From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2C0CBC761A6 for ; Mon, 3 Apr 2023 11:03:13 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 80D436B0072; Mon, 3 Apr 2023 07:03:12 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 7BD6B6B0074; Mon, 3 Apr 2023 07:03:12 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 65D666B0075; Mon, 3 Apr 2023 07:03:12 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id 556A36B0072 for ; Mon, 3 Apr 2023 07:03:12 -0400 (EDT) Received: from smtpin27.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay08.hostedemail.com (Postfix) with ESMTP id 053E6140A9F for ; Mon, 3 Apr 2023 11:03:11 +0000 (UTC) X-FDA: 80639793024.27.03A5F0F Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by imf05.hostedemail.com (Postfix) with ESMTP id 3153C100014 for ; Mon, 3 Apr 2023 11:03:06 +0000 (UTC) Authentication-Results: imf05.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=C1pSAFBz; spf=pass (imf05.hostedemail.com: domain of david@redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=david@redhat.com; dmarc=pass (policy=none) header.from=redhat.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1680519787; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=IQkFi8pN49v364EdSnnTRUfRnb+lg1bb/1afwxowe7o=; b=Pa/K9uAGbFxTUPOSwse7ZTqaJY6nz5siM/bna8TLkOa5pE6W/hwl3S6KpRdwTk9ECUTkFG injCYH7ErIEHevwiTuMhEa4qXegXM8gQrBQ/TOahSSJyfNvCxtsReKd3VNjPUAw75NEXXU blsDSa35yxObtyBf+VzHx3v80bcR5Sc= ARC-Authentication-Results: i=1; imf05.hostedemail.com; dkim=pass header.d=redhat.com header.s=mimecast20190719 header.b=C1pSAFBz; spf=pass (imf05.hostedemail.com: domain of david@redhat.com designates 170.10.133.124 as permitted sender) smtp.mailfrom=david@redhat.com; dmarc=pass (policy=none) header.from=redhat.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1680519787; a=rsa-sha256; cv=none; b=zSPKMxfkswHrOUZ+uhGYYNcz689B9gNZccSAUAWmXPAcIPIhSgPhe+LdWapSJa/P1q+Avi IrV09ZLlpX+j99zNm2ciXicH7km5J1Y5QGmR/c3EfoErF3LXbwBMPQCTDDEuZxodfqJDSM RHxDxRObyWvsjKLBgEaC/0RDjS6QUcw= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1680519786; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=IQkFi8pN49v364EdSnnTRUfRnb+lg1bb/1afwxowe7o=; b=C1pSAFBzJ7mx8Vx6K05hfnuuBNKp94SSWxOB9YgTSgdm+D8Vbxs2DLbVygMUhgk99kR2vj MNqrM4hj9js1pA4mp4ZcxmdEI4THlzmuGqVW1R+Wf7TlXVNKxJOk8a9jOCfRmC4G4eE1yA V0gvb9xLWwLo16KymVXKy497GorHVE4= Received: from mail-wm1-f71.google.com (mail-wm1-f71.google.com [209.85.128.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-296-5lEoVgzOPMieNLarELG1ug-1; Mon, 03 Apr 2023 07:03:05 -0400 X-MC-Unique: 5lEoVgzOPMieNLarELG1ug-1 Received: by mail-wm1-f71.google.com with SMTP id o7-20020a05600c4fc700b003edf85f6bb1so15999404wmq.3 for ; Mon, 03 Apr 2023 04:03:04 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1680519783; h=content-transfer-encoding:in-reply-to:organization:references:cc:to :from:content-language:subject:user-agent:mime-version:date :message-id:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=IQkFi8pN49v364EdSnnTRUfRnb+lg1bb/1afwxowe7o=; b=2fZN7HqC16Pb7QAZrd29D8lGnmWatVrUXI0l2RetEGm0ebSRJjgaQM6Y/io47hlCIr U/28T8mJJVlvrXwlV+lAws5UlIerOvVIt9VV/E3u1RF1G2llXRJvXJjgQP40VNMnKX02 hm8TmdlujnIdDAEbMpC+bhBN7QksOQUDn9c/JkNL6oyUocBCgx9Iv9aUzF0B2BDvKi8Y HJMm77VyIC0hMH+Hm7KiLSO6KygMX86rzLq+lKWxaAXaTX6FtkCuKRO+kKhiDet+iPez bhRLZRFJ3KuvdL/yazmmplxOeTKgEMHfE+to1iGJxkTjRtZmsU5v4JJdUxg8fgDyhoN4 we7Q== X-Gm-Message-State: AAQBX9dorG65MvvsEW7ca/Ta8xwXm3wHcpKttH+18XP/1jV7yizoPmX6 2Tp7PbBLiwaO9GoYtwmK+YJpEccA475gJdGb0Zp3YQochXeU55jFtt3NXBo8AL6Ua9AKZuW4HVU dpB2poUc5ek8= X-Received: by 2002:adf:ce8e:0:b0:2dd:3856:4dec with SMTP id r14-20020adfce8e000000b002dd38564decmr27424157wrn.61.1680519783553; Mon, 03 Apr 2023 04:03:03 -0700 (PDT) X-Google-Smtp-Source: AKy350Y2oST8H5mGI1Iswt2xjz8GyMo1HkvGSAsOIq6xqlbT4sEKAEwC6DgPef4K+whDRfjGMWlQuQ== X-Received: by 2002:adf:ce8e:0:b0:2dd:3856:4dec with SMTP id r14-20020adfce8e000000b002dd38564decmr27424136wrn.61.1680519783128; Mon, 03 Apr 2023 04:03:03 -0700 (PDT) Received: from ?IPV6:2003:cb:c702:5e00:8e78:71f3:6243:77f0? (p200300cbc7025e008e7871f3624377f0.dip0.t-ipconnect.de. [2003:cb:c702:5e00:8e78:71f3:6243:77f0]) by smtp.gmail.com with ESMTPSA id 7-20020a05600c024700b003ee63fe5203sm11736573wmj.36.2023.04.03.04.03.02 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 03 Apr 2023 04:03:02 -0700 (PDT) Message-ID: Date: Mon, 3 Apr 2023 13:03:01 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.9.1 Subject: Re: [PATCH v4 1/3] mm: add new api to enable ksm per process From: David Hildenbrand To: Stefan Roesch , kernel-team@fb.com Cc: linux-mm@kvack.org, riel@surriel.com, mhocko@suse.com, linux-kselftest@vger.kernel.org, linux-doc@vger.kernel.org, akpm@linux-foundation.org, hannes@cmpxchg.org, Bagas Sanjaya , Janosch Frank , Christian Borntraeger References: <20230310182851.2579138-1-shr@devkernel.io> <20230310182851.2579138-2-shr@devkernel.io> <7ed4308d-b400-d2bb-b539-3fe418862ab8@redhat.com> Organization: Red Hat In-Reply-To: <7ed4308d-b400-d2bb-b539-3fe418862ab8@redhat.com> X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Server: rspam07 X-Rspamd-Queue-Id: 3153C100014 X-Rspam-User: X-Stat-Signature: d644n8guqysummc9ukbg4g3ieompb8ab X-HE-Tag: 1680519786-453019 X-HE-Meta: U2FsdGVkX19ck8DleJsKp8NQ7kHdL2yUukKDPdVjXzpyshCS5rMC6i7onGFlxlU5+KTfdRxx/vvL3ZB6ZcL7HEZETQqR0DTSCcby2d1lXt/GT4gRlBvhP0harwjUohAkAfiJhCYt1KISAeNy+DEphjLfrbBTipC+kgss0YbJQWyCa8qYr70zYXN9PzMMSxZVx8dWGTH1DYdk4TD8HJQtv76wnZTnHc3ie0qO0E3Lt4vZ6gEva7U0HAxIjv/mGJf+IR+haNJvQQTLASaVSbdnS15sZRUWGQTVhCNHRz9urPl7vcUm5Tdj5ZYr5C8Q5FTnXwGdhrOWtMQ24getAP5sCWai4MEGO/io4J+Ga5vWb206QWuQLhdpmLXAkDF3Kvf0LUmadf2s+bB2LGy76xhnc9YCGEBEnmAWCJXsSLesTV/Z8TkdQSEBkmC1hzhSm3c4/ihWXOa/NzU48jbismkPeM/afLmtln1vqp7RJuw4TmRdDGU3WNrnOvEaDHmf6iYORkOyh0fnGYmEO9aLTB41jfIjrUVXGkeqycD5kg6XG8yJNfTkxYmTMEONVth7zh5Hr+DmHOuO73KaUeN2x+TOnx31yjVcCi1vGvcw3obMyH/pF2oPerzVOH1fxwAtnRE7SSSs6IHtj7ubWoEY/e4p5xjOe2pbXaqvYX85KvN9spEnM4WM9OxcBvIjgYr3XqKodZ1aFkg12ayOe+iQyjYSwdenkY6JSXeMu9S7DatFHc6lbbgRKyUXCfonFYWmW498UurjlwrIXwQJxe3QcWwa2QSNDYxhB1fijywJ8Az/gI2YPVZOXxiOWhH4Zjc7/h77DYMiftQclV0PiZcheSMay5CVr6JFy+1KEosQNItU5FxESYdyvg6I1VoF1DjA8KyfFxbeJsj0iinQ+qri7KszrmXANTzbG4LtmNVdfck4/BZYdyUyKfjnjcFZ4G0N5RxlVjdqaSdLhwjM8X0xIRl eqEftjF7 t16Q5Qt75hQ+agwtXAWy6fZ/nenZqpsZ/zGhKwXIsGizgjM9JTSxO9GkOGLvmTDxY/8yDsj9dGTbsTSRvJC4XRhau86it/RkgYIXFkuY6SUJzVoYJHBXi1gXFc05p6kQCHAi3YEuZls4BPQF7eBNUshmw4mDyFT6g9qxo+ykzrTvxYumXvHbl9KdG1OWfeSyd7vfRApwzhlCq7nEKJF4yzCSwVlqcm0ve9Qw0WU0KLn8CgyviPKJb6//lwfCUZMxtN/2X+Fq++u0KHjlrNbu3LGZZn24k7T1SusX3eY5bz+6SojB8VVGeVj7QQ4eldZiYdc2gknXQ4p4XiJcC5ioVuBzFsWNiUWtvwBUSXSvniyTHyyHrnqrlqy1l6zfU7/pdGn5wiNPisrKG/If2NZJVCLiwaA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On 03.04.23 12:37, David Hildenbrand wrote: > On 10.03.23 19:28, Stefan Roesch wrote: >> Patch series "mm: process/cgroup ksm support", v3. >> >> So far KSM can only be enabled by calling madvise for memory regions. To >> be able to use KSM for more workloads, KSM needs to have the ability to be >> enabled / disabled at the process / cgroup level. >> >> Use case 1: >> >> The madvise call is not available in the programming language. An >> example for this are programs with forked workloads using a garbage >> collected language without pointers. In such a language madvise cannot >> be made available. >> >> In addition the addresses of objects get moved around as they are >> garbage collected. KSM sharing needs to be enabled "from the outside" >> for these type of workloads. > > I guess the interpreter could enable it (like a memory allocator could > enable it for the whole heap). But I get that it's much easier to enable > this per-process, and eventually only when a lot of the same processes > are running in that particular environment. > >> >> Use case 2: >> >> The same interpreter can also be used for workloads where KSM brings >> no benefit or even has overhead. We'd like to be able to enable KSM on >> a workload by workload basis. > > Agreed. A per-process control is also helpful to identidy workloads > where KSM might be beneficial (and to which degree). > >> >> Use case 3: >> >> With the madvise call sharing opportunities are only enabled for the >> current process: it is a workload-local decision. A considerable number >> of sharing opportuniites may exist across multiple workloads or jobs. >> Only a higler level entity like a job scheduler or container can know >> for certain if its running one or more instances of a job. That job >> scheduler however doesn't have the necessary internal worklaod knowledge >> to make targeted madvise calls. >> >> Security concerns: >> >> In previous discussions security concerns have been brought up. The >> problem is that an individual workload does not have the knowledge about >> what else is running on a machine. Therefore it has to be very >> conservative in what memory areas can be shared or not. However, if the >> system is dedicated to running multiple jobs within the same security >> domain, its the job scheduler that has the knowledge that sharing can be >> safely enabled and is even desirable. >> >> Performance: >> >> Experiments with using UKSM have shown a capacity increase of around >> 20%. >> > > As raised, it would be great to include more details about the workload > where this particulalry helps (e.g., a lot of Django processes operating > in the same domain). > >> >> 1. New options for prctl system command >> >> This patch series adds two new options to the prctl system call. >> The first one allows to enable KSM at the process level and the second >> one to query the setting. >> >> The setting will be inherited by child processes. >> >> With the above setting, KSM can be enabled for the seed process of a >> cgroup and all processes in the cgroup will inherit the setting. >> >> 2. Changes to KSM processing >> >> When KSM is enabled at the process level, the KSM code will iterate >> over all the VMA's and enable KSM for the eligible VMA's. >> >> When forking a process that has KSM enabled, the setting will be >> inherited by the new child process. >> >> In addition when KSM is disabled for a process, KSM will be disabled >> for the VMA's where KSM has been enabled. > > Do we want to make MADV_MERGEABLE/MADV_UNMERGEABLE fail while the new > prctl is enabled for a process? > >> >> 3. Add general_profit metric >> >> The general_profit metric of KSM is specified in the documentation, >> but not calculated. This adds the general profit metric to >> /sys/kernel/debug/mm/ksm. >> >> 4. Add more metrics to ksm_stat >> >> This adds the process profit and ksm type metric to >> /proc//ksm_stat. >> >> 5. Add more tests to ksm_tests >> >> This adds an option to specify the merge type to the ksm_tests. >> This allows to test madvise and prctl KSM. It also adds a new option >> to query if prctl KSM has been enabled. It adds a fork test to verify >> that the KSM process setting is inherited by client processes. >> >> An update to the prctl(2) manpage has been proposed at [1]. >> >> This patch (of 3): >> >> This adds a new prctl to API to enable and disable KSM on a per process >> basis instead of only at the VMA basis (with madvise). >> >> 1) Introduce new MMF_VM_MERGE_ANY flag >> >> This introduces the new flag MMF_VM_MERGE_ANY flag. When this flag >> is set, kernel samepage merging (ksm) gets enabled for all vma's of a >> process. >> >> 2) add flag to __ksm_enter >> >> This change adds the flag parameter to __ksm_enter. This allows to >> distinguish if ksm was called by prctl or madvise. >> >> 3) add flag to __ksm_exit call >> >> This adds the flag parameter to the __ksm_exit() call. This allows >> to distinguish if this call is for an prctl or madvise invocation. >> >> 4) invoke madvise for all vmas in scan_get_next_rmap_item >> >> If the new flag MMF_VM_MERGE_ANY has been set for a process, iterate >> over all the vmas and enable ksm if possible. For the vmas that can be >> ksm enabled this is only done once. >> >> 5) support disabling of ksm for a process >> >> This adds the ability to disable ksm for a process if ksm has been >> enabled for the process. >> >> 6) add new prctl option to get and set ksm for a process >> >> This adds two new options to the prctl system call >> - enable ksm for all vmas of a process (if the vmas support it). >> - query if ksm has been enabled for a process. > > > Did you consider, instead of handling MMF_VM_MERGE_ANY in a special way, > to instead make it reuse the existing MMF_VM_MERGEABLE/VM_MERGEABLE > infrastructure. Especially: > > 1) During prctl(MMF_VM_MERGE_ANY), set VM_MERGABLE on all applicable > compatible. Further, set MMF_VM_MERGEABLE and enter KSM if not > already set. > > 2) When creating a new, compatible VMA and MMF_VM_MERGE_ANY is set, set > VM_MERGABLE? > > The you can avoid all runtime checks for compatible VMAs and only look > at the VM_MERGEABLE flag. In fact, the VM_MERGEABLE will be completely > expressive then for all VMAs. You don't need vma_ksm_mergeable() then. > > > Another thing to consider is interaction with arch/s390/mm/gmap.c: > s390x/kvm does not support KSM and it has to disable it for all VMAs. We > have to find a way to fence the prctl (for example, fail setting the > prctl after gmap_mark_unmergeable() ran, and make > gmap_mark_unmergeable() fail if the prctl ran -- or handle it gracefully > in some other way). Staring at that code, I wonder if the "mm->def_flags &= ~VM_MERGEABLE" is doing what it's supposed to do. I don't think this effectively prevents right now madvise() from getting re-enabled on that VMA. @Christian, Janosch, am I missing something? -- Thanks, David / dhildenb