Received: by 10.192.165.148 with SMTP id m20csp32632imm; Thu, 19 Apr 2018 12:28:18 -0700 (PDT) X-Google-Smtp-Source: AIpwx4+hMw6CrilyqhgYrkN8MZmseZDP/wG4mB0KLWbQomxCmSrENnMN6FqQV5P0wdlWxY/lR4L2 X-Received: by 2002:a17:902:6c07:: with SMTP id q7-v6mr7381988plk.67.1524166098680; Thu, 19 Apr 2018 12:28:18 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1524166098; cv=none; d=google.com; s=arc-20160816; b=eGhQLxM9XXXYeylvfbWTA8MlPfDxRRh99A42Hjo0mTUxC+6ZdMkNdgQLBTs6pAy008 Wjn0C0kYr7S/O8J23aWBXtDjkxiMIOs1INaLjx68p27iPt80X3UxliJuaN4pCbhdQOqC fleU/HQEWEtA/E3gAXhcqcHhm5EslFYpXkUEd4Pr5hbVjnBoQf+u3wMOxCxVyASA4gfL Ae7i//A38es5aDNpA61FNqZjTDbJgg7GrF0UzyNDPavpIl8HeDGXnw81ONNptlA5IIhN EAVSP5mzwj7vbMgWvSPPxspZKyUTPfoE9W2TdOoOzxVDDkTYNXvgzyuSVRXyuL0XX+yF CfPg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:mime-version:organization:message-id:date :subject:to:from:dkim-signature:content-transfer-encoding :arc-authentication-results; bh=tFbwh67hXC70hTsPzpLa2QiMhGJfvwV97i/x2fdcyaQ=; b=iUNq6GAPH7pt97MxZy01Ljl6RPzMhX29i15eObtA35fV59ZTqZUdGhhfYzysPDa6nR IjtDy9JIinDCmIxjTYXHLlidC2LX+N/0uR6wj0er+340y6+O2Q1xfkY+7/h7/6vGYptA pTIcimlXy+UqS025QuxI6KxdgMSBd179ulFEci8gmZzOeNw267ncLCybau2PM19oCS2c 26/so4RdTo0hUw99XIstTl0oJICWX0Rb2zLyzmZ8BStJ3kcwXa2PZK21gvwRRQwT9rL2 NQZahm8uWO7Sn87Mh5cy+Op1wnckhd0E50eqGN/ynEIakBnjs9ojnDRvwqBkMXovHyif 86qQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@telfort.nl header.s=telfort01 header.b=vRA/XEQ5; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=telfort.nl Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id g5si3551458pgo.501.2018.04.19.12.28.02; Thu, 19 Apr 2018 12:28:18 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@telfort.nl header.s=telfort01 header.b=vRA/XEQ5; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=telfort.nl Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753259AbeDST0l (ORCPT + 99 others); Thu, 19 Apr 2018 15:26:41 -0400 Received: from cpsmtpb-ews01.kpnxchange.com ([213.75.39.4]:51203 "EHLO cpsmtpb-ews01.kpnxchange.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752558AbeDST0k (ORCPT ); Thu, 19 Apr 2018 15:26:40 -0400 X-Greylist: delayed 782 seconds by postgrey-1.27 at vger.kernel.org; Thu, 19 Apr 2018 15:26:40 EDT Received: from cpsps-ews11.kpnxchange.com ([10.94.84.178]) by cpsmtpb-ews01.kpnxchange.com with Microsoft SMTPSVC(7.5.7601.17514); Thu, 19 Apr 2018 21:13:36 +0200 X-Brand: /q/rzKX13g== X-KPN-SpamVerdict: e1=0;e2=;e3=0(e1=10;e3=10;e2=00);EVW:White;BM:KPN.E mailWasstraat.ScanProcessingSink.Scanning.MailScanResultSet;FinalVerdi ct:Clean X-Brightmail-Tracker: H4sIAAAAAAAAC+NgFjrPKsWRWlGSWpSXmKPExsVyuJKZRTfh 1Y0og4YVuxIsLu+aw+bA6PF5k1wAYxRrZl5SfkUCa8b8vs1MBW94KvrP3GZqYOzi6mLk4p AQOMQocbRjE3sXIyeQoy6x5MtJRpCEkMBSRomJH7sYQRLMAvISHZcbWSFsHYkFuz+xgRSx CHQySyyY/pENojtTYtHL5SwQ3dsZJfaf6wdLsAkoS+x88wbMFhFQkNjc+wxskrCAosShbf NYQGwWAVWJCYcvgdm8AhoSzz8eBjuJX0BKYs+jL4wQcUGJkzOfgNUICchKfF13EersYInZ U/YxTWAUnIXk2FlIjp2FpH0BI/MqRonkguKCYt3U8mJDQ73sgjwgQy8nPzkxZxMjMDivem vY7mD82hd7iNGUg0lJlPfY5BtRQnxJ+SmVGYnFGfFFpTmpxUpSvHs2OEQJCcOFi0uTcjOL izPz8w4xWnNwKEnwGr0E6hMsSk1PrUjLzAHGF1SrLK9wj16kkBiyDLJuYw4eJRFeFpBu3u KCxNzizHSoTkmITiGYKELXKUZ7KXHeVJAeAZBsRmke3EIpGV7N5qtRQqJIEgidoBQ0scXg 2C1GPiGWvPy8VCmowCtGQw5GJWHeMJChPJl5JQh3SPBKCZ0H+g0qiDDsFdDxTEDHG6iAHV +SWILF8VBRhC6pBka+TOV/2b0inn2V4kGvX9y4HtW2e+1fpWczzl2+p126qPSJ4cRyOeNn dlxG0beTT4ituv3NZo6ideN3811+a/a+i97qzGUtZpJbPv+x0v+tRjOe3HsREpSrEnmWZX GuVX5ebN47yZh+tWezbDbKnbW9f//Qbe/32TdTOWq2SxfHKE5b+7ORvVKJpTgj0VCLuag4 EQBojnonYgMAAA== X-CMAE-Analysis: v=2.3 cv=RMad4bq+ c=1 sm=1 tr=0 a=LzU8FWS6tX6H791gvgu rLw==:117 a=WlLoZYvoDPkrvwfrrc3pQQ==:17 a=kj9zAlcOel0A:10 a=Kd1tUaAdev IA:10 a=ZfNxyw7ZWojhWlxPhXkA:9 a=CjuIK1q_8ugA:10 X-CM-AcctID: kpn@feedback.cloudmark.com Received: from CPSMTPM-TLF101.kpnxchange.com ([195.121.3.4]) by cpsps-ews11.kpnxchange.com with Microsoft SMTPSVC(8.5.9600.16384); Thu, 19 Apr 2018 21:13:36 +0200 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" DKIM-Signature: v=1; a=rsa-sha256; d=telfort.nl; s=telfort01; c=relaxed/relaxed; t=1524165215; h=mime-version:date:message-id:subject:from:to:content-type; bh=tFbwh67hXC70hTsPzpLa2QiMhGJfvwV97i/x2fdcyaQ=; b=vRA/XEQ5m4xjobu7EzI5qPaZypJthQlQcNWjVEIG8f+dZw9VQAUPuRfhVZKZ5Dzx/IE5jXUX+X0 G8XTALQSIxffjwHTgC0TgoPpXXW2pYUyNstCJjNwpZ4dCmFcOlxSHOsfkLRLXolydLFAI2xQF5gS0 i9yep7UhXZqluQlsKh4= X-CMASSUN: 33|kFZpDlyPvQv+CRdOa0tbFSs6UByXXETINYBAIxDGG800CkmHl/TOud064lFouP/d NNMa8MmTdrZgCMo6ndLZIw== Received: from delfion.localnet ([145.132.48.198]) by CPSMTPM-TLF101.kpnxchange.com over TLS secured channel with Microsoft SMTPSVC(7.5.7601.17514); Thu, 19 Apr 2018 21:13:35 +0200 From: Ferry Toth To: linux-kernel@vger.kernel.org Subject: DOS by unprivileged user Date: Thu, 19 Apr 2018 21:13:35 +0200 Message-ID: <9023506.UBh6vynRGa@delfion> Organization: Exalon Delft MIME-Version: 1.0 X-OriginalArrivalTime: 19 Apr 2018 19:13:35.0976 (UTC) FILETIME=[84044680:01D3D812] X-RcptDomain: vger.kernel.org Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org It appears any ordinary user can easily create a DOS on linux. One sure way to reproduce this is to open gitk on the linux kernel repo (SIC) on a machine with 8GB RAM 16 GB swap on a HDD with btrfs and quad core + hyperthreading. But I will be easy enough to get the same effect with more RAM, other fs etc. In this case gitk allocates more and more memory (until my system freezes 6.5GB of 7.5GB avaiable), the system starts swapping or writing to tmp files (can't investigate as there is no time until it freezes) and the io wait goes to 100% on all cores. At this point it is impossible to login from remote and local keyboard and mouse are frozen. Hard reset is the only way out at this point. IMHO there is something wrong in how the kernel hands out resources, in this case memory, CPU time and disk accesses. It should be easily measurable that a single application is allocating all memory and consequently all CPU time is spent in io wait. I'm pretty sure that if the kernel would stop or reduce allocating CPU time to the hogging (user) process causing excessive io wait, the machine would continue just fine. And probably a single process should not even be allowed to allocate this amount of memory. Or at least should not force other applications to get swapped out. In effect gitk should have beeb forced to run slow or be killed off (which doesn't happen because probably the kernel itself doesn't receive enough CPU time). As a positive side effect maybe someone would dig into gitk and make it less memory hungry (qgit is half as hungry, still a lot). -- Ferry Toth