LWN on Kernel: LSSNA, Open Source Summit, and NFS
System call interception for unprivileged containers [LWN.net]
On the first day of the 2022 Linux Security Summit North America (LSSNA) in Austin, Texas, Stéphane Graber and Christian Brauner gave a presentation on using system-call interception for container security purposes. The idea is to allow unprivileged containers, those without elevated privileges on the host, to still accomplish their tasks, some of which require privileges. A fair amount of work has been done to make this viable, but there is still more to do.
Graber started things off by saying that he works for Canonical on the LXD container manager project, while Brauner works for Microsoft in various areas of Linux security. Graber said that there are two types of containers these days, privileged and unprivileged, "one is bad, one is OK". He noted that privileged containers are "unfortunately what everyone uses" for Docker containers, Kubernetes, and so on.
Two memory-tiering patch sets [LWN.net]
Once upon a time, computers just had one type memory, so memory within a given system was interchangeable. The arrival of non-uniform memory access (NUMA) systems complicated the situation significantly; now some memory was faster to access than the rest, and memory-management algorithms had to adapt or performance would suffer. But NUMA was just the start; today's tiered-memory systems, which may include several tiers of memory with different performance characteristics, are adding new challenges. A couple of relevant patch sets currently under review help to illustrate the types of problems that will have to be solved.
The core challenge with NUMA systems is ensuring that memory is allocated on the nodes where it will be used. A process that is running mostly from memory on its local node will perform better than one that is working with a lot of remote memory. So finding the right place for a given page is a one-time task; once that page and its users have found their way to the same NUMA node, the problem is solved and the only remaining concern is to avoid separating them again.
Tiered memory is built on the NUMA concept, but there are some differences. A bank of memory can be represented as a NUMA node that lacks a CPU, so that memory will not be seen as local to any process in the system. As a general rule, memory on these CPU-less nodes is slower than normal system DRAM — it might be a large bank of persistent memory, for example — but that is not necessarily the case, as we will see below.
Since memory on a CPU-less node is not local to any process, there must be some other criterion that regulates the allocation of memory there. The approach that is being taken is to demote pages to such a node from faster DRAM using the kernel's normal reclaim mechanisms; in a situation where a page would otherwise have been evicted or pushed to swap, it can be moved to slower memory instead. That makes use of the slower memory while keeping that page available should it turn out to still be useful. Eventually, if that page sits unused in the slower tier, it can be pushed to an even slower tier or evicted entirely.
Demoting pages to slower tiers cannot be a one-way operation, though, or performance will suffer; some of those pages will end up being accessed frequently and keeping them in slow memory will slow things down. So there needs to be a mechanism for promoting pages back to faster memory. Simply moving a page back to fast memory on the first access after demotion would be one possible approach, but that would also promote infrequently used memory and would likely create a lot of movement of pages between tiers, which would have significant costs of its own; a better solution is called for.
A "fireside" chat [LWN.net]
In something of an Open Source Summit tradition, Linus Torvalds and Dirk Hohndel sit down for a discussion on various topics related to open source and, of course, the Linux kernel. Open Source Summit North America (OSSNA) 2022 in Austin, Texas was no exception, as they reprised their keynote on the first day of the conference. The headline-grabbing part of the chat was Torvalds's declaration that Rust for Linux might get merged as soon as the next merge window, which opens in just a few weeks, but there was plenty more of interest there.
Hohndel introduced himself as the chief open source officer at the Cardano Foundation; he is working to help foster an open-source ecosystem around the foundation's blockchain technology. Torvalds said that these "fireside chats" are held because of his wishes; "I do software", not public speaking, he said, so the format makes it easier for him. He effectively has outsourced figuring out what people are interested in hearing about to Hohndel; with a grin, Torvalds said, "if he asks bad questions, it's not my fault".
NFS: the new millennium [LWN.net]
The network filesystem (NFS) protocol has been with us for nearly 40 years. While defined initially as a stateless protocol, NFS implementations have always had to manage state, and that need has been increasingly built into the protocol over successive revisions. The early days of NFS were discussed, with a focus on state management, in the first part of this series. This article completes the job with a look at the evolution of NFS since, approximately, the beginning of this millennium.
The early days of NFS were controlled by Sun Microsystems, the originator of the NFS protocol and author of both the specification and implementation. As the new millennium approached, interest in NFS increased and independent implementations appeared. Of particular relevance here are the implementations in the Linux kernel that drew my attention — particularly the server implementation — and the Filer appliance produced and sold by Network Appliance (NetApp). The community's interest in NFS extended as far as a desire to have more say in the further development of the protocol. I do not know what negotiations happened, but happen they did, and one clear outcome is documented for us in RFC 2339, wherein Sun Microsystems agreed to assign to The Internet Society certain rights concerning the development of version 4 (and beyond) of NFS, providing this development achieved "Proposed Standard" status within 24 months, meaning by early 2000. That particular deadline went wooshing past and was extended. We got a "Proposed Standard" in late 2000 with RFC 3010, which was revised for RFC 3530 in April 2003 and again for RFC 7530 in March 2015.
