> To support shared writable pages we'd need to defer the write-to-disk
> until the last dereference of the page from the VM, and that would
> require us to be able to add the page to the swap cache but mark it as
> unsynced. Not much else would have to be changed.
>
> It's not an enormous job, but it's one which is almost certainly better
> left to 2.3.
Agreed. I'd rather not see 2.2 held up for this ...
> > And no, we can't just mark it unswappable, as that would open us up to
> > some rather nasty security problems.
>
> What about making it unswappable but restricting it to root processes
> only? For now we can apply the same restriction that we make for
> mlock().
Perhaps the /proc/self/mem mmap code could be changed to do the mlock
automatically when shared aliases are created? Assuming that /proc/self/mem is
the only mechanism that can create the problem, this would attack it at the
source.
The mlocked pages created in this way could be subject to the same
limitiations as regular mlock() to prevent security problems.
Regards,
Bill
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.altern.org/andrebalsa/doc/lkml-faq.html