On Tue, May 17, 2022 at 11:27 AM <cgel.zte@xxxxxxxxx> wrote: > For now, if we want to use KSM to merge pages of some apps, we have to > explicitly call madvise() in application code, which means installed > apps on OS needs to be uninstall and source code needs to be modified. > It is very inconvenient because sometimes users or app developers are not > willing to modify their app source codes for any reasons. As a sidenote: If you're going to enable KSM on your devices, I hope you're aware that KSM significantly reduces security - when cloud providers were using KSM, there were a bunch of papers that abused it for attacks. In particular, KSM inherently creates significant information leaks, because an attacker can determine whether a memory page with specific content exists in other apps through timing side channels. In the worst case, this could lead to an attacker being able to steal things like authentication tokens out of other apps. If you see significant memory savings from enabling KSM, it might be a good idea to look into where exactly those savings are coming from, and look into whether there is a better way to reduce memory utilization that doesn't rely on comparing entire pages against each other. See https://arxiv.org/pdf/2111.08553.pdf for a recent research paper that shows that memory deduplication can even make it possible to remotely (!) leak memory contents out of a machine, over the internet. (On top of that, KSM can also make it easier to pull off Rowhammer attacks in some contexts - see https://www.usenix.org/system/files/conference/usenixsecurity16/sec16_paper_razavi.pdf .)