Received: by 2002:a05:7412:37c9:b0:e2:908c:2ebd with SMTP id jz9csp3138337rdb; Fri, 22 Sep 2023 21:52:37 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHw22A+xfbFqHo/vVks7ojHk46WZ+t9kbNPxpHZoC4Soz9rDOtCwconxkK2Vrte3bUShflK X-Received: by 2002:a05:6a20:938e:b0:153:8754:8a7e with SMTP id x14-20020a056a20938e00b0015387548a7emr1644340pzh.3.1695444757193; Fri, 22 Sep 2023 21:52:37 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1695444757; cv=none; d=google.com; s=arc-20160816; b=Dz6z9i53YfdEnAICOzOKZv7NsQLXX/AA+Wazzypf4fzLU3zDfXuTiJ9FsUq3lFmSax J9cMl6x4R1zBhtdQ4wXomVC11HNP+nAyKDRUxDZ9WBgpil+owoxU9gplWnBTUPWe9ElR oyOb9KWc1jGpv5p3F0jBseWPfW2STs3EfDayNIGOCj3PAL8QanjWTXRj7G2GutBSGkro fkfTf5sC1GBWTf4OaBo1+maSUYPIBZyGCFQ2KOwG1ErYpVpn6FGEefeR8cscIkB12+yJ rnIwhOJVsKmPU+XQdLLbaChg13+YcsuLDGRHS9g4EQHElQHxmyMan7YdAYGUVg7gWbvT RwmA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:mime-version:message-id:in-reply-to:date:subject :cc:to:from:user-agent:references:feedback-id:dkim-signature :dkim-signature; bh=l0GrjrIypWNrvLrMpjxWoVWk3qVTn1PfECewz++IatQ=; fh=4yab9sgk6bnYvZDbVqikwkrODM5Y2lzG3PnlNfT3s6A=; b=SbH87mKkacpRozBz1ruuRGrvCCu6SDcwHGVa7XCJW83O8OrRpuPcNGNjBp4FWe2H5p DTSLx1g0p0jAn4/1kZ+Pl4ie5Jrpyyy4gbt6fURqHWcEaFfSSSgCaraPkeMSBInR0NYp +BMVxT7ckWU/Zqp8PazLj+WRguGFhIFDXnT/LvcVYsRmUKtRjO0ve12elsw14++FFJg/ ZUY1o2JbKHPNT2vo6lR6y7ROawY9b0XsziI6O3WUBwxbX5j7ErC0ys9ejMCa/HFkHmwq aQwr1gBfPSyPT8ySaaeN7iZNJYTosJBHJChKz1+jcYAJf4BgWrBm0tmtQzxJQOfOmLYA UEQA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@devkernel.io header.s=fm3 header.b=vhHMv1cQ; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=ZMACuU8A; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from snail.vger.email (snail.vger.email. [23.128.96.37]) by mx.google.com with ESMTPS id v63-20020a638942000000b005644829012fsi5077839pgd.701.2023.09.22.21.52.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 22 Sep 2023 21:52:37 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) client-ip=23.128.96.37; Authentication-Results: mx.google.com; dkim=pass header.i=@devkernel.io header.s=fm3 header.b=vhHMv1cQ; dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=ZMACuU8A; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.37 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by snail.vger.email (Postfix) with ESMTP id 337DD80E069F; Fri, 22 Sep 2023 09:21:55 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at snail.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230443AbjIVQV4 (ORCPT + 99 others); Fri, 22 Sep 2023 12:21:56 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:42852 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231920AbjIVQVu (ORCPT ); Fri, 22 Sep 2023 12:21:50 -0400 Received: from wout4-smtp.messagingengine.com (wout4-smtp.messagingengine.com [64.147.123.20]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DB337CC1 for ; Fri, 22 Sep 2023 09:21:41 -0700 (PDT) Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.west.internal (Postfix) with ESMTP id D7CCB320085B; Fri, 22 Sep 2023 12:21:38 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute4.internal (MEProxy); Fri, 22 Sep 2023 12:21:39 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=devkernel.io; h= cc:cc:content-type:content-type:date:date:from:from:in-reply-to :in-reply-to:message-id:mime-version:references:reply-to:sender :subject:subject:to:to; s=fm3; t=1695399698; x=1695486098; bh=l0 GrjrIypWNrvLrMpjxWoVWk3qVTn1PfECewz++IatQ=; b=vhHMv1cQnO5x40/4o0 uwiDeYjTh1i4iTha5hAYO1s5L/pZDueCB0K1EqkLRCLLOn+28cEx5WmcrHT4p/4+ AQCOE+M5MieT2k/PmX0ivu7nabxOTnx9BnlDBa16N637G6D6ouxAcvZUjWGBUWTy FA5PICARqWElUaPnuPFgb+HL2JCa3V3oWrUoLNZ52e153ZA0cvL46eXC0gZWJtgJ Pp8nDHrc9mkKy3wdugQ5lioB/JyE1DCrh6Mhp1IHwxPFefG547gbhT4r2xRBwFVu WSK9g1nU4Zs1l84NLp/HwXKvljHrEQRA7+RDnnEsEbi4wz3Pqo9FSnjqjqxPGHnv 7Biw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-type:content-type:date:date :feedback-id:feedback-id:from:from:in-reply-to:in-reply-to :message-id:mime-version:references:reply-to:sender:subject :subject:to:to:x-me-proxy:x-me-proxy:x-me-sender:x-me-sender :x-sasl-enc; s=fm2; t=1695399698; x=1695486098; bh=l0GrjrIypWNrv LrMpjxWoVWk3qVTn1PfECewz++IatQ=; b=ZMACuU8A891NRckNQxCOedNH5smy4 RpnglAwhGqfZGPul3JRi83iOOoG/wVygaInrp6Jw9M706+6ksemWfvAloCXlP7t3 9DTssfCDY2v22irBFMSWrxVTo0wHdSahgbhN/vN4iGbxC8iTrKbkPm/is+FK0vIV aFp/DDD0WF+/FYaON92uq0n68/qpncnZH1nJSTkG7GS6Wv1/7ebEEBkqZ/FbHtlq yWnjKEJjDmyTUuKMCSxWAn2K17J1Y+mDwn68kXenU7bqfTI7vJIT5ibw6OR+7dyo 22+AyxgKm4d5NxchDwJsPjvMMH84HnkSmHf2qHAwWSUnnHcKV7sc2p/dg== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedviedrudekkedgkeduucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpehffgfhvfevufffjgfkgggtsehttd ertddtredtnecuhfhrohhmpefuthgvfhgrnhcutfhovghstghhuceoshhhrhesuggvvhhk vghrnhgvlhdrihhoqeenucggtffrrghtthgvrhhnpeevlefggffhheduiedtheejveehtd fhtedvhfeludetvdegieekgeeggfdugeeutdenucevlhhushhtvghrufhiiigvpedtnecu rfgrrhgrmhepmhgrihhlfhhrohhmpehshhhrseguvghvkhgvrhhnvghlrdhioh X-ME-Proxy: Feedback-ID: i84614614:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Fri, 22 Sep 2023 12:21:37 -0400 (EDT) References: <20230921164709.3627565-1-shr@devkernel.io> <20230921173251.54b854fb0ec7af2bf3e3ec3b@linux-foundation.org> User-agent: mu4e 1.10.1; emacs 28.2.50 From: Stefan Roesch To: Andrew Morton Cc: kernel-team@fb.com, david@redhat.com, hannes@cmpxchg.org, riel@surriel.com, linux-kernel@vger.kernel.org, linux-mm@kvack.org Subject: Re: [PATCH v3 0/2] mm/ksm: add fork-exec support for prctl Date: Fri, 22 Sep 2023 09:08:41 -0700 In-reply-to: <20230921173251.54b854fb0ec7af2bf3e3ec3b@linux-foundation.org> Message-ID: MIME-Version: 1.0 Content-Type: text/plain X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED, SPF_HELO_PASS,SPF_PASS,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (snail.vger.email [0.0.0.0]); Fri, 22 Sep 2023 09:21:55 -0700 (PDT) Andrew Morton writes: > On Thu, 21 Sep 2023 09:47:07 -0700 Stefan Roesch wrote: > >> A process can enable KSM with the prctl system call. When the process is >> forked the KSM flag is inherited by the child process. > > I guess that's logical, as it's still the same program. > >> However if the >> process is executing an exec system call directly after the fork, the >> KSM setting is cleared. This patch series addresses this problem. > > Well... who said it's a problem? There's nothing in our documentation > about this(?). Why is the current behavior wrong? If the new program > wants KSM, it can turn on KSM. > > This significant change in user-visible behavior deserves much more > explanation and justification, please. Including an explanation of why > it's OK to change kernel behavior under existing users' feet like this, Today we have two ways to enable KSM: 1) madvise system call This allows to enable KSM for a memory region for a long time. 2) prctl system call This is a recent addition to enable KSM for the complete process. In addition when a process is forked, the KSM setting is inherited. This change only affects the second case. One of the use cases for (2) was to support the ability to enable KSM for cgroups. This allows systemd to enable KSM for the seed process. By enabling it in the seed process all child processes inherit the setting. This works correctly when the process is forked. However it doesn't support fork/exec workflow. From the previous cover letter: .... Use case 3: With the madvise call sharing opportunities are only enabled for the current process: it is a workload-local decision. A considerable number of sharing opportunities may exist across multiple workloads or jobs (if they are part of the same security domain). Only a higler level entity like a job scheduler or container can know for certain if its running one or more instances of a job. That job scheduler however doesn't have the necessary internal workload knowledge to make targeted madvise calls. ... In addition it can also be a bit surprising that fork keeps the KSM setting and fork/exec does not.