On 04.07.22 10:40, Michal Hocko wrote: > On Mon 04-07-22 07:29:41, CGEL wrote: > [...] >> Maybe new semantics is needed similarly to MADV_NOHUGEPAGE that ensures that >> there will *not* be huge pages. > > How do you achieve that with a backward compatibility? Some apps mark secrets via mlock(). I did not check, but I assume mlock()'ed pages (in VMAs) would not be applicable to KSM. If they would be, one option would be to not deduplicate them. But then, I have no clue what's exploitable via a side channel and what's not. Eventually, having a proper fix for most side channels would make KSM safer to use in the the general case. But then, who knows what security researchers will be able to come up with ... As a very minimum, there would have to be some kind of toggle to allow forcing KSM on other applications at all. Either/o a compile-time and a run-time option. Once most of the known side channels are fixed we could adjust the default of the run-time option. (I think to this day, Windows still disables system-wide deduplication as a default and requires an admin to explicitly enable it) -- Thanks, David / dhildenb
