On 2/24/12 6:51 AM, Balbir Singh wrote:
On Fri, Feb 24, 2012 at 8:17 AM, KAMEZAWA Hiroyuki
<kamezawa.hiroyu@xxxxxxxxxxxxxx> wrote:
They don't have access to each other's VMAs, but if "accidentally" one
of them comes across an uninitialized page with data from another task,
it's not a violation of the security model.
Can you expand more on the single address space model?
I haven't thought this through yet. But I know that just adding
&& (cgroup_task_count() == 1)
to page_needs_clearing() is not going to do it. We'll have to design a
new mechanism (cgroup_mm_count_all()?) and make sure that it doesn't
race with fork() and inadvertently expose pages from the new address
space to the existing one.
A uid based approach such as the one implemented by Davide Libenzi
http://thread.gmane.org/gmane.linux.kernel/548928
http://thread.gmane.org/gmane.linux.kernel/548926
would probably apply the optimization to more use cases - but
conceptually a bit more complex. If we go with this more relaxed
approach, we'll have to design a race-free cgroup_uid_count() based
mechanism.
-Arun
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@xxxxxxxxx. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/
Don't email: <a href=mailto:"dont@xxxxxxxxx";> email@xxxxxxxxx </a>