Just FYI
new attempt to push accounting for file locks.
-------- Forwarded Message --------
Subject: [PATCH RFC 0/4] Fix file lock cache accounting, again
Date: Wed, 17 Jan 2024 08:14:42 -0800
From: Josh Poimboeuf <[email protected]>
To: Linus Torvalds <[email protected]>, Jeff Layton
<[email protected]>, Chuck Lever <[email protected]>, Shakeel Butt
<[email protected]>, Roman Gushchin <[email protected]>, Johannes
Weiner <[email protected]>, Michal Hocko <[email protected]>
CC: [email protected], Jens Axboe <[email protected]>, Tejun Heo
<[email protected]>, Vasily Averin <[email protected]>, Michal Koutny
<[email protected]>, Waiman Long <[email protected]>, Muchun Song
<[email protected]>, Jiri Kosina <[email protected]>,
[email protected], [email protected]
This is an attempt to fix file lock cache accounting (again). The bug
was originally reported 2+ years ago [1] but was quickly reverted [2]
for performance reasons.
A few years ago some ideas [3] were floated about how to improve the
performance. Did any of those ever get implemented?
Testing shows "mm: improve performance of accounted kernel memory
allocations" [4] helping some. But even with those patches, much of the
original performance regression still remains, at least according to
microbenchmarks.
Despite that regression, this being a security and correctness issue, it
really needs to be fixed by default. Those who want to live on the edge
(or have trusted user space) can disable it.
Patch 1 enables the fix by default, but allows disabling it at boot
time.
Patch 2 allows disabling it at build time.
Patches 3 and 4 allow disabling it (along with all the CPU mitigations)
using mitigations=off.
[1] 0f12156dff28 ("memcg: enable accounting for file lock caches")
[2] 3754707bcc3e ("Revert "memcg: enable accounting for file lock caches"")
[3] https://lore.kernel.org/lkml/[email protected]/
[4]
https://lore.kernel.org/lkml/[email protected]/
Josh Poimboeuf (4):
fs/locks: Fix file lock cache accounting, again
fs/locks: Add CONFIG_FLOCK_ACCOUNTING
mitigations: Expand 'mitigations=off' to include optional software
mitigations
mitigations: Add flock cache accounting to 'mitigations=off'
.../admin-guide/kernel-parameters.txt | 48 ++++++++++++++----
arch/arm64/kernel/cpufeature.c | 2 +-
arch/arm64/kernel/proton-pack.c | 6 +--
arch/powerpc/kernel/security.c | 14 +++---
arch/s390/kernel/nospec-branch.c | 2 +-
arch/x86/kernel/cpu/bugs.c | 35 ++++++-------
arch/x86/kvm/mmu/mmu.c | 2 +-
arch/x86/mm/pti.c | 3 +-
fs/Kconfig | 15 ++++++
fs/locks.c | 31 +++++++++++-
include/linux/bpf.h | 5 +-
include/linux/cpu.h | 3 --
include/linux/mitigations.h | 4 ++
kernel/Makefile | 3 +-
kernel/cpu.c | 43 ----------------
kernel/mitigations.c | 50 +++++++++++++++++++
16 files changed, 174 insertions(+), 92 deletions(-)
create mode 100644 include/linux/mitigations.h
create mode 100644 kernel/mitigations.c
--
2.43.0
_______________________________________________
Devel mailing list
[email protected]
https://lists.openvz.org/mailman/listinfo/devel
