Re: [PATCH V3] KSM: allow dedup all tasks memory

From: Oleksandr Natalenko
Date: Tue Nov 13 2018 - 09:23:56 EST

Next message: Igor Stoppa: "Re: [PATCH 10/17] prmem: documentation"
Previous message: Colin King: "[PATCH] af_key: fix indentation on declaration statement"
In reply to: Jann Horn: "Re: [PATCH V3] KSM: allow dedup all tasks memory"
Next in thread: Pavel Tatashin: "Re: [PATCH V3] KSM: allow dedup all tasks memory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi.

Yep. However, so far, it requires an application to explicitly opt in
to this behavior, so it's not all that bad. Your patch would remove
the requirement for application opt-in, which, in my opinion, makes
this way worse and reduces the number of applications for which this
is acceptable.

The default is to maintain the old behaviour, so unless the explicit decision is made by the administrator, no extra risk is imposed.

As far as I know, basically nobody is using KSM at this point. There
are blog posts from several cloud providers about these security risks
that explicitly state that they're not using memory deduplication.

I tend to disagree here. Based on both what my company does and what UKSM users do, memory dedup is a desired option (note "option" word here, not the default choice).

Thanks.

--
Oleksandr Natalenko (post-factum)

Next message: Igor Stoppa: "Re: [PATCH 10/17] prmem: documentation"
Previous message: Colin King: "[PATCH] af_key: fix indentation on declaration statement"
In reply to: Jann Horn: "Re: [PATCH V3] KSM: allow dedup all tasks memory"
Next in thread: Pavel Tatashin: "Re: [PATCH V3] KSM: allow dedup all tasks memory"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]