From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D65A9C43334 for ; Mon, 4 Jul 2022 09:52:56 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 6E32D6B0072; Mon, 4 Jul 2022 05:52:56 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 690B56B0073; Mon, 4 Jul 2022 05:52:56 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 55AB86B0074; Mon, 4 Jul 2022 05:52:56 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0010.hostedemail.com [216.40.44.10]) by kanga.kvack.org (Postfix) with ESMTP id 45B8A6B0072 for ; Mon, 4 Jul 2022 05:52:56 -0400 (EDT) Received: from smtpin05.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id A711B242C8 for ; Mon, 4 Jul 2022 09:44:42 +0000 (UTC) X-FDA: 79648932804.05.D1123D5 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by imf03.hostedemail.com (Postfix) with ESMTP id 444F5209BB for ; Mon, 4 Jul 2022 09:35:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1656927337; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=3WWiJ66vmyv6AuRzY8eurkcg8dPpumGhr2N20qzH6fo=; b=Yb9GGydowFCUjwJxct6Fn4qQ9Z8AgcEIe/8ykQb1EouYrsFyobax4mf4G2Vx4H/hNUd8lm tGOWWZ/+MRuBDcWG0SIiLV38++3E/ykPYN6p4ysuqf9atelkniEtXTlhDe2zs6dqWR8rfQ VxIoLEXa5DlzkKPF5LcptyTSS12AOag= Received: from mail-wm1-f70.google.com (mail-wm1-f70.google.com [209.85.128.70]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-631-Ne3x1hbcMLKkresoD4JqBw-1; Mon, 04 Jul 2022 05:35:36 -0400 X-MC-Unique: Ne3x1hbcMLKkresoD4JqBw-1 Received: by mail-wm1-f70.google.com with SMTP id bg6-20020a05600c3c8600b003a03d5d19e4so5077964wmb.1 for ; Mon, 04 Jul 2022 02:35:36 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:message-id:date:mime-version:user-agent :content-language:to:cc:references:from:organization:subject :in-reply-to:content-transfer-encoding; bh=3WWiJ66vmyv6AuRzY8eurkcg8dPpumGhr2N20qzH6fo=; b=0AG1LyO3j0gxrqtDYwTHspUv8OsMvYGo9WNeYattiA/DwFf2KZVUc/O+4WVICUNOS4 GUwo3j03d7H1Vl6Hog9fgZ6B4zpjbrGypwOYwDA/Ny5oEVFpfZrfhoXew3kbvsoK+319 fDpdmSvmYKTXLBhOZHRsKzQxFix0+LT4OuDvjhQ5ApTxhR6T6yZAPL9MCFWW+yOID2F6 h0cTC7FUf1YTG9rOXksaLJhVDON1FuKzK5bDDhgjs01aHtG4orBW0MNU+Gy3v3Kab2ZL wxYudLy7hYucQaAhow1rneDI7g0MA7ofap6zDR0cFTEJyMnreWHHYc8CaD3RXHfr0Nkz JulQ== X-Gm-Message-State: AJIora85zUhfIEsOHGG2y+aG1sUEypBFjk/7vOmPcUZpCvrkBDlEh2K3 aSLLQXcc57oQa+pYTHxO6+3YIvQziKUA/Oj6cQcG4z+ZKvuOEWT+vgxzp5+v/jI2tNIH8eakUw/ pYZSlwgrtE8E= X-Received: by 2002:a05:600c:214c:b0:3a0:401a:6f4b with SMTP id v12-20020a05600c214c00b003a0401a6f4bmr28285416wml.15.1656927335277; Mon, 04 Jul 2022 02:35:35 -0700 (PDT) X-Google-Smtp-Source: AGRyM1sOoGkRwsVrhieUeF7OSWKXjC9T6azUqXh3cTeIyaZvuBChf4RCiWX9inQwizMMvzbe63BN3w== X-Received: by 2002:a05:600c:214c:b0:3a0:401a:6f4b with SMTP id v12-20020a05600c214c00b003a0401a6f4bmr28285394wml.15.1656927335042; Mon, 04 Jul 2022 02:35:35 -0700 (PDT) Received: from ?IPV6:2003:d8:2f16:2a00:198:c1f8:a413:2600? (p200300d82f162a000198c1f8a4132600.dip0.t-ipconnect.de. [2003:d8:2f16:2a00:198:c1f8:a413:2600]) by smtp.gmail.com with ESMTPSA id t5-20020a1c4605000000b0039db31f6372sm15310021wma.2.2022.07.04.02.35.34 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 04 Jul 2022 02:35:34 -0700 (PDT) Message-ID: <777bf32f-4657-d590-ce1d-55b65980f0e4@redhat.com> Date: Mon, 4 Jul 2022 11:35:33 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.9.0 To: Michal Hocko , CGEL Cc: linux-mm@kvack.org, linux-kernel@vger.kernel.org, vbabka@suse.cz, minchan@kernel.org, oleksandr@redhat.com, xu xin , Jann Horn , Andrew Morton References: <93e1e19a-deff-2dad-0b3c-ef411309ec58@redhat.com> <203548a6-cf70-30ce-6756-f6c909e7ef21@redhat.com> <54b67d6b-f600-1b9b-3d3f-e91b13d04c91@redhat.com> <11d28e6d-edb0-7d11-b476-c5808f3b7c5d@redhat.com> <62c296e6.1c69fb81.41c44.1cca@mx.google.com> From: David Hildenbrand Organization: Red Hat Subject: Re: [PATCH linux-next] mm/madvise: allow KSM hints for process_madvise In-Reply-To: X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1656927338; a=rsa-sha256; cv=none; b=Vbgu/vJQqyVD/+H4spPZx743mxEjIh1xym+gCQ0bn5ItAG084gELulPbTST/lW4MwAX5IN C92BgRxla8twjc0ruP4ESpQdRs+2jqXxeHfLqBsOeiJ+RUl9VfT4W4hhwTeBp+fLuohnpb 4WkgoWNKRa1FSnaxuyJGRWuxmvbYQl0= ARC-Authentication-Results: i=1; imf03.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=Yb9GGydo; dmarc=pass (policy=none) header.from=redhat.com; spf=none (imf03.hostedemail.com: domain of david@redhat.com has no SPF policy when checking 170.10.129.124) smtp.mailfrom=david@redhat.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1656927338; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=3WWiJ66vmyv6AuRzY8eurkcg8dPpumGhr2N20qzH6fo=; b=GgsxPDC6vcSdPhQlGQ3mHIGMweWXuGl0G+kwjj1oOLJCOI3rcvl3pxwNaSUbikb6iXBiZJ 0EAnqLbz6wYEbQbD9V2SYTuNQZhNlYAbwSDaq1YgKinytOVzkFRJlE3+L3p2agY1IIQf/3 ILpGJ4W4mgP9HjRZWDnxfaGxiIFmqRs= Authentication-Results: imf03.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=Yb9GGydo; dmarc=pass (policy=none) header.from=redhat.com; spf=none (imf03.hostedemail.com: domain of david@redhat.com has no SPF policy when checking 170.10.129.124) smtp.mailfrom=david@redhat.com X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 444F5209BB X-Rspam-User: X-Stat-Signature: esj4ap1d7gns8ck596nftowdtrbxqssa X-HE-Tag: 1656927337-598777 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 04.07.22 10:40, Michal Hocko wrote: > On Mon 04-07-22 07:29:41, CGEL wrote: > [...] >> Maybe new semantics is needed similarly to MADV_NOHUGEPAGE that ensures that >> there will *not* be huge pages. > > How do you achieve that with a backward compatibility? Some apps mark secrets via mlock(). I did not check, but I assume mlock()'ed pages (in VMAs) would not be applicable to KSM. If they would be, one option would be to not deduplicate them. But then, I have no clue what's exploitable via a side channel and what's not. Eventually, having a proper fix for most side channels would make KSM safer to use in the the general case. But then, who knows what security researchers will be able to come up with ... As a very minimum, there would have to be some kind of toggle to allow forcing KSM on other applications at all. Either/o a compile-time and a run-time option. Once most of the known side channels are fixed we could adjust the default of the run-time option. (I think to this day, Windows still disables system-wide deduplication as a default and requires an admin to explicitly enable it) -- Thanks, David / dhildenb