| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 27 Jun 2012 14:29:27 +0200 From: Frederic Weisbecker <fweisbec@...il.com> To: Glauber Costa <glommer@...allels.com> Cc: Andrew Morton <akpm@...ux-foundation.org>, cgroups@...r.kernel.org, linux-mm@...ck.org, linux-kernel@...r.kernel.org, David Rientjes <rientjes@...gle.com>, Pekka Enberg <penberg@...nel.org>, Michal Hocko <mhocko@...e.cz>, Johannes Weiner <hannes@...xchg.org>, Christoph Lameter <cl@...ux.com>, devel@...nvz.org, kamezawa.hiroyu@...fujitsu.com, Tejun Heo <tj@...nel.org>, Rik van Riel <riel@...hat.com>, Daniel Lezcano <daniel.lezcano@...aro.org>, Kay Sievers <kay.sievers@...y.org>, Lennart Poettering <lennart@...ttering.net>, "Kirill A. Shutemov" <kirill@...temov.name>, Kir Kolyshkin <kir@...allels.com> Subject: Re: Fork bomb limitation in memcg WAS: Re: [PATCH 00/11] kmem controller for memcg: stripped down version On Wed, Jun 27, 2012 at 01:29:04PM +0400, Glauber Costa wrote: > On 06/27/2012 01:55 AM, Andrew Morton wrote: > >>I can't speak for everybody here, but AFAIK, tracking the stack through > >>the memory it used, therefore using my proposed kmem controller, was an > >>idea that good quite a bit of traction with the memcg/memory people. > >>So here you have something that people already asked a lot for, in a > >>shape and interface that seem to be acceptable. > > > >mm, maybe. Kernel developers tend to look at code from the point of > >view "does it work as designed", "is it clean", "is it efficient", "do > >I understand it", etc. We often forget to step back and really > >consider whether or not it should be merged at all. > > > >I mean, unless the code is an explicit simplification, we should have > >a very strong bias towards "don't merge". > > Well, simplifications are welcome - this series itself was > simplified beyond what I thought initially possible through the > valuable comments > of other people. > > But of course, this adds more complexity to the kernel as a whole. > And this is true to every single new feature we may add, now or in > the > future. > > What I can tell you about this particular one, is that the justification > for it doesn't come out of nowhere, but from a rather real use case that > we support and maintain in OpenVZ and our line of products for years. Right and we really need a solution to protect against forkbombs in LXC. The task counter was more simple but only useful for our usecase and defining the number of tasks as a resource was considered unnatural. So limiting kernel stack allocations works for us. This patchset implements this so I'm happy with it. If this is more broadly useful by limiting resources others are interested in, that's even better. I doubt we are interested in a solution that only concerns kernel stack allocation. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists