lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20250319064148.774406-1-jingxiangzeng.cas@gmail.com>
Date: Wed, 19 Mar 2025 14:41:43 +0800
From: Jingxiang Zeng <jingxiangzeng.cas@...il.com>
To: akpm@...ux-foundation.org
Cc: linux-mm@...ck.org,
	cgroups@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	hannes@...xchg.org,
	mhocko@...nel.org,
	roman.gushchin@...ux.dev,
	shakeel.butt@...ux.dev,
	muchun.song@...ux.dev,
	kasong@...cent.com,
	Zeng Jingxiang <linuszeng@...cent.com>
Subject: [RFC 0/5] add option to restore swap account to cgroupv1 mode

From: Zeng Jingxiang <linuszeng@...cent.com>

memsw account is a very useful knob for container memory
overcommitting: It's a great abstraction of the "expected total
memory usage" of a container, so containers can't allocate too
much memory using SWAP, but still be able to SWAP out.

For a simple example, with memsw.limit == memory.limit, containers
can't exceed their original memory limit, even with SWAP enabled, they
get OOM killed as how they used to, but the host is now able to
offload cold pages.

Similar ability seems absent with V2: With memory.swap.max == 0, the
host can't use SWAP to reclaim container memory at all. But with a
value larger than that, containers are able to overuse memory, causing
delayed OOM kill, thrashing, CPU/Memory usage ratio could be heavily
out of balance, especially with compress SWAP backends.

This patch set adds two interfaces to control the behavior of the
memory.swap.max/current in cgroupv2:

CONFIG_MEMSW_ACCOUNT_ON_DFL
cgroup.memsw_account_on_dfl={0, 1}

When one of the interfaces is enabled: memory.swap.current and
memory.swap.max represents the usage/limit of swap.
When neither is enabled (default behavior),memory.swap.current and
memory.swap.max represents the usage/limit of memory+swap.

As discussed in [1], this patch set can change the semantics of
of memory.swap.max/current to the v1-like behavior.

Link:
https://lore.kernel.org/all/Zk-fQtFrj-2YDJOo@P9FQF9L96D.corp.robot.car/ [1]

linuszeng (5):
  Kconfig: add SWAP_CHARGE_V1_MODE config
  memcontrol: add boot option to enable memsw account on dfl
  mm/memcontrol: do not scan anon pages if memsw limit is hit
  mm/memcontrol: allow memsw account in cgroup v2
  Docs/cgroup-v2: add cgroup.memsw_account_on_dfl Documentation

 Documentation/admin-guide/cgroup-v2.rst       | 21 +++++--
 .../admin-guide/kernel-parameters.txt         |  7 +++
 include/linux/memcontrol.h                    |  8 +++
 init/Kconfig                                  | 16 ++++++
 mm/memcontrol-v1.c                            |  2 +-
 mm/memcontrol-v1.h                            |  4 +-
 mm/memcontrol.c                               | 55 ++++++++++++++-----
 7 files changed, 93 insertions(+), 20 deletions(-)

-- 
2.41.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ