From patchwork Fri Mar 10 18:28:48 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Stefan Roesch X-Patchwork-Id: 13169940 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C6C43C64EC4 for ; Fri, 10 Mar 2023 18:29:10 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 045866B0071; Fri, 10 Mar 2023 13:29:10 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id F10908E0001; Fri, 10 Mar 2023 13:29:09 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id DB2E76B0075; Fri, 10 Mar 2023 13:29:09 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0014.hostedemail.com [216.40.44.14]) by kanga.kvack.org (Postfix) with ESMTP id CAAF96B0071 for ; Fri, 10 Mar 2023 13:29:09 -0500 (EST) Received: from smtpin01.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id AD23380406 for ; Fri, 10 Mar 2023 18:29:09 +0000 (UTC) X-FDA: 80553825618.01.6AA9B69 Received: from 66-220-144-178.mail-mxout.facebook.com (66-220-144-178.mail-mxout.facebook.com [66.220.144.178]) by imf19.hostedemail.com (Postfix) with ESMTP id 175AD1A001C for ; Fri, 10 Mar 2023 18:29:07 +0000 (UTC) Authentication-Results: imf19.hostedemail.com; dkim=none; dmarc=none; spf=neutral (imf19.hostedemail.com: 66.220.144.178 is neither permitted nor denied by domain of shr@devkernel.io) smtp.mailfrom=shr@devkernel.io ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1678472948; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-transfer-encoding:content-transfer-encoding: in-reply-to:references; bh=gaJ/g87v0HRfsyxJZ24oB6b8DB5S+re3yuRBKjxhsQI=; b=JLZlNuBPZFJTIzc/cI9DBMyXR2xrwPVW7GME5pRX8FQt6ipFM+qushUtaHkkhkcmb+NTaQ imRahpJz0Xih19wf7WtO9UFQ0nqALAanF2Vdsuloyzp24j/z+TTED57QxEk5gd2FlTDUt8 LuYgUo0UMAZBm6dh9LCLOgqCYdQNuOM= ARC-Authentication-Results: i=1; imf19.hostedemail.com; dkim=none; dmarc=none; spf=neutral (imf19.hostedemail.com: 66.220.144.178 is neither permitted nor denied by domain of shr@devkernel.io) smtp.mailfrom=shr@devkernel.io ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1678472948; a=rsa-sha256; cv=none; b=TbaGqohLzNsXyZV1768Q+eR7FqEt4pQci4JDqoovnQFUmSOdLkv484I4L+jCH3TTVC/Ix7 DswF4mN7JX7/bwAdVxTRxV1JWlvWm2cD2PHwp0M9r1DsSdAqFY7AzytFrFR3wSbF3FbmaR 0yFyeo8eKyyM1D5ArZa/OeXMp9D3Idk= Received: by dev0134.prn3.facebook.com (Postfix, from userid 425415) id 1E7608D8491F; Fri, 10 Mar 2023 10:28:54 -0800 (PST) From: Stefan Roesch To: kernel-team@fb.com Cc: shr@devkernel.io, linux-mm@kvack.org, riel@surriel.com, mhocko@suse.com, david@redhat.com, linux-kselftest@vger.kernel.org, linux-doc@vger.kernel.org, akpm@linux-foundation.org, hannes@cmpxchg.org Subject: [PATCH v4 0/3] mm: process/cgroup ksm support Date: Fri, 10 Mar 2023 10:28:48 -0800 Message-Id: <20230310182851.2579138-1-shr@devkernel.io> X-Mailer: git-send-email 2.34.1 MIME-Version: 1.0 X-Rspamd-Server: rspam05 X-Rspamd-Queue-Id: 175AD1A001C X-Stat-Signature: axno11mnb87fkf35u95ktstdcwcag6eb X-Rspam-User: X-HE-Tag: 1678472947-246942 X-HE-Meta: U2FsdGVkX1+iThf+iJHXloZ/REFZGNLuBVOqYrkvTynF+viz0k09ZHJqI9rkzTcdDfmAXlSuA8/lQEP9gmmDj+CTHXvBbmtY0f7aVK3VWdfFSADxS9ohTmmAlE8WLVqvpP236hbhpeCF4Y7blLUdbyGRw3G0SGRHOUF8NJhhGMT8PFNR+1rdY0NvG4aYV9Ltegso3FIJrJYYw7ORU3TRL1lBrA2Lw6KsFDb7/H+E4LjB7GkkN+UP40YZ3ecg23Hkz092WMRpUMeV3BGS05lt86XmcnRo0w80LqTu9zdnj7rA+FsSbMsbhsRTOgwEU49eHWJZy5nrvXMEa4OwcpiuQFJAFSIDj+OYiNAFgj8kKlB9gB/VLZ24e4s3eCBnagBzfYJVmOXkBax/uD5YULsHwfIpmxdz7lYKKCv3kOK6n8lkygkhmIAaZsZZtZp1qfVKuQ/XHmaUtM38d1xNH8SoGjrk4x0jpmFOVelaP8jCZ+HInmrp9qYI1ekYPwX8QhiQNMfcRS1JapVP9g8vXbvwMD1Y+Z8sFzmJ/Z/udWxJ2sc0yJV6G21q3I6PI241iNhEmbNG1WlhOKY2gDLoDZZfcQTOvjkZJoyHJDu4rqKQwjOq/lbURALIeUmP6vCutfBMu01LVbsTbSjau9ebx7uQ3JY+MGq1AmQQjMG0FbyOP3aSb8P/N2MzmmSfKTK/U59lUDSklNR5d/aXbQZqmzDt0n5C/fVD0YhH2t7T6H65LM/0wO2IbebUrHrEEi67a4MHBGHRV0OdVocg0eCA3zPjnQAb4teHRYrHt0HBA78jgidFBH3p71LJXxG2/md/ZHCUU1zFmxREj8JKqOG2o+LYfsOxCbCnVz7TVkTlgasYISbxcRKozJGtvBBNp8TKC2yC1I42XJmujB4ibtnObYMGufeV6QvhMEby9j/BQTtNWSQpzJPpaJLZxyhm05KpJWT7rXS2rSEFXH4sqJPhe/O NwQJxtaH YiXZAYPmXMCpFWjCD5FNPZSUHoiihODl52kQb4508mAzjkzzZGak0tuZcgA== X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: So far KSM can only be enabled by calling madvise for memory regions. To be able to use KSM for more workloads, KSM needs to have the ability to be enabled / disabled at the process / cgroup level. Use case 1: The madvise call is not available in the programming language. An example for this are programs with forked workloads using a garbage collected language without pointers. In such a language madvise cannot be made available. In addition the addresses of objects get moved around as they are garbage collected. KSM sharing needs to be enabled "from the outside" for these type of workloads. Use case 2: The same interpreter can also be used for workloads where KSM brings no benefit or even has overhead. We'd like to be able to enable KSM on a workload by workload basis. Use case 3: With the madvise call sharing opportunities are only enabled for the current process: it is a workload-local decision. A considerable number of sharing opportuniites may exist across multiple workloads or jobs. Only a higler level entity like a job scheduler or container can know for certain if its running one or more instances of a job. That job scheduler however doesn't have the necessary internal worklaod knowledge to make targeted madvise calls. Security concerns: In previous discussions security concerns have been brought up. The problem is that an individual workload does not have the knowledge about what else is running on a machine. Therefore it has to be very conservative in what memory areas can be shared or not. However, if the system is dedicated to running multiple jobs within the same security domain, its the job scheduler that has the knowledge that sharing can be safely enabled and is even desirable. Performance: Experiments with using UKSM have shown a capacity increase of around 20%. 1. New options for prctl system command This patch series adds two new options to the prctl system call. The first one allows to enable KSM at the process level and the second one to query the setting. The setting will be inherited by child processes. With the above setting, KSM can be enabled for the seed process of a cgroup and all processes in the cgroup will inherit the setting. 2. Changes to KSM processing When KSM is enabled at the process level, the KSM code will iterate over all the VMA's and enable KSM for the eligible VMA's. When forking a process that has KSM enabled, the setting will be inherited by the new child process. In addition when KSM is disabled for a process, KSM will be disabled for the VMA's where KSM has been enabled. 3. Add general_profit metric The general_profit metric of KSM is specified in the documentation, but not calculated. This adds the general profit metric to /sys/kernel/debug/mm/ksm. 4. Add more metrics to ksm_stat This adds the process profit and ksm type metric to /proc//ksm_stat. 5. Add more tests to ksm_tests This adds an option to specify the merge type to the ksm_tests. This allows to test madvise and prctl KSM. It also adds a new option to query if prctl KSM has been enabled. It adds a fork test to verify that the KSM process setting is inherited by client processes. Changes: - V4: - removing check in prctl for MMF_VM_MERGEABLE in PR_SET_MEMORY_MERGE handling - Checking for VM_MERGEABLE AND MMF_VM_MERGE_ANY to avoid chaning vm_flags - This requires also checking that the vma is compatible. The compatibility check is provided by a new helper - processes which have set MMF_VM_MERGE_ANY, only need to call the helper and not madvise. - removed unmerge_vmas function, this function is no longer necessary, clearing the MMF_VM_MERGE_ANY bit is sufficient - V3: - folded patch 1 - 6 - folded patch 7 - 14 - folded patch 15 - 19 - Expanded on the use cases in the cover letter - Added a section on security concerns to the cover letter - V2: - Added use cases to the cover letter - Removed the tracing patch from the patch series and posted it as an individual patch - Refreshed repo Stefan Roesch (3): mm: add new api to enable ksm per process mm: add new KSM process and sysfs knobs selftests/mm: add new selftests for KSM Documentation/ABI/testing/sysfs-kernel-mm-ksm | 8 + Documentation/admin-guide/mm/ksm.rst | 8 +- fs/proc/base.c | 5 + include/linux/ksm.h | 19 +- include/linux/sched/coredump.h | 1 + include/uapi/linux/prctl.h | 2 + kernel/sys.c | 27 ++ mm/ksm.c | 137 +++++++--- tools/include/uapi/linux/prctl.h | 2 + tools/testing/selftests/mm/Makefile | 2 +- tools/testing/selftests/mm/ksm_tests.c | 254 +++++++++++++++--- 11 files changed, 388 insertions(+), 77 deletions(-)