Re: [RFC][PATCH 2/7] RSS controller core

From: Dave Hansen
Date: Tue Mar 13 2007 - 16:28:51 EST

Next message: Pierre Ossman: "Re: [1/6] 2.6.21-rc3: known regressions"
Previous message: Con Kolivas: "Re: [ck] Re: [PATCH] [RSDL-0.30] sched: rsdl improve latencies with differential nice -1"
In reply to: Alan Cox: "Re: [RFC][PATCH 2/7] RSS controller core"
Next in thread: Eric W. Biederman: "Re: [RFC][PATCH 2/7] RSS controller core"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 2007-03-13 at 19:09 +0000, Alan Cox wrote:
> > stuff is happening by comparing page->count and page->_mapcount, but it
> > certainly wouldn't be conclusive. But, does this kind of nonsense even
> > happen in practice?
>
> "Is it useful for me as a bad guy to make it happen ?"

A very fine question. ;)

To exploit this, you'd need to:
1. need to access common data with another user
2. be patient enough to wait
3. determine when one of those users had actually pulled
a page in from disk, which sys_mincore() can do, right?

I guess that might be a decent reason to not charge the guy who brings
the page in for the page's entire lifetime.

So, unless we can change page ownership after it has been allocated,
anyone accessing shared data can get around resource limits if they are
patient.

-- Dave

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Pierre Ossman: "Re: [1/6] 2.6.21-rc3: known regressions"
Previous message: Con Kolivas: "Re: [ck] Re: [PATCH] [RSDL-0.30] sched: rsdl improve latencies with differential nice -1"
In reply to: Alan Cox: "Re: [RFC][PATCH 2/7] RSS controller core"
Next in thread: Eric W. Biederman: "Re: [RFC][PATCH 2/7] RSS controller core"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]