| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 13 Jan 2009 23:06:45 -0500 From: Theodore Tso <tytso@....edu> To: Evgeniy Polyakov <zbr@...emap.net> Cc: David Rientjes <rientjes@...gle.com>, Alan Cox <alan@...rguk.ukuu.org.uk>, linux-kernel@...r.kernel.org, Andrew Morton <akpm@...ux-foundation.org>, Linus Torvalds <torvalds@...ux-foundation.org> Subject: Re: Linux killed Kenny, bastard! On Wed, Jan 14, 2009 at 04:20:01AM +0300, Evgeniy Polyakov wrote: > > It is not about the possibility to change the sources, but the way > interface is exported to the userspace. Right now it is not usable for > some cases. And forcing applications, which are actually cross-platform, > depending on the way linux controls its own oom-killer is noticebly more > hackish than selecting a system-wide process by its name. And we can change that interface if it's not the right one, or perhaps extend it. After all, you are are proposing extending that interface; just in a really horrible, hackish way. > You believe that changing apache to control oom_adj is the right way to > deal with linux oom-killer? Do we already flight to the moon? Actually, I would believe the right answer is adding a new resource limit which can be set using the standard getrlimit()/setrlimit() interface, and then have apache use this standard interface as a way of configuring itself --- much like how a process can change other resource limits, such as the number of file descriptors it has open, etc. And if what you want to do is simply make the process volunteer to be one of the first processes shot by the OOM killer, the apache process wouldn't even need setuid privileges to lower the "OOM protection" resource limit. I think this is cleaner than echoing a magic value to /proc/self/oom_adj, and it won't be the first time various open source programs have been changed to take advantage of Linux-specific interfaces, especially if there's no other standard way of doing things --- and an extension of BSD's getrlimit()/setrlimit() is natural and makes a lot of sense. Heck, apache has been changed to take advantage of Linux's epoll interface.... - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists