artswrapper defanged

Ryan Cumming ryan at completely.kicks-ass.org
Fri Jul 19 14:33:27 BST 2002 

On July 19, 2002 01:43, Rob Kaper wrote:
> I've been wondering why the kernel cannot reserve a certain amount of
> RAM/CPU for certain process trees, like it can with harddisk space (there's
> 5% reserved for root). I'd love to tell my system that it should always
> keep 10% CPU/RAM reserved for my sshd and child processes as well as
> anything on tty1. That way there would be no possible way to keep me from
> administrating my machine, because I always have reserved CPU/RAM for
> administrative tasks.
>
> (if anyone has any idea how to accomplish something like that, let me know)

Firstly, the 5% for root thing is entirely bogus on Linux. The following C++ 
program will easily eat all the diskspace available on a Linux system:

int main(int argc, char *argv[])
{
	size_t size = SOME_INSANELY_LARGE_NUMBER;
	int fd = open("foo", O_RDRW | O_CREAT);
	
	ftruncate(fd, size);
	char *file_memory = mmap(NULL, size, PROT_WRITE | PROT_WRITE, MAP_SHARED, 0);

	for (int i = 0;i < size;i += getpagesize())
	{
		file_memory[i]  = 0;
	}

	msync(file_memory, size, MS_ASYNC);
	munmap(file_memory, size);
	close(fd);
}

The first truncate creates a file with a big hole, which doesn't trigger the 
disk limit. The loop dirties a whole lot of pages. The dirty pages are 
written out using kswapd. kswapd runs as root. Root is allowed to use the 
reserved space. Game over.

Secondly, a SCHED_FIFO process is allowed to hold a timeslice for as long as 
it wants. You can make it only able to use 0.01% of the CPU, but once it gets 
a timeslice, it has the right to never, ever give it up again. Reservations 
don't help you here at all, it's POSIX mandated behaviour.

However, there is a good chance that strict memory accounting will make it in 
to 2.5. So, you might be able to get your 10% memory reservation at that 
time. You might be able to get around the disk space reservation brokeness 
using quotas. There is very little you can do to get around the SCHED_FIFO 
"all your cycles are belong to us" problem, short of the SAK key or a 
software watchdog.

-Ryan

More information about the kde-core-devel mailing list