[cgl_discussion] A question about CGL2.0 Draft Req. 6.Pin.2: limit

Li, Adam adam.li at intel.com
Mon May 12 22:39:00 PDT 2003


Thank Peter for the clarification. 

So the "global limit" in the requirement means "global setting which controls how much memory can be pinned by all users requesting mlock calls."
And RLIMIT_MEMLOCK can limit a single non-root process from locking too much pages.

Still some other questions:
1. The wording in the requirement "A global limit is needed as a complementary control for allowing non.root processes to pin pages."
_non root_ here seems a little confusing (since this global limit affects both root and non root processes).

2. In requirement:   6.Pin.1 : Application Pin Page: No root, the requirement says:

a. "A configuration capability needs to exist to allow the system to determine eligible applications for pinning pages".
Does the "configuration capability" mean a new capability different from "CAP_IPC_LOCK"?

b. And in the same requirement: "The configuration capability should provide a control that specifies the maximum percentage of system memory that can be pinned via this capability". 
What is the relationship between the "configuration capability" and the "global limit (which controls how much memory can be pinned by all users requesting mlock calls)"? 

Are the two "configuration capability" in "a"  and "b" the same? If they are the same, does that mean if a process has such a capability,
it can both eligible for pinning pages and specifying the maximum memory that can be locked (Seems does not make sense). 

Thanks and sorry for so many questions.

--adam
 
====================================================================
Information above represents only my personal view, not corporate.  
Adam Li  [Li Yi]
Intel China Software Lab
Tel:  86-21-5257-4545-1338
adam.li at intel.com


> -----Original Message-----
> From: Peter Badovinatz [mailto:tabmowzo at us.ibm.com]
> Sent: 2003?5?13? 8:58
> To: Li, Adam
> Cc: OSDL CGL Discussion
> Subject: Re: [cgl_discussion] A question about CGL2.0 Draft 
> Req. 6.Pin.2: limit
> 
> 
> "Li, Adam" wrote:
> > Hi all,
> > 
> > In OSDL Carrier Grade Linux Working Group General System 
> Requirements,
> > Release 2 Public Draft Version 2003-03-17 Page29:
> > 
> > 6.Pin.2: Application Pin Page: Application Pin Page Limits 
> says: "The
> > total amount of memory pinned by applications needs to be able to be
> > specified. This is needed to avoid overloading a system.
> > 
> > Existing mlock() enforces limits based on the RLIMIT_MEMLOCK setting
> > for the executing process. A global limit is needed as a 
> complementary
> > control for allowing non.root processes to pin pages.
> > 
> > The application will receive an error code if all requested memory
> > cannot be pinned. Return conditions shall be similar to current
> > mlock() behaviour."
> > 
> > For the mlock() implementation, I think the limit RLIMIT_MEMELOCK is
> > enough for this requirement, if whenever a non-root user 
> logs into the
> > system, a process owned by the superuser will invoke setrlimit( ) to
> > decrease the rlim_max and rlim_cur fields for 
> RLIMIT_MEMLOCK. So that
> > non-root process cannot lock pages above the limit.
> 
> RLIMIT_MEMLOCK is a per-process control.  The code has a 
> hard-coded test
> which tests to determine if this process will cause more than half of
> RAM to be pinned.  If so, then the request is denied.
> 
> However, unless I read the code incorrectly, there is no 
> global setting
> which controls how much memory can be pinned by all users requesting
> mlock calls.  It seem two users, each requesting 49% of RAM, 
> could both
> succeed with probably dire consequences for the system.
> 
> I'm a bit unclear on your mechanism about actions by the superuser. 
> That seems like it could work, but seems more convoluted than simply
> providing a configurable kernel setting that specified total 
> percentage
> of RAM that can be pinned (most commercial *NIXes offer this control.)
> 
> > 
> >  " A global limit is needed as a complementary control for allowing
> > non.root processes to pin pages." What does this "global 
> limit" mean?
> > Why do we need "global limit as a complementary control" since we
> > already have RLIMIT_MEMLOCK?
> 
> See above, RLIMIT_MEMLOCK as per-process and the current 
> implementation
> are not adequate.
> 
> > 
> > Could someone help me to understand this? 
> 
> Let me know if this doesn't help.  I'll look at improving the 
> writeup of
> the requirement.
> 
> > 
> > Thanks a lot.
> > 
> > ====================================================================
> > Information above represents only my personal view, not corporate.  
> > Adam Li  [Li Yi]
> > Intel China Software Lab
> > Tel:  86-21-5257-4545-1338
> > adam.li at intel.com
> 
> Peter
> --
> Peter R. Badovinatz aka 'Wombat' -- IBM Linux Technology Center
> preferred: tabmowzo at us.ibm.com / alternate: wombat at us.ibm.com
> These are my opinions and absolutely not official opinions of 
> IBM, Corp.
> 




More information about the cgl_discussion mailing list