From: Yafang Shao <laoar.shao@gmail.com>
To: Casey Schaufler <casey@schaufler-ca.com>
Cc: akpm@linux-foundation.org, paul@paul-moore.com,
jmorris@namei.org, serge@hallyn.com, omosnace@redhat.com,
mhocko@suse.com, ying.huang@intel.com, linux-mm@kvack.org,
linux-security-module@vger.kernel.org, bpf@vger.kernel.org,
ligang.bdlg@bytedance.com
Subject: Re: [PATCH v4 3/5] mm, security: Add lsm hook for memory policy adjustment
Date: Sun, 10 Dec 2023 10:54:16 +0800 [thread overview]
Message-ID: <CALOAHbAYUYb9wcE9i364+jXEb2vF3dcET=7Ru+KOs8MUuO_Exw@mail.gmail.com> (raw)
In-Reply-To: <d049f5a1-29ac-4fd9-95b2-45d5fd5ecae5@schaufler-ca.com>
On Sat, Dec 9, 2023 at 1:30 AM Casey Schaufler <casey@schaufler-ca.com> wrote:
>
> On 12/8/2023 1:06 AM, Yafang Shao wrote:
> > In a containerized environment, independent memory binding by a user can
> > lead to unexpected system issues or disrupt tasks being run by other users
> > on the same server. If a user genuinely requires memory binding, we will
> > allocate dedicated servers to them by leveraging kubelet deployment.
> >
> > At present, users have the capability to bind their memory to a specific
> > node without explicit agreement or authorization from us. Consequently, a
> > new LSM hook is introduced to mitigate this. This implementation allows us
> > to exercise fine-grained control over memory policy adjustments within our
> > container environment
>
> I wonder if security_vm_enough_memory() ought to be reimplemented as
> an option to security_set_mempolicy(). I'm not convinced either way,
> but I can argue both.
The function security_vm_enough_memory() serves to verify the
permissibility of a new memory map, while security_set_mempolicy()
comes into play post-memory map allocation. Expanding
security_vm_enough_memory() to include memory policy checks might
potentially lead to regressions. Therefore, I would prefer to
introduce a new function, security_set_mempolicy(), to handle these
checks separately.
--
Regards
Yafang
next prev parent reply other threads:[~2023-12-10 2:54 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20231208090622.4309-1-laoar.shao@gmail.com>
[not found] ` <20231208090622.4309-4-laoar.shao@gmail.com>
2023-12-08 17:30 ` Casey Schaufler
2023-12-10 2:54 ` Yafang Shao [this message]
[not found] ` <20231208090622.4309-6-laoar.shao@gmail.com>
2023-12-12 19:22 ` [PATCH v4 5/5] selftests/bpf: Add selftests for set_mempolicy with a lsm prog KP Singh
2023-12-13 3:08 ` Yafang Shao
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CALOAHbAYUYb9wcE9i364+jXEb2vF3dcET=7Ru+KOs8MUuO_Exw@mail.gmail.com' \
--to=laoar.shao@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=bpf@vger.kernel.org \
--cc=casey@schaufler-ca.com \
--cc=jmorris@namei.org \
--cc=ligang.bdlg@bytedance.com \
--cc=linux-mm@kvack.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mhocko@suse.com \
--cc=omosnace@redhat.com \
--cc=paul@paul-moore.com \
--cc=serge@hallyn.com \
--cc=ying.huang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox