lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 24 Oct 2017 09:47:32 +0200
From:   Juergen Gross <jgross@...e.com>
To:     Boris Ostrovsky <boris.ostrovsky@...cle.com>,
        HW42 <hw42@...umj.de>, linux-kernel@...r.kernel.org,
        xen-devel@...ts.xenproject.org
Subject: Re: [Xen-devel] [PATCH v3] xen/balloon: don't online new memory
 initially

On 03/10/17 23:33, Boris Ostrovsky wrote:
> On 10/02/2017 05:37 PM, HW42 wrote:
>> Juergen Gross:
>>> When setting up the Xenstore watch for the memory target size the new
>>> watch will fire at once. Don't try to reach the configured target size
>>> by onlining new memory in this case, as the current memory size will
>>> be smaller in almost all cases due to e.g. BIOS reserved pages.
>>>
>>> Onlining new memory will lead to more problems e.g. undesired conflicts
>>> with NVMe devices meant to be operated as block devices.
>>>
>>> Instead remember the difference between target size and current size
>>> when the watch fires for the first time and apply it to any further
>>> size changes, too.
>>>
>>> In order to avoid races between balloon.c and xen-balloon.c init calls
>>> do the xen-balloon.c initialization from balloon.c.
>>>
>>> Signed-off-by: Juergen Gross <jgross@...e.com>
>> This patch seems to introduce a regression. If I boot a HVM or PVH
>> domain with memory != maxmem then the kernel inside the domain reports
>> that it has maxmem available even though Xen reports only what is set as
>> memory. Sooner or later Xen logs "out of PoD memory!" and kills the
>> domain. If I revert the corresponding commit (96edd61d) then everything
>> works as expected.
>>
>> Tested this with Xen 4.9.0 and Linux 4.13.4.
>>
> 
> 
> Yes, this indeed doesn't look like it's doing the right thing (although
> I haven't seen the "out of memory" error).

You need to use enough memory (e.g. via memhog).

> I wonder whether target_diff should be computed against xenstore's
> "static-max" and not "target" and the memory should be ballooned down
> immediately and not on a subsequent watch firing.

Right. And we need to keep target_diff = 0 for PV domains.

Patch coming soon.


Juergen

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ