| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 7 Aug 2009 10:08:48 -0700
From: Randy Dunlap <randy.dunlap@...cle.com>
To: Neil Horman <nhorman@...driver.com>
Cc: linux-kernel@...r.kernel.org, akpm@...ux-foundation.org,
earl_chew@...lent.com, alan@...rguk.ukuu.org.uk,
andi@...stfloor.org, oleg@...hat.com
Subject: Re: [PATCH 2/3] exec: let do_coredump limit the number of
concurrent dumps to pipes (v9)
On Mon, 20 Jul 2009 12:29:01 -0400 Neil Horman wrote:
> core_pattern: Introduce core pipe limiting sysctl
>
> Since we can dump cores to pipe, rather than directly to the filesystem, we
> create a condition in which a user can create a very high load on the system
> simply by running bad applications. If the pipe reader specified in
> core_pattern is poorly written, we can have lots of ourstandig resources and
> processes in the system. This sysctl introduces an ability to limit that
> resource consumption. core_pipe_limit defines how many in-flight dumps may be
> run in parallel, dumps beyond this value are skipped and a note is made in the
> kernel log. A special value of 0 in core_pipe_limit denotes unlimited core
> dumps may be handled (this is the default value).
>
> Signed-off-by: Neil Horman <nhorman@...driver.com>
> Reported-by: Earl Chew <earl_chew@...lent.com>
>
>
> Documentation/sysctl/kernel.txt | 22 ++++++++++++++++++++++
> fs/exec.c | 25 +++++++++++++++++++------
> kernel/sysctl.c | 9 +++++++++
> 3 files changed, 50 insertions(+), 6 deletions(-)
>
> diff --git a/Documentation/sysctl/kernel.txt b/Documentation/sysctl/kernel.txt
> index 382cfd8..7706b6a 100644
> --- a/Documentation/sysctl/kernel.txt
> +++ b/Documentation/sysctl/kernel.txt
> @@ -21,6 +21,7 @@ show up in /proc/sys/kernel:
> - acct
> - auto_msgmni
> - core_pattern
> +- core_pipe_limit
> - core_uses_pid
> - ctrl-alt-del
> - dentry-state
> @@ -119,6 +120,27 @@ core_pattern is used to specify a core dumpfile pattern name.
>
> ==============================================================
>
> +core_pipe_limit:
> +
> +This sysctl is only applicable when core_pattern is configured to pipe core
> +files to user space helper a (when the first character of core_pattern is a '|',
to a user space helper (
> +see above). When collecting cores via a pipe to an application, it is
> +occasionally usefull for the collecting application to gather data about the
useful
> +crashing process from its /proc/pid directory. In order to do this safely, the
> +kernel must wait for the collecting process to exit, so as not to remove the
> +crashing processes proc files prematurely. This in turn creates the possibility
process's (?)
> +that a misbehaving userspace collecting process can block the reaping of a
> +crashed process simply by never exiting. This sysctl defends against that. It
> +defines how many concurrent crashing processes may be piped to user space
> +applications in parallel. If this value is exceeded, then those crashing
> +processes above that value are noted via the kernel log and their cores are
> +skipped. 0 is a special value, indicating that unlimited processes may be
> +captured in parallel, but that no waiting will take place (i.e. the collecting
> +process is not guaranteed access to /proc/<crahing pid>/). This value defaults
<crashing pid>
> +to 0.
> +
> +==============================================================
> +
> core_uses_pid:
>
> The default coredump filename is "core". By setting
---
~Randy
LPC 2009, Sept. 23-25, Portland, Oregon
http://linuxplumbersconf.org/2009/
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists