From: Michal Hocko <mhocko@suse.com>
To: Guilherme Piccoli <gpiccoli@canonical.com>
Cc: David Hildenbrand <david@redhat.com>,
Mike Kravetz <mike.kravetz@oracle.com>,
linux-mm@kvack.org, kernel-hardening@lists.openwall.com,
linux-hardening@vger.kernel.org,
linux-security-module@vger.kernel.org,
"Guilherme G. Piccoli" <kernel@gpiccoli.net>,
Thadeu Lima de Souza Cascardo <cascardo@canonical.com>,
Alexander Potapenko <glider@google.com>,
James Morris <jamorris@linux.microsoft.com>,
Kees Cook <keescook@chromium.org>
Subject: Re: [PATCH] mm, hugetlb: Avoid double clearing for hugetlb pages
Date: Wed, 21 Oct 2020 08:25:30 +0200 [thread overview]
Message-ID: <20201021062530.GB23790@dhcp22.suse.cz> (raw)
In-Reply-To: <CAHD1Q_wQrnSEGOvbCi0uhHZ5bRf=inzPdOhGKJ9PkVms5GSWRA@mail.gmail.com>
On Tue 20-10-20 17:19:42, Guilherme Piccoli wrote:
> When I first wrote that, the design was a bit different, the flag was
> called __GFP_HTLB_PAGE or something like that. The design was to
> signal/mark the composing pages of hugetlb as exactly this: they are
> pages composing a huge page of hugetlb "type". Then, I skipped the
> "init_on_alloc" thing for such pages.
As pointed out in the other email. This is not about hugetlb although
this might be visible more than other because they just add a tiny bit
to an overall overhead. Each page cache read, CoW and many many other
!__GFP_ZERO users are in the same position when they double initialize.
A dedicated __GFP_HTLB_PAGE is really focusing on a wrong side of the
problem. We do have __GFP_ZERO for a good reason and that is to optimize
the initialization. init_on_alloc goes effectively against this approach
with a "potentially broken code" philosophy in mind and that is good as
a hardening measure indeed. But that comes with an increased overhead
and/or shifted layer when the overhead happens. Sure there is some room
to optimize the code here and there but the primary idea of the
hardening is to make the initialization dead trivial and clear that
nothing can sneak out.
--
Michal Hocko
SUSE Labs
next prev parent reply other threads:[~2020-10-21 6:25 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-19 18:28 Guilherme G. Piccoli
2020-10-20 8:20 ` Michal Hocko
2020-10-20 13:36 ` David Hildenbrand
2020-10-20 16:55 ` Mike Kravetz
2020-10-20 19:19 ` Guilherme G. Piccoli
2020-10-20 20:07 ` David Hildenbrand
2020-10-20 20:19 ` Guilherme Piccoli
2020-10-21 6:25 ` Michal Hocko [this message]
2020-10-20 20:28 ` David Hildenbrand
2020-10-21 6:15 ` Michal Hocko
2020-10-21 9:50 ` David Hildenbrand
2020-10-21 11:31 ` Michal Hocko
2020-10-21 23:32 ` Mike Kravetz
2020-10-22 8:04 ` David Hildenbrand
2020-10-22 8:55 ` Michal Hocko
2020-10-23 8:23 ` David Hildenbrand
2020-11-05 19:37 ` Guilherme G. Piccoli
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201021062530.GB23790@dhcp22.suse.cz \
--to=mhocko@suse.com \
--cc=cascardo@canonical.com \
--cc=david@redhat.com \
--cc=glider@google.com \
--cc=gpiccoli@canonical.com \
--cc=jamorris@linux.microsoft.com \
--cc=keescook@chromium.org \
--cc=kernel-hardening@lists.openwall.com \
--cc=kernel@gpiccoli.net \
--cc=linux-hardening@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mike.kravetz@oracle.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox