On Mon, Jan 28, 2013 at 09:45:46AM +0100, Peter Lieven wrote: > Hi, > > I would like to know if it would be a good idea to change the page allocator > zeroing > policy from zero on allocate (for GFP_USER) to zero on free for the -virtual > kernel builds. > > This has been initally proposed in grsecurity for security reasons, but it is > extremely > beneficial in virtual environments for 2 additional reasons: > > a) live migration > b) ksm > > What is your opinion on this?
I would point out that changing the time of the page clear has some significant effects on performance. Some time ago admittedly, we did some work to pre-clear pages and the practical upshot of this was to reduce not improve performance. This occured because the act of clearing the page necessarily either cycles the entire page into cache or (if you use uncached writes) flushes the entire page from cache at the time of the clear. It was shown to be highly beneficial for this to occur when the page was about to be used (and preferabally with an already cache hot page) as placing the page in cache was generally beneficial for whoever was about to use it. Your proposal here would clear the page at essentially the worst time for cache performance. The KSM mergability does seem like a win, the live migration benefits I would of thought were much less visible and this is a much rarer event in the life of a VM. These would benefits would be traded for the likely execution performance hit. Overall I would expect you to be trading off memory size against runtime performance, you would definatly need some comparitive numbers on the benefits and costs before you could even consider such a change. I would also reiterate Stefan's point here that currently it is not possible to trivially have different policies in this regard for the main kernels and the -virtual kernel as they are the same bits. It might be possible to make this parameterisable if the benefits were proven, but I suspect you are going to find a significant throughput penalty. I guess that would make this something you would want to be able to opt into depending on your environment, on your cost performance balance as a "cloud" operator. Finally, for very sensitive VMs there may be some value in at least scrubbing the pages before returning them to hypervisorpenalties. -apw -- ubuntu-devel mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
