lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20230223160914.cwvt53drn2bckpdc@wittgenstein>
Date:   Thu, 23 Feb 2023 17:09:14 +0100
From:   Christian Brauner <brauner@...nel.org>
To:     Christoph Hellwig <hch@...radead.org>
Cc:     Luis Chamberlain <mcgrof@...nel.org>, hughd@...gle.com,
        akpm@...ux-foundation.org, willy@...radead.org, linux-mm@...ck.org,
        p.raghav@...sung.com, dave@...olabs.net, a.manzanares@...sung.com,
        yosryahmed@...gle.com, linux-kernel@...r.kernel.org
Subject: Re: [RFC v2 5/5] shmem: add support to ignore swap

On Thu, Feb 23, 2023 at 07:16:09AM -0800, Christoph Hellwig wrote:
> On Thu, Feb 23, 2023 at 01:26:31PM +0100, Christian Brauner wrote:
> > We would have use-cases for this in systemd. We currently use ramfs for
> > systemd's credential logic since ramfs is unswappable. It'd be very neat
> > if we could use tmpfs instead,
> 
> What is the advantage of using a swapless tmpfs over ramf?

There are a few reasons we usually prefer tmpfs over ramfs. Iirc, ramfs
doesn't have limits and grows dynamically. So we currently only use it
from the most privileged process where we do our own accounting and
immediately remount the superblock read-only. Tmpfs on the other hand
offers various ways to restrict memory consumption.

Other reasons are that ramfs doesn't support selinux labels, xattrs, and
acls in general which come in quite handy. Starting with kernel v6.3
tmpfs does also support idmapped mounts. So we usually always prefer
ramfs over tmpfs unless we have a very specific need such as the memory
not being swapped out.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ