Re: [PATCH 3/6] ksm: change the KSM_REMOVE_MEMORY_REGION ioctl.
From: Chris Wright
Date: Wed May 06 2009 - 13:13:44 EST
* Hugh Dickins (hugh@xxxxxxxxxxx) wrote:
> On Wed, 6 May 2009, Chris Wright wrote:
> > Another
> > question of what to do w/ VM_LOCKED, should that exclude VM_MERGE or
> > let user get what asked for?
>
> What's the issue with VM_LOCKED? We wouldn't want to merge a page
> while it was under get_user_pages (unless KSM's own, but ignore that),
> but what's the deal with VM_LOCKED?
>
> Is the phrase "covert channel" going to come up somehow?
There's two (still hand wavy) conerns I see there. First is the security
implication: timing writes to see cow and guess the shared data for
another apps VM_LOCKED region, second is just plain old complaints of
those rt latency sensitive apps that somehow have VM_LOCKED|VM_MERGE
and complain of COW fault time, probably just "don't do that".
thanks,
-chris
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/