unprivileged mlock(2)

[Andriy Gapon]

on 02/11/2012 16:23 Andrey Zonov said the following:
> Hi,
> 
> I'm ready to commit these four patches [1].  I'm going to do this
> tomorrow if there won't be any objections.
> 
> I want to make clear changes in login.conf about memorylocked limits.
> When the system is starting up, init(8) uses daemon login class to run
> /etc/rc.  Some daemons such as amd(8) and watchdogd(8) use mlockall(2)
> and may deny that call because of limits, that is why I set memorylocked
> limit to 64Mb for daemon class.
> 
> But the problem will be still there if you are using `sudo' or `su -m'
> to restart services.  In that case your login class (and limits) would
> be applied and memorylocked limit may cause failure of mlockall(2) call
> (like vmemoryuse limit may fail malloc(3)).
> 
> [1] http://people.freebsd.org/~zont/patches/mlock/
> 

I would start with memorylocked=64k or 128k for the default class.
I can't justify these numbers excepts that they are nice :-) and 8MB "feels" like
too much.
Anything greater than zero would already be an improvement and typical
unprivileged applications that want wired memory usually request a single page.
So several pages should be enough.
Those who would need more can always bump the limit in the local config.

P.S. Not sure if it would be better to set memorylocked=unlimited for the daemon
class too.  I think that in the default configuration it's only super-user who can
use that class.

-- 
Andriy Gapon

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 549 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-arch/attachments/20121102/43525fb0/attachment.sig>