On Mon 27-09-21 05:00:11, Nadav Amit wrote: [...] > The manager is notified on memory regions that it should monitor > (through PTRACE/LD_PRELOAD/explicit-API). It then monitors these regions > using the remote-userfaultfd that you saw on the second thread. When it wants > to reclaim (anonymous) memory, it: > > 1. Uses UFFD-WP to protect that memory (and for this matter I got a vectored > UFFD-WP to do so efficiently, a patch which I did not send yet). > 2. Calls process_vm_readv() to read that memory of that process. > 3. Write it back to “swap”. > 4. Calls process_madvise(MADV_DONTNEED) to zap it. Why cannot you use MADV_PAGEOUT/MADV_COLD for this usecase? MADV_DONTNEED on a remote process has been proposed in the past several times and it has always been rejected because it is a free ticket to all sorts of hard to debug problems as it is just a free ticket for a remote memory corruption. An additional capability requirement might reduce the risk to some degree but I still do not think this is a good idea. -- Michal Hocko SUSE Labs
