←back to thread

Transition to using 16 KB page sizes for Android apps and games

(android-developers.googleblog.com)
95 points ingve | 6 comments | 11 Jul 25 07:04 UTC | HN request time: 0.001s | source | bottom
Show context
nubinetwork ◴[15 Jul 25 02:01 UTC] No.44567177[source]
I can understand the desire for google to want devs to recompile their apps, but I don't see the need to dump old apps from the app store... who cares if an old app that works wastes 12k if it only needs a single 4k page?
replies(7): >>44567219 #>>44567321 #>>44567891 #>>44567924 #>>44568023 #>>44568923 #>>44571850 #
ryao ◴[15 Jul 25 02:11 UTC] No.44567219[source]
I am not familiar with Android, but Linux ELF binaries that specify 4KB alignment will not work on systems with 16KB page sizes, since the ELF interpreter will refuse to load them. This hit me recently when trying to run a 32-bit binary on a Linux ARM system that had 16KB size pages, since the 32-bit OpenSSL libraries specified 4KB alignment. Presumably, this was done for maximizing entropy available to ASLR, but it breaks the binaries when the page size increases.

In any case, I assume that there is something similar affecting Android.

replies(2): >>44567516 #>>44571146 #
1. dwattttt ◴[15 Jul 25 03:08 UTC] No.44567516[source]
Page size impacts page permissions; it's not a matter of wasting 12k, it's that with 4kb pages you're allowed to have a consecutive 8kb region with different permissions. 16kb pages can't do that without segfaulting every time memory is used "wrong", and trying to fix that up transparently would be a nightmare.
replies(2): >>44567758 #>>44575845 #
2. yjftsjthsd-h ◴[15 Jul 25 04:11 UTC] No.44567758[source]
> 16kb pages can't do that without segfaulting every time memory is used "wrong", and trying to fix that up transparently would be a nightmare.

I would natively imagine the kernel could trap that and remap on the fly, at the tiny cost of murdering performance. Is that untrue, or is the perf so bad that it's not worth it?

replies(2): >>44568096 #>>44568968 #
3. plorkyeran ◴[15 Jul 25 05:30 UTC] No.44568096[source]
Anything which involves the kernel tracking permissions at 4k granularity despite using larger pages is just going to be worse in every way than using 4k pages.
4. dwattttt ◴[15 Jul 25 07:57 UTC] No.44568968[source]
It depends on how much of a program actually triggers the failure case, so you can't answer in the abstract.

In the worst case, ~every memory access causes the kernel to need to fix it, causing every memory access to be several orders of magnitude worse (e.g. a hot cache hit vs trapping into kernel, wiping caches, at the very least hundreds more accesses).

EDIT: I see you suggested remapping the page permissions. Maybe that helps! But maybe it adds the cost of the remapping onto the worst case, e.g. the first 4kb are instructions that write into the second 4kb.

5. bjourne ◴[15 Jul 25 21:08 UTC] No.44575845[source]
That's a valid point, but isn't memory protection the only common user-visible effect of changed page sizes? It would seem most apps which do not use write-protected memory would be unaffected.
replies(1): >>44576887 #
6. dwattttt ◴[15 Jul 25 23:11 UTC] No.44576887[source]
I think the most immediate problem would be ELF segments that aren't 16kb aligned. Code will abut data, you can't add a gap without breaking offsets inside the ELF, and you'll induce the segfault during every write to a global at the start of the writable code, or executing code at the end of the code segment.

A less safe option would be for permissions to be a union in that region, as code rarely depends on a permission being absent. That would be quite the security hole though.