From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id D08D6C433F5 for ; Tue, 12 Apr 2022 14:36:39 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 2F8C76B0073; Tue, 12 Apr 2022 10:36:39 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 2A79B6B0074; Tue, 12 Apr 2022 10:36:39 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 149816B007B; Tue, 12 Apr 2022 10:36:39 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (relay.hostedemail.com [64.99.140.27]) by kanga.kvack.org (Postfix) with ESMTP id 087B36B0073 for ; Tue, 12 Apr 2022 10:36:39 -0400 (EDT) Received: from smtpin03.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay09.hostedemail.com (Postfix) with ESMTP id D0F7E24C12 for ; Tue, 12 Apr 2022 14:36:38 +0000 (UTC) X-FDA: 79348478076.03.5346F9D Received: from mail-qk1-f179.google.com (mail-qk1-f179.google.com [209.85.222.179]) by imf18.hostedemail.com (Postfix) with ESMTP id 4B80C1C0004 for ; Tue, 12 Apr 2022 14:36:38 +0000 (UTC) Received: by mail-qk1-f179.google.com with SMTP id 75so11018205qkk.8 for ; Tue, 12 Apr 2022 07:36:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ziepe.ca; s=google; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to; bh=evNj2CNMoMsw5e7L6RfPQYGJFzo3TZYC7FsieHWZ5Ls=; b=P4KDTA4ChNl8eFo5TaRAl/5FnI/hVHjJzJBo1xbfO6E6tcQCaqBfnBN1z5fv3DfE1u iQILgHtSz7DDusNSlvJP3Z1yMP4+yKAQ2Eyz628hQVcLvQ+BxsdlwhsUbE6fvWB/Q2is KJFMZcpNQuQ1kXRm/7dZww/aXDBDg6Qg87XJBXqMNal9QHP5YcfHOuo4039oAPwifclm Ni6jxAqEXJAsTg1vDWd5O4322/PPXZOhWqI7cTTZAicevA8+5AkWYEBaFSAdm27ELa3S niv0qlWzCgCFeZ31VkUUBPNxRCHtURSjk4RK/eF6eqwh/psh+4pwILguC3l2W1BosUlI tCIg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to; bh=evNj2CNMoMsw5e7L6RfPQYGJFzo3TZYC7FsieHWZ5Ls=; b=vPai8d3XQH0wDj+S32X7BRugCTjPh010ptxkvC1UnWSX7e1GoXdrxOFQ5xTjXq6Yrz B8V4p4DKesSiB2/RZKPRYM5HgPCdyOKrdwtM3jY3n+DVttMD9s5R9TXGZXh1wM09Gv/d NUfijzGH2Eeg9CXBLJB3+Hj0hMRLS6m/q/bIrKaS4251pj8V3z0YmHT/6eTxgBJrQz4Z STGgy8iSspll6Uytqd89COICMZHqNTc6HJMSb8f1+CzpObNjegGJdmg4+QeSK6lUwqwp sHIJ0/G6Gnr+PNp4wToeGa0LhRLB8ElU5rU8/M8QlUnW/X9XtefnbWcrM4pn3sk2cylg tbCQ== X-Gm-Message-State: AOAM53076ER5Bur8g02lb6azZAh7WI8MzWwHQa5NZ7Q56/L61gvvY3N1 af0wRf3FaUws4vA2SV/7KXUkVA== X-Google-Smtp-Source: ABdhPJySHPHmQqifS2wea+F5V8gixdYIV//Jv7wOTevmOQGVNlVLMxWAFhJpJjukoZ7Xd9/fbgNIYA== X-Received: by 2002:a37:990:0:b0:69a:976:be4e with SMTP id 138-20020a370990000000b0069a0976be4emr3264529qkj.321.1649774197434; Tue, 12 Apr 2022 07:36:37 -0700 (PDT) Received: from ziepe.ca (hlfxns017vw-142-162-113-129.dhcp-dynamic.fibreop.ns.bellaliant.net. [142.162.113.129]) by smtp.gmail.com with ESMTPSA id n7-20020ac85a07000000b002f1421dac8csm324215qta.80.2022.04.12.07.36.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Apr 2022 07:36:36 -0700 (PDT) Received: from jgg by mlx with local (Exim 4.94) (envelope-from ) id 1neHdE-000uGn-C6; Tue, 12 Apr 2022 11:36:36 -0300 Date: Tue, 12 Apr 2022 11:36:36 -0300 From: Jason Gunthorpe To: David Hildenbrand Cc: Sean Christopherson , Andy Lutomirski , Chao Peng , kvm list , Linux Kernel Mailing List , linux-mm@kvack.org, linux-fsdevel@vger.kernel.org, Linux API , qemu-devel@nongnu.org, Paolo Bonzini , Jonathan Corbet , Vitaly Kuznetsov , Wanpeng Li , Jim Mattson , Joerg Roedel , Thomas Gleixner , Ingo Molnar , Borislav Petkov , the arch/x86 maintainers , "H. Peter Anvin" , Hugh Dickins , Jeff Layton , "J . Bruce Fields" , Andrew Morton , Mike Rapoport , Steven Price , "Maciej S . Szmigiero" , Vlastimil Babka , Vishal Annapurve , Yu Zhang , "Kirill A. Shutemov" , "Nakajima, Jun" , Dave Hansen , Andi Kleen Subject: Re: [PATCH v5 04/13] mm/shmem: Restrict MFD_INACCESSIBLE memory against RLIMIT_MEMLOCK Message-ID: <20220412143636.GG64706@ziepe.ca> References: <20220310140911.50924-1-chao.p.peng@linux.intel.com> <20220310140911.50924-5-chao.p.peng@linux.intel.com> <02e18c90-196e-409e-b2ac-822aceea8891@www.fastmail.com> <7ab689e7-e04d-5693-f899-d2d785b09892@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <7ab689e7-e04d-5693-f899-d2d785b09892@redhat.com> Authentication-Results: imf18.hostedemail.com; dkim=pass header.d=ziepe.ca header.s=google header.b=P4KDTA4C; spf=pass (imf18.hostedemail.com: domain of jgg@ziepe.ca designates 209.85.222.179 as permitted sender) smtp.mailfrom=jgg@ziepe.ca; dmarc=none X-Rspam-User: X-Rspamd-Server: rspam10 X-Rspamd-Queue-Id: 4B80C1C0004 X-Stat-Signature: hhqm9ur8qfxagbojzct36gnzyfq1owdt X-HE-Tag: 1649774198-426577 X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: On Fri, Apr 08, 2022 at 08:54:02PM +0200, David Hildenbrand wrote: > RLIMIT_MEMLOCK was the obvious candidate, but as we discovered int he > past already with secretmem, it's not 100% that good of a fit (unmovable > is worth than mlocked). But it gets the job done for now at least. No, it doesn't. There are too many different interpretations how MELOCK is supposed to work eg VFIO accounts per-process so hostile users can just fork to go past it. RDMA is per-process but uses a different counter, so you can double up iouring is per-user and users a 3rd counter, so it can triple up on the above two > So I'm open for alternative to limit the amount of unmovable memory we > might allocate for user space, and then we could convert seretmem as well. I think it has to be cgroup based considering where we are now :\ Jason