Re: [LSF/MM/BPF TOPIC] Dropping page cache of individual fs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue 16-01-24 11:50:32, Christian Brauner wrote:

<snip the usecase details>

> My initial reaction is to give userspace an API to drop the page cache
> of a specific filesystem which may have additional uses. I initially had
> started drafting an ioctl() and then got swayed towards a
> posix_fadvise() flag. I found out that this was already proposed a few
> years ago but got rejected as it was suspected this might just be
> someone toying around without a real world use-case. I think this here
> might qualify as a real-world use-case.
> 
> This may at least help securing users with a regular dm-crypt setup
> where dm-crypt is the top layer. Users that stack additional layers on
> top of dm-crypt may still leak plaintext of course if they introduce
> additional caching. But that's on them.

Well, your usecase has one substantial difference from drop_caches. You
actually *require* pages to be evicted from the page cache for security
purposes. And giving any kind of guarantees is going to be tough. Think for
example when someone grabs page cache folio reference through vmsplice(2),
then you initiate your dmSuspend and want to evict page cache. What are you
going to do? You cannot free the folio while the refcount is elevated, you
could possibly detach it from the page cache so it isn't at least visible
but that has side effects too - after you resume the folio would remain
detached so it will not see changes happening to the file anymore. So IMHO
the only thing you could do without problematic side-effects is report
error. Which would be user unfriendly and could be actually surprisingly
frequent due to trasient folio references taken by various code paths.

Sure we could report error only if the page has pincount elevated, not only
refcount, but it needs some serious thinking how this would interact.

Also what is going to be the interaction with mlock(2)?

Overall this doesn't seem like "just tweak drop_caches a bit" kind of
work...

								Honza


-- 
Jan Kara <jack@xxxxxxxx>
SUSE Labs, CR




[Index of Archives]     [Linux RAID]     [Linux SCSI]     [Linux ATA RAID]     [IDE]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Device Mapper]

  Powered by Linux