From owner-freebsd-current@FreeBSD.ORG Thu Jun 2 18:40:37 2005 Return-Path: X-Original-To: current@FreeBSD.org Delivered-To: freebsd-current@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C606F16A41C for ; Thu, 2 Jun 2005 18:40:37 +0000 (GMT) (envelope-from truckman@FreeBSD.org) Received: from gw.catspoiler.org (217-ip-163.nccn.net [209.79.217.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2624243D4C for ; Thu, 2 Jun 2005 18:40:37 +0000 (GMT) (envelope-from truckman@FreeBSD.org) Received: from FreeBSD.org (mousie.catspoiler.org [192.168.101.2]) by gw.catspoiler.org (8.13.1/8.13.1) with ESMTP id j52IeRZa004091; Thu, 2 Jun 2005 11:40:31 -0700 (PDT) (envelope-from truckman@FreeBSD.org) Message-Id: <200506021840.j52IeRZa004091@gw.catspoiler.org> Date: Thu, 2 Jun 2005 11:40:27 -0700 (PDT) From: Don Lewis To: Alexander@Leidinger.net In-Reply-To: <20050602153909.49ihh5ek8wgo4w80@netchild.homeip.net> MIME-Version: 1.0 Content-Type: TEXT/plain; charset=us-ascii Cc: phk@phk.freebsd.dk, current@FreeBSD.org Subject: Re: [RFC] [PATCH] VM & VFS changes X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 02 Jun 2005 18:40:37 -0000 On 2 Jun, Alexander Leidinger wrote: > Don Lewis wrote: > >>> What am I overlooking? >> >> Create a large, but nearly empty file system, /a > ^ > memory/swap based I think that only the swap-backed case is problematical. >> Mount a file system backed by a physical disk on /a/b >> Create the file /a/b/c and configure it to be used as swap >> Write a large amount of data to the file /a/d, which will overflow RAM >> and be paged out to /a/b/c >> >> It won't be possible to disable swapping to /a/b/c because there is not >> sufficient RAM to page in the data stored there. It won't be possible >> to unmount /a/b because /a/b/c is busy. It won't be possible to unmount >> /a because it is busy because /a/b is mounted on it. > > Ah! Yes! I tend to forget this is possible. In my mind a memory/swap based FS > as a "leaf" in the directory tree... or more correctly, the subtree below the > memory/swap based FS isn't allowed to contain a mointpoint of a non > memory/swap based FS. Any other use which may require to break this rule has > to use symlinks instead and isn't allowed to break the rule. I'm pretty sure that sysinstall violates that by using a memory-backed fs for the root partition. The file systems being installed-to are mounted below this memory-backed fs. > This helps to avoid some pitfalls. > >> If the dependencies are tracked so that this configuration (swapping to >> anything that is directly or indirectly dependent on a swap-backed file >> system) can be forbidden, then either the algorithm that I suggested, or > > I'm not sure if we should enforce this policy... I like it, but I think such > a restriction should be configurable via sysctl (enabled by default). We should either enforce this or document that doing it might be undoable later and could cause a deadlock on shutdown. It's only swap depending on swap that is dangerous. A swap file that has a dependency on a swap-backed fs is the only problem. A swap file that depends on a memory-backed fs should be ok, though a swap file that resides on a memory-backed fs should probably be forbidden as well.