| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 7 Oct 2014 16:09:15 -0400
From: Rafael Aquini <aquini@...hat.com>
To: Manfred Spraul <manfred@...orfullife.com>
Cc: Andrew Morton <akpm@...ux-foundation.org>,
LKML <linux-kernel@...r.kernel.org>,
Davidlohr Bueso <davidlohr.bueso@...com>,
Michael Kerrisk <mtk.manpages@...il.com>,
Rik van Riel <riel@...hat.com>, 1vier1@....de
Subject: Re: [PATCH 2/3] ipc/sem.c: increase SEMMSL, SEMMNI, SEMOPM
On Mon, Oct 06, 2014 at 08:32:42PM +0200, Manfred Spraul wrote:
> a)
> SysV can be abused to allocate locked kernel memory. For most systems, a
> small limit doesn't make sense, see the discussion with regards to SHMMAX.
>
> Therefore: Increase the sysv sem limits so that all known applications
> will work with these defaults.
>
> b)
> With regards to the maximum supported:
> Some of the specified hard limits are not correct anymore, therefore the
> patch updates the documentation.
>
> - SEMMNI must stay below IPCMNI, which is 32768.
> As for SHMMAX: Stay a bit below this limit.
>
> - SEMMSL was limited to 8k, to ensure that the kmalloc for the kernel array
> was limited to 16 kB (order=2)
>
> This doesn't apply anymore:
> - the allocation size isn't sizeof(short)*nsems anymore.
> - ipc_alloc falls back to vmalloc
>
> - SEMOPM should stay below 1000, to limit the kmalloc in semtimedop() to an
> order=1 allocation.
> Therefore: Leave it at 500 (order=0 allocation).
>
> Note:
> If an administrator must limit the memory allocations, then he can set the
> values as necessary.
>
> Or he can disable sysv entirely (as e.g. done by Android).
>
> Signed-off-by: Manfred Spraul <manfred@...orfullife.com>
> ---
> include/uapi/linux/sem.h | 18 +++++++++++++++---
> 1 file changed, 15 insertions(+), 3 deletions(-)
>
> diff --git a/include/uapi/linux/sem.h b/include/uapi/linux/sem.h
> index 541fce0..dd73b90 100644
> --- a/include/uapi/linux/sem.h
> +++ b/include/uapi/linux/sem.h
> @@ -63,10 +63,22 @@ struct seminfo {
> int semaem;
> };
>
> -#define SEMMNI 128 /* <= IPCMNI max # of semaphore identifiers */
> -#define SEMMSL 250 /* <= 8 000 max num of semaphores per id */
> +/*
> + * SEMMNI, SEMMSL and SEMMNS are default values which can be
> + * modified by sysctl.
> + * The values has been chosen to be larger than necessary for any
> + * known configuration.
> + *
> + * SEMOPM should not be increased beyond 1000, otherwise there is the
> + * risk that semop()/semtimedop() fails due to kernel memory fragmentation when
> + * allocating the sop array.
> + */
> +
> +
> +#define SEMMNI 32000 /* <= IPCMNI max # of semaphore identifiers */
> +#define SEMMSL 32000 /* <= INT_MAX max num of semaphores per id */
> #define SEMMNS (SEMMNI*SEMMSL) /* <= INT_MAX max # of semaphores in system */
> -#define SEMOPM 32 /* <= 1 000 max num of ops per semop call */
> +#define SEMOPM 500 /* <= 1 000 max num of ops per semop call */
> #define SEMVMX 32767 /* <= 32767 semaphore maximum value */
> #define SEMAEM SEMVMX /* adjust on exit max value */
>
> --
> 1.9.3
>
Acked-by: Rafael Aquini <aquini@...hat.com>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists