On Fri, Mar 4, 2011 at 9:36 AM, Dave Hansen <dave@xxxxxxxxxxxxxxxxxx> wrote: > > We need to either keep the bad guys away from the counts (this patch), > or de-correlate the counts moving around with the position of objects in > the slab. Ted's suggestion is a good one, and the only other thing I > can think of is to make the values useless, perhaps by batching and > delaying the (exposed) counts by a random amount. We might just decide to expose the 'active' count for regular users (and then, in case there are tools there that parse this as normal users, we could set the 'total' fields to be the same as the active one, possibly rounded up to the slab allocation or something. I know, I know, from a memory usage standpoint, 'active' is secondary, but it still correlates fairly well, so it's still useful. And for seeing memory leaks (as opposed to slab fragmentation etc issues), it's actually the interesting case. And at the same time, it's actually much less involved with actual physical allocations than 'total' is, and thus much less of an attack vector. The fact that we got another socket allocation when we opened a new socket is not "useful" information for an attacker, not in the way it is to see a hint of _where_ the socket got allocated. Of course, as you say, '/proc/meminfo' still does give you the trigger for "oh, now somebody actually allocated a new page". That's totally independent of slabinfo, though (and knowing the number of active slabs would neither help nor hurt somebody who uses meminfo - you might as well allocate new sockets in a loop, and use _only_ meminfo to see when that allocated a new page). Linus -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@xxxxxxxxxx For more info on Linux MM, see: http://www.linux-mm.org/ . Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/ Don't email: <a href