On Wed, Mar 07, 2007 at 04:22:24AM -0800, Bill Irwin wrote: > On Wed, Mar 07, 2007 at 11:47:42AM +0100, Peter Zijlstra wrote: > >> Well, now they don't, but it could be done or even exploited as a DoS. > > On Wed, Mar 07, 2007 at 12:00:36PM +0100, Nick Piggin wrote: > > But so could nonlinear page reclaim. I think we need to restrict nonlinear > > mappings to root if we're worried about that. > > Please not root. The users really don't want to be privileged. UML > itself is at least partly for use as privilege isolation of the guest > workload. Oracle has some of the same concerns itself, which is part of > why it uses separate processes heavily, even: to isolate instances from > each other.
Well non-root users could be allowed to work on mlocked regions on tmpfs/shm. That way they avoid the pathological nonlinear problems, and can work within the mlock ulimit. That is, if we are worried about such a DoS. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
