| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aALNIVa3zxl9HFK5@google.com> Date: Fri, 18 Apr 2025 22:07:29 +0000 From: Roman Gushchin <roman.gushchin@...ux.dev> To: Shakeel Butt <shakeel.butt@...ux.dev> Cc: Greg Thelen <gthelen@...gle.com>, Andrew Morton <akpm@...ux-foundation.org>, Johannes Weiner <hannes@...xchg.org>, Michal Hocko <mhocko@...nel.org>, Muchun Song <muchun.song@...ux.dev>, Yosry Ahmed <yosry.ahmed@...ux.dev>, Tejun Heo <tj@...nel.org>, Michal Koutný <mkoutny@...e.com>, linux-mm@...ck.org, cgroups@...r.kernel.org, linux-kernel@...r.kernel.org, Meta kernel team <kernel-team@...a.com> Subject: Re: [PATCH] memcg: introduce non-blocking limit setting interfaces On Fri, Apr 18, 2025 at 01:30:03PM -0700, Shakeel Butt wrote: > On Fri, Apr 18, 2025 at 01:18:53PM -0700, Greg Thelen wrote: > > On Fri, Apr 18, 2025 at 1:00 PM Shakeel Butt <shakeel.butt@...ux.dev> wrote: > > > > > > Setting the max and high limits can trigger synchronous reclaim and/or > > > oom-kill if the usage is higher than the given limit. This behavior is > > > fine for newly created cgroups but it can cause issues for the node > > > controller while setting limits for existing cgroups. > > > > > > In our production multi-tenant and overcommitted environment, we are > > > seeing priority inversion when the node controller dynamically adjusts > > > the limits of running jobs of different priorities. Based on the system > > > situation, the node controller may reduce the limits of lower priority > > > jobs and increase the limits of higher priority jobs. However we are > > > seeing node controller getting stuck for long period of time while > > > reclaiming from lower priority jobs while setting their limits and also > > > spends a lot of its own CPU. > > > > > > One of the workaround we are trying is to fork a new process which sets > > > the limit of the lower priority job along with setting an alarm to get > > > itself killed if it get stuck in the reclaim for lower priority job. > > > However we are finding it very unreliable and costly. Either we need a > > > good enough time buffer for the alarm to be delivered after setting > > > limit and potentialy spend a lot of CPU in the reclaim or be unreliable > > > in setting the limit for much shorter but cheaper (less reclaim) alarms. > > > > > > Let's introduce new limit setting interfaces which does not trigger > > > reclaim and/or oom-kill and let the processes in the target cgroup to > > > trigger reclaim and/or throttling and/or oom-kill in their next charge > > > request. This will make the node controller on multi-tenant > > > overcommitted environment much more reliable. > > > > Would opening the typical synchronous files (e.g. memory.max) with > > O_NONBLOCK be a more general way to tell the kernel that the user > > space controller doesn't want to wait? It's not quite consistent with > > traditional use of O_NONBLOCK, which would make operations to > > fully succeed or fail, rather than altering the operation being requested. > > But O_NONBLOCK would allow for a semantics of non-blocking > > reclaim, if that's fast enough for your controller. +1 > > > > We actually thought about O_NONBLOCK but the challenge with that is how > would the node controller knows if the underlying kernel has O_NONBLOCK > implying no-reclaim/no-oom-kill feature. I don't think opening > memory.max with O_NONBLOCK will fail today, so the node controller would > still need to implement the complicated fork+set-limit+alarm logic > until the whole fleet has moved away from older kernel. Also I have > checked with systemd folks and they are not happy to implement that > complicated fork+set-limit+alarm logic. /sys/kernel/cgroup/features ?
Powered by blists - more mailing lists