From owner-freebsd-arch@FreeBSD.ORG Wed Sep 19 09:33:52 2012 Return-Path: Delivered-To: freebsd-arch@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id DF615106564A for ; Wed, 19 Sep 2012 09:33:52 +0000 (UTC) (envelope-from andrey@zonov.org) Received: from mail-lpp01m010-f54.google.com (mail-lpp01m010-f54.google.com [209.85.215.54]) by mx1.freebsd.org (Postfix) with ESMTP id 48B748FC08 for ; Wed, 19 Sep 2012 09:33:51 +0000 (UTC) Received: by lahe6 with SMTP id e6so491635lah.13 for ; Wed, 19 Sep 2012 02:33:51 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=sender:message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:x-enigmail-version:content-type :x-gm-message-state; bh=IZ7YsfvhgXY/O1INmbCTy2nfNz29jUZsMtEegnzbm8k=; b=gxkoWFpwdu5QjOH22IJlJF+4aH/4fxYdOYczzjhhpDQUuPm3x7cUU0469fEEILXRlK Z0lTbiFkn9cFv5p+uNyCTIZgDmcR8KZl+3doeD3xmxODY4IEQHj8SCASsg61RNWDf1Sj K/GX6S4YAb1ZOYgOHhzI/Rv/YGBGymgJisecXjzoQTp6sR04GDfrAn1bueH94pM2fmxO MOQAxCNLB3PgQ/RiRoGHTjKlVP5cLRzrhNNK3/Ytl8YvwM1GgApktLfPbXPN0M7WBlHE sTir5tEuOHeqzEY4tEql4AqJkhnv52sFCZn3OWg8b2TWWWQRoO5ThXhKdGUg7ahkfAhB ZEEw== Received: by 10.152.46.209 with SMTP id x17mr2170209lam.38.1348047230950; Wed, 19 Sep 2012 02:33:50 -0700 (PDT) Received: from dhcp170-234-red.yandex.net (dhcp170-234-red.yandex.net. [95.108.170.234]) by mx.google.com with ESMTPS id hz16sm527265lab.6.2012.09.19.02.33.49 (version=SSLv3 cipher=OTHER); Wed, 19 Sep 2012 02:33:50 -0700 (PDT) Sender: Andrey Zonov Message-ID: <50599179.4020505@FreeBSD.org> Date: Wed, 19 Sep 2012 13:33:45 +0400 From: Andrey Zonov User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:15.0) Gecko/20120907 Thunderbird/15.0.1 MIME-Version: 1.0 To: Konstantin Belousov References: <503DD433.2030108@FreeBSD.org> <201208290906.q7T96C9j032802@gw.catspoiler.org> <20120829092318.GW33100@deviant.kiev.zoral.com.ua> <503F2D24.8050103@FreeBSD.org> <50463026.8000506@FreeBSD.org> <504653CD.2000707@FreeBSD.org> <5046F4E0.6000606@FreeBSD.org> <50561223.7060709@FreeBSD.org> <20120917123719.GS37286@deviant.kiev.zoral.com.ua> In-Reply-To: <20120917123719.GS37286@deviant.kiev.zoral.com.ua> X-Enigmail-Version: 1.4.4 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig434B811F04FA162BD791E35A" X-Gm-Message-State: ALoCoQkQjbSn7eDQNyJ7bCaYxzDPfoy13MmZRJfOB2qZ4z6H+rOxWejpktfUHD5KaVVK//zhgT5z Cc: Andriy Gapon , freebsd-arch@freebsd.org Subject: Re: [patch] unprivileged mlock(2) X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Sep 2012 09:33:53 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig434B811F04FA162BD791E35A Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable On 9/17/12 4:37 PM, Konstantin Belousov wrote: > On Sun, Sep 16, 2012 at 09:53:39PM +0400, Andrey Zonov wrote: >> On 9/5/12 10:44 AM, Andriy Gapon wrote: >>> on 04/09/2012 22:17 Andrey Zonov said the following: >>>> On 9/4/12 8:45 PM, Andriy Gapon wrote: >>>>> on 30/08/2012 12:06 Andrey Zonov said the following: >>>>>> Hi, >>>>>> >>>>>> So, I've got the first version of the patch (attached) which fixes= =20 >>>>>> memory locked limit checking and accounting. >>>>> >>>>> Andrey, >>>>> >>>>> your mlock.patch looks good to me, but I haven't verified pieces un= der >>>>> RACCT. Please try to get a review from a person who is knee-deep in= the >>>>> VM code like alc or your mentor. >>>>> >>>> >>>> Thanks for review! >>>> >>>>> The code should also be sent for vetoing to security@. Not sure if= you >>>>> would get a review there, but absence of nays would be good. >>>>> >>>>> When the code is ready to be committed, please remember about=20 >>>>> memorylocked=3Dunlimited in the default entry of the default login.= conf. A >>>>> big warning about it will have to be posted (in UPDATING and >>>>> current@/stable@ at the very least). >>>>> >>>> >>>> After that amd(8), geli(8) and watchdogd(8) will be broken, because = they=20 >>>> call mlockall(2). ntpd(8) won't, it already raises its RLIMIT_MEMLO= CK. I >>>> will prepare patches for raising limits if there is no other solutio= n. >>> >>> Thanks for working on this. >>> BTW, I am not sure why those applications would get broken... >>> We could/should still have memorylocked=3Dunlimited for the 'root' cl= ass. >>> Or is it about something else? >>> >> >> Hmm, I thought that root login class commented out. >> >>>>> Thank you very much for doing this work. >>>>> >>>>> P.S. It would probably make sense to provide some HTTP home for th= is >>>>> patch as well. >>>>> >>>> >>>> Updated patch is here [1]. >>>> >>>> [1] http://people.freebsd.org/~zont/mlock1.patch >>>> >>> >>> Thank you! >>> One additional thing - we probably should retire PRIV_VM_MLOCK and >>> PRIV_VM_MUNLOCK. That would include making changes to >>> sys/i386/ibcs2/ibcs2_misc.c and sys/ofed/drivers/infiniband/core/umem= =2Ec. >>> >> >> They are useful for jails as trasz@ mentioned on IRC. >> >>> P.S. PRIV_VM_MUNLOCK _privilege_ feels a little bit weird. I wonder = what was >>> the intended use for it (if any)... >>> >> >> So, here is the second version of the patch [1]. >> >> [1] http://people.freebsd.org/~zont/mlock2.patch >=20 > In priv_check_cred(), s/to unprivileged/for unprivileged/. >=20 > In vm_mmap(), on RLIMIT_VMEM failure, racct change shall be rolled back= =2E >=20 > I am not sure why e.g. sys_obreak() forces racct limits instead of obei= ng. >=20 Thanks for review. Updated patch is here [1]. [1] http://people.freebsd.org/~zont/patches/mlock3.patch --=20 Andrey Zonov --------------enig434B811F04FA162BD791E35A Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.18 (Darwin) Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJQWZF8AAoJEBWLemxX/CvTXJsH/3SZbso6ufnDCgDqjfPsPCTB zKDVZoIrYwW+E5OOVWSInlyqEFghvZNSUfqqWxQtzdukmbxK5UrQettHeIhXSuib Ke5STyVorGSYArL3cVhbSqJ+ZKwMmFuOLP5y9Y7sdsm3M0SUtnT01lVbcR7On4JE QILHY4GZR5SEo525CcOs3+uxEyczqOVv3jDn7Yt7BBmIkeIE9+rpngJamjp/7E9q hHKkQGbPuxUUxW2I402Y1wSkdXQqNSIT3evSY3vTw9CMKcH9BWQANq1ZG5G6GPr/ BkKa0IUWqK923Ulof0wX1uNKtlwyr0OZuKTJV5081fCKKRHxXIJj9e7UbUxeFJ8= =RSW8 -----END PGP SIGNATURE----- --------------enig434B811F04FA162BD791E35A--