lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20171127202121.GB3070@tassilo.jf.intel.com> Date: Mon, 27 Nov 2017 12:21:21 -0800 From: Andi Kleen <ak@...ux.intel.com> To: Michal Hocko <mhocko@...nel.org> Cc: Mikael Pettersson <mikpelinux@...il.com>, linux-mm@...ck.org, linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org, linux-api@...r.kernel.org Subject: Re: [PATCH] mm: disable `vm.max_map_count' sysctl limit On Mon, Nov 27, 2017 at 08:57:32PM +0100, Michal Hocko wrote: > On Mon 27-11-17 19:32:18, Michal Hocko wrote: > > On Mon 27-11-17 09:25:16, Andi Kleen wrote: > [...] > > > The reason the limit was there originally because it allows a DoS > > > attack against the kernel by filling all unswappable memory up with VMAs. > > > > We can reduce the effect by accounting vmas to memory cgroups. > > As it turned out we already do. > vm_area_cachep = KMEM_CACHE(vm_area_struct, SLAB_PANIC|SLAB_ACCOUNT); That only helps if you have memory cgroups enabled. It would be a regression to break the accounting on all the systems that don't. -Andi
Powered by blists - more mailing lists