[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Broken dream of mine :(
From: |
Sam Mason |
Subject: |
Re: Broken dream of mine :( |
Date: |
Wed, 4 Nov 2009 17:59:54 +0000 |
User-agent: |
Mutt/1.5.13 (2006-08-11) |
On Wed, Nov 04, 2009 at 03:02:33PM +0100, Michal Suchanek wrote:
> You have completely missed the point.
Hum, maybe.
> Even in Coyotos if you did not
> pin your pages in memory so that they never get "swapped out" (and
> most applications should not be able to pin) then your pages are much
> more likely to get "swapped out" when other applications run (and
> touch their pages) than when the system is idle. While the "swap in"
> may be transparent the latency is observable so you generally get the
> same kind of information you get in Viengoos by observing the amount
> of surplus memory available to you.
Yes, but the "surplus memory" doesn't have to be accounted for on
a system wide basis. It seems possible to place tighter bounds on
entities you're suspicious of. These entities will only be able to
drive themselves into out-of-memory situations and not affected other
"compartments". Side channels would seem to be cut down a lot, but so
is efficiency and if they need to talk to other services latency may
be visible there as well. There must be lots of literature on this
subject---it's not really my area.
> The ability to terminate processes is completely unrelated to this and
> in any system that does reasonable resource management it is trivial
> to implement. Most systems in use today do not guarantee the ability
> to terminate rogue processes but that is a completely different issue.
On which systems in use today is this trivial? I know I've (even
accidentally) brought several systems to their knees by such well known
attacks as a fork bomb.
--
Sam http://samason.me.uk/