lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 27 Jun 2012 16:28:14 +0400 From: Glauber Costa <glommer@...allels.com> To: Frederic Weisbecker <fweisbec@...il.com> CC: Andrew Morton <akpm@...ux-foundation.org>, <cgroups@...r.kernel.org>, <linux-mm@...ck.org>, <linux-kernel@...r.kernel.org>, David Rientjes <rientjes@...gle.com>, Pekka Enberg <penberg@...nel.org>, Michal Hocko <mhocko@...e.cz>, Johannes Weiner <hannes@...xchg.org>, Christoph Lameter <cl@...ux.com>, <devel@...nvz.org>, <kamezawa.hiroyu@...fujitsu.com>, Tejun Heo <tj@...nel.org>, Rik van Riel <riel@...hat.com>, Daniel Lezcano <daniel.lezcano@...aro.org>, Kay Sievers <kay.sievers@...y.org>, Lennart Poettering <lennart@...ttering.net>, "Kirill A. Shutemov" <kirill@...temov.name>, Kir Kolyshkin <kir@...allels.com> Subject: Re: Fork bomb limitation in memcg WAS: Re: [PATCH 00/11] kmem controller for memcg: stripped down version On 06/27/2012 04:29 PM, Frederic Weisbecker wrote: > On Wed, Jun 27, 2012 at 01:29:04PM +0400, Glauber Costa wrote: >> On 06/27/2012 01:55 AM, Andrew Morton wrote: >>>> I can't speak for everybody here, but AFAIK, tracking the stack through >>>> the memory it used, therefore using my proposed kmem controller, was an >>>> idea that good quite a bit of traction with the memcg/memory people. >>>> So here you have something that people already asked a lot for, in a >>>> shape and interface that seem to be acceptable. >>> >>> mm, maybe. Kernel developers tend to look at code from the point of >>> view "does it work as designed", "is it clean", "is it efficient", "do >>> I understand it", etc. We often forget to step back and really >>> consider whether or not it should be merged at all. >>> >>> I mean, unless the code is an explicit simplification, we should have >>> a very strong bias towards "don't merge". >> >> Well, simplifications are welcome - this series itself was >> simplified beyond what I thought initially possible through the >> valuable comments >> of other people. >> >> But of course, this adds more complexity to the kernel as a whole. >> And this is true to every single new feature we may add, now or in >> the >> future. >> >> What I can tell you about this particular one, is that the justification >> for it doesn't come out of nowhere, but from a rather real use case that >> we support and maintain in OpenVZ and our line of products for years. > > Right and we really need a solution to protect against forkbombs in LXC. Small correction: In containers. LXC is not the only one out there =p -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists