On 2 Jun, Alexander Leidinger wrote: > Don Lewis <truckman_at_FreeBSD.org> wrote: > >>> What am I overlooking? >> >> Create a large, but nearly empty file system, /a > ^ > memory/swap based I think that only the swap-backed case is problematical. >> Mount a file system backed by a physical disk on /a/b >> Create the file /a/b/c and configure it to be used as swap >> Write a large amount of data to the file /a/d, which will overflow RAM >> and be paged out to /a/b/c >> >> It won't be possible to disable swapping to /a/b/c because there is not >> sufficient RAM to page in the data stored there. It won't be possible >> to unmount /a/b because /a/b/c is busy. It won't be possible to unmount >> /a because it is busy because /a/b is mounted on it. > > Ah! Yes! I tend to forget this is possible. In my mind a memory/swap based FS > as a "leaf" in the directory tree... or more correctly, the subtree below the > memory/swap based FS isn't allowed to contain a mointpoint of a non > memory/swap based FS. Any other use which may require to break this rule has > to use symlinks instead and isn't allowed to break the rule. I'm pretty sure that sysinstall violates that by using a memory-backed fs for the root partition. The file systems being installed-to are mounted below this memory-backed fs. > This helps to avoid some pitfalls. > >> If the dependencies are tracked so that this configuration (swapping to >> anything that is directly or indirectly dependent on a swap-backed file >> system) can be forbidden, then either the algorithm that I suggested, or > > I'm not sure if we should enforce this policy... I like it, but I think such > a restriction should be configurable via sysctl (enabled by default). We should either enforce this or document that doing it might be undoable later and could cause a deadlock on shutdown. It's only swap depending on swap that is dangerous. A swap file that has a dependency on a swap-backed fs is the only problem. A swap file that depends on a memory-backed fs should be ok, though a swap file that resides on a memory-backed fs should probably be forbidden as well.Received on Thu Jun 02 2005 - 16:40:37 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:35 UTC