| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 6 Jun 2016 11:05:57 +0300
From: Cyrill Gorcunov <gorcunov@...il.com>
To: Nikolay Borisov <kernel@...p.com>
Cc: john@...nmccutchan.com, eparis@...hat.com, ebiederm@...ssion.com,
jack@...e.cz, linux-kernel@...r.kernel.org, avagin@...nvz.org,
netdev@...r.kernel.org, operations@...eground.com
Subject: Re: [PATCH 1/4] inotify: Add infrastructure to account inotify
limits per-namespace
On Wed, Jun 01, 2016 at 10:52:57AM +0300, Nikolay Borisov wrote:
> This patch adds the necessary members to user_struct. The idea behind
> the solution is really simple - user the userns pointers as keys into
> a hash table which holds the inotify instances/watches counts. This
> allows to account the limits per userns rather than per real user,
> which makes certain scenarios such as a single mapped user in a
> container deplete the inotify resources for all other users, which
> map to the exact same real user.
>
> Signed-off-by: Nikolay Borisov <kernel@...p.com>
...
> +static inline unsigned long inotify_dec_return_dev(struct user_struct *user,
> + void *key)
> +{
> + struct inotify_state *state;
> + unsigned long ret;
> +
> + spin_lock(&user->inotify_lock);
> + state = __find_inotify_state(user, key);
> + ret = --state->inotify_devs;
> + spin_unlock(&user->inotify_lock);
> +
> + return ret;
> +}
Hi Nikolay! Could you please explain why this new function is not used anywhere
in other patches or I miss something obvious?
Powered by blists - more mailing lists