Re: [PATCH -mm] vmscan: make mapped executable pages the first class citizen

[KOSAKI Motohiro]

> On Thu, 7 May 2009, Elladan wrote:
> 
> > > Nobody (except you) is proposing that we completely disable
> > > the eviction of executable pages.  I believe that your idea
> > > could easily lead to a denial of service attack, with a user
> > > creating a very large executable file and mmaping it.
> 
> The amount of mlockable pages is limited via ulimit. We can already make
> the pages unreclaimable through mlock().
> 
> > I don't know of any distro that applies default ulimits, so desktops are
> > already susceptible to the far more trivial "call malloc a lot" or "fork bomb"
> > attacks.  Plus, ulimits don't help, since they only apply per process - you'd
> > need a default mem cgroup before this mattered, I think.
> 
> The point remains that the proposed patch does not solve the general
> problem that we encounter with exec pages of critical components of the
> user interface being evicted from memory.
> 
> Do we have test data that shows a benefit? The description is minimal. Rik
> claimed on IRC that tests have been done. If so then the patch description
> should include the tests. Which loads benefit from this patch?
> 
> A significant change to the reclaim algorithm also needs to
> have a clear description of the effects on reclaim behavior which is also
> lacking.

btw,

This is very good news to me.
Recently I've taked sevaral time for reproducing this issue. but
I have no luck. I'm interesting its test-case.

Thanks.


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/