• Hugh Dickins's avatar
    kaiser: vmstat show NR_KAISERTABLE as nr_overhead · 9ba4dfec
    Hugh Dickins authored
    The kaiser update made an interesting choice, never to free any shadow
    page tables.  Contention on global spinlock was worrying, particularly
    with it held across page table scans when freeing.  Something had to be
    done: I was going to add refcounting; but simply never to free them is
    an appealing choice, minimizing contention without complicating the code
    (the more a page table is found already, the less the spinlock is used).
    
    But leaking pages in this way is also a worry: can we get away with it?
    At the very least, we need a count to show how bad it actually gets:
    in principle, one might end up wasting about 1/256 of memory that way
    (1/512 for when direct-mapped pages have to be user-mapped, plus 1/512
    for when they are user-mapped from the vmalloc area on another occasion
    (but we don't have vmalloc'ed stacks, so only large ldts are vmalloc'ed).
    
    Add per-cpu stat NR_KAISERTABLE: including 256 at startup for the
    shared pgd entries, and 1 for each intermediate page table added
    thereafter for user-mapping - but leave out the 1 per mm, for its
    shadow pgd, because that distracts from the monotonic increase.
    Shown in /proc/vmstat as nr_overhead (0 if kaiser not enabled).
    
    In practice, it doesn't look so bad so far: more like 1/12000 after
    nine hours of gtests below; and movable pageblock segregation should
    tend to cluster the kaiser tables into a subset of the address space
    (if not, they will be bad for compaction too).  But production may
    tell a different story: keep an eye on this number, and bring back
    lighter freeing if it gets out of control (maybe a shrinker).
    Acked-by: default avatarJiri Kosina <jkosina@suse.cz>
    Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
    
    CVE-2017-5754
    Signed-off-by: default avatarColin Ian King <colin.king@canonical.com>
    Signed-off-by: default avatarKleber Sacilotto de Souza <kleber.souza@canonical.com>
    9ba4dfec
kaiser.c 9.74 KB