| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CALOAHbBzS2RunZzEk8-rkU60M8jKEJ8FwiPgZqNeoXDy++L5hA@mail.gmail.com> Date: Wed, 8 Oct 2025 12:25:18 +0800 From: Yafang Shao <laoar.shao@...il.com> To: Alexei Starovoitov <alexei.starovoitov@...il.com> Cc: Andrew Morton <akpm@...ux-foundation.org>, David Hildenbrand <david@...hat.com>, ziy@...dia.com, baolin.wang@...ux.alibaba.com, Lorenzo Stoakes <lorenzo.stoakes@...cle.com>, Liam Howlett <Liam.Howlett@...cle.com>, npache@...hat.com, ryan.roberts@....com, dev.jain@....com, Johannes Weiner <hannes@...xchg.org>, usamaarif642@...il.com, gutierrez.asier@...wei-partners.com, Matthew Wilcox <willy@...radead.org>, Alexei Starovoitov <ast@...nel.org>, Daniel Borkmann <daniel@...earbox.net>, Andrii Nakryiko <andrii@...nel.org>, Amery Hung <ameryhung@...il.com>, David Rientjes <rientjes@...gle.com>, Jonathan Corbet <corbet@....net>, 21cnbao@...il.com, Shakeel Butt <shakeel.butt@...ux.dev>, Tejun Heo <tj@...nel.org>, lance.yang@...ux.dev, Randy Dunlap <rdunlap@...radead.org>, bpf <bpf@...r.kernel.org>, linux-mm <linux-mm@...ck.org>, "open list:DOCUMENTATION" <linux-doc@...r.kernel.org>, LKML <linux-kernel@...r.kernel.org> Subject: Re: [PATCH v9 mm-new 03/11] mm: thp: add support for BPF based THP order selection On Wed, Oct 8, 2025 at 12:10 PM Alexei Starovoitov <alexei.starovoitov@...il.com> wrote: > > On Tue, Oct 7, 2025 at 8:51 PM Yafang Shao <laoar.shao@...il.com> wrote: > > > > On Wed, Oct 8, 2025 at 11:25 AM Alexei Starovoitov > > <alexei.starovoitov@...il.com> wrote: > > > > > > On Tue, Oct 7, 2025 at 1:47 AM Yafang Shao <laoar.shao@...il.com> wrote: > > > > has shown that multiple attachments often introduce conflicts. This is > > > > precisely why system administrators prefer to manage BPF programs with > > > > a single manager—to avoid undefined behaviors from competing programs. > > > > > > I don't believe this a single bit. > > > > You should spend some time seeing how users are actually applying BPF > > in practice. Some information for you : > > > > https://github.com/bpfman/bpfman > > https://github.com/DataDog/ebpf-manager > > https://github.com/ccfos/huatuo > > By seeing the above you learned the wrong lesson. > These orchestrators and many others were created because > we made mistakes in the kernel by not scoping the progs enough. > XDP is a prime example. It allows one program per netdev. > This was a massive mistake which we're still trying to fix. Since we don't use XDP in production, I can't comment on it. However, for our multi-attachable cgroup BPF programs, a key issue arises: if a program has permission to attach to one cgroup, it can attach to any cgroup. While scoping enables attachment to individual cgroups, it does not enforce isolation. This means we must still check for conflicts between programs, which begs the question: what is the functional purpose of this scoping mechanism? > > > > hid-bpf initially went with fmod_ret approach, deleted the whole thing > > > and redesigned it with _scoped_ struct-ops. > > > > I see little value in embedding a bpf_thp_struct_ops into the > > task_struct. The benefits don't appear to justify the added > > complexity. > > huh? where did I say that struct-ops should be embedded in task_struct ? Given that, what would you propose? My position is that the only valid scope for bpf-thp is at the level of specific THP modes like madvise and always. This patch correctly implements that precise design. -- Regards Yafang
Powered by blists - more mailing lists