| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 25 Nov 2013 17:36:22 -0800 (PST) From: David Rientjes <rientjes@...gle.com> To: Michal Hocko <mhocko@...e.cz> cc: Vladimir Murzin <murzin.v@...il.com>, linux-mm@...ck.org, Greg Thelen <gthelen@...gle.com>, Glauber Costa <glommer@...il.com>, Mel Gorman <mgorman@...e.de>, Andrew Morton <akpm@...ux-foundation.org>, Johannes Weiner <hannes@...xchg.org>, KOSAKI Motohiro <kosaki.motohiro@...fujitsu.com>, Rik van Riel <riel@...hat.com>, Joern Engel <joern@...fs.org>, Hugh Dickins <hughd@...gle.com>, LKML <linux-kernel@...r.kernel.org> Subject: Re: user defined OOM policies On Thu, 21 Nov 2013, Michal Hocko wrote: > > It's an interesting idea but unfortunately a non-starter for us because > > our users don't have root, > > I wouldn't see this as a problem. You can still have a module which > exports the notification interface you need. Including timeout > fallback. That would be trivial to implement and maybe more appropriate > to very specific environments. Moreover the global OOM handling wouldn't > be memcg bound. > The memcg userspace oom handlers are effectively system userspace oom handlers for everything at that memcg and its descendant memcgs, the interface for the system oom handler and the memcg oom handlers would be identical. We could certainly make the hook into a module by defining some sort of API that could be exported, but I believe the proposal empowers userspace to handle the oom situations in all possible scenarios (notification, memory reserve, timeout) that it would stand alone as the only user in the kernel of such an API and that API itself makes the code unnecessarily complex. > > we create their memcg tree and then chown it to the user. They can > > freely register for oom notifications but cannot load their own kernel > > modules for their own specific policy. > > yes I see but that requires just a notification interface. It doesn't > have to be memcg specific, right? They also need the memory reserve to do anything useful when the oom handler wakes up, so you'd need an API exported to modules that allows you to define the set of processes allowed to access such a reserve. So the kernel code providing the needed functionality (notification, reserve, timeout) remains constant for any possible userspace oom handler. Unless you're thinking of a possible implementation that can't be addressed in this way? -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists