[Devel] Re: [RFC][PATCH 2/7] RSS controller core
Eric W. Biederman
ebiederm at xmission.com
Thu Mar 15 17:55:45 PDT 2007
Alan Cox <alan at lxorguk.ukuu.org.uk> writes:
>> stuff is happening by comparing page->count and page->_mapcount, but it
>> certainly wouldn't be conclusive. But, does this kind of nonsense even
>> happen in practice?
>
> "Is it useful for me as a bad guy to make it happen ?"
To create a DOS attack.
- Allocate some memory you know your victim will want in the future,
(shared libraries and the like).
- Wait until your victim is using the memory you allocated.
- Terminate your memory resource group.
- Victim is pushed over memory limits by your exiting.
- Victim can no longer allocate memory
- Victim dies
It's not quite that easy unless your victim calls mlockall(MCL_FUTURE),
but the potential is clearly there.
Am I missing something? Or is this fundamental to any first touch scenario?
I just know I have problems with first touch because it is darn hard to
reason about.
Eric
_______________________________________________
Containers mailing list
Containers at lists.osdl.org
https://lists.osdl.org/mailman/listinfo/containers
More information about the Devel
mailing list