On Fri, Feb 24, 2023 at 4:47 AM Michal Hocko <mhocko@xxxxxxxx> wrote: > > On Tue 14-02-23 11:34:30, Suren Baghdasaryan wrote: > [...] > > Your suggestion to have this limit configurable sounds like obvious > > solution. I would like to get some opinions from other maintainers. > > Johannes, WDYT? CC'ing Michal to chime in as well since this is mostly > > related to memory stalls. > > I do not think that making this configurable helps much. Many users will > be bound to distribution config and also it would be hard to experiment > with a recompile cycle every time. This seems just too impractical. > > Is there any reason why we shouldn't allow any timeout? Shorter > timeouts could be restricted to a priviledged context to avoid an easy > way to swamp system by too frequent polling. Hmm, ok. Maybe then we just ensure that only privileged users can set triggers and remove the min limit (use a >0 check)? > > Btw. it seems that there is is only a limit on a single trigger per fd > but no limits per user so it doesn't sound too hard to end up with too > much polling even with a larger timeouts. To me it seems like we need to > contain the polling thread to be bound by the cpu controller. Hmm. We have one "psimon" thread per cgroup (+1 system-level one) and poll_min_period for each thread is chosen as the min() of polling periods between triggers created in that group. So, a bad trigger that causes overly aggressive polling and polling thread being throttled, might affect other triggers in that cgroup. I would prefer to deny creation of a new trigger if it would cause too much polling. However, that seems to be getting into the territory of "implementing policy inside the kernel". Maybe we just limit trigger creation to privileged processes only and let those privileged system components worry about trigger creation policies? These system processes can also limit cpu shares of all "psimon" threads using cpu controller, if desired. WDYT? > -- > Michal Hocko > SUSE Labs