[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <b95b651c-2e00-abdd-6d5a-5b3dea79dccb@oracle.com>
Date: Thu, 27 Apr 2023 10:40:57 -0600
From: Khalid Aziz <khalid.aziz@...cle.com>
To: Mike Kravetz <mike.kravetz@...cle.com>
Cc: akpm@...ux-foundation.org, willy@...radead.org,
markhemm@...glemail.com, viro@...iv.linux.org.uk, david@...hat.com,
andreyknvl@...il.com, dave.hansen@...el.com, luto@...nel.org,
brauner@...nel.org, arnd@...db.de, ebiederm@...ssion.com,
catalin.marinas@....com, linux-arch@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-mm@...ck.org,
mhiramat@...nel.org, rostedt@...dmis.org, vasily.averin@...ux.dev,
xhao@...ux.alibaba.com, pcc@...gle.com, neilb@...e.de,
maz@...nel.org
Subject: Re: [PATCH RFC v2 0/4] Add support for sharing page tables across
processes (Previously mshare)
On 4/26/23 15:27, Mike Kravetz wrote:
> On 04/26/23 10:49, Khalid Aziz wrote:
>> Memory pages shared between processes require a page table entry
>> (PTE) for each process. Each of these PTE consumes some of the
>> memory and as long as number of mappings being maintained is small
>> enough, this space consumed by page tables is not objectionable.
>> When very few memory pages are shared between processes, the number
>> of page table entries (PTEs) to maintain is mostly constrained by
>> the number of pages of memory on the system. As the number of
>> shared pages and the number of times pages are shared goes up,
>> amount of memory consumed by page tables starts to become
>> significant. This issue does not apply to threads. Any number of
>> threads can share the same pages inside a process while sharing the
>> same PTEs. Extending this same model to sharing pages across
>> processes can eliminate this issue for sharing across processes as
>> well.
>>
>> Some of the field deployments commonly see memory pages shared
>> across 1000s of processes. On x86_64, each page requires a PTE that
>> is only 8 bytes long which is very small compared to the 4K page
>> size. When 2000 processes map the same page in their address space,
>> each one of them requires 8 bytes for its PTE and together that adds
>> up to 8K of memory just to hold the PTEs for one 4K page. On a
>> database server with 300GB SGA, a system crash was seen with
>> out-of-memory condition when 1500+ clients tried to share this SGA
>> even though the system had 512GB of memory. On this server, in the
>> worst case scenario of all 1500 processes mapping every page from
>> SGA would have required 878GB+ for just the PTEs. If these PTEs
>> could be shared, amount of memory saved is very significant.
>
> When hugetlb pmd sharing was introduced the motivating factor was performance
> as much as memory savings. See commit,
> 39dde65c9940 [PATCH] shared page table for hugetlb page
>
> I have not verified the claims in that commit message, but it does sound
> reasonable. My assumption is that the same would apply here.
Hi Mike,
Thanks for the feedback. I looked up the commit log for 39dde65c9940. You are right, same does apply here.
>
>>
>> This patch series adds a new flag to mmap() call - MAP_SHARED_PT.
>> This flag can be specified along with MAP_SHARED by a process to
>> hint to kernel that it wishes to share page table entries for this
>> file mapping mmap region with other processes. Any other process
>> that mmaps the same file with MAP_SHARED_PT flag can then share the
>> same page table entries. Besides specifying MAP_SHARED_PT flag, the
>> processes must map the files at a PMD aligned address with a size
>> that is a multiple of PMD size and at the same virtual addresses.
>> This last requirement of same virtual addresses can possibly be
>> relaxed if that is the consensus.
>
> I would think the same virtual address requirement is problematic in the
> case of ASLR. hugetlb pmd sharing does not have the 'same virtual
> addresses' requirement. My guess is that requiring the same virtual
> address does not make code simpler.
Same virtual address requirement make pevious mshare implementation quite a bit simpler, but this reimplementation in
this RFC does not rely upon virtual addresses being same as much. This does open up the possibility of removing this
requirement. I just haven't looked through any potential complications enough.
>
>> When mmap() is called with MAP_SHARED_PT flag, a new host mm struct
>> is created to hold the shared page tables. Host mm struct is not
>> attached to a process. Start and size of host mm are set to the
>> start and size of the mmap region and a VMA covering this range is
>> also added to host mm struct. Existing page table entries from the
>> process that creates the mapping are copied over to the host mm
>> struct.
>
> It seems there is one host mm struct per shared mapping. Is that
> correct? And, the host mm is the size of that single mapping?
There is one host mm per shared file. This was done to allow for multiple VMAs to exist in this mm for a file that can
potentially represent multiple shared regions of the file. In the RFC, I am creating only one shared region per file for
now.
> Suppose the following:
> - process A maps shared file offset 0 to 2xPMD_SIZE
> - process B maps shared file offset 0 to 2xPMD_SIZE
> It then makes sense A and B would use the same host mm. Now,
Yes, that is correct.
> - process C maps shared file offset 0 to 4xPMD_SIZE
> Does C share anything with A and B? Are there multiple host mm structs?
In the RFC implementation, C does not share anything with A. The code is written to allow for expansion to support this
sharing as well as sharing multiple non-contiguous regions of the file. My goal is to debug and finalize sharing
infrastructure for the simple case and then start expanding it. In this specific case, implementation would expand the
existing shared VMAs to cover offset 0 to 4xPMD.
>
> Just wondering at a high level how this would work without looking at
> the code.
>
>> All processes mapping this shared region are considered
>> guest processes. When a guest process mmap's the shared region, a vm
>> flag VM_SHARED_PT is added to the VMAs in guest process. Upon a page
>> fault, VMA is checked for the presence of VM_SHARED_PT flag. If the
>> flag is found, its corresponding PMD is updated with the PMD from
>> host mm struct so the PMD will point to the page tables in host mm
>> struct. vm_mm pointer of the VMA is also updated to point to host mm
>> struct for the duration of fault handling to ensure fault handling
>> happens in the context of host mm struct. When a new PTE is
>> created, it is created in the host mm struct page tables and the PMD
>> in guest mm points to the same PTEs.
>>
>> This is a basic working implementation. It will need to go through
>> more testing and refinements. Some notes and questions:
>>
>> - PMD size alignment and size requirement is currently hard coded
>> in. Is there a need or desire to make this more flexible and work
>> with other alignments/sizes? PMD size allows for adapting this
>> infrastructure to form the basis for hugetlbfs page table sharing
>> as well. More work will be needed to make that happen.
>>
>> - Is there a reason to allow a userspace app to query this size and
>> alignment requirement for MAP_SHARED_PT in some way?
>>
>> - Shared PTEs means mprotect() call made by one process affects all
>> processes sharing the same mapping and that behavior will need to
>> be documented clearly. Effect of mprotect call being different for
>> processes using shared page tables is the primary reason to
>> require an explicit opt-in from userspace processes to share page
>> tables. With a transparent sharing derived from MAP_SHARED alone,
>> changed effect of mprotect can break significant number of
>> userspace apps. One could work around that by unsharing whenever
>> mprotect changes modes on shared mapping but that introduces
>> complexity and the capability to execute a single mprotect to
>> change modes across 1000's of processes sharing a mapped database
>> is a feature explicitly asked for by database folks. This
>> capability has significant performance advantage when compared to
>> mechanism of sending messages to every process using shared
>> mapping to call mprotect and change modes in each process, or
>> using traps on permissions mismatch in each process.
>
> I would guess this is more than just mprotect, and anything that impacts
> page tables. Correct? For example MADV_DONTNEED, MADV_HUGEPAGE,
> MADV_NOHUGEPAGE.
Yes. For instance, the RFC implementation allows one process to set MADV_DONTNEED and remove PTEs which removes them for
all other processes sharing the mapping. That behavior does not quite sound right. A more robust implementation would
possibly remove PTEs only if all sharing processes have set MADV_DONTNEED. Other flags might need different treatment,
for instance MADV_WILLNEED should trigger read-ahead even if set by just one process.
>
>> - This implementation does not allow unmapping page table shared
>> mappings partially. Should that be supported in future?
>>
>> Some concerns in this RFC:
>>
>> - When page tables for a process are freed upon process exit,
>> pmd_free_tlb() gets called at one point to free all PMDs allocated
>> by the process. For a shared page table, shared PMDs can not be
>> released when a guest process exits. These shared PMDs are
>> released when host mm struct is released upon end of last
>> reference to page table shared region hosted by this mm. For now
>> to stop PMDs being released, this RFC introduces following change
>> in mm/memory.c which works but does not feel like the right
>> approach. Any suggestions for a better long term approach will be
>> very appreciated:
>>
>> @@ -210,13 +221,19 @@ static inline void free_pmd_range(struct mmu_gather *tlb,
>> pud_t *pud,
>>
>> pmd = pmd_offset(pud, start);
>> pud_clear(pud);
>> - pmd_free_tlb(tlb, pmd, start);
>> - mm_dec_nr_pmds(tlb->mm);
>> + if (shared_pte) {
>> + tlb_flush_pud_range(tlb, start, PAGE_SIZE);
>> + tlb->freed_tables = 1;
>> + } else {
>> + pmd_free_tlb(tlb, pmd, start);
>> + mm_dec_nr_pmds(tlb->mm);
>> + }
>> }
>>
>> static inline void free_pud_range(struct mmu_gather *tlb, p4d_t *p4d,
>>
>> - This implementation requires an additional VM flag. Since all lower
>> 32 bits are currently in use, the new VM flag must come from upper
>> 32 bits which restricts this feature to 64-bit processors.
>>
>> - This feature is implemented for file mappings only. Is there a
>> need to support it for anonymous memory as well?
>
> I have not looked at the implementation, are 'file mappings' only
> mappings using the page cache? Or, do you just need a file descriptor?
> Would a file descriptor created via memfd_create work for anonymous
> memory?
>
I look for just a file pointer, so an fd created by memfd would work for anonymous memory.
Thanks,
Khalid
Powered by blists - more mailing lists