Re: [PATCH] mm: Enable MAP_UNINITIALIZED for archs with mmu
From: Arun Sharma
Date: Fri Feb 24 2012 - 14:27:42 EST
On 2/23/12 6:47 PM, KAMEZAWA Hiroyuki wrote:
In a distributed computing environment, a user submits a job to the
cluster job scheduler. The job might involve multiple related
executables and might involve multiple address spaces. But they're
performing one logical task, have a single resource limit enforced by a
cgroup.
They don't have access to each other's VMAs, but if "accidentally" one
of them comes across an uninitialized page with data from another task,
it's not a violation of the security model.
How do you handle shared resouce, file-cache ?
From a security perspective or a resource limit perspective?
Security: all processes in the cgroup run with the same uid and have the
same access to the filesystem. Multiple address spaces in a cgroup can
be thought of as an implementation detail.
Resource limit: We don't have strict enforcement right now. There is a
desire to include everything (file cache, slab memory) in the job's
memory resource limit.
-Arun
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/