lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Thu, 31 May 2007 14:44:52 -0700
From:	Herbert van den Bergh <Herbert.van.den.Bergh@...cle.com>
To:	Randy Dunlap <randy.dunlap@...cle.com>
CC:	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] mm: include private data mappings in RLIMIT_DATA limit


Randy Dunlap wrote:
> On Thu, 31 May 2007 12:43:16 -0700 Herbert van den Bergh wrote:
>   
>> Below is a patch I would like to submit for limiting process private 
>> memory allocations via setrlimit(RLIMIT_DATA).
>
> The patch seems to have all tabs converted to spaces.
> This could be caused by thunderbird or by copy-and-pasting.
>
> Tbird needs help for sending patches without munging them.
> See http://mbligh.org/linuxdocs/Email/Clients/Thunderbird
> or google for "external editor" and use that with a decent
> text editor.

Most likely a combination of copy&paste in editors and email.
Thanks for the pointer to the Thunderbird info.  I'm attaching
the patch file this time.

> Maybe it doesn't matter for this patch, but in general you
> should send patches made against the latest mainline kernel,
> such as 2.6.22-rc3 or 2.6.22-rc3-git4 or current git tree.

The patch is against 2.6.22-rc3.  Just to make it clear, the patch
below has the top level directory renamed from the default.

> There are a few lines that are > 80 characters.  Please try
> to avoid that.

I took care of those as well.  Here follows the resubmitted patch.

Thanks,
Herbert.


This patch changes how the kernel limits memory allocations that are
controlled by setrlimit() using the RLIMIT_DATA resource.  Currently the
kernel can limit the size of a process data, bss, and heap, but does not
limit the amount of process private memory that can be allocated with
the mmap() call.  Since malloc() calls mmap() to allocate process memory
once brk() calls can no longer grow the heap, process private memory
allocations cannot be limited with RLIMIT_DATA.

With this patch, not only memory in the data segment of a process, but
also private data mappings, both file-based and anonymous, are counted
toward the RLIMIT_DATA resource limit.  Executable mappings, such as
text segments of shared objects, are not counted toward the private data
limit.  The result is that malloc() will fail once the combined size of
the data segment and private data mappings reaches this limit.

This brings the Linux behavior in line with what is documented in the
POSIX man page for setrlimit(3p).

Signed-off-by: Herbert van den Bergh (herbert.van.den.bergh@...cle.com)
Signed-off-by: Dave McCracken (dave.mccracken@...cle.com)



View attachment "linux-2.6.22-vm-private-rlimit.patch" of type "text/x-patch" (4305 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ