lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 17 Dec 2015 18:43:20 +0000
From:	"Luck, Tony" <tony.luck@...el.com>
To:	Kamezawa Hiroyuki <kamezawa.hiroyu@...fujitsu.com>,
	Xishi Qiu <qiuxishi@...wei.com>
CC:	"Izumi, Taku" <izumi.taku@...fujitsu.com>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
	"linux-mm@...ck.org" <linux-mm@...ck.org>,
	"akpm@...ux-foundation.org" <akpm@...ux-foundation.org>,
	"mel@....ul.ie" <mel@....ul.ie>,
	"Hansen, Dave" <dave.hansen@...el.com>,
	"matt@...eblueprint.co.uk" <matt@...eblueprint.co.uk>
Subject: RE: [PATCH v3 2/2] mm: Introduce kernelcore=mirror option

>>> As Tony requested, we may need a knob to stop a fallback in "movable->normal", later.
>>>
>> 
>> If the mirrored memory is small and the other is large,
>> I think we can both enable "non-mirrored -> normal" and "normal -> non-mirrored".
>
> Size of mirrored memory can be configured by software(EFI var).
> So, having both is just overkill and normal->non-mirroed fallback is meaningless considering
> what the feature want to guarantee.

In the original removable usage we wanted to guarantee that Linux did not allocate any
kernel objects in removable memory - because that would prevent later removal of that
memory.

Mirror case is the same - we don't want to allocate kernel structures in non-mirrored memory
because an uncorrectable error in one of them would crash the system.

But I think some users might like some flexibility here.  If the system doesn't have enough
memory for the kernel (non-movable or mirrored), then it seems odd to end up crashing
the system at the point of memory exhaustion (a likely result ... the kernel can try to reclaim
some pages from SLAB, but that might only return a few pages, if the shortage continues
the system will perform poorly and eventually fail).

The whole point of removable memory or mirrored memory is to provide better availability.

I'd vote for a mode where running out of memory for kernel results in a

   warn_on_once("Ran out of mirrored/non-removable memory for kernel - now allocating from all zones\n")

because I think most people would like the system to stay up rather than worry about some future problem that may never happen.

-Tony



--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ