Re: [PATCH v3] fadvise: introduce POSIX_FADV_DONTNEED_FS

[Arnd Bergmann]

On Friday 29 April 2011, Andrea Righi wrote:
> NOTE #1: to avoid potential DoS in the system the rate of calls to
> fadvise(POSIX_FADV_DONTNEED_FS) from non-privileged users are limited
> according to these settings:
> 
>  - /proc/sys/vm/drop_pagecache_ratelimit: the minimum length of time
>    allowed beetween two different bursts of fadvise(POSIX_FADV_DONTNEED_FS)
> 
>  - /proc/sys/vm/drop_pagecache_ratelimit_burst: the number of calls to
>    fadvise(POSIX_FADV_DONTNEED_FS) that can be issued before enforcing
>    the rate limiting

The ratelimiting interface does not give me the happy feeling I had with
the original extremely syscall and fadvise, or with strictly limiting it
to certain capabilities. The ratelimit bursts seem well suited for log
messages, but it's not like you would expect anyone to read the fadvise
man page describing these and think "oh, of course, that's obviously
why it has to be done this way".

I don't have a perfect solution myself, but there are a few things
that feel wrong about yours:

* The rules for /proc/sys/vm/drop_caches and the fadvise are different
* You need to tune two variables to set one thing
* The rate limit is independent of the number of file systems you
  operate on: When you have mounted 20 file systems, you need to
  sleep for five seconds after flushing half of them, but you can
  flush one ten times in a row without being throttled.
* Returning an error gives no feedback about how soon it can
  be retried, in case you really need to flush.

	Arnd
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/