From owner-freebsd-current@freebsd.org  Thu Feb  2 15:54:30 2017
Return-Path: <owner-freebsd-current@freebsd.org>
Delivered-To: freebsd-current@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4872CCCDC90
 for <freebsd-current@mailman.ysv.freebsd.org>;
 Thu,  2 Feb 2017 15:54:30 +0000 (UTC)
 (envelope-from timp87@gmail.com)
Received: from mail-ua0-x22a.google.com (mail-ua0-x22a.google.com
 [IPv6:2607:f8b0:400c:c08::22a])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 175FBF7C
 for <freebsd-current@freebsd.org>; Thu,  2 Feb 2017 15:54:30 +0000 (UTC)
 (envelope-from timp87@gmail.com)
Received: by mail-ua0-x22a.google.com with SMTP id 96so14208229uaq.3
 for <freebsd-current@freebsd.org>; Thu, 02 Feb 2017 07:54:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to
 :cc:content-transfer-encoding;
 bh=7SfHgUYW3sJSyO8vSi+zaddesvkGN+3DGwkMwKxiuKw=;
 b=h3BtGn7wnlWBz6VJ8wsLvt3n98o28aM5NiTrzKDajV9sMbmILrWJcwR21YZYAEVTFw
 8M32zO5IXBtb99e7OqbhtFi9DHRwxNXjNiEM8f+lHIF/tg7XH5aqp7RwBQ+xHjLgrHrA
 K5MOu6fM//KAvcQBCRWmgBrbOHWqRXMp/AHsdVp4Btu8l4Ext+xUtgZPi73FFSr3k26B
 YfP/n2jOvthZhICySjoapZ52gaBDMSzCfvFEWxxxNnxcYRX2/m8dPe6PZ4NuYZXAngvG
 COI12AVXzPt5hSbl8t0SgpYMetvFyFd8sZ/OZLmAEYqiiFTxsRCV/1Wt5ddwbLzHcsSA
 8HEg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to:cc:content-transfer-encoding;
 bh=7SfHgUYW3sJSyO8vSi+zaddesvkGN+3DGwkMwKxiuKw=;
 b=ksEwn8nl7Ke99zj+aTPkXDN9VWa8raxyoyJ5z+O8X4GNYFx7qvJ4wdweddeXoAK2cp
 aOT3HtvVpjMbuZqB0TqJBcBNdMgfISS3f9SezW5uBKXZloz4aHeQsQ+p8yEg+N+f1axM
 m4IOdxQ1ev8po4QZoLyNwJN/OqgIyHE+k+69bXKFupZzwFRkfM3znCz9+IZIetsg1saS
 1agRVPTS7ZPxPO6h26d4+PqeF/OnuhylcwHKdAjDvNCHGwnrUubPsc0y75JTDgID5Nqp
 bGGZQEcArSCD1dKeC7UnkNgQYEEVQH73C8NofM6A/qerJWr8Hn+zz/fLxvMqGEwdf18r
 a4ng==
X-Gm-Message-State: AIkVDXIvYYyFr75ab95jenapvvAdVUpGzFYry6NucHEEIlzm8zSq8xcDz+x8xbbhsBL4JnjEThNo30wm/LxvyQ==
X-Received: by 10.176.71.91 with SMTP id i27mr4491477uac.149.1486050869149;
 Thu, 02 Feb 2017 07:54:29 -0800 (PST)
MIME-Version: 1.0
Received: by 10.159.33.5 with HTTP; Thu, 2 Feb 2017 07:54:28 -0800 (PST)
In-Reply-To: <CAGMYy3s1izaqZaFrq6Ycxr7KFq_wQEPTo=wMpObRVPbxkttJQg@mail.gmail.com>
References: <SN1PR16MB0640DDC0DACEF22A63E7467FC64D0@SN1PR16MB0640.namprd16.prod.outlook.com>
 <CAGMYy3s1izaqZaFrq6Ycxr7KFq_wQEPTo=wMpObRVPbxkttJQg@mail.gmail.com>
From: Pavel Timofeev <timp87@gmail.com>
Date: Thu, 2 Feb 2017 18:54:28 +0300
Message-ID: <CAAoTqfszta3Jj0nW3yN2SXG1seNibhYAs2NGEy6=652EOY2j0w@mail.gmail.com>
Subject: Re: mlock and jail
To: Xin LI <delphij@gmail.com>
Cc: =?UTF-8?B?QnJ1bm8gTGF1esOp?= <brunolauze@msn.com>, 
 freebsd-current <freebsd-current@freebsd.org>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current/>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Feb 2017 15:54:30 -0000

2017-02-02 4:31 GMT+03:00 Xin LI <delphij@gmail.com>:
> I like this idea.
>
> Note that potentially your patch would make it possible for a jailed
> root to DoS the whole system by locking too much of pages in memory.
> I think it would be sensible to provide a per-jail flag to enable
> doing it, or better, have some finer grained control (e.g. per jail
> quota of permitted locked pages).
>
> Why did the application want to lock pages in main memory, though?

For example, this secret management tool
https://www.vaultproject.io/docs/config/ wants to lock memory for
security (surprise) reason.
It's available as security/vault in our ports tree.

>
> On Wed, Feb 1, 2017 at 3:52 PM, Bruno Lauz=C3=A9 <brunolauze@msn.com> wro=
te:
>>
>> I would like to ask if there is a reason I would have to applythe  patch=
 below to make an application work in a jail.
>> And who's bad? the app too intrusive or the bsd not flexible enough (all=
ow.mlock?)
>>
>>
>> Index: sys/kern/kern_jail.c
>> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>> --- sys/kern/kern_jail.c        (revision 313033)
>> +++ sys/kern/kern_jail.c        (working copy)
>> @@ -3340,6 +3340,11 @@
>>         case PRIV_PROC_SETLOGINCLASS:
>>                 return (0);
>>
>>
>> +        case PRIV_VM_MADV_PROTECT:
>> +        case PRIV_VM_MLOCK:
>> +        case PRIV_VM_MUNLOCK:
>> +                return (0);
>> +
>>         default:
>>
>>
>> _______________________________________________