Re: [patch] mlock-as-nonroot revisted

[Andrea Arcangeli]

On Tue, Aug 03, 2004 at 11:13:39PM +0200, Arjan van de Ven wrote:
> The user that mlock'd gets to pay for it, and gets his credits back at
> munlock. Chown doesn't really matter in that regard..... The thing that does

what? he cannot get credits when it munlock if this is hugetlbfs. If it
does you're again into the insecure DoS scenario.

btw, I don't see where you call user_subtract_mlock when the file is
truncated.

what exactly are you trying to do in that patch? I thought you were
binding the storage to a certain user structure _persistently_. Which
breaks badly with chown since if the admin chown the file to root.root
then you cannot truncate it anymore but you're locked up completely and
you cannot use mlock anymore and you've to send email to the admin
asking to reassing the file to you so that you can truncate it.

If you're calling user_subtract_mlock at unlock time (not at truncate
time) then it has the same issues that the patch I've rejected some
months ago when I wrote the disable_cap_mlock.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/