Andrew Morton wrote:
I'm referring to an application which uses your syscalls to obtain pinned memory and uses munlock() so that it may then use your syscalls to obtain evem more pinned memory. With the objective of taking the machine down.
I'm in favor of having drivers call do_mlock() and do_munlock() on behalf of the application. All we need to do is export those functions, and my driver can call them. However, that still doesn't prevent an app from calling munlock().
But I don't understand the distinction between having the driver call do_mlock() vs. the application calling mlock(). Won't we still have the same problems? A malicious app can just call our driver instead of calling mlock() or munlock(). The driver won't know the difference between an authorized app and an unauthorized one.
Besides, isn't the whole point behind RLIMIT_MEMLOCK to limit how much one process can lock?
I haven't even thought about memory hotswap. Surely it'll fail if the pages are pinned by get_user_pages()?
Any memory registered for RDMA devices obviously can't be swapped out. Technically, the driver could detect that, and reject any attempt to transfer data to those regions until everything is remapped to other RAM. But that's opening a whole new can of worms. I don't know how the memory hotswap mechanism works, so I can't guess what recovery mechanisms can be implemented in the driver.
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
- Follow-Ups:
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Andrew Morton <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- References:
- [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Roland Dreier <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Troy Benjegerdes <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Roland Dreier <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Troy Benjegerdes <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Roland Dreier <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Troy Benjegerdes <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Roland Dreier <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Andrew Morton <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Timur Tabi <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Christoph Hellwig <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Timur Tabi <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Andrew Morton <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Roland Dreier <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Andrew Morton <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Roland Dreier <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Andrew Morton <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Timur Tabi <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Andrew Morton <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Roland Dreier <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Andrew Morton <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Roland Dreier <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Andrew Morton <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Timur Tabi <[email protected]>
- Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- From: Andrew Morton <[email protected]>
- [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- Prev by Date: Re: [openib-general] Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- Next by Date: Re: [linux-usb-devel] Re: [PATCH] PCI: Add pci shutdown ability
- Previous by thread: Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- Next by thread: Re: [PATCH][RFC][0/4] InfiniBand userspace verbs implementation
- Index(es):