[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Y1dcDmmIu8gSX4Rb@debian.me>
Date: Tue, 25 Oct 2022 10:46:22 +0700
From: Bagas Sanjaya <bagasdotme@...il.com>
To: "Guilherme G. Piccoli" <gpiccoli@...lia.com>
Cc: x86@...nel.org, linux-kernel@...r.kernel.org, tglx@...utronix.de,
mingo@...hat.com, bp@...en8.de, dave.hansen@...ux.intel.com,
hpa@...or.com, luto@...nel.org, corbet@....net,
linux-doc@...r.kernel.org, kernel-dev@...lia.com,
kernel@...ccoli.net, Fenghua Yu <fenghua.yu@...el.com>,
Joshua Ashton <joshua@...ggi.es>,
Melissa Wen <mwen@...lia.com>,
Paul Gofman <pgofman@...eweavers.com>,
Pavel Machek <pavel@...x.de>,
Pierre-Loup Griffais <pgriffais@...vesoftware.com>,
Tony Luck <tony.luck@...el.com>,
Zebediah Figura <zfigura@...eweavers.com>,
Andre Almeida <andrealmeid@...lia.com>
Subject: Re: [PATCH V3] x86/split_lock: Add sysctl to control the misery mode
On Mon, Oct 24, 2022 at 05:02:54PM -0300, Guilherme G. Piccoli wrote:
> +split_lock_mitigate (x86 only)
> +==============================
> +
> +On x86, each "split lock" imposes a system-wide performance penalty. On larger
> +systems, large numbers of split locks from unprivileged users can result in
> +denials of service to well-behaved and potentially more important users.
> +
DoS which harms legitimate users?
> +The kernel mitigates these bad users by detecting split locks and imposing
> +penalties: forcing them to wait and only allowing one core to execute split
> +locks at a time.
> +
> +These mitigations can make those bad applications unbearably slow. Setting
> +split_lock_mitigate=0 may restore some application performance, but will also
> +increase system exposure to denial of service attacks from split lock users.
> +
> += ===================================================================
> +0 Disable the mitigation mode - just warns the split lock on kernel log
> + and exposes the system to denials of service from the split lockers.
> +1 Enable the mitigation mode (this is the default) - penalizes the split
> + lockers with intentional performance degradation.
> += ===================================================================
> +
> +
The prose can be improved:
---- >8 ----
diff --git a/Documentation/admin-guide/sysctl/kernel.rst b/Documentation/admin-guide/sysctl/kernel.rst
index c2c64c1b706ff6..cdc5b75adb4633 100644
--- a/Documentation/admin-guide/sysctl/kernel.rst
+++ b/Documentation/admin-guide/sysctl/kernel.rst
@@ -1319,22 +1319,21 @@ split_lock_mitigate (x86 only)
On x86, each "split lock" imposes a system-wide performance penalty. On larger
systems, large numbers of split locks from unprivileged users can result in
-denials of service to well-behaved and potentially more important users.
+denials of service attack.
-The kernel mitigates these bad users by detecting split locks and imposing
+The kernel mitigates that condition by detecting split locks and imposing
penalties: forcing them to wait and only allowing one core to execute split
locks at a time.
-These mitigations can make those bad applications unbearably slow. Setting
-split_lock_mitigate=0 may restore some application performance, but will also
-increase system exposure to denial of service attacks from split lock users.
+These mitigations can make applications which rely on split locks unbearably
+slow. Setting split_lock_mitigate=0 may restore performance, but will also
+increase likelihood of DoS caused by split locks.
-= ===================================================================
-0 Disable the mitigation mode - just warns the split lock on kernel log
- and exposes the system to denials of service from the split lockers.
-1 Enable the mitigation mode (this is the default) - penalizes the split
- lockers with intentional performance degradation.
-= ===================================================================
+= ==================================================================
+0 Disable the mitigation - just warns the split lock on kernel log.
+1 Enable the mitigation (default) - penalizes the split lockers with
+ intentional performance degradation.
+= ==================================================================
stack_erasing
Thanks.
--
An old man doll... just what I always wanted! - Clara
Download attachment "signature.asc" of type "application/pgp-signature" (229 bytes)
Powered by blists - more mailing lists