lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAKgT0UfGYqNbiFUTTbVRz3=-zftsJ5fNKeRT21PJGD+a1Knceg@mail.gmail.com>
Date:   Mon, 24 Feb 2020 16:13:34 -0800
From:   Alexander Duyck <alexander.duyck@...il.com>
To:     David Hildenbrand <david@...hat.com>
Cc:     "Michael S. Tsirkin" <mst@...hat.com>,
        Yang Shi <yang.shi@...ux.alibaba.com>,
        Hugh Dickins <hughd@...gle.com>,
        "Kirill A. Shutemov" <kirill.shutemov@...ux.intel.com>,
        Andrea Arcangeli <aarcange@...hat.com>,
        Andrew Morton <akpm@...ux-foundation.org>,
        linux-mm <linux-mm@...ck.org>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: [v2 PATCH] mm: shmem: allow split THP when truncating THP partially

On Mon, Feb 24, 2020 at 2:22 AM David Hildenbrand <david@...hat.com> wrote:
>
>
> >>> 1. we can probably teach QEMU to always use the pbp
> >>> machinery - will be helpful to reduce number of madvise calls too.
> >>
> >> The pbp machinery only works in the special case where the target page
> >> size > 4k and the guest is nice enough to send the 4k chunks of a target
> >> page sequentially. If the guest sends random pages, it is not of any use.
> >
> > Honestly I hadn't looked that close at the code. I had looked it over
> > briefly when I was working on the page reporting logic and had decided
> > against even bothering with it when I decided to use the scatterlist
> > approach since I can simply ignore the pages that fall below the
> > lowest order supported for the reporting.
>
> Yes, it's rather a hack for a special use case.
>
> >
> >>>
> >>> 2. Something we should do is teach balloon to
> >>> inflate using address/length pairs instead of PFNs.
> >>> This way we can pass a full THP in one go.
> >>
> >> The balloon works on 4k pages only. It is expected to break up THP and
> >> harm performance. Or if that's not possible *do nothing*. Similar to
> >> when balloon inflation is inhibited (e.g., vfio).
> >
> > Yes, but I think the point is that this is counter productive. If we
> > can allocate something up to MAX_ORDER - 1 and hand that to the
> > balloon driver instead then it would make the driver much more
> > efficient. We could basically just work from the highest available
> > order to the lowest and if that pushes us to the point of breaking up
> > THP pages then at that point it would make sense. Us allocating the
> > lower order pages first just makes it more difficult to go through and
> > compact pages back up to higher order. The goal should really always
> > be highest order to lowest order for inflation, and lowest to highest
> > for deflation. That way we put pressure on the guest to compact its
> > memory making it possible for us to squeeze it down even smaller and
> > provide more THP pages for the rest of the system.
>
> While the initial inflate path would be fine, I am more concerned about
> deflation/balloon compaction handling (see below, split to order-0
> pages). Because you really want to keep page compaction working.
>
> Imagine you would allocate higher-order pages in your balloon that are
> not movable, then the kernel would have less higher/order pages to work
> with which might actually harm performance in your guest.
>
> I think of it like that: Best performance is huge page in guest and
> host. Medium performance is huge page in guest xor host. Worst
> performance is no huge page.
>
> If you take away huge pages in your guest for your balloon, you limit
> the cases for "best performance", esp. less THP in your guest. You'll be
> able to get medium performance if you inflate lower-order pages in your
> guest but don't discard THP in your host - while having more huge pages
> for THP available. You'll get worst performance if you inflate
> lower-order pages in your guest and discard THP in your host.

My concern is more the fact that while the balloon driver may support
migration there is a chance that the other threads holding onto the
pages might not. That is why I am thinking that if possible we should
avoid breaking up a THP page unless we have to. By doing that it puts
pressure on the guest to try and keep more of the memory it has more
compact so as to avoid fragmentation.

I guess the question is if pressuring the guest to compact the memory
to create more THP pages would add value versus letting the pressure
from the inflation cause more potential fragmentation.

> >
> >> There was some work on huge page ballooning in a paper I read. But once
> >> the guest is out of huge pages to report, it would want to fallback to
> >> smaller granularity (down to 4k, to create real memory pressure), where
> >> you would end up in the very same situation you are right now. So it's -
> >> IMHO - only of limited used.
> >
> > I wouldn't think it would be that limited of a use case. By having the
> > balloon inflate with higher order pages you should be able to put more
> > pressure on the guest to compact the memory and reduce fragmentation
> > instead of increasing it. If you have the balloon flushing out the
> > lower order pages it is sitting on when there is pressure it seems
> > like it would be more likely to reduce fragmentation further.
>
> As we have balloon compaction in place and balloon pages are movable, I
> guess fragmentation is not really an issue.

I'm not sure that is truly the case. My concern is that by allocating
the 4K pages we are breaking up the higher order pages and we aren't
necessarily guaranteed to obtain all pieces of the higher order page
when we break it up. As a result we could end up causing the THP pages
to be broken up and scattered between the balloon and other consumers
of memory. If one of those other consumers is responsible for the
fragmentation that is causing us to be working on trying to compact
the memory it is possible it would just make things worse.

> >
> >> With what you suggest, you'll harm performance to reuse more memory.
> >> IMHO, ballooning can be expected to harm performance. (after all, if you
> >> inflate a 4k page in your guest, the guest won't be able to use a huge
> >> page around that page anymore as well - until it compacts balloon
> >> memory, resulting in new deflate/inflate steps). But I guess, it depends
> >> on the use case ...
> >
> > I think it depends on how you are using the balloon. If you have the
> > hypervisor only doing the MADV_DONTNEED on 2M pages, while letting it
> > fill the balloon in the guest with everything down to 4K it might lead
> > to enough memory churn to actually reduce the fragmentation as the
> > lower order pages are inflated/deflated as we maintain memory
> > pressure. It would probably be an interesting experiment if nothing
> > else, and probably wouldn't take much more than a few tweaks to make
> > use of inflation/deflation queues similar to what I did with the page
> > reporting/hinting interface and a bit of logic to try allocating from
> > highest order to lowest.
> >
>
> Especially page compaction/migration in the guest might be tricky. AFAIK
> it only works on oder-0 pages. E.g., whenever you allocated a
> higher-order page in the guest and reported it to your hypervisor, you
> want to split it into separate order-0 pages before adding them to the
> balloon list. Otherwise, you won't be able to tag them as movable and
> handle them via the existing balloon compaction framework - and that
> would be a major step backwards, because you would be heavily
> fragmenting your guest (and even turning MAX_ORDER - 1 into unmovable
> pages means that memory offlining/alloc_contig_range() users won't be
> able to move such pages around anymore).

Yes, from what I can tell compaction will not touch anything that is
pageblock size or larger. I am not sure if that is an issue or not.

For migration is is a bit of a different story. It looks like there is
logic in place for migrating huge and transparent huge pages, but not
higher order pages. I'll have to take a look through the code some
more to see just how difficult it would be to support migrating a 2M
page. I can probably make it work if I just configure it as a
transparent huge page with the appropriate flags and bits in the page
being set.

> But then, the balloon compaction will result in single 4k pages getting
> moved and deflated+inflated. Once you have order-0 pages in your list,
> deflating higher-order pages becomes trickier.

I probably wouldn't want to maintain them as individual lists. In my
mind it would make more sense to have two separate lists with separate
handlers for each. Then in the event of something such as a deflate we
could choose what we free based on the number of pages we need to
free. That would allow us to deflate the balloon quicker in the case
of a low-memory condition which should improve our responsiveness. In
addition with the driver sitting on a reserve of higher-order pages it
could help to alleviate fragmentation in such a case as well since it
could release larger contiguous blocks of memory.

> E.g., have a look at the vmware balloon (drivers/misc/vmw_balloon.c). It
> will allocate either 4k or 2MB pages, but won't be able to handle them
> for balloon compaction. They don't even bother about other granularity.
>
>
> Long story short: Inflating higher-order pages could be good for
> inflation performance in some setups, but I think you'll have to fall
> back to lower-order allocations +  balloon compaction on 4k.

I'm not entirely sure that is the case. It seems like with a few
tweaks to things we could look at doing something like splitting the
balloon so that we have a 4K and a 2M balloon. At that point it would
just be a matter of registering a pair of address space handlers so
that the 2M balloons are handled correctly if there is a request to
migrate their memory. As far as compaction that is another story since
it looks like 2M pages will not be compacted.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ