| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aBFaNcaeYwzoJ13j@google.com> Date: Tue, 29 Apr 2025 23:01:09 +0000 From: Roman Gushchin <roman.gushchin@...ux.dev> To: Suren Baghdasaryan <surenb@...gle.com> Cc: linux-kernel@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org>, Alexei Starovoitov <ast@...nel.org>, Johannes Weiner <hannes@...xchg.org>, Michal Hocko <mhocko@...nel.org>, Shakeel Butt <shakeel.butt@...ux.dev>, David Rientjes <rientjes@...gle.com>, Josh Don <joshdon@...gle.com>, Chuyi Zhou <zhouchuyi@...edance.com>, cgroups@...r.kernel.org, linux-mm@...ck.org, bpf@...r.kernel.org Subject: Re: [PATCH rfc 00/12] mm: BPF OOM On Tue, Apr 29, 2025 at 03:44:14PM -0700, Suren Baghdasaryan wrote: > On Sun, Apr 27, 2025 at 8:36 PM Roman Gushchin <roman.gushchin@...ux.dev> wrote: > > > > This patchset adds an ability to customize the out of memory > > handling using bpf. > > > > It focuses on two parts: > > 1) OOM handling policy, > > 2) PSI-based OOM invocation. > > > > The idea to use bpf for customizing the OOM handling is not new, but > > unlike the previous proposal [1], which augmented the existing task > > ranking-based policy, this one tries to be as generic as possible and > > leverage the full power of the modern bpf. > > > > It provides a generic hook which is called before the existing OOM > > killer code and allows implementing any policy, e.g. picking a victim > > task or memory cgroup or potentially even releasing memory in other > > ways, e.g. deleting tmpfs files (the last one might require some > > additional but relatively simple changes). > > > > The past attempt to implement memory-cgroup aware policy [2] showed > > that there are multiple opinions on what the best policy is. As it's > > highly workload-dependent and specific to a concrete way of organizing > > workloads, the structure of the cgroup tree etc, a customizable > > bpf-based implementation is preferable over a in-kernel implementation > > with a dozen on sysctls. > > > > The second part is related to the fundamental question on when to > > declare the OOM event. It's a trade-off between the risk of > > unnecessary OOM kills and associated work losses and the risk of > > infinite trashing and effective soft lockups. In the last few years > > several PSI-based userspace solutions were developed (e.g. OOMd [3] or > > systemd-OOMd [4]). The common idea was to use userspace daemons to > > implement custom OOM logic as well as rely on PSI monitoring to avoid > > stalls. In this scenario the userspace daemon was supposed to handle > > the majority of OOMs, while the in-kernel OOM killer worked as the > > last resort measure to guarantee that the system would never deadlock > > on the memory. But this approach creates additional infrastructure > > churn: userspace OOM daemon is a separate entity which needs to be > > deployed, updated, monitored. A completely different pipeline needs to > > be built to monitor both types of OOM events and collect associated > > logs. A userspace daemon is more restricted in terms on what data is > > available to it. Implementing a daemon which can work reliably under a > > heavy memory pressure in the system is also tricky. > > I didn't read the whole patchset yet but want to mention couple > features that we should not forget: > - memory reaping. Maybe you already call oom_reap_task_mm() after BPF > oom-handler kills a process or maybe BPF handler is expected to > implement it? > - kill reporting to userspace. I think BPF handler would be expected > to implement it? The patchset implements the bpf_oom_kill_process() helper, which kills the desired process the same way as the kernel oom killer: with the help of the oom reaper, dumping corresponding stats into dmesg and bumping corresponding memcg- and system-level stats. For additional reporting generic bpf<->userspace interaction mechanims can be used, e.g. ringbuffer. Thanks!
Powered by blists - more mailing lists