lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Mon,  5 Nov 2018 10:43:42 -0500
From:   Waiman Long <longman@...hat.com>
To:     "Luis R. Rodriguez" <mcgrof@...nel.org>,
        Kees Cook <keescook@...omium.org>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Jonathan Corbet <corbet@....net>
Cc:     linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
        linux-doc@...r.kernel.org, Al Viro <viro@...iv.linux.org.uk>,
        Matthew Wilcox <willy@...radead.org>,
        "Eric W. Biederman" <ebiederm@...ssion.com>,
        Takashi Iwai <tiwai@...e.de>, Davidlohr Bueso <dbueso@...e.de>,
        Manfred Spraul <manfred@...orfullife.com>,
        Waiman Long <longman@...hat.com>
Subject: [PATCH v10 0/4] ipc: Increase IPCMNI limit & IPC id generation modes

v9->v10:
 - Drop v9 patches 1 & 2 because they have been merged upstream.
 - Minor twist to fix checkpatch warnings.
 - Add a new ipcid_mode sysctl parameter (new patches 3 & 4) to control
   how the IPC ids are being generated.

v7 patch: https://lkml.org/lkml/2018/5/7/666
v8 patch: https://lkml.org/lkml/2018/6/18/706
v9 patch: https://lkml.org/lkml/2018/9/7/1141  

There are users out there requesting increase in the IPCMNI value to
more than 32k. This patchset does that by using a boot kernel parameter
"ipcmni_extend" to increase the IPCMNI limit from 32k to 8M when that
boot command line option is specified.

To reduce the chance of id reuse, a new sysctl parameter ipcid_mode is
added for changing the way an IPC id is being generated. Currently,
three modes are supported - legacy, delete and cyclic. They differs
in the way the identifier and sequence number within an id are being
generated. This new mode is per IPC namespace.

The IPC id mode can be changed dynamically at run time, but extending
the IPCMNI number can only be done at boot time.

Patch 1 adds a "ipcmni_extend" boot command line parameter to extend
the IPCMNI limit from 32k to 8M.

Patch 2 changes how the sequence number within an id is being generated
to reduce the chance of id reuse with "ipcmni_extend".

Patch 3 decouples the new sequence generation mode into a new sysctl
parameter "ipcid_mode" so that it can be used even if "ipcmni_extend"
isn't specified.

Patch 4 adds a cyclic mode to "ipcid_mode" to allocate identifier
cyclically as well.

Waiman Long (4):
  ipc: Allow boot time extension of IPCMNI from 32k to 8M
  ipc: Conserve sequence numbers in extended IPCMNI mode
  ipc: Make the new sequence number generation mode available to all
  ipc: Add a cyclic mode for id generation

 Documentation/admin-guide/kernel-parameters.txt |  3 ++
 Documentation/sysctl/kernel.txt                 | 23 ++++++++++++
 include/linux/ipc_namespace.h                   | 14 +++++++
 ipc/ipc_sysctl.c                                | 25 ++++++++++++-
 ipc/msg.c                                       |  3 +-
 ipc/namespace.c                                 |  2 +
 ipc/sem.c                                       |  3 +-
 ipc/shm.c                                       |  3 +-
 ipc/util.c                                      | 41 +++++++++++++++------
 ipc/util.h                                      | 49 ++++++++++++++++++++-----
 10 files changed, 140 insertions(+), 26 deletions(-)

-- 
1.8.3.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ