On Tue, Oct 01, 2002 at 09:59:42PM +0200, Espen Skoglund wrote:
The reason why a task can not map a page within its own address space is that it opens up the possibility for DOS attacks from a single task; mapping database entries take up space, and for some mapping database implementations one might want to limit the depth of the mapping tree. Of course, two colluding tasks can still perform the same attacks, but in the two-task scenario one can (at least in theory) prevent the attacks by inserting an IPC monitoring task in between the colluding tasks.
Uh I see. Yesterday I removed pingpong and demand paged everything (under Fiasco). Our version of l4linux is now 100% demand paged (no preallocation of superpages or anything, we like the backing pager to be able to decide about the pagesizes and so on), and that is harder to do if we have to keep a ping-pong task synced accross migrations.
How about fixing the number of mappings possible to a decent default value, then let tasks with special needs ask rmgr for a higher limit if needed? There is never going to be such a thing as an infinite mapping database anyhow.
Best, Jacob