking by checking the PID if it is > > > possible for multiple forks to be chained before the reuse check runs: > > > > > > - pid 1000 remembers its PID > > > - pid 1000 forks, creating child pid 1001 > > > - pid 1000 exits and is waited on by init > > > - the pid allocator wraps around > > > - pid 1001 forks, creating child pid 1000 > > > - child with pid 1000 tries to check for forking, determines that its > > > PID is 1000, and concludes that it is still the original process > > > > I must be really missing something here because I really fail to see why > > there has to be something new even invented. Sure, checking for pid is > > certainly a suboptimal solution because pids are terrible tokens to work > > with. We do have a concept of file descriptors which a much better and > > supports signaling. There is a clear source of the signal IIUC > > (migration) and there are consumers to act upon that (e.g. crypto > > backends). So what does really prevent to use a standard signal delivery > > over fd for this usecase? > > I wasn't part of the discussions on why things like WIPEONFORK were invented > instead of just using signalling mechanisms, but the main reason I can think > of are libraries. Well, I would argue that WIPEONFORK is conceptually different. It is one time initialization mechanism with a very clear life time semantic. So any programming model is really as easy as, the initial state is always 0 for a new task without any surprises later on because you own the memory (essentially an extension to initialized .data section on exec to any new task). Compare that to a completely async nature of this interface. Any read would essentially have to be properly synchronized with the external event otherwise the state could have been corrupted. Such a consistency model is really cumbersome to work with. > As a library, you are under no control of the main loop usually, which means > you just don't have a way to poll for an fd. As a library author, I would > usually try to avoid very hard to create such a dependency, because it makes > it really hard to glue pieces together. > > The same applies to signals btw, which would also be a possible way to > propagate such events. Just to clarify I didn't really mean posix signals here. Those would be quite clumsy indeed. But I can imagine that a library registers to a system wide means to get a notification. There are many examples for that, including a lot of usage inside libraries. All different *bus interfaces. -- Michal Hocko SUSE Labs
next prev parent reply other threads:[~2020-07-07 9:14 UTC|newest] Thread overview: 77+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-07-03 10:34 [RFC]: mm,power: introduce MADV_WIPEONSUSPEND Catangiu, Adrian Costin 2020-07-03 10:34 ` Catangiu, Adrian Costin 2020-07-03 10:34 ` Catangiu, Adrian Costin 2020-07-03 11:04 ` Jann Horn 2020-07-03 11:04 ` Jann Horn 2020-07-03 11:04 ` Jann Horn 2020-07-04 1:33 ` Colm MacCárthaigh 2020-07-04 1:33 ` Colm MacCárthaigh 2020-07-06 12:09 ` Alexander Graf 2020-07-06 12:09 ` Alexander Graf 2020-07-06 12:09 ` Alexander Graf 2020-07-03 11:30 ` Michal Hocko 2020-07-03 11:30 ` Michal Hocko 2020-07-03 11:30 ` Michal Hocko 2020-07-03 12:17 ` Rafael J. Wysocki 2020-07-03 12:17 ` Rafael J. Wysocki 2020-07-03 12:17 ` Rafael J. Wysocki 2020-07-03 22:39 ` Pavel Machek 2020-07-03 22:39 ` Pavel Machek 2020-07-03 22:39 ` Pavel Machek 2020-07-03 13:29 ` Jann Horn 2020-07-03 13:29 ` Jann Horn 2020-07-03 13:29 ` Jann Horn 2020-07-03 22:34 ` Pavel Machek 2020-07-03 22:34 ` Pavel Machek 2020-07-03 22:34 ` Pavel Machek 2020-07-03 22:53 ` Jann Horn 2020-07-03 22:53 ` Jann Horn 2020-07-03 22:53 ` Jann Horn 2020-07-07 7:38 ` Michal Hocko 2020-07-07 7:38 ` Michal Hocko 2020-07-07 7:38 ` Michal Hocko 2020-07-07 8:07 ` Pavel Machek 2020-07-07 8:07 ` Pavel Machek 2020-07-07 8:07 ` Pavel Machek 2020-07-07 8:58 ` Michal Hocko 2020-07-07 8:58 ` Michal Hocko 2020-07-07 8:58 ` Michal Hocko 2020-07-07 16:37 ` Pavel Machek 2020-07-07 16:37 ` Pavel Machek 2020-07-07 16:37 ` Pavel Machek 2020-07-07 19:00 ` Colm MacCarthaigh 2020-07-12 7:22 ` Pavel Machek 2020-07-12 7:22 ` Pavel Machek 2020-07-13 8:02 ` Michal Hocko 2020-07-13 8:02 ` Michal Hocko 2020-07-04 1:45 ` Colm MacCárthaigh 2020-07-04 1:45 ` Colm MacCárthaigh 2020-07-07 7:40 ` Michal Hocko 2020-07-07 7:40 ` Michal Hocko 2020-07-03 22:44 ` Pavel Machek 2020-07-03 22:44 ` Pavel Machek 2020-07-03 22:44 ` Pavel Machek 2020-07-03 22:56 ` Jann Horn 2020-07-03 22:56 ` Jann Horn 2020-07-03 22:56 ` Jann Horn 2020-07-04 11:48 ` Pavel Machek 2020-07-04 11:48 ` Pavel Machek 2020-07-04 11:48 ` Pavel Machek 2020-07-06 12:26 ` Alexander Graf 2020-07-06 12:26 ` Alexander Graf 2020-07-06 12:26 ` Alexander Graf 2020-07-06 12:52 ` Jann Horn 2020-07-06 12:52 ` Jann Horn 2020-07-06 12:52 ` Jann Horn 2020-07-06 13:14 ` Alexander Graf 2020-07-06 13:14 ` Alexander Graf 2020-07-06 13:14 ` Alexander Graf 2020-07-07 7:44 ` Michal Hocko 2020-07-07 7:44 ` Michal Hocko 2020-07-07 7:44 ` Michal Hocko 2020-07-07 8:01 ` Alexander Graf 2020-07-07 8:01 ` Alexander Graf 2020-07-07 8:01 ` Alexander Graf 2020-07-07 9:14 ` Michal Hocko [this message] 2020-07-07 9:14 ` Michal Hocko 2020-07-07 9:14 ` Michal Hocko
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20200707091451.GB5913@dhcp22.suse.cz \ --to=mhocko@kernel.org \ --cc=acatan@amazon.com \ --cc=akpm@linux-foundation.org \ --cc=bonzini@gnu.org \ --cc=colmmacc@amazon.com \ --cc=derekmn@amazon.com \ --cc=fweimer@redhat.com \ --cc=graf@amazon.com \ --cc=jannh@google.com \ --cc=keescook@chromium.org \ --cc=len.brown@intel.com \ --cc=linux-api@vger.kernel.org \ --cc=linux-mm@kvack.org \ --cc=linux-pm@vger.kernel.org \ --cc=luto@amacapital.net \ --cc=mbrooker@amazon.com \ --cc=mingo@kernel.org \ --cc=pavel@ucw.cz \ --cc=raduweis@amazon.com \ --cc=rjw@rjwysocki.net \ --cc=sandreim@amazon.com \ --cc=sblbir@amazon.com \ --cc=virtualization@lists.linux-foundation.org \ --cc=wad@chromium.org \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.