Re: Broken dream of mine :(

[Sam Mason]

On Wed, Nov 04, 2009 at 03:02:33PM +0100, Michal Suchanek wrote:
> You have completely missed the point.

Hum, maybe.

> Even in Coyotos if you did not
> pin your pages in memory so that they never get "swapped out" (and
> most applications should not be able to pin) then your pages are much
> more likely to get "swapped out" when other applications run (and
> touch their pages)  than when the system is idle. While the "swap in"
> may be transparent the latency is observable so you generally get the
> same kind of information you get in Viengoos by observing the amount
> of surplus memory available to you.

Yes, but the "surplus memory" doesn't have to be accounted for on
a system wide basis.  It seems possible to place tighter bounds on
entities you're suspicious of.  These entities will only be able to
drive themselves into out-of-memory situations and not affected other
"compartments".  Side channels would seem to be cut down a lot, but so
is efficiency and if they need to talk to other services latency may
be visible there as well.  There must be lots of literature on this
subject---it's not really my area.

> The ability to terminate processes is completely unrelated to this and
> in any system that does reasonable resource management it is trivial
> to implement. Most systems in use today do not guarantee the ability
> to terminate rogue processes but that is a completely different issue.

On which systems in use today is this trivial?  I know I've (even
accidentally) brought several systems to their knees by such well known
attacks as a fork bomb.

-- 
  Sam  http://samason.me.uk/