| From: "Mike Rapoport (IBM)" <rppt@kernel.org> |
| Subject: mm/secretmem: make it on by default |
| Date: Mon, 15 May 2023 11:34:00 +0300 |
| |
| Following the discussion about direct map fragmentaion at LSF/MM [1], it |
| appears that direct map fragmentation has a negligible effect on kernel |
| data accesses. Since the only reason that warranted secretmem to be |
| disabled by default was concern about performance regression caused by the |
| direct map fragmentation, it makes perfect sense to lift this restriction |
| and make secretmem enabled. |
| |
| secretmem obeys RLIMIT_MEMBLOCK and as such it is not expected to cause |
| large fragmentation of the direct map or meaningfull increase in page |
| tables allocated during split of the large mappings in the direct map. |
| |
| The secretmem.enable parameter is retained to allow system administrators |
| to disable secretmem at boot. |
| |
| Switch the default setting of secretmem.enable parameter to 1. |
| |
| Link: https://lwn.net/Articles/931406/ [1] |
| Link: https://lkml.kernel.org/r/20230515083400.3563974-1-rppt@kernel.org |
| Signed-off-by: Mike Rapoport (IBM) <rppt@kernel.org> |
| Acked-by: David Hildenbrand <david@redhat.com> |
| Cc: Randy Dunlap <rdunlap@infradead.org> |
| Signed-off-by: Andrew Morton <akpm@linux-foundation.org> |
| --- |
| |
| mm/secretmem.c | 2 +- |
| 1 file changed, 1 insertion(+), 1 deletion(-) |
| |
| --- a/mm/secretmem.c~mm-secretmem-make-it-on-by-default |
| +++ a/mm/secretmem.c |
| @@ -35,7 +35,7 @@ |
| #define SECRETMEM_MODE_MASK (0x0) |
| #define SECRETMEM_FLAGS_MASK SECRETMEM_MODE_MASK |
| |
| -static bool secretmem_enable __ro_after_init; |
| +static bool secretmem_enable __ro_after_init = 1; |
| module_param_named(enable, secretmem_enable, bool, 0400); |
| MODULE_PARM_DESC(secretmem_enable, |
| "Enable secretmem and memfd_secret(2) system call"); |
| _ |
