Improving control over transparent huge page use

最新推荐文章于 2025-08-18 22:56:55 发布
最新推荐文章于 2025-08-18 22:56:55 发布
阅读量566 收藏 7
点赞数 20
CC 4.0 BY-SA版权
分类专栏: Linux kernel 文章标签: linux 服务器 kernel 网络 安全
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/mounter625/article/details/150432058

The use of huge pages can significantly increase the performance of many workloads by reducing both memory-management overhead in the kernel and pressure on the system's translation lookaside buffer (TLB). The addition of transparent huge pages (THP) for the 2.6.38 kernel release in 2011 caused the kernel to allocate huge pages automatically to make their benefits available to all workloads without any effort needed on the user-space side. But it turns out that use of huge pages can make some workloads slower as the result of internal memory fragmentation, so the THP feature is often disabled. Two patch sets aimed at better targeting the use of transparent huge pages are currently working their way through the review process.
使用大页可以显著提高许多工作负载的性能,因为它减少了内核中的内存管理开销和系统转换旁路缓冲区(TLB)的压力。在 2011 年的 2.6.38 内核版本中引入了透明大页(THP),使内核能够自动分配大页,从而让所有工作负载无需用户空间的额外操作就能受益。但事实证明,大页的使用会因内部内存碎片化而让某些工作负载变慢,因此 THP 功能经常被禁用。目前,有两个补丁集旨在更精准地使用透明大页,正在进行评审。

Over the years, the kernel has evolved a number of ways to control the use of THP; they are described in Documentation/admin-guide/mm/transhuge.rst. At the global level, the /sys/kernel/mm/transparent_hugepage/enabled knob controls behavior system-wide. It can be set to "always" or "never" with obvious results. This knob also supports the "madvise" setting, which only enables THP for processes that explicitly opt in for specific memory regions with a call to madvise(). The kernel, in other words, allows for the imposition of a system-wide policy, with the possibility of restricting THP usage to places where applications have explicitly enabled it.
多年来,内核逐渐发展出了多种控制 THP 使用的方法,这些方法记录在 Documentation/admin-guide/mm/transhuge.rst 中。在全局层面,/sys/kernel/mm/transparent_hugepage/enabled 控制器可以系统范围内设置行为。它可以被设置为 “always” 或 “never”,含义显而易见。该控制器还支持 “madvise” 设置,仅为显式调用 madvise() 为特定内存区域启用 THP 的进程打开 THP。换句话说,内核允许制定系统范围的策略,并可以将 THP 使用限制在应用程序显式启用的地方。

Tweaking prctl()
调整 prctl()

There are more control points for THP usage, though, including a whole set of knobs for the khugepaged kernel thread (which builds huge pages out of base pages in the background) and a set of kernel command-line options. There is also the PR_SET_THP_DISABLE option to prctl(), which lets a process disa

最低0.47元/天 解锁文章

200万优质内容无限畅学
Active control scheme for improving mass resolution of film bulk acoustic resonators
02-20
An active control scheme is presented to improve the mass resolution of the FBAR sensors by adding a feedback voltage onto the driving voltage between two electrodes of the FBAR sensors. The feedback...
Improving TCP Performance over Wireless Networksat the Link Lay
01-18
Improving TCP Performance over Wireless Networksat the Link Lay 英文原版 We present the transport unaware link improvement protocol (TULIP), which dramatically improves the performance of TCP over ...
LWN:更好地控制透明巨页的使用!
Linux News搬运工
08-14 131
PR_SET_THP_DISABLE 的实现是强制性的;相反,Hildenbrand 的补丁为 PR_SET_THP_DISABLE 添加了一个新选项,名为 PR_THP_DISABLE_EXCEPT_ADVISED,它提供了新的语义。正如 David Hildenbrand 的这个补丁(Usama Arif 已将其作为 这个系列 的一部分)所描述的,人们可以考虑让 madvise() 覆盖 PR_SET_THP_DISABLE,但正如 Hildenbrand 所说,“这会大大改变现有文档中描述的语义”。
Linux Advanced Routing & Traffic Control HOWTO
I have a adream
09-05 1万+
http://lartc.org/lartc.html Linux Advanced Routing & Traffic Control HOWTO Bert Hubert Netherlabs BV bert.hubert@netherlabs.nl> Thomas Graf (Section Author) tgraf%suug.ch>
MPTCP - Use Cases and Operational Experience with Multipath TCP
张同光 (Tongguang Zhang):Hello everyone !
02-05 1685
MPTCP - Use Cases and Operational Experience with Multipath TCP
制作温馨浪漫爱心表白动画特效HTML5+jQuery【附源码】
JavaPub
08-03 3832
制作温馨浪漫爱心表白动画特效HTML5+jQuery【附源码】我的网站已经上线 http://javapub.net.cn/适合人群:初级学习者和爱好者,下面有展示图。计算机毕业设计🚀获取源码,文末公众号回复【制作温馨浪漫爱心表白动画特效】,即可。 ⭐欢迎点赞留言1MB GIF可以欣赏: https://tvax1.sinaimg.cn/large/007F3CC8ly1h3dn7ib17ig30ug0lxe5x.gif 获取源码,公众号回复【制作温馨浪漫爱心表白动画特效】,即可。更多最新Java面试题.
Docker 学习资源整理
静静是我女朋友
07-16 3164
Awesome Docker A curated list of Docker resources and projects Inspired by @sindresorhus’ awesome and improved by these amazing contributors. It’s now a GitHub project because it’s considerably
Ubuntu 意外死机 (Linux Crash/Hang)解决
热门推荐
zhangrelay的专栏
05-13 3万+
Ubuntu 意外死机 (Linux Crash/Hang)解决以Intel Bay Trail/J1900/N2940 为例,通常是由于linux kernel和硬件兼容性问题导致:查询网址:https://bugzilla.kernel.org/点开对应问题,就可以看到问题,和一些解决方案。 Bug List: (5 of 5) First Last Prev Ne
Google创始人Sergey Brin and Lawrence Page经典论文
Danny TechSpace
11-05 3809
The Anatomy of a Large-Scale Hypertextual Web Search EngineSergey Brin and Lawrence PageComputer Science Department,Stanford University, Stanford, CA 94305, USAsergey@cs.stanford.edu and page@cs
Kernel developers MM documentation
RToax
06-14 652
The below documents describe MM internals with different level of details ranging from notes and mailing list responses to elaborate descriptions of data structures and algorithms. Active MM Architecture Page Table Helpers PTE Page Table Helpers PMD Pa
RocketMQ into the 500,000-TPS Message Club
weixin_34284188的博客
06-20 283
Foreword The Alibaba Cloud messaging team devoted to RocketMQ performance optimization has reached new heights in recent times with the latest TPS for medium-sized and small m...
Improving the Performance of an IP-over-P2P
03-13
The investigation produced detailed measurements in order to profile the application and help on improving the performance. Code analysis shows that the current IPOP version suffers from ...
如何在 Linux 上安装 SQL Server 2022 和 Azure Data Studio
csdn_aspnet的专栏,请点击博客主页右上角三个点中的私信联系
08-15 1207
本文介绍了如何在Linux系统(以Ubuntu 20.04为例)上安装SQL Server 2022及Azure Data Studio。SQL Server自2017版开始支持Linux平台,通过平台抽象层实现跨平台兼容性。文章详细说明了安装步骤:导入GPG密钥、注册存储库、安装软件包并配置管理员密码。同时介绍了SQL Server在Linux上的不同版本(企业版、标准版等)和主要功能差异。安装完成后,用户可通过Azure Data Studio等工具进行连接管理,文中提供了连接参数设置指南。整个过程简便
从 Windows 到 Linux 服务器的全自动部署教程(免密登录 + 压缩 + 上传 + 启动)
gameatp的专栏
08-16 791
本文详细介绍了如何实现Windows本地开发环境到Linux服务器的全自动化部署流程。主要内容包括:1)准备工作,安装7-Zip和OpenSSH等必要工具;2)配置SSH免密登录,生成密钥对并上传公钥;3)编写自动化部署脚本,包含文件压缩、传输、远程解压、依赖安装和进程管理等功能;4)执行部署和验证结果。该方案通过批处理脚本实现一键部署,适合小型项目的快速迭代,同时提供了常见问题的排查方法,确保部署过程的可靠性和效率。
​Kali Linux 环境中的系统配置文件与用户配置文件大全
最新发布
fearhacker的专栏
08-18 680
Kali Linux的系统配置文件分为系统级和用户级两类。系统级配置文件(如/etc/下的网络、服务、权限配置)需sudo权限修改,全局生效;用户级配置文件(如~/.bashrc、~/.ssh/等)仅影响当前用户,无需提权。系统级用于全局设置(如APT源、SSH服务),用户级用于个性化开发环境和工具配置(如Bash别名、SSH密钥)。修改前建议备份,避免误操作影响系统稳定性。渗透测试工具(如Metasploit)的配置通常存储在用户目录下。合理管理这些文件可高效定制Kali环境。
网络 SSH 访问:借助 cpolar 内网穿透服务实现手机远程管理 Linux
Tiam_cr的博客
08-15 1428
网络技术日新月异的今天,远程访问内网设备的需求日益普遍,但实现这一目标的技术门槛却让许多用户望而却步。传统的动态 DNS 方案需要频繁更新 IP 地址,路由器端口映射则涉及复杂的网络配置,且存在较大的安全风险。对于普通用户而言,这些方案不仅操作繁琐,还可能因配置不当导致网络安全问题。cpolar 内网穿透服务的出现,为解决这一难题提供了全新思路。
Linux(十二)——RAID技术详解(含RAID配置)
qq_41978931的博客
08-14 650
本文介绍了RAID(独立磁盘冗余阵列)技术及其常见级别。RAID通过多磁盘组合提升存储性能、可靠性和容错能力。主要对比了RAID 0、1、5、6、10的特性,包括硬盘数量、磁盘利用率、保护能力和写性能等。RAID 0适合高性能需求,但无冗余;RAID 1提供数据镜像;RAID 5平衡性能与冗余;RAID 10兼具高性能与高可靠性。此外还介绍了阵列卡的组成和缓存作用。根据应用场景选择合适的RAID级别可优化存储系统性能与可靠性。
almalinux9.6系统:kubeadm部署kubernetes-1.33版本环境-三节点
老徐头子的博客
08-15 933
十五分钟包教包会,almalinux9.6系统下部署最新版本(1.33)kubernetes集群,有售后哦,亲!
defender control2.1
01-09
### Microsoft Defender for Endpoint Version 2.1 Configuration and Usage Guide #### Overview of Microsoft Defender for Endpoint Microsoft Defender for Endpoint provides comprehensive protection against sophisticated attacks by integrating endpoint protection platform capabilities including prevention, detection, investigation, and response[^4]. In version 2.1, several enhancements were introduced to improve security posture management, automated investigations, and remediation. #### Key Features in Version 2.1 The update focuses on strengthening existing functionalities while introducing new ones aimed at improving operational efficiency and enhancing threat defense mechanisms: - **Enhanced Threat & Vulnerability Management**: Provides deeper insights into vulnerabilities within the environment. - **Advanced Hunting Capabilities**: Allows users to proactively search across their data using query-based methods without relying solely on alerts generated from predefined rules or machine learning models. - **Improved Automation Rules**: Facilitates more granular control over automatic actions taken during incident responses such as isolating devices automatically when certain conditions are met. #### Installation Requirements To deploy Microsoft Defender for Endpoint effectively, ensure that prerequisites like supported operating systems (Windows Server 2016+, Windows 10 Pro/Education/Enterprise), network connectivity requirements, and necessary permissions are fulfilled before proceeding with installation steps outlined officially by Microsoft documentation[^5]. #### Deployment Steps For deploying this solution successfully: Install via Intune or SCCM depending upon organizational needs; configure settings through Security Center portal ensuring proper integration between different components involved in protecting endpoints against modern cyber threats. #### Post-deployment Considerations After successful deployment, it’s important to monitor performance regularly, apply updates promptly, adjust policies based on evolving business contexts, educate employees about best practices regarding cybersecurity hygiene, etc., which collectively contribute towards maintaining robust defenses around critical assets protected under MDE umbrella services provided by Microsoft. ```powershell # Example PowerShell script snippet showing how one might interact programmatically with some aspects of MDfE after setup Set-MpPreference -DisableRealtimeMonitoring $false # Enable real-time monitoring if disabled previously Add-MpThreatSubmission -FilePath "C:\SuspiciousFile.exe" -Category PotentiallyUnwantedApplication # Submit suspicious files for analysis ```
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

mounter625

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值