lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20130611215319.GA29368@logfs.org>
Date:	Tue, 11 Jun 2013 17:53:20 -0400
From:	Jörn Engel <joern@...fs.org>
To:	Johannes Weiner <hannes@...xchg.org>
Cc:	linux-mm@...ck.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH, RFC] mm: Implement RLIMIT_RSS

On Tue, 11 June 2013 17:16:01 -0400, Johannes Weiner wrote:
> On Tue, Jun 11, 2013 at 02:29:21PM -0400, Jörn Engel wrote:
> > I've seen a couple of instances where people try to impose a vsize
> > limit simply because there is no rss limit in Linux.  The vsize limit
> > is a horrible approximation and even this patch seems to be an
> > improvement.
> > 
> > Would there be strong opposition to actually supporting RLIMIT_RSS?
> 
> This is trivial to exploit by creating the mappings first and
> populating them later, so while it may cover some use cases, it does
> not have the protection against malicious programs aspect that all the
> other rlimits have.

Hm.  The use case I have is that an application wants to limit itself.
It is effectively a special assert to catch memory leaks and the like.
So malicious programs are not my immediate concern.

Of course the moment Linux supports RLIMIT_RSS people will use it to
limit malicious programs, no matter how many scary warning we put in.

> The right place to enforce the limit is at the point of memory
> allocation, which raises the question what to do when the limit is
> exceeded in a page fault.  Reclaim from the process's memory?  Kill
> it?
> 
> I guess the answer to these questions is "memory cgroups", so that's
> why there is no real motivation to implement RLIMIT_RSS separately...

Lack of opposition would be enough for me.  But I guess we need a bit
more for a mergeable patch than I did and I only did the existing
patch because it seemed easy, not because it is important.  Will keep
the patch in my junk code folder for now.

Jörn

--
A surrounded army must be given a way out.
-- Sun Tzu
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ