Memory Management Approach for Swapless Embedded Systems
A useful approach in assisting the fast selection of processes to be killed, in order to release memory, could involve registering applications as killable or not. Applications considered killable could be registered on a list known as the Red List. Additionally, other applications, crucial for the correct functionality of the system, such as the X Window System, should not be killed under any circumstances and could be registered on a list known as the White List.
End users could be allowed to choose which applications should be registered on the Red or White Lists. However, this would require a security mechanism in place to ensure that applications on the Red List or White List do not cause any unexpected conditions or instabilities. If application A is the culprit by consuming tons of memory continuously, it cannot be on the White List. Likewise, if killing application B can break down overall system functionality, then it cannot be on the Red List. A heuristic could be employed for selecting in advance which applications can be registered on the Red List or White List. Preselected applications could then be presented to the user to be opted for registration on the respective list, thus improving user-friendliness while avoiding potential problems from choosing erratically.
The Red List and White List could be implemented in kernel space, with each list also reflected in the /proc filesystem. ST can be used to notify user space the moment when the Red and White Lists should be updated. Afterward, the kernel can start terminating applications registered on the Red List in order to release memory. Perhaps a ranking heuristic can be employed in kernel space to prioritise entries on the Red List. Figure 4 illustrates a possible architecture of OOM killer, based on Red List and White List approach. If it is not enough simply to kill processes on the Red List, other processes, not appearing on the White List, could be killed as well, as a last measure to ensure system stability.
It is interesting to maintain a mechanism based on having one heuristic for selection and termination of processes in user space and another one in kernel space, because each space can offer different pieces of information that may prove useful to the ranking criteria. For instance, in user space it is possible at any moment to know which window-based applications are active, that is, visible and used by the end user, but in kernel space such information is not as easily attainable. Hence, if there is a heuristic that needs to verify whether any window-based application is active or not, it should be implemented in the user space.
Dealing with swapless embedded systems requires establishing an alternative memory management approach, in order to prevent slowness and to control OOM killer invocation and execution. The idea based on MAT and ST is simple yet practical and tunable on different swapless embedded devices, because the LMW kernel module provides the /proc and sysctl interfaces to change the MAT and ST values from user space as necessary.
Additional mechanisms can be implemented, such as the Red and White registration Lists. It is also interesting to design different selection criteria that take into account features related to swapless embedded devices.
We wish to offer our thanks to Kimmo Hämäläinen of Nokia Research Center (NRC) and Monica Nogueira for help on the organization and contents of this document, Juha Yrjölä of NRC for help with Low Memory Watermark coding and Fabritius Sampsa of NRC for providing us with the opportunity to develop this work.
Mauricio Lin is a software engineer at Nokia's Institute of Technology (INdT) located in Manaus/Brazil. Mauricio has worked with Linux memory management for embedded systems since 2003. He also has contributed to the proc-pid-smaps.patch of the Linux kernel related to memory consumption analysing. Mauricio received a BSc in Data Processing from the Federal University of Amazonas. He has practiced Kung Fu - Wushu since childhood and has graduated in the Northern Shaolin style. He can be reached at email@example.com.
Ville C. L. de Medeiros has been passionate about Linux since 1997. He started as a trainee administrator at the Department of Computer Science, Federal University of Amazonas (UFAM) and became the university's network manager after graduation. He then took the initiative to convert all network services from mainframe-based to Linux. He currently works in the Linux Embedded Lab in Nokia's Technology Institute at Manaus/Brazil. He can be reached at firstname.lastname@example.org.
Raoni Novellino has been a Linux user and developer for two years and is currently working in Nokia's Technology Institute at Manaus/Brazil. He can be reached at email@example.com.
Ilias Biris holds a PhD in Artificial Intelligence from the University of Edinburgh and has been a Linux user and developer for ten years. He works as project coordinator in the Linux Embedded Lab of Nokia's Institute of Technology in Manaus/Brazil and can be reached at firstname.lastname@example.org. Apart from Linux, Ilias enjoys early morning Tai Chi and a good duel in Kendo.
Edjard Mota holds a PhD in Artificial Intelligence from the University of Edinburgh and has been an avid Linux user for ten years and a developer for two. He is currently managing the Linux Embedded Lab of Nokia's Technology Institute at Manaus/Brazil. He is an early-bird and enjoys doing Yoga to start the day. He can be reached at email@example.com.
Fast/Flexible Linux OS Recovery
On Demand Now
In this live one-hour webinar, learn how to enhance your existing backup strategies for complete disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible full-system recovery solution for UNIX and Linux systems.
Join Linux Journal's Shawn Powers and David Huffman, President/CEO, Storix, Inc.
Free to Linux Journal readers.Register Now!
- Server Hardening
- BitTorrent Inc.'s Sync
- The Death of RoboVM
- EnterpriseDB's EDB Postgres Advanced Server and EDB Postgres Enterprise Manager
- The Humble Hacker?
- The US Government and Open-Source Software
- Open-Source Project Secretly Funded by CIA
- New Container Image Standard Promises More Portable Apps
- AdaCore's SPARK Pro
- ACI Worldwide's UP Retail Payments
In modern computer systems, privacy and security are mandatory. However, connections from the outside over public networks automatically imply risks. One easily available solution to avoid eavesdroppers’ attempts is SSH. But, its wide adoption during the past 21 years has made it a target for attackers, so hardening your system properly is a must.
Additionally, in highly regulated markets, you must comply with specific operational requirements, proving that you conform to standards and even that you have included new mandatory authentication methods, such as two-factor authentication. In this ebook, I discuss SSH and how to configure and manage it to guarantee that your network is safe, your data is secure and that you comply with relevant regulations.Get the Guide