On 25.09.20 09:41, Peter Zijlstra wrote: > On Thu, Sep 24, 2020 at 04:29:03PM +0300, Mike Rapoport wrote: >> From: Mike Rapoport <rppt@xxxxxxxxxxxxx> >> >> Removing a PAGE_SIZE page from the direct map every time such page is >> allocated for a secret memory mapping will cause severe fragmentation of >> the direct map. This fragmentation can be reduced by using PMD-size pages >> as a pool for small pages for secret memory mappings. >> >> Add a gen_pool per secretmem inode and lazily populate this pool with >> PMD-size pages. > > What's the actual efficacy of this? Since the pmd is per inode, all I > need is a lot of inodes and we're in business to destroy the directmap, > no? > > Afaict there's no privs needed to use this, all a process needs is to > stay below the mlock limit, so a 'fork-bomb' that maps a single secret > page will utterly destroy the direct map. > > I really don't like this, at all. As I expressed earlier, I would prefer allowing allocation of secretmem only from a previously defined CMA area. This would physically locally limit the pain. But my suggestion was not well received :) -- Thanks, David / dhildenb
