lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Tue, 4 Sep 2018 09:30:12 +1000
From:   KJ Tsanaktsidis <ktsanaktsidis@...desk.com>
To:     akpm@...ux-foundation.org
Cc:     linux-kernel@...r.kernel.org, trivial@...nel.org, mhocko@...e.cz,
        oleg@...hat.com
Subject: Re: [PATCH] fork: report pid exhaustion correctly

Thanks :) yeah, first kernel patch. I got pretty annoyed by how long I
spent trying to figure
out why my database was reporting disk space errors on pthread_create,
and when I
finally worked out what was going on sending a patch to fix it was
somewhat therapeutic!

On Tue, Sep 4, 2018 at 9:22 AM Andrew Morton <akpm@...ux-foundation.org> wrote:
>
> On Mon,  3 Sep 2018 04:10:16 -0700 ktsanaktsidis@...desk.com wrote:
>
> > From: KJ Tsanaktsidis <ktsanaktsidis@...desk.com>
> >
> > Make the clone and fork syscalls return EAGAIN when the limit on the
> > number of pids /proc/sys/kernel/pid_max is exceeded.
> >
> > Currently, when the pid_max limit is exceeded, the kernel will return
> > ENOSPC from the fork and clone syscalls. This is contrary to the
> > documented behaviour, which explicitly calls out the pid_max case as one
> > where EAGAIN should be returned. It also leads to really confusing error
> > messages in userspace programs which will complain about a lack of disk
> > space when they fail to create processes/threads for this reason.
> >
> > This error is being returned because the alloc_pid function uses the idr
> > api to find a new pid; when there are none available, idr_alloc_cyclic
> > is returns -ENOSPC, and this is being propagated back into userspace.
> >
> > This behaviour has been broken before, and was explicitly fixed in
> > commit 35f71bc0a09a ("fork: report pid reservation failure properly"),
> > so I think -EAGAIN is definitely the right thing to return in this case.
> > The current behaviour change dates from commit 95846ecf9dac ("pid:
> > replace pid bitmap implementation with IDR AIP") and was I believe
> > unintentional.
> >
> > This patch has no impact on the case where allocating a pid fails
> > because the child reaper for the namespace is dead; that case will still
> > return -ENOMEM.
>
> Thanks.  First ever kernel patch?  It was a damn good one!
>
> > Fixes: 95846ecf9dac ("pid: replace pid bitmap implementation with IDR AIP")
> > Signed-off-by: KJ Tsanaktsidis <ktsanaktsidis@...desk.com>
>
> I'll add cc:stable here so the fix gets backported into earlier kernels
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ