Date: Mon, 3 Jun 2013 17:23:20 +0400 From: Gleb Smirnoff <glebius@FreeBSD.org> To: Andre Oppermann <oppermann@networx.ch> Cc: arch@FreeBSD.org Subject: Re: aio_mlock(2) system call Message-ID: <20130603132320.GP67170@glebius.int.ru> In-Reply-To: <51AC9748.5070908@networx.ch> References: <20130603100618.GH67170@FreeBSD.org> <51AC9748.5070908@networx.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jun 03, 2013 at 03:16:56PM +0200, Andre Oppermann wrote: A> > This patch brings a new system call - aio_mlock(2). The idea is A> > quite clear from its name: it performs mlock(2), which can take A> > a long time if pages aren't resident, under aio(4) control. A> > A> > The patch is quite simple, and non-desctructive. Here it is A> > for your review. A> A> I didn't immediately see something about permissions to prevent normal A> users from easily exhausting all kernel memory. A> A> Since this is likely to be only used on dedicated servers it may be A> sufficient to have a global sysctl allowing its use for non-root users. The aio thread uses credentials of the process that issued aio_mlock(), thus in terms of security semantics are equal to direct mlock() syscall. -- Totus tuus, Glebius.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130603132320.GP67170>