On 22.11.21 18:55, Andrew Dona-Couch wrote:

Forgive me for jumping in to an already overburdened thread.  But can
someone pushing back on this clearly explain the issue with applying
this patch?

It will allow unprivileged users to easily and even "accidentally"
allocate more unmovable memory than it should in some environments. Such
limits exist for a reason. And there are ways for admins/distros to
tweak these limits if they know what they are doing.

The only concerns I've heard are that it doesn't go far enough.  That
another strategy (that everyone seems to agree would be a fair bit more
effort) could potentially achieve the same goal and then some.  Isn't
that exactly what's meant by "don't let perfection be the enemy of the
good"? The saying is not talking about literal perfection -- the idea is
that you make progress where you can, and that incremental progress and
broader changes are not necessarily in conflict.

This tiny patch could be a step in the right direction.  Why does this
thread need dozens of replies?

Because it does something controversial. Send controversial patches,
receive many opinions, it's that simple.

This is not a step into the right direction. This is all just trying to
hide the fact that we're exposing FOLL_LONGTERM usage to random
unprivileged users.

Maybe we could instead try getting rid of FOLL_LONGTERM usage and the
memlock limit in io_uring altogether, for example, by using mmu
notifiers. But I'm no expert on the io_uring code.

-- 
Thanks,

David / dhildenb