Re: [RESEND RFC PATCH v1 00/20] mm: process/cgroup ksm support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



[...]

I'm going to point out the security aspect, and that e.g., Windows used to
enable it system-wide before getting taught by security experts otherwise.
Details on KSM and security aspects can be found in that thread.

If I'm not mistaken the security aspect exists today. When KSM is
enabled with madvise this is the same.

Yes, and we mostly only use it for virtual machines -- and to be precise, guest memory only -- where it has to be enabled explicitly on a well documented basis ...

Impossible for an admin to force it on other parts of the hypervisor process that might be more security sensitive. Or on other arbitrary applications, for now.


Long story short: one has to be very careful with that and only enable it for
very carefully selected worklads. Letting a workload opt-in on a VMA level is
most probably safer than an admin blindly turning this on for random processes
... >>
[...]


[1] https://lore.kernel.org/all/20220517092701.1662641-1-xu.xin16@xxxxxxxxxx/
[2] https://lore.kernel.org/all/20220609055658.703472-1-xu.xin16@xxxxxxxxxx/

My understanding is that there were problems with the patch and how it
exposed KSM. The other objection was the enable-all configuration
option.

I don't remember all the discussions, but one concern was how to handle processes that deliberately want to disable it on some parts of memory.

Anyhow, I cc'ed the relevant parties already.

--
Thanks,

David / dhildenb





[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Bugtraq]     [Linux OMAP]     [Linux MIPS]     [eCos]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux