| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20f92576-e932-435f-bb7b-de49eb84b012@gmail.com>
Date: Tue, 3 Feb 2026 15:29:42 -0800
From: Usama Arif <usamaarif642@...il.com>
To: Zi Yan <ziy@...dia.com>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
David Hildenbrand <david@...nel.org>, lorenzo.stoakes@...cle.com,
linux-mm@...ck.org, hannes@...xchg.org, riel@...riel.com,
shakeel.butt@...ux.dev, kas@...nel.org, baohua@...nel.org, dev.jain@....com,
baolin.wang@...ux.alibaba.com, npache@...hat.com, Liam.Howlett@...cle.com,
ryan.roberts@....com, vbabka@...e.cz, lance.yang@...ux.dev,
linux-kernel@...r.kernel.org, kernel-team@...a.com
Subject: Re: [RFC 00/12] mm: PUD (1GB) THP implementation
On 02/02/2026 08:24, Zi Yan wrote:
> On 1 Feb 2026, at 19:50, Usama Arif wrote:
>
>> This is an RFC series to implement 1GB PUD-level THPs, allowing
>> applications to benefit from reduced TLB pressure without requiring
>> hugetlbfs. The patches are based on top of
>> f9b74c13b773b7c7e4920d7bc214ea3d5f37b422 from mm-stable (6.19-rc6).
>
> It is nice to see you are working on 1GB THP.
>
>>
>> Motivation: Why 1GB THP over hugetlbfs?
>> =======================================
>>
>> While hugetlbfs provides 1GB huge pages today, it has significant limitations
>> that make it unsuitable for many workloads:
>>
>> 1. Static Reservation: hugetlbfs requires pre-allocating huge pages at boot
>> or runtime, taking memory away. This requires capacity planning,
>> administrative overhead, and makes workload orchastration much much more
>> complex, especially colocating with workloads that don't use hugetlbfs.
>
> But you are using CMA, the same allocation mechanism as hugetlb_cma. What
> is the difference?
>
So we dont really need to use CMA. CMA can help a lot ofcourse, but we dont *need* it.
For e.g. I can run the very simple case [1] of trying to get 1G pages in the upstream
kernel without CMA on my server and it works. The server has been up for more than a week
(so pretty fragmented), is running a bunch of stuff in the background, uses 0 CMA memory,
and I tried to get 20x1G pages on it and it worked.
It uses folio_alloc_gigantic, which is exactly what this series uses:
$ uptime -p
up 1 week, 3 days, 5 hours, 7 minutes
$ cat /proc/meminfo | grep -i cma
CmaTotal: 0 kB
CmaFree: 0 kB
$ echo 20 | sudo tee /sys/kernel/mm/hugepages/hugepages-1048576kB/nr_hugepages
20
$ cat /sys/kernel/mm/hugepages/hugepages-1048576kB/nr_hugepages
20
$ free -h
total used free shared buff/cache available
Mem: 1.0Ti 142Gi 292Gi 143Mi 583Gi 868Gi
Swap: 129Gi 3.5Gi 126Gi
$ ./map_1g_hugepages
Mapping 20 x 1GB huge pages (20 GB total)
Mapped at 0x7f43c0000000
Touched page 0 at 0x7f43c0000000
Touched page 1 at 0x7f4400000000
Touched page 2 at 0x7f4440000000
Touched page 3 at 0x7f4480000000
Touched page 4 at 0x7f44c0000000
Touched page 5 at 0x7f4500000000
Touched page 6 at 0x7f4540000000
Touched page 7 at 0x7f4580000000
Touched page 8 at 0x7f45c0000000
Touched page 9 at 0x7f4600000000
Touched page 10 at 0x7f4640000000
Touched page 11 at 0x7f4680000000
Touched page 12 at 0x7f46c0000000
Touched page 13 at 0x7f4700000000
Touched page 14 at 0x7f4740000000
Touched page 15 at 0x7f4780000000
Touched page 16 at 0x7f47c0000000
Touched page 17 at 0x7f4800000000
Touched page 18 at 0x7f4840000000
Touched page 19 at 0x7f4880000000
Unmapped successfully
>>
>> 4. No Fallback: If a 1GB huge page cannot be allocated, hugetlbfs fails
>> rather than falling back to smaller pages. This makes it fragile under
>> memory pressure.
>
> True.
>
>>
>> 4. No Splitting: hugetlbfs pages cannot be split when only partial access
>> is needed, leading to memory waste and preventing partial reclaim.
>
> Since you have PUD THP implementation, have you run any workload on it?
> How often you see a PUD THP split?
>
Ah so running non upstream kernels in production is a bit more difficult
(and also risky). I was trying to use the 512M experiment on arm as a comparison,
although I know its not the same thing with PAGE_SIZE and pageblock order.
I can try some other upstream benchmarks if it helps? Although will need to find
ones that create VMA > 1G.
> Oh, you actually ran 512MB THP on ARM64 (I saw it below), do you have
> any split stats to show the necessity of THP split?
>
>>
>> 5. Memory Accounting: hugetlbfs memory is accounted separately and cannot
>> be easily shared with regular memory pools.
>
> True.
>
>>
>> PUD THP solves these limitations by integrating 1GB pages into the existing
>> THP infrastructure.
>
> The main advantage of PUD THP over hugetlb is that it can be split and mapped
> at sub-folio level. Do you have any data to support the necessity of them?
> I wonder if it would be easier to just support 1GB folio in core-mm first
> and we can add 1GB THP split and sub-folio mapping later. With that, we
> can move hugetlb users to 1GB folio.
>
I would say its not the main advantage? But its definitely one of them.
The 2 main areas where split would be helpful is munmap partial
range and reclaim (MADV_PAGEOUT). For e.g. jemalloc/tcmalloc can now start
taking advantge of 1G pages. My knowledge is not that great when it comes
to memory allocators, but I believe they track for how long certain areas
have been cold and can trigger reclaim as an example. Then split will be useful.
Having memory allocators use hugetlb is probably going to be a no?
> BTW, without split support, you can apply HVO to 1GB folio to save memory.
> That is a disadvantage of PUD THP. Have you taken that into consideration?
> Basically, switching from hugetlb to PUD THP, you will lose memory due
> to vmemmap usage.
>
Yeah so HVO saves 16M per 1G, and the page depost mechanism adds ~2M as per 1G.
We have HVO enabled in the meta fleet. I think we should not only think of PUD THP
as a replacement for hugetlb, but to also enable further usescases where hugetlb
would not be feasible.
Ater the basic infrastructure for 1G is there, we can work on optimizing, I think
there would be a a lot of interesting work we can do. HVO for 1G THP would be one
of them?
>>
>> Performance Results
>> ===================
>>
>> Benchmark results of these patches on Intel Xeon Platinum 8321HC:
>>
>> Test: True Random Memory Access [1] test of 4GB memory region with pointer
>> chasing workload (4M random pointer dereferences through memory):
>>
>> | Metric | PUD THP (1GB) | PMD THP (2MB) | Change |
>> |-------------------|---------------|---------------|--------------|
>> | Memory access | 88 ms | 134 ms | 34% faster |
>> | Page fault time | 898 ms | 331 ms | 2.7x slower |
>>
>> Page faulting 1G pages is 2.7x slower (Allocating 1G pages is hard :)).
>> For long-running workloads this will be a one-off cost, and the 34%
>> improvement in access latency provides significant benefit.
>>
>> ARM with 64K PAGE_SZIE supports 512M PMD THPs. In meta, we have a CPU
>> bound workload running on a large number of ARM servers (256G). I enabled
>> the 512M THP settings to always for a 100 servers in production (didn't
>> really have high expectations :)). The average memory used for the workload
>> increased from 217G to 233G. The amount of memory backed by 512M pages was
>> 68G! The dTLB misses went down by 26% and the PID multiplier increased input
>> by 5.9% (This is a very significant improvment in workload performance).
>> A significant number of these THPs were faulted in at application start when
>> were present across different VMAs. Ofcourse getting these 512M pages is
>> easier on ARM due to bigger PAGE_SIZE and pageblock order.
>>
>> I am hoping that these patches for 1G THP can be used to provide similar
>> benefits for x86. I expect workloads to fault them in at start time when there
>> is plenty of free memory available.
>>
>>
>> Previous attempt by Zi Yan
>> ==========================
>>
>> Zi Yan attempted 1G THPs [2] in kernel version 5.11. There have been
>> significant changes in kernel since then, including folio conversion, mTHP
>> framework, ptdesc, rmap changes, etc. I found it easier to use the current PMD
>> code as reference for making 1G PUD THP work. I am hoping Zi can provide
>> guidance on these patches!
>
> I am more than happy to help you. :)
>
Thanks!!!
>>
>> Major Design Decisions
>> ======================
>>
>> 1. No shared 1G zero page: The memory cost would be quite significant!
>>
>> 2. Page Table Pre-deposit Strategy
>> PMD THP deposits a single PTE page table. PUD THP deposits 512 PTE
>> page tables (one for each potential PMD entry after split).
>> We allocate a PMD page table and use its pmd_huge_pte list to store
>> the deposited PTE tables. This ensures split operations don't fail due
>> to page table allocation failures (at the cost of 2M per PUD THP)
>>
>> 3. Split to Base Pages
>> When a PUD THP must be split (COW, partial unmap, mprotect), we split
>> directly to base pages (262,144 PTEs). The ideal thing would be to split
>> to 2M pages and then to 4K pages if needed. However, this would require
>> significant rmap and mapcount tracking changes.
>>
>> 4. COW and fork handling via split
>> Copy-on-write and fork for PUD THP triggers a split to base pages, then
>> uses existing PTE-level COW infrastructure. Getting another 1G region is
>> hard and could fail. If only a 4K is written, copying 1G is a waste.
>> Probably this should only be done on CoW and not fork?
>>
>> 5. Migration via split
>> Split PUD to PTEs and migrate individual pages. It is going to be difficult
>> to find a 1G continguous memory to migrate to. Maybe its better to not
>> allow migration of PUDs at all? I am more tempted to not allow migration,
>> but have kept splitting in this RFC.
>
> Without migration, PUD THP loses its flexibility and transparency. But with
> its 1GB size, I also wonder what the purpose of PUD THP migration can be.
> It does not create memory fragmentation, since it is the largest folio size
> we have and contiguous. NUMA balancing 1GB THP seems too much work.
Yeah this is exactly what I was thinking as well. It is going to be expensive
and difficult to migrate 1G pages, and I am not sure if what we get out of it
is worth it? I kept the splitting code in this RFC as I wanted to show that
its possible to split and migrate and the rejecting migration code is a lot easier.
>
> BTW, I posted many questions, but that does not mean I object the patchset.
> I just want to understand your use case better, reduce unnecessary
> code changes, and hopefully get it upstreamed this time. :)
>
> Thank you for the work.
>
Ah no this is awesome! Thanks for the questions! Its basically the discussion I
wanted to start with the RFC.
[1] https://gist.github.com/uarif1/35dcd63f9d76048b07eb5c16ace85991
Powered by blists - more mailing lists