[patch] unprivileged mlock(2)
Simon L. B. Nielsen
simon at FreeBSD.org
Thu Sep 27 15:25:30 UTC 2012
On Tue, Sep 25, 2012 at 1:06 PM, Andrey Zonov <zont at freebsd.org> wrote:
> Hi,
>
> Please review this patch [1] which allows unprivileged users call
> mlock()/munlock() and mlockall()/munlockall().
>
> AFAIK, these calls were not allowed for every-one because accounting for
> mlockall(MCL_FUTURE) was not implemented.
I can't comment on the implementation details (don't know much about
VM system), but do you have tests to show that the new code actually
works in preventing users from mlocking more than 8MB by default?
--
Simon L. B. Nielsen
More information about the freebsd-security
mailing list