Andrew, at the current time an mmap() ignores a MAP_LOCKED passed to it. The only way we can get VM_LOCKED associated with the newly created VMA is to have previously called mlockall() on the process which sets the mm->def_flags != VM_LOCKED or subsequently call mlock() on the newly created VMA. The attached patch checks for MAP_LOCKED being passed and if so checks the capabilities of the process. Limit checks were already in place. -- -- Hubertus Franke (frankeh@watson.ibm.com) --------------------------------< PATCH >------------------------------ --- linux-2.5.35/mm/mmap.c Wed Sep 18 11:12:13 2002 +++ linux-2.5.35-fix/mm/mmap.c Wed Sep 18 11:44:32 2002 @@ -461,6 +461,11 @@ */ vm_flags = calc_vm_flags(prot,flags) | mm->def_flags | VM_MAYREAD | VM_MAYWRITE | VM_MAYEXEC; + if (flags & MAP_LOCKED) { + if (!capable(CAP_IPC_LOCK)) + return -EPERM; + vm_flags |= VM_LOCKED; + } /* mlock MCL_FUTURE? */ if (vm_flags & VM_LOCKED) { unsigned long locked = mm->locked_vm << PAGE_SHIFT;