lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 7 Oct 2014 16:09:15 -0400 From: Rafael Aquini <aquini@...hat.com> To: Manfred Spraul <manfred@...orfullife.com> Cc: Andrew Morton <akpm@...ux-foundation.org>, LKML <linux-kernel@...r.kernel.org>, Davidlohr Bueso <davidlohr.bueso@...com>, Michael Kerrisk <mtk.manpages@...il.com>, Rik van Riel <riel@...hat.com>, 1vier1@....de Subject: Re: [PATCH 2/3] ipc/sem.c: increase SEMMSL, SEMMNI, SEMOPM On Mon, Oct 06, 2014 at 08:32:42PM +0200, Manfred Spraul wrote: > a) > SysV can be abused to allocate locked kernel memory. For most systems, a > small limit doesn't make sense, see the discussion with regards to SHMMAX. > > Therefore: Increase the sysv sem limits so that all known applications > will work with these defaults. > > b) > With regards to the maximum supported: > Some of the specified hard limits are not correct anymore, therefore the > patch updates the documentation. > > - SEMMNI must stay below IPCMNI, which is 32768. > As for SHMMAX: Stay a bit below this limit. > > - SEMMSL was limited to 8k, to ensure that the kmalloc for the kernel array > was limited to 16 kB (order=2) > > This doesn't apply anymore: > - the allocation size isn't sizeof(short)*nsems anymore. > - ipc_alloc falls back to vmalloc > > - SEMOPM should stay below 1000, to limit the kmalloc in semtimedop() to an > order=1 allocation. > Therefore: Leave it at 500 (order=0 allocation). > > Note: > If an administrator must limit the memory allocations, then he can set the > values as necessary. > > Or he can disable sysv entirely (as e.g. done by Android). > > Signed-off-by: Manfred Spraul <manfred@...orfullife.com> > --- > include/uapi/linux/sem.h | 18 +++++++++++++++--- > 1 file changed, 15 insertions(+), 3 deletions(-) > > diff --git a/include/uapi/linux/sem.h b/include/uapi/linux/sem.h > index 541fce0..dd73b90 100644 > --- a/include/uapi/linux/sem.h > +++ b/include/uapi/linux/sem.h > @@ -63,10 +63,22 @@ struct seminfo { > int semaem; > }; > > -#define SEMMNI 128 /* <= IPCMNI max # of semaphore identifiers */ > -#define SEMMSL 250 /* <= 8 000 max num of semaphores per id */ > +/* > + * SEMMNI, SEMMSL and SEMMNS are default values which can be > + * modified by sysctl. > + * The values has been chosen to be larger than necessary for any > + * known configuration. > + * > + * SEMOPM should not be increased beyond 1000, otherwise there is the > + * risk that semop()/semtimedop() fails due to kernel memory fragmentation when > + * allocating the sop array. > + */ > + > + > +#define SEMMNI 32000 /* <= IPCMNI max # of semaphore identifiers */ > +#define SEMMSL 32000 /* <= INT_MAX max num of semaphores per id */ > #define SEMMNS (SEMMNI*SEMMSL) /* <= INT_MAX max # of semaphores in system */ > -#define SEMOPM 32 /* <= 1 000 max num of ops per semop call */ > +#define SEMOPM 500 /* <= 1 000 max num of ops per semop call */ > #define SEMVMX 32767 /* <= 32767 semaphore maximum value */ > #define SEMAEM SEMVMX /* adjust on exit max value */ > > -- > 1.9.3 > Acked-by: Rafael Aquini <aquini@...hat.com> -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists