> In relation to a ipcs-type sysctl(), given the choice between doing (for
> example) 128x 60byte copyouts or one 8kish malloc and a copyout(), which
> would be the better choice?  I'd guess that the latter would be quicker,
> but could it be used as a serious DOS-type attack on kernel memory if
> lots of processes were to call the sysctl() at the same time?

Thanks for considering the DoS potential... anyone touching kernel or
networking code needs think about such things.

If you're just going to malloc() and free() a single 8K block within a
single sysctl system call, I wouldn't worry about it... for instance,
every system call which takes a pathname allocates a 1K buffer for the
pathname, rather than copying in the pathname a character at a time;
at most 8K per process could be used, and a process already has a
bigger kernel memory footprint than that (between kernel stack, page
table pages, etc.,).

At this point, there's a lot more DoS potential from system calls
which allocate memory on behalf of the process and leave it allocated
across multiple system calls.

					- Bill