From owner-cvs-src@FreeBSD.ORG  Mon Feb 16 18:08:50 2004
Return-Path: <owner-cvs-src@FreeBSD.ORG>
Delivered-To: cvs-src@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C4C2D16A4CE
	for <cvs-src@FreeBSD.org>; Mon, 16 Feb 2004 18:08:50 -0800 (PST)
Received: from relay.pair.com (relay.pair.com [209.68.1.20])
	by mx1.FreeBSD.org (Postfix) with SMTP id 5EBE343D2F
	for <cvs-src@FreeBSD.org>; Mon, 16 Feb 2004 18:08:50 -0800 (PST)
	(envelope-from silby@silby.com)
Received: (qmail 37291 invoked from network); 17 Feb 2004 02:08:49 -0000
Received: from niwun.pair.com (HELO localhost) (209.68.2.70)
  by relay.pair.com with SMTP; 17 Feb 2004 02:08:49 -0000
X-pair-Authenticated: 209.68.2.70
Date: Mon, 16 Feb 2004 20:08:47 -0600 (CST)
From: Mike Silbersack <silby@silby.com>
To: Colin Percival <colin.percival@wadham.ox.ac.uk>
In-Reply-To: <6.0.1.1.1.20040217013021.03a47a30@imap.sfu.ca>
Message-ID: <20040216200627.W4491@odysseus.silby.com>
References: <Pine.NEB.3.96L.1040216140303.63057O-100000@fledge.watson.org>
 <28938.1076959003@critter.freebsd.dk> <20040216210503.GC35475@elvis.mu.org>
 <6.0.1.1.1.20040217013021.03a47a30@imap.sfu.ca>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
cc: src-committers@FreeBSD.org
cc: Maxime Henrion <mux@FreeBSD.org>
cc: cvs-src@FreeBSD.org
cc: Scott Long <scottl@FreeBSD.org>
cc: cvs-all@FreeBSD.org
cc: Poul-Henning Kamp <phk@phk.freebsd.dk>
cc: Robert Watson <rwatson@FreeBSD.org>
cc: Dag-Erling Smorgrav <des@FreeBSD.org>
Subject: Re: cvs commit: src/sys/vm vm_kern.c
X-BeenThere: cvs-src@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the src tree <cvs-src.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src>
List-Post: <mailto:cvs-src@freebsd.org>
List-Help: <mailto:cvs-src-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Feb 2004 02:08:50 -0000


On Tue, 17 Feb 2004, Colin Percival wrote:

> At 21:05 16/02/2004, Maxime Henrion wrote:
> >I find it very convenient to have a flag to tell malloc() to try as hard
> >as it can to allocate the memory without crashing on us.
>
> <hat="kernel newbie">
>    Is this really good enough?  When I was routinely running my system out
> of kernel memory by using a large malloc backed md(4), the panic never
> came from a failed allocation in the md code; rather, md would use up all
> the available memory, and then some other kernel call (which needed only
> some small amount of memory) would panic.
>    From a security point of view, I can't see how there's any alternative
> to using a user-allocated buffer for such requests.
> </hat>
>
> Colin Percival

The M_SAFE and M_NOWAIT flags could be set to leave a 10% memory buffer
that only M_WAITOK callers would eat into.  This would (hopefully) help to
avoid panicing the system, while still maintaining the desired semantic
for M_WAITOK callers.

Er, wait, maybe M_WAITOK callers should block at that boundary, and
M_NOWAIT should succeed... hrm.

Either way, something should be done, the current state of affairs isn't
all that perfect.

Mike "Silby" Silbersack