| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <ohrgrdyy36us7q3ytjm3pewsnkh3xwrtz4xdixxxa6hbzsj2ki@sn275kch6zkh> Date: Fri, 18 Apr 2025 13:30:03 -0700 From: Shakeel Butt <shakeel.butt@...ux.dev> To: Greg Thelen <gthelen@...gle.com> Cc: Andrew Morton <akpm@...ux-foundation.org>, Johannes Weiner <hannes@...xchg.org>, Michal Hocko <mhocko@...nel.org>, Roman Gushchin <roman.gushchin@...ux.dev>, Muchun Song <muchun.song@...ux.dev>, Yosry Ahmed <yosry.ahmed@...ux.dev>, Tejun Heo <tj@...nel.org>, Michal Koutný <mkoutny@...e.com>, linux-mm@...ck.org, cgroups@...r.kernel.org, linux-kernel@...r.kernel.org, Meta kernel team <kernel-team@...a.com> Subject: Re: [PATCH] memcg: introduce non-blocking limit setting interfaces On Fri, Apr 18, 2025 at 01:18:53PM -0700, Greg Thelen wrote: > On Fri, Apr 18, 2025 at 1:00 PM Shakeel Butt <shakeel.butt@...ux.dev> wrote: > > > > Setting the max and high limits can trigger synchronous reclaim and/or > > oom-kill if the usage is higher than the given limit. This behavior is > > fine for newly created cgroups but it can cause issues for the node > > controller while setting limits for existing cgroups. > > > > In our production multi-tenant and overcommitted environment, we are > > seeing priority inversion when the node controller dynamically adjusts > > the limits of running jobs of different priorities. Based on the system > > situation, the node controller may reduce the limits of lower priority > > jobs and increase the limits of higher priority jobs. However we are > > seeing node controller getting stuck for long period of time while > > reclaiming from lower priority jobs while setting their limits and also > > spends a lot of its own CPU. > > > > One of the workaround we are trying is to fork a new process which sets > > the limit of the lower priority job along with setting an alarm to get > > itself killed if it get stuck in the reclaim for lower priority job. > > However we are finding it very unreliable and costly. Either we need a > > good enough time buffer for the alarm to be delivered after setting > > limit and potentialy spend a lot of CPU in the reclaim or be unreliable > > in setting the limit for much shorter but cheaper (less reclaim) alarms. > > > > Let's introduce new limit setting interfaces which does not trigger > > reclaim and/or oom-kill and let the processes in the target cgroup to > > trigger reclaim and/or throttling and/or oom-kill in their next charge > > request. This will make the node controller on multi-tenant > > overcommitted environment much more reliable. > > Would opening the typical synchronous files (e.g. memory.max) with > O_NONBLOCK be a more general way to tell the kernel that the user > space controller doesn't want to wait? It's not quite consistent with > traditional use of O_NONBLOCK, which would make operations to > fully succeed or fail, rather than altering the operation being requested. > But O_NONBLOCK would allow for a semantics of non-blocking > reclaim, if that's fast enough for your controller. > We actually thought about O_NONBLOCK but the challenge with that is how would the node controller knows if the underlying kernel has O_NONBLOCK implying no-reclaim/no-oom-kill feature. I don't think opening memory.max with O_NONBLOCK will fail today, so the node controller would still need to implement the complicated fork+set-limit+alarm logic until the whole fleet has moved away from older kernel. Also I have checked with systemd folks and they are not happy to implement that complicated fork+set-limit+alarm logic.
Powered by blists - more mailing lists