lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CA+CK2bCcfS1Fo8RvTeGXj_ejPRX9--sh5Jz8nzhkZnut4juDmg@mail.gmail.com>
Date:   Wed, 29 Nov 2023 14:45:03 -0500
From:   Pasha Tatashin <pasha.tatashin@...een.com>
To:     Robin Murphy <robin.murphy@....com>
Cc:     Jason Gunthorpe <jgg@...pe.ca>, akpm@...ux-foundation.org,
        alex.williamson@...hat.com, alim.akhtar@...sung.com,
        alyssa@...enzweig.io, asahi@...ts.linux.dev,
        baolu.lu@...ux.intel.com, bhelgaas@...gle.com,
        cgroups@...r.kernel.org, corbet@....net, david@...hat.com,
        dwmw2@...radead.org, hannes@...xchg.org, heiko@...ech.de,
        iommu@...ts.linux.dev, jasowang@...hat.com,
        jernej.skrabec@...il.com, jonathanh@...dia.com, joro@...tes.org,
        kevin.tian@...el.com, krzysztof.kozlowski@...aro.org,
        kvm@...r.kernel.org, linux-arm-kernel@...ts.infradead.org,
        linux-doc@...r.kernel.org, linux-fsdevel@...r.kernel.org,
        linux-kernel@...r.kernel.org, linux-mm@...ck.org,
        linux-rockchip@...ts.infradead.org,
        linux-samsung-soc@...r.kernel.org, linux-sunxi@...ts.linux.dev,
        linux-tegra@...r.kernel.org, lizefan.x@...edance.com,
        marcan@...can.st, mhiramat@...nel.org, mst@...hat.com,
        m.szyprowski@...sung.com, netdev@...r.kernel.org,
        paulmck@...nel.org, rdunlap@...radead.org, samuel@...lland.org,
        suravee.suthikulpanit@....com, sven@...npeter.dev,
        thierry.reding@...il.com, tj@...nel.org, tomas.mudrunka@...il.com,
        vdumpa@...dia.com, virtualization@...ts.linux.dev, wens@...e.org,
        will@...nel.org, yu-cheng.yu@...el.com
Subject: Re: [PATCH 08/16] iommu/fsl: use page allocation function provided by iommu-pages.h

> >> We can separate the metric into two:
> >> iommu pagetable only
> >> iommu everything
> >>
> >> or into three:
> >> iommu pagetable only
> >> iommu dma
> >> iommu everything
> >>
> >> What do you think?
> >
> > I think I said this at LPC - if you want to have fine grained
> > accounting of memory by owner you need to go talk to the cgroup people
> > and come up with something generic. Adding ever open coded finer
> > category breakdowns just for iommu doesn't make alot of sense.
> >
> > You can make some argument that the pagetable memory should be counted
> > because kvm counts it's shadow memory, but I wouldn't go into further
> > detail than that with hand coded counters..
>
> Right, pagetable memory is interesting since it's something that any
> random kernel user can indirectly allocate via iommu_domain_alloc() and
> iommu_map(), and some of those users may even be doing so on behalf of
> userspace. I have no objection to accounting and potentially applying
> limits to *that*.

Yes, in the next version, I will separate pagetable only from the
rest, for the limits.

> Beyond that, though, there is nothing special about "the IOMMU
> subsystem". The amount of memory an IOMMU driver needs to allocate for
> itself in order to function is not of interest beyond curiosity, it just
> is what it is; limiting it would only break the IOMMU, and if a user

Agree about the amount of memory IOMMU allocates for itself, but that
should be small, if it is not, we have to at least show where the
memory is used.

> thinks it's "too much", the only actionable thing that might help is to
> physically remove devices from the system. Similar for DMA buffers; it
> might be intriguing to account those, but it's not really an actionable
> metric - in the overwhelming majority of cases you can't simply tell a
> driver to allocate less than what it needs. And that is of course
> assuming if we were to account *all* DMA buffers, since whether they
> happen to have an IOMMU translation or not is irrelevant (we'd have
> already accounted the pagetables as pagetables if so).

DMA mappings should be observable (do not have to be limited). At the
very least, it can help with explaining the kernel memory overhead
anomalies on production systems.

> I bet "the networking subsystem" also consumes significant memory on the

It does, and GPU drivers also may consume a significant amount of memory.

> same kind of big systems where IOMMU pagetables would be of any concern.
> I believe some of the some of the "serious" NICs can easily run up
> hundreds of megabytes if not gigabytes worth of queues, SKB pools, etc.
> - would you propose accounting those too?

Yes. Any kind of kernel memory that is proportional to the workload
should be accountable. Someone is using those resources compared to
the idling system, and that someone should be charged.

Pasha

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ