lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 29 May 2014 20:46:37 +0200
From:	Manfred Spraul <manfred@...orfullife.com>
To:	Davidlohr Bueso <davidlohr.bueso@...com>,
	Michael Kerrisk <mtk.manpages@...il.com>,
	Rafael Aquini <aquini@...hat.com>,
	Rik van Riel <riel@...hat.com>
Cc:	LKML <linux-kernel@...r.kernel.org>, 1vier1@....de,
	Manfred Spraul <manfred@...orfullife.com>
Subject: [PATCH 0/3] ipc: Further updates to sysv/mqueue limits

Hi all,

a) If we increase SHMMAX/SHMALL, then it makes sense to
   increase MSGMNI, too.
   And: This allows to remove the automatic scaling (~300 lines)

b) We can also increase SEMMSL, SEMMNI and SEMOPM

c) I think it would make more sense if a namespace starts with the
   limits from it's parent:
   If an admin set the limits, then he probably wants that these limits also
   apply for a new child namespace.

All patches are RFC - they compile, but that's it.

TODO:
- check if the sysv sem limits are sane.
  Especially the SEMOPM - if real users exist that pass > 1k ops, then
  switch from kmalloc to vmalloc.

  @the Redhat developers: Do you have any idea where this "often
  recommended" comes from?
  https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/5/html/Tuning_and_Optimizing_Red_Hat_Enterprise_Linux_for_Oracle_9i_and_10g_Databases/sect-Oracle_9i_and_10g_Tuning_Guide-Setting_Semaphores-The_SEMOPM_Parameter.html

- copy Davidlohrs explanation for the sysv shm limits to sysv msg and
  sysv sem.

- check if we should also increase the limits for posix mqueue

- decide if it would make sense to increase IPCMNI:

  Right now, it is 32768. This means that after 65536 pairs of
  semget()/semctl(IPC_RMID), semget() will return the same identifier
  again - and a semop(old_id) won't return -EINVAL, instead it will
  access the "new" array, which is probably now what the caller
  intended to do.

  The split is arbitrary - we could also split it 1048576/2048 or any
  other split we want.

- test everything.

--
	Manfred
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ