From: Arun Sharma <asharma@fb.com>
To: Balbir Singh <bsingharora@gmail.com>
Cc: linux-kernel@vger.kernel.org, linux-mm@kvack.org,
KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>,
akpm@linux-foundation.org
Subject: Re: [PATCH] mm: Enable MAP_UNINITIALIZED for archs with mmu
Date: Thu, 23 Feb 2012 10:42:16 -0800 [thread overview]
Message-ID: <4F468888.9090702@fb.com> (raw)
In-Reply-To: <CAKTCnzn-reG4bLmyWNYPELYs-9M3ZShEYeOix_OcnPow-w8PNg@mail.gmail.com>
Hi Balbir,
Thanks for reviewing. Would you change your position if I limit the
scope of the patch to a cgroup with a single address space?
The moment the cgroup sees more than one address space (either due to
tasks getting created or being added), this optimization would be turned
off.
More details below:
On 2/22/12 11:45 PM, Balbir Singh wrote:
>
> So the assumption is that only apps that have access to each others
> VMA's will run in this cgroup?
>
In a distributed computing environment, a user submits a job to the
cluster job scheduler. The job might involve multiple related
executables and might involve multiple address spaces. But they're
performing one logical task, have a single resource limit enforced by a
cgroup.
They don't have access to each other's VMAs, but if "accidentally" one
of them comes across an uninitialized page with data from another task,
it's not a violation of the security model.
> Sorry, I am not convinced we need to do this
>
> 1. I know that zeroing out memory is expensive, but building a
> potential loop hole is not a good idea
> 2. How do we ensure that tasks in a cgroup should be allowed to reuse
> memory uninitialized, how does the cgroup admin know what she is
> getting into?
I was thinking of addressing this via documentation (as in: don't use
this if you don't know what you're doing!). But limiting the scope to a
single address space cgroup seems cleaner to me.
-Arun
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2012-02-23 18:42 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-01-18 18:51 [PATCH] mm: Enable MAP_UNINITIALIZED for archs with mmu Arun Sharma
2012-01-19 2:42 ` KAMEZAWA Hiroyuki
2012-01-24 0:54 ` Arun Sharma
2012-01-24 3:07 ` KAMEZAWA Hiroyuki
2012-01-25 1:45 ` Arun Sharma
2012-02-22 0:34 ` Arun Sharma
2012-02-23 7:45 ` Balbir Singh
2012-02-23 18:42 ` Arun Sharma [this message]
2012-02-24 2:47 ` KAMEZAWA Hiroyuki
2012-02-24 14:51 ` Balbir Singh
2012-02-24 19:11 ` Arun Sharma
2012-02-25 4:13 ` Balbir Singh
2012-02-27 18:32 ` Arun Sharma
2012-02-24 19:26 ` Arun Sharma
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4F468888.9090702@fb.com \
--to=asharma@fb.com \
--cc=akpm@linux-foundation.org \
--cc=bsingharora@gmail.com \
--cc=kamezawa.hiroyu@jp.fujitsu.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).