From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <d.whyte@proxmox.com>
Received: from firstgate.proxmox.com (firstgate.proxmox.com [212.224.123.68])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (No client certificate requested)
 by lists.proxmox.com (Postfix) with ESMTPS id 7E59B63761
 for <pve-devel@lists.proxmox.com>; Fri, 25 Feb 2022 17:30:27 +0100 (CET)
Received: from firstgate.proxmox.com (localhost [127.0.0.1])
 by firstgate.proxmox.com (Proxmox) with ESMTP id 6ACA423F15
 for <pve-devel@lists.proxmox.com>; Fri, 25 Feb 2022 17:29:57 +0100 (CET)
Received: from proxmox-new.maurer-it.com (proxmox-new.maurer-it.com
 [94.136.29.106])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (No client certificate requested)
 by firstgate.proxmox.com (Proxmox) with ESMTPS id 28F2D23F09
 for <pve-devel@lists.proxmox.com>; Fri, 25 Feb 2022 17:29:56 +0100 (CET)
Received: from proxmox-new.maurer-it.com (localhost.localdomain [127.0.0.1])
 by proxmox-new.maurer-it.com (Proxmox) with ESMTP id ED81C46317
 for <pve-devel@lists.proxmox.com>; Fri, 25 Feb 2022 17:29:55 +0100 (CET)
From: Dylan Whyte <d.whyte@proxmox.com>
To: pve-devel@lists.proxmox.com
Date: Fri, 25 Feb 2022 17:29:48 +0100
Message-Id: <20220225162948.231125-1-d.whyte@proxmox.com>
X-Mailer: git-send-email 2.30.2
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-SPAM-LEVEL: Spam detection results:  0
 AWL 0.372 Adjusted score from AWL reputation of From: address
 BAYES_00                 -1.9 Bayes spam probability is 0 to 1%
 KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment
 SPF_HELO_NONE           0.001 SPF: HELO does not publish an SPF Record
 SPF_PASS               -0.001 SPF: sender matches SPF record
 T_SCC_BODY_TEXT_LINE    -0.01 -
Subject: [pve-devel] [PATCH pve-docs] fix #3884: Add section for kernel
 samepage merging
X-BeenThere: pve-devel@lists.proxmox.com
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Proxmox VE development discussion <pve-devel.lists.proxmox.com>
List-Unsubscribe: <https://lists.proxmox.com/cgi-bin/mailman/options/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=unsubscribe>
List-Archive: <http://lists.proxmox.com/pipermail/pve-devel/>
List-Post: <mailto:pve-devel@lists.proxmox.com>
List-Help: <mailto:pve-devel-request@lists.proxmox.com?subject=help>
List-Subscribe: <https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel>, 
 <mailto:pve-devel-request@lists.proxmox.com?subject=subscribe>
X-List-Received-Date: Fri, 25 Feb 2022 16:30:27 -0000

Adds a section to the "Host System Administration" section of the
Administration Guide, discussing KSM and its security risks

Signed-off-by: Dylan Whyte <d.whyte@proxmox.com>
---
 kernel-samepage-merging.adoc | 54 ++++++++++++++++++++++++++++++++++++
 sysadmin.adoc                |  2 ++
 2 files changed, 56 insertions(+)
 create mode 100644 kernel-samepage-merging.adoc

diff --git a/kernel-samepage-merging.adoc b/kernel-samepage-merging.adoc
new file mode 100644
index 0000000..5f55403
--- /dev/null
+++ b/kernel-samepage-merging.adoc
@@ -0,0 +1,54 @@
+[[kernel_samepage_merging]]
+Kernel Samepage Merging (KSM)
+-----------------------------
+ifdef::wiki[]
+:pve-toplevel:
+endif::wiki[]
+
+Kernel Samepage Merging (KSM) is an optional memory deduplication feature
+offered by the Linux kernel, which is enabled by default in {pve}. KSM
+works by scanning a range of physical memory pages for identical content, and
+identifying the virtual pages that are mapped to them. If identical pages are
+found, the corresponding virtual pages are re-mapped so that they all point to
+the same physical page, and the old pages are freed. The virtual pages are
+marked as "copy-on-write", so that any writes to them will be written to a new
+area of memory, leaving the shared physical page intact.
+
+Implications of KSM
+~~~~~~~~~~~~~~~~~~~
+
+KSM can optimize memory usage in virtualization environments, as multiple VMs
+running similar operating systems or workloads could potentially share a lot of
+common memory pages.
+
+However, while KSM can reduce memory usage, it also comes with some security
+risks, as it can expose VMs to side-channel attacks. Research has shown that it
+is possible to infer information about a running VM via a second VM on the same
+host, by exploiting certain characteristics of KSM.
+
+Thus, if you are using {pve} to provide hosting services, you should consider
+disabling KSM, in order to provide your users with additional security.
+Furthermore, you should check your country's regulations, as disabling KSM may
+be a legal requirement.
+
+Disabling KSM
+~~~~~~~~~~~~~
+
+To see if KSM is active, you can check the output of:
+
+----
+# systemctl status ksmtuned
+----
+
+If it is, it can be disabled immediately with:
+
+----
+# systemctl disable --now ksmtuned
+----
+
+Finally, to unmerge all the currently merged pages, run:
+
+----
+# echo 2 > /sys/kernel/mm/ksm/run
+----
+
diff --git a/sysadmin.adoc b/sysadmin.adoc
index 361fe02..cc75671 100644
--- a/sysadmin.adoc
+++ b/sysadmin.adoc
@@ -70,6 +70,8 @@ include::certificate-management.adoc[]
 
 include::system-booting.adoc[]
 
+include::kernel-samepage-merging.adoc[]
+
 endif::wiki[]
 
 
-- 
2.30.2