This looks unrelated and should perhaps be a separate change? We should probably use the same condition here we use for ktls and crypto threads which also kick in for aarch64 IIRC.

I really worry that while this may be ok for swap to get ENOMEM errors, it will not be ok for a GELI disk holding real data. UFS is rather notorious for not handling EIO errors from disks well, and even the fixes that have gone in there are not meant to handle temporary errors but to instead degrade to a permanent read-only mode discarding any in-flight data AFAIK. I think if there are use cases where it might be ok for a disk to be lossy, it might need to be something that is opted into (e.g. an argument to geli(8)'s "attach" or "onetime" commands) that is per-disk and not on by default.

Ah, yes. Sorry. This should be a separate commit.

The commit message will say something like:

Declare the GELI threads to be kernel FPU threads. This keeps them from fighting over per-CPU locks in the AESNI code. Among other things, the code at the AESNI layer may hold the per-CPU lock while doing an M_NOWAIT memory allocation. While that should not block, it may take some time to gather and map the memory while the VM system is under enough pressure that it is using the swap code.

OK. If I change the default for kern.geom.eli.blocking_malloc to true, that will maintain the current (blocking) behavior for everything except swap. I really feel strongly that swap should not block. I don't feel strongly about anything else, so it will be easy to convince me to leave the current behavior alone.

ENOMEM is fine. geom will retry it. UFS won't see that error, so it won't trigger chs' latest work.

Though I agree we should make sure that my bold assertions work in practice :)

ENOMEM processing is very special in the geom. It returns error to the upper layer but also set the pace variable which stops processing of the new bios for some time.

I remember this because I was not able to make ENOMEM error work as I need for situations where transient map was full for unmapped bios. I ended up with some other error which avoided this stall mechanics and allowed the transient map to free some space.

I suspect this is no longer correct.

Oh, thanks for noticing!

This cannot work either, maxphys is initialized only in init_param2. I am not even sure that non-constant initialization is tolerated (i.e. does it compile)?

Why the two first chunks for swap_pager.c are needed at all?

The idea is to make nsw_cluster_max externally visible so we can calculate the maximum-sized swap buffer we are likely to see. See g_eli_init_uma() in g_eli.c

I would put there a replacement sentence that nsw_cluster_max is initialized in swap_pager_init()

I'd rather expand the comment in swap_pager_init() to explain why we are doing this early. My change makes this comment block dedicated solely to explanation of what nsw_wcount_async is, which I find good. Putting back a note about nsw_cluster_max into the middle of that explanation would disrupt it. Do you agree?

Of course I do not object against expanding the comment in swap_pager_init(). If you do not like putting a reference in the middle of this comment, put it at the end: I want something there that points out for the complete set of nsw_* controls.

I would say nsw_cluster_max is initialized early so that GEOM_ELI can see it.