Received: by 2002:a6b:500f:0:0:0:0:0 with SMTP id e15csp536782iob; Wed, 18 May 2022 07:34:23 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwVlAZEVi3F4DpSD8yLiUd1wqbx5ukaXT11Mw0NdAx+QbQF2jXTwYLDjAmBuT/scFjPJun/ X-Received: by 2002:a17:902:c2cf:b0:15f:1396:f54e with SMTP id c15-20020a170902c2cf00b0015f1396f54emr28232493pla.161.1652884463478; Wed, 18 May 2022 07:34:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1652884463; cv=none; d=google.com; s=arc-20160816; b=XiQM4RfYD0fCTQbXsdQESNW1JWvr4g8Ow9yk0jVxD+S7Kyqw33lMkj8NAr7JW8mW/t S8LohDbNGgjrBgCXq8IN06xa/aEzlwmDI8SZ/AH5A5tNIUzmh5KB4Wxc0xnxJEo0MpiK n6QzcjL+zLg75DPjL70nPNXg30P/7KLMzBWwr1pkZgs+JqPxDQMTm1Reck9DJdx3C+Ho qgH89l4Mk8nlceEeCUBLVyy/6DYU4D7KLnHhhhir9P/qKfhtnRPusnHEu6ifo4PA/Yy/ kNvOkGcTg6fpCzhSkTPW0jvftZxed8JXqML7W4kyUlE2sbtwBLr9VkDFiSmzxNxVz5Di pkPA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=/o8jxVzJHrKnQPYDyUAFY3NEjQoX1p3FxNxyj6gs2jo=; b=BE+DhAk7fMKejODy5H8/y5Kvaghb36S3p00n8IFblQkd/VM4TdcoJrJYkxZjwzm9DL ltWzB26rKbSuv+xoJPqAc1WqumHmqb/ljeEhzveSDKa/OkQc1uZX0uq1HwgfstNxjedq 9B0sODJQKa3aFXqXoOlMsej4BbvSfJWVKJBS01zb6R5Ry+QS8o4S/IzO71BanPJFPoTX xEHYGcKpEfGCAzrcbBKylVGd98VFC69KI3w8GpVTiN2DgDzfNSDSoHkgmc4BqDoZ1FrL LYjgI4rIMi7XFp2Jk4gx7bjDqufsMyKShxUHAWJQsB5EPLKcl+ucG4vKHWbQiMk+NItA eqvA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b="bXqsD/5O"; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id l6-20020a170902f68600b00155e153b8absi3188359plg.482.2022.05.18.07.34.22 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 18 May 2022 07:34:23 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20210112 header.b="bXqsD/5O"; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id C4D4613C4F9; Wed, 18 May 2022 07:32:13 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S238634AbiEROcJ (ORCPT + 99 others); Wed, 18 May 2022 10:32:09 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37546 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S238575AbiEROcH (ORCPT ); Wed, 18 May 2022 10:32:07 -0400 Received: from mail-lf1-x135.google.com (mail-lf1-x135.google.com [IPv6:2a00:1450:4864:20::135]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7B72E13C344 for ; Wed, 18 May 2022 07:32:04 -0700 (PDT) Received: by mail-lf1-x135.google.com with SMTP id c24so3934458lfv.11 for ; Wed, 18 May 2022 07:32:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=/o8jxVzJHrKnQPYDyUAFY3NEjQoX1p3FxNxyj6gs2jo=; b=bXqsD/5OKiD06afoIxdd1RhVMAV2zjqVL4xb7Xr54EBlsylyb9Wkk1QlqHJEdwHgRE 9rwcacTUnE/upPhQpvGq9LsbYdhP1B9Bg72S/dRXj8nEpgd7l0ZM+ujjwQxRRGnkFcGD mNXhIoVNgPnHoTQr7WuMD+i4pUl5aQ0jSHN0u7D3UsVKfBPHYVPkjTTa3oY7IHad2pHE Gx6+UTsexYvbkSkzn/wNS9wqQlDv3pNBNfgBiyADqiu3vrBwdAqtfCsPDdb8omg337qz gNQesHwQLsKQ06lU3wT9xijpTl3I4rwKTbq2eOFC0euMekwhzEfSDPYlk0zGcWLSBpvD KEMg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=/o8jxVzJHrKnQPYDyUAFY3NEjQoX1p3FxNxyj6gs2jo=; b=6d8VDqqurLLrejEwaNkzVMS+edrZoVJvY6R5fwXvaO2WOqG1XGPAXIg277Vp0PPyp6 fys0eNcNcACbBgTZ2aSoGnTe4dnEZZ40Il9mUGqojFDZ7/oJxB1ClI6HZiDttXAylCRr bdavlDKia95ZXWTyrZeLzKjF30xyqAZ8JC76yV63Oz57MSLFOYG7Jm0sWH2Yk2vhxQmV Ft8ssggRIiu5jA2vDei/ne5IsPptEZdRlrZl0q6IO2GLUncetTzQ1UfArlg4WbiAYQeO qfjyBXeeIIQ4WL42W/xJKYYoobwnBDpX3ofCv+WtB5viBpDiBLhR+fkmDSMuPxLAaogZ 2/vg== X-Gm-Message-State: AOAM533EgC/nZwZKuU04RxtuqL2dFgE7bwO79bxavmY4HFcq85YAtUwq vGxLLphnpQ4JmcGlpxsgdG+89LwyWBDpQQ6KsDoKfw== X-Received: by 2002:a05:6512:260d:b0:445:c06e:8242 with SMTP id bt13-20020a056512260d00b00445c06e8242mr19938085lfb.157.1652884322270; Wed, 18 May 2022 07:32:02 -0700 (PDT) MIME-Version: 1.0 References: <20220517092701.1662641-1-xu.xin16@zte.com.cn> In-Reply-To: <20220517092701.1662641-1-xu.xin16@zte.com.cn> From: Jann Horn Date: Wed, 18 May 2022 16:31:26 +0200 Message-ID: Subject: Re: [PATCH] mm/ksm: introduce ksm_enabled for each process To: cgel.zte@gmail.com Cc: akpm@linux-foundation.org, ammarfaizi2@gnuweeb.org, oleksandr@natalenko.name, willy@infradead.org, linux-mm@kvack.org, corbet@lwn.net, linux-kernel@vger.kernel.org, xu xin , Yang Yang , Ran Xiaokai , wangyong , Yunkai Zhang , Jiang Xuexin , Michal Hocko , Hugh Dickins , Linux API , Daniel Gruss Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-9.5 required=5.0 tests=BAYES_00,DKIMWL_WL_MED, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE,T_SCC_BODY_TEXT_LINE, USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, May 17, 2022 at 11:27 AM wrote: > For now, if we want to use KSM to merge pages of some apps, we have to > explicitly call madvise() in application code, which means installed > apps on OS needs to be uninstall and source code needs to be modified. > It is very inconvenient because sometimes users or app developers are not > willing to modify their app source codes for any reasons. As a sidenote: If you're going to enable KSM on your devices, I hope you're aware that KSM significantly reduces security - when cloud providers were using KSM, there were a bunch of papers that abused it for attacks. In particular, KSM inherently creates significant information leaks, because an attacker can determine whether a memory page with specific content exists in other apps through timing side channels. In the worst case, this could lead to an attacker being able to steal things like authentication tokens out of other apps. If you see significant memory savings from enabling KSM, it might be a good idea to look into where exactly those savings are coming from, and look into whether there is a better way to reduce memory utilization that doesn't rely on comparing entire pages against each other. See https://arxiv.org/pdf/2111.08553.pdf for a recent research paper that shows that memory deduplication can even make it possible to remotely (!) leak memory contents out of a machine, over the internet. (On top of that, KSM can also make it easier to pull off Rowhammer attacks in some contexts - see https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_razavi.pdf .)