| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAHk-=wj1z-NKxedgZvSS37iH=EKE47PkL=+BYccAUtsuB1sySQ@mail.gmail.com>
Date: Mon, 28 Jun 2021 20:47:12 -0700
From: Linus Torvalds <torvalds@...ux-foundation.org>
To: "Eric W. Biederman" <ebiederm@...ssion.com>,
Alexey Gladkov <legion@...nel.org>
Cc: Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
Linux Containers <containers@...ts.linux.dev>
Subject: Re: [GIT PULL] ucounts: Count rlimits in each user namespace
On Mon, Jun 28, 2021 at 3:35 PM Eric W. Biederman <ebiederm@...ssion.com> wrote:
>
> This is the work mainly by Alexey Gladkov to limit rlimits to the
> rlimits of the user that created a user namespace, and to allow users to
> have stricter limits on the resources created within a user namespace.
I guess all the performance issues got sorted, since I haven't seen
any reports from the test robots.
I do end up with two questions, mainly because of looking at the
result of the conflict resolution.
In particular, in __sigqueue_alloc(), two oddities..
Why the "sigpending < LONG_MAX" test in that
if (override_rlimit || (sigpending < LONG_MAX && sigpending <=
task_rlimit(t, RLIMIT_SIGPENDING))) {
thing?
And why test for "ucounts" being non-NULL in
if (ucounts && dec_rlimit_ucounts(ucounts,
UCOUNT_RLIMIT_SIGPENDING, 1))
put_ucounts(ucounts);
when afaik both of those should be happy with a NULL 'ucounts' pointer
(if it was NULL, we certainly already used it for the reverse
operations for get_ucounts() and inc_rlimit_ucounts()..)
Hmm?
And somebody should verify that I didn't screw anything up in my merge
resolution. It all looked very straightforward, but mistakes happen..
Linus
Powered by blists - more mailing lists