lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 08 Mar 2007 13:25:37 +0100
From:	Miklos Szeredi <miklos@...redi.hu>
To:	npiggin@...e.de
CC:	a.p.zijlstra@...llo.nl, miklos@...redi.hu,
	akpm@...ux-foundation.org, mingo@...e.hu, linux-mm@...ck.org,
	linux-kernel@...r.kernel.org, benh@...nel.crashing.org,
	jdike@...toit.com, hugh@...itas.com, torvalds@...ux-foundation.org
Subject: Re: [RFC][PATCH] mm: fix page_mkclean() vs non-linear vmas

> > > And it doesn't sound too hard to solve: when current algorithm doesn't
> > > seem to be making progress, then it will have to be done the hard way,
> > > searching for for all nonlinear ptes of a page to unmap.
> > 
> > Ah, you see, but that is when you've already lost.
> > 
> > The DoS is about the computational complexity of the reclaim, not if it
> > will ever come out of it with free pages.
> 
> If we really want to, we could limit it to mlock for !root. This is
> a reasonable way to solve the problem, and UML could fall back on
> vma emulated version if they didn't want to use mlock memory...
> 
> Or we could limit the size/number of nonlinear vmas that could be
> created.
> 
> But just quietly, I think there are probably a lot of other ways to
> perform a local DoS anyway ;) 

I aggree, requiring apps to mlock would probably just make things
slightly worse for about 100% of users, without any gain.  There could
be a

  /proc/sys/vm/turn_off_nonlinear_for_paranoid_sysadmin

knob that would unconditionally emulate nonlinear vmas.

Miklos
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ