[patch] unprivileged mlock(2)

Andriy Gapon avg at FreeBSD.org
Tue Aug 28 20:20:47 UTC 2012

on 28/08/2012 21:07 Bryan Drewery said the following:
> On 8/28/2012 11:37 AM, Andrey Zonov wrote:
>> Hi,
>> We've got RLIMIT_MEMLOCK for years, but this limit is useless, because
>> only root may call mlock(2), and root may raise any limits.
>> I suggest patch that allows to call mlock(2) for unprivileged users.
>> Are there any objections to got it in tree?
> FYI, see previous recent thread on this here:
> http://lists.freebsd.org/pipermail/freebsd-arch/2012-May/012552.html
> and
> http://lists.freebsd.org/pipermail/freebsd-arch/2012-June/012606.html

Yes, Andrey, I highly suggest that you read those threads completely.

Here are some observations.

It doesn't look like mlockall and mlockall(MCL_FUTURE) in particular properly
honor RLIMIT_MEMLOCK.  If this is not fixed, then it would be premature to
enable the privilege for non-privileged users.

I am against adding the sysctl knob.  If RLIMIT_MEMLOCK limit is properly
implemented then it is sufficient to effectively deny the privilege (and with
much finer granularity).

When the privilege is allowed to ordinary users, then memorylocked in the
default login.conf would need to be set to something much lower than the current
'unlimited' :-)

Also, note that currently RLIMIT_MEMLOCK is abused at least in vslock() (used at
least by sysctl's kernel side).  The temporary wirings performed as an
implementation detail or side-effect should not be accounted against the limit.
 The limit is for wirings that a user makes and controls explicitly.  It should
not be applied to something that kernel does behind the scenes without user's

Andriy Gapon

More information about the freebsd-security mailing list