From: Dave McCracken <dmccr@us.ibm.com>
To: Arjan van de Ven <arjan@infradead.org>, Andi Kleen <ak@suse.de>
Cc: Ray Bryant <raybry@mpdtxmail.amd.com>, Robin Holt <holt@sgi.com>,
Hugh Dickins <hugh@veritas.com>,
Linux Kernel <linux-kernel@vger.kernel.org>,
Linux Memory Management <linux-mm@kvack.org>
Subject: Re: [PATCH/RFC] Shared page tables
Date: Tue, 24 Jan 2006 08:48:14 -0600 [thread overview]
Message-ID: <E3ED10A5FEE08AEEA9094F49@[10.1.1.4]> (raw)
In-Reply-To: <1138086398.2977.19.camel@laptopd505.fenrus.org>
--On Tuesday, January 24, 2006 08:06:37 +0100 Arjan van de Ven
<arjan@infradead.org> wrote:
>> The randomization is not for cache coloring, but for security purposes
>> (except for the old very small stack randomization that was used
>> to avoid conflicts on HyperThreaded CPUs). I would be surprised if the
>> mmap made much difference because it's page aligned and at least
>> on x86 the L2 and larger caches are usually PI.
>
> randomization to a large degree is more important between machines than
> within the same machine (except for setuid stuff but lets call that a
> special category for now). Imo prelink is one of the better bets to get
> "all code for a binary/lib on the same 2 mb page", all distros ship
> prelink nowadays anyway (it's too much of a win that nobody can afford
> to not ship it ;) and within prelink the balance between randomization
> for security and 2Mb sharing can be struck best. In fact it needs know
> about the 2Mb thing anyway to place it there properly and for all
> binaries... the kernel just can't do that.
Currently libc and most other system libraries have text segments smaller
than 2MB, so they won't share anyway. We can't even coalesce adjacent
libraries since the linker puts unshareable data space after each library.
The main win for text sharing is applications with large text in the
program itself. As long as that's loaded at the same address we'll share
page tables for it.
I thought the main security benefit for randomization of mapped regions was
for writeable data space anyway. Isn't text space protected by not being
writeable?
Dave McCracken
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2006-01-24 14:48 UTC|newest]
Thread overview: 55+ messages / expand[flat|nested] mbox.gz Atom feed top
2006-01-05 16:19 Dave McCracken
2006-01-07 12:25 ` Heiko Carstens
2006-01-07 18:09 ` Dave McCracken
2006-01-08 12:09 ` Heiko Carstens
2006-01-08 14:04 ` Dave McCracken
2006-01-13 5:15 ` Brian Twichell
2006-01-13 22:34 ` Ray Bryant
2006-01-17 4:50 ` Brian Twichell
2006-01-25 4:14 ` Brian Twichell
2006-01-13 15:18 ` Phillip Susi
2006-01-14 20:45 ` Brian Twichell
2006-01-17 23:53 ` Robin Holt
2006-01-18 0:17 ` Dave Hansen
2006-01-18 6:11 ` Dave McCracken
2006-01-18 1:27 ` Chen, Kenneth W
2006-01-18 3:32 ` Robin Holt
2006-01-23 23:58 ` Ray Bryant
2006-01-24 0:16 ` Ray Bryant
2006-01-24 0:39 ` Andi Kleen
2006-01-24 0:51 ` Dave McCracken
2006-01-24 1:11 ` Andi Kleen
2006-01-24 1:26 ` Dave McCracken
2006-01-24 0:53 ` Ray Bryant
2006-01-24 1:00 ` Dave McCracken
2006-01-24 1:10 ` Andi Kleen
2006-01-24 1:23 ` Benjamin LaHaise
2006-01-24 1:38 ` Andi Kleen
2006-01-24 7:08 ` Arjan van de Ven
2006-01-24 7:06 ` Arjan van de Ven
2006-01-24 7:18 ` Andi Kleen
2006-01-27 18:16 ` Martin Bligh
2006-02-01 9:49 ` Nick Piggin
2006-01-24 14:48 ` Dave McCracken [this message]
2006-01-24 14:56 ` Arjan van de Ven
2006-01-24 0:19 ` Dave McCracken
2006-01-24 0:46 ` Ray Bryant
2006-01-24 23:43 ` Ray Bryant
2006-01-24 23:50 ` Dave McCracken
2006-01-25 0:21 ` Ray Bryant
2006-01-25 22:48 ` Ray Bryant
2006-01-25 22:52 ` Dave McCracken
2006-01-26 0:16 ` Ray Bryant
2006-01-26 0:58 ` Ray Bryant
2006-01-26 4:06 ` Robin Holt
2006-01-20 21:24 ` Hugh Dickins
2006-01-20 21:54 ` Chen, Kenneth W
2006-01-23 17:39 ` Dave McCracken
2006-01-23 20:19 ` Benjamin LaHaise
2006-01-24 17:50 ` Hugh Dickins
2006-01-24 18:07 ` Dave McCracken
2006-01-24 18:20 ` Hugh Dickins
2006-01-27 22:50 ` Brian Twichell
2006-01-30 18:46 ` Ray Bryant
2006-01-31 18:47 ` Brian Twichell
2006-01-31 19:18 ` Dave McCracken
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='E3ED10A5FEE08AEEA9094F49@[10.1.1.4]' \
--to=dmccr@us.ibm.com \
--cc=ak@suse.de \
--cc=arjan@infradead.org \
--cc=holt@sgi.com \
--cc=hugh@veritas.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=raybry@mpdtxmail.amd.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox