| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 8 May 2007 00:49:57 +0200 (MEST) From: Andrea Righi <righiandr@...rs.sourceforge.net> To: Alan Cox <alan@...rguk.ukuu.org.uk> Cc: LKML <linux-kernel@...r.kernel.org>, linux-mm@...ck.org Subject: Re: [RFC][PATCH] VM: per-user overcommit policy Alan Cox wrote: >> - allow uid=1001 and uid=1002 (common users) to allocate memory only if the >> total committed space is below the 50% of the physical RAM + the size of >> swap: >> root@...t # echo 1001:2:50 > /proc/overcommit_uid >> root@...t # echo 1002:2:50 > /proc/overcommit_uid > > There are some fundamental problems with this model - the moment you mix > strict overcommit with anything else it ceases to be a strict overcommit > and you might as well use existing overcommit rules for most stuff > > The other thing you are sort of faking is per user resource management - > which is a subset of per group of users resource management which is > useful - eg "students can't hog the machine" > > I don't see that this is the right approach compared with the container > work and openvz work that is currently active and far more flexible. > Obviously I was not proposing a nice theoretical model, my work is more similar to a quick and dirty hack that could resolve some problems (at least in my case) like the crash of critical services due to OOM-killing (or due to the failure of a malloc() when OOM-killer is disabled). When $VERY_CRITICAL_DAEMON dies *all* the users blame the sysadmin [me]. If a user application dies because a malloc() returns NULL, the sysadmin [I] can blame the user saying: "hey! _you_ tried to hog the machine and _your_ application is not able to handle the NULL result of the malloc()s!"... :-) A solution could be to define the critical processes unkillable via /proc/<pid>/oom_adj, but the per-process approach doesn't resolve all the possible cases and it's quite difficult to manage in big environments, like HPC clusters. Anyway, it seems that I need to deepen my knowledge about the recent development of process containers and openvz... Thanks, -Andrea - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists