Just FYI
new attempt to push accounting for file locks.
-------- Forwarded Message --------
Subject: [PATCH RFC 0/4] Fix file lock cache accounting, again
Date: Wed, 17 Jan 2024 08:14:42 -0800
From: Josh Poimboeuf <jpoim...@kernel.org>
To: Linus Torvalds <torva...@linux-foundation.org>, Jeff Layton
<jlay...@kernel.org>, Chuck Lever <chuck.le...@oracle.com>, Shakeel Butt
<shake...@google.com>, Roman Gushchin <roman.gushc...@linux.dev>, Johannes
Weiner <han...@cmpxchg.org>, Michal Hocko <mho...@kernel.org>
CC: linux-ker...@vger.kernel.org, Jens Axboe <ax...@kernel.dk>, Tejun Heo
<t...@kernel.org>, Vasily Averin <vasily.ave...@linux.dev>, Michal Koutny
<mkou...@suse.com>, Waiman Long <long...@redhat.com>, Muchun Song
<muchun.s...@linux.dev>, Jiri Kosina <ji...@kernel.org>,
cgro...@vger.kernel.org, linux...@kvack.org
This is an attempt to fix file lock cache accounting (again). The bug
was originally reported 2+ years ago [1] but was quickly reverted [2]
for performance reasons.
A few years ago some ideas [3] were floated about how to improve the
performance. Did any of those ever get implemented?
Testing shows "mm: improve performance of accounted kernel memory
allocations" [4] helping some. But even with those patches, much of the
original performance regression still remains, at least according to
microbenchmarks.
Despite that regression, this being a security and correctness issue, it
really needs to be fixed by default. Those who want to live on the edge
(or have trusted user space) can disable it.
Patch 1 enables the fix by default, but allows disabling it at boot
time.
Patch 2 allows disabling it at build time.
Patches 3 and 4 allow disabling it (along with all the CPU mitigations)
using mitigations=off.
[1] 0f12156dff28 ("memcg: enable accounting for file lock caches")
[2] 3754707bcc3e ("Revert "memcg: enable accounting for file lock caches"")
[3] https://lore.kernel.org/lkml/dbc9955d-6c28-1dd5-b842-ef39a762a...@kernel.dk/
[4]
https://lore.kernel.org/lkml/20231019225346.1822282-1-roman.gushc...@linux.dev/
Josh Poimboeuf (4):
fs/locks: Fix file lock cache accounting, again
fs/locks: Add CONFIG_FLOCK_ACCOUNTING
mitigations: Expand 'mitigations=off' to include optional software
mitigations
mitigations: Add flock cache accounting to 'mitigations=off'
.../admin-guide/kernel-parameters.txt | 48 ++++++++++++++----
arch/arm64/kernel/cpufeature.c | 2 +-
arch/arm64/kernel/proton-pack.c | 6 +--
arch/powerpc/kernel/security.c | 14 +++---
arch/s390/kernel/nospec-branch.c | 2 +-
arch/x86/kernel/cpu/bugs.c | 35 ++++++-------
arch/x86/kvm/mmu/mmu.c | 2 +-
arch/x86/mm/pti.c | 3 +-
fs/Kconfig | 15 ++++++
fs/locks.c | 31 +++++++++++-
include/linux/bpf.h | 5 +-
include/linux/cpu.h | 3 --
include/linux/mitigations.h | 4 ++
kernel/Makefile | 3 +-
kernel/cpu.c | 43 ----------------
kernel/mitigations.c | 50 +++++++++++++++++++
16 files changed, 174 insertions(+), 92 deletions(-)
create mode 100644 include/linux/mitigations.h
create mode 100644 kernel/mitigations.c
--
2.43.0
_______________________________________________
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
