From: Matt Mackall <mpm-VDJrAJ4Gl5ZBDgjK7y7TUQ@public.gmane.org>
To: Lee Schermerhorn <Lee.Schermerhorn-VXdhtT5mjnY@public.gmane.org>
Cc: Andrew Morton
<akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>,
linux-mm-Bw31MaZKKs3YtjvyW6yDsg@public.gmane.org,
linux-kernel
<linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
riel-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
hugh-DTz5qymZ9yRBDgjK7y7TUQ@public.gmane.org,
kosaki.motohiro-+CUm20s59erQFUHtdCDX3A@public.gmane.org,
linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: Re: [PATCH] - support inheritance of mlocks across fork/exec V2
Date: Mon, 08 Dec 2008 15:33:05 -0600 [thread overview]
Message-ID: <1228771985.3726.32.camel@calx> (raw)
In-Reply-To: <1228770337.31442.44.camel@lts-notebook>
On Mon, 2008-12-08 at 16:05 -0500, Lee Schermerhorn wrote:
> > > In support of a "lock prefix command"--e.g., mlock <cmd>
> <args> ...
> > > Analogous to taskset(1) for cpu affinity or numactl(8) for numa memory
> > > policy.
> > >
> > > Together with patches to keep mlocked pages off the LRU, this will
> > > allow users/admins to lock down applications without modifying them,
> > > if their RLIMIT_MEMLOCK is sufficiently large, keeping their pages
> > > off the LRU and out of consideration for reclaim.
> > >
> > > Potentially useful, as well, in real-time environments to force
> > > prefaulting and residency for applications that don't mlock themselves.
This is a bit scary to me. Privilege and mode inheritance across
processes is the root of many nasty surprises, security and otherwise.
Here's a crazy alternative: add a flag to containers instead? I think
this is a better match to what you're trying to do and will keep people
from being surprised when an mlockall call in one thread causes a
fork/exec in another thread to crash their box, but only sometimes.
--
Mathematics is the supreme nostalgia of our time.
--
To unsubscribe from this list: send the line "unsubscribe linux-api" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
WARNING: multiple messages have this Message-ID (diff)
From: Matt Mackall <mpm@selenic.com>
To: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
linux-mm@kvack.org, linux-kernel <linux-kernel@vger.kernel.org>,
riel@redhat.com, hugh@veritas.com,
kosaki.motohiro@jp.fujitsu.com, linux-api@vger.kernel.org
Subject: Re: [PATCH] - support inheritance of mlocks across fork/exec V2
Date: Mon, 08 Dec 2008 15:33:05 -0600 [thread overview]
Message-ID: <1228771985.3726.32.camel@calx> (raw)
In-Reply-To: <1228770337.31442.44.camel@lts-notebook>
On Mon, 2008-12-08 at 16:05 -0500, Lee Schermerhorn wrote:
> > > In support of a "lock prefix command"--e.g., mlock <cmd>
> <args> ...
> > > Analogous to taskset(1) for cpu affinity or numactl(8) for numa memory
> > > policy.
> > >
> > > Together with patches to keep mlocked pages off the LRU, this will
> > > allow users/admins to lock down applications without modifying them,
> > > if their RLIMIT_MEMLOCK is sufficiently large, keeping their pages
> > > off the LRU and out of consideration for reclaim.
> > >
> > > Potentially useful, as well, in real-time environments to force
> > > prefaulting and residency for applications that don't mlock themselves.
This is a bit scary to me. Privilege and mode inheritance across
processes is the root of many nasty surprises, security and otherwise.
Here's a crazy alternative: add a flag to containers instead? I think
this is a better match to what you're trying to do and will keep people
from being surprised when an mlockall call in one thread causes a
fork/exec in another thread to crash their box, but only sometimes.
--
Mathematics is the supreme nostalgia of our time.
WARNING: multiple messages have this Message-ID (diff)
From: Matt Mackall <mpm@selenic.com>
To: Lee Schermerhorn <Lee.Schermerhorn@hp.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
linux-mm@kvack.org, linux-kernel <linux-kernel@vger.kernel.org>,
riel@redhat.com, hugh@veritas.com,
kosaki.motohiro@jp.fujitsu.com, linux-api@vger.kernel.org
Subject: Re: [PATCH] - support inheritance of mlocks across fork/exec V2
Date: Mon, 08 Dec 2008 15:33:05 -0600 [thread overview]
Message-ID: <1228771985.3726.32.camel@calx> (raw)
In-Reply-To: <1228770337.31442.44.camel@lts-notebook>
On Mon, 2008-12-08 at 16:05 -0500, Lee Schermerhorn wrote:
> > > In support of a "lock prefix command"--e.g., mlock <cmd>
> <args> ...
> > > Analogous to taskset(1) for cpu affinity or numactl(8) for numa memory
> > > policy.
> > >
> > > Together with patches to keep mlocked pages off the LRU, this will
> > > allow users/admins to lock down applications without modifying them,
> > > if their RLIMIT_MEMLOCK is sufficiently large, keeping their pages
> > > off the LRU and out of consideration for reclaim.
> > >
> > > Potentially useful, as well, in real-time environments to force
> > > prefaulting and residency for applications that don't mlock themselves.
This is a bit scary to me. Privilege and mode inheritance across
processes is the root of many nasty surprises, security and otherwise.
Here's a crazy alternative: add a flag to containers instead? I think
this is a better match to what you're trying to do and will keep people
from being surprised when an mlockall call in one thread causes a
fork/exec in another thread to crash their box, but only sometimes.
--
Mathematics is the supreme nostalgia of our time.
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2008-12-08 21:33 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-11-24 21:21 [PATCH/RFC] - support inheritance of mlocks across fork/exec Lee Schermerhorn
2008-11-25 4:05 ` KOSAKI Motohiro
2008-11-25 16:21 ` Rik van Riel
2008-11-25 23:26 ` Andrew Morton
2008-12-03 19:04 ` [PATCH] - support inheritance of mlocks across fork/exec V2 Lee Schermerhorn
2008-12-03 19:04 ` Lee Schermerhorn
2008-12-04 1:57 ` KOSAKI Motohiro
2008-12-04 1:57 ` KOSAKI Motohiro
2008-12-07 6:07 ` Andrew Morton
2008-12-07 6:07 ` Andrew Morton
2008-12-08 15:01 ` Lee Schermerhorn
2008-12-08 15:01 ` Lee Schermerhorn
[not found] ` <20081206220729.042a926e.akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org>
2008-12-08 21:05 ` Lee Schermerhorn
2008-12-08 21:05 ` Lee Schermerhorn
2008-12-08 21:05 ` Lee Schermerhorn
2008-12-08 21:33 ` Matt Mackall [this message]
2008-12-08 21:33 ` Matt Mackall
2008-12-08 21:33 ` Matt Mackall
2008-12-09 19:40 ` Lee Schermerhorn
2008-12-09 19:40 ` Lee Schermerhorn
2008-12-09 19:40 ` Lee Schermerhorn
2008-12-09 20:41 ` Matt Mackall
2008-12-09 20:41 ` Matt Mackall
2008-12-09 20:41 ` Matt Mackall
2009-06-05 4:39 ` Jon Masters
2009-06-05 4:39 ` Jon Masters
2009-06-05 4:49 ` KOSAKI Motohiro
2009-06-05 4:49 ` KOSAKI Motohiro
2009-06-05 5:12 ` Jon Masters
2009-06-05 5:12 ` Jon Masters
2008-11-26 8:37 ` [PATCH/RFC] - support inheritance of mlocks across fork/exec KOSAKI Motohiro
2008-11-29 22:38 ` Lee Schermerhorn
2008-11-30 5:21 ` KOSAKI Motohiro
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1228771985.3726.32.camel@calx \
--to=mpm-vdjraj4gl5zbdgjk7y7tuq@public.gmane.org \
--cc=Lee.Schermerhorn-VXdhtT5mjnY@public.gmane.org \
--cc=akpm-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org \
--cc=hugh-DTz5qymZ9yRBDgjK7y7TUQ@public.gmane.org \
--cc=kosaki.motohiro-+CUm20s59erQFUHtdCDX3A@public.gmane.org \
--cc=linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-mm-Bw31MaZKKs3YtjvyW6yDsg@public.gmane.org \
--cc=riel-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.