On Mon, 2008-12-08 at 16:05 -0500, Lee Schermerhorn wrote: > > > In support of a "lock prefix command"--e.g., mlock <cmd> > <args> ... > > > Analogous to taskset(1) for cpu affinity or numactl(8) for numa memory > > > policy. > > > > > > Together with patches to keep mlocked pages off the LRU, this will > > > allow users/admins to lock down applications without modifying them, > > > if their RLIMIT_MEMLOCK is sufficiently large, keeping their pages > > > off the LRU and out of consideration for reclaim. > > > > > > Potentially useful, as well, in real-time environments to force > > > prefaulting and residency for applications that don't mlock themselves.
This is a bit scary to me. Privilege and mode inheritance across processes is the root of many nasty surprises, security and otherwise. Here's a crazy alternative: add a flag to containers instead? I think this is a better match to what you're trying to do and will keep people from being surprised when an mlockall call in one thread causes a fork/exec in another thread to crash their box, but only sometimes. -- Mathematics is the supreme nostalgia of our time. -- To unsubscribe from this list: send the line "unsubscribe linux-api" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
