Re: 2.6.5-rc1-aa1

[Andrea Arcangeli]

On Thu, Mar 18, 2004 at 11:49:52AM -0500, Rik van Riel wrote:
> It's in the RHEL3 kernel, a patch named linux-2.4.21-mlock.patch.
> 
> Basically it allows any normal process to have up to its
> current->rlim[RLIMIT_MEMLOCK].rlim_cur memory locked.
> Root can configure, in /etc/security/limits.conf, how much 
> memory the processes of each user are allowed to mlock.
> 
> Processes with CAP_IPC_LOCK set can mlock as much as they
> want, unrestricted by the limit.
> 
> Last year at the kernel summit, Linus seemed pretty happy
> with this approach.  I think Wim Coekaerts at Oracle has
> ported the patch to 2.6 already...
> 
> I suspect the security paranoid will like this patch too,
> because it allows gnupg to mlock the memory it wants to
> have locked.

I agree.

> Now it just needs to be submitted to Andrew and Linus ;)

could somebody submit it to me too? ;) otherwise I'll have to search for
some big rpm.

what I was thinking about was more basic without checking the rlimits,
certainly I agree using the rlimits is a very nice bonus (though the
code is a bit more complicated, and it won't be a one liner in
remap_file_pages as I was hoping for ;).
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/