Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Thu, 7 Mar 2002 17:12:28 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Thu, 7 Mar 2002 17:12:19 -0500 Received: from e21.nc.us.ibm.com ([32.97.136.227]:51853 "EHLO e21.nc.us.ibm.com") by vger.kernel.org with ESMTP id ; Thu, 7 Mar 2002 17:12:04 -0500 Subject: Re: [PATCH] Prevent max_threads from exceeding PID_MAX From: Paul Larson To: "Patrick O'Rourke" Cc: lkml In-Reply-To: <200203072045.PAA08386@egenera.com> In-Reply-To: <200203072045.PAA08386@egenera.com> Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Mailer: Evolution/1.0.2 Date: 07 Mar 2002 16:11:00 -0600 Message-Id: <1015539061.16836.10.camel@plars.austin.ibm.com> Mime-Version: 1.0 Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org On Thu, 2002-03-07 at 14:45, Patrick O'Rourke wrote: > It is possible on large memory systems that the default process limits > can exceed PID_MAX. This will allow a non-root user to consume all pids > resulting in the kernel to basically hang in get_pid(). > > + /* don't let threads go beyond PID_MAX */ > + if (max_threads > PID_MAX) { > + max_threads = PID_MAX; > + } > + The problem with this approach is that it doesn't take into account pgrp, tgids, etc... I submitted the following patch a couple of weeks ago that fixes the problem a better way. Thanks, Paul Larson diff -Naur linux-2.4.18-rc2/kernel/fork.c linux-getpid/kernel/fork.c --- linux-2.4.18-rc2/kernel/fork.c Wed Feb 20 09:54:39 2002 +++ linux-getpid/kernel/fork.c Fri Feb 22 15:52:52 2002 @@ -20,6 +20,7 @@ #include #include #include +#include #include #include @@ -85,12 +86,13 @@ { static int next_safe = PID_MAX; struct task_struct *p; - int pid; + int pid, beginpid; if (flags & CLONE_PID) return current->pid; spin_lock(&lastpid_lock); + beginpid = last_pid; if((++last_pid) & 0xffff8000) { last_pid = 300; /* Skip daemons etc. */ goto inside; @@ -110,12 +112,16 @@ last_pid = 300; next_safe = PID_MAX; } + if(unlikely(last_pid == beginpid)) + goto nomorepids; goto repeat; } if(p->pid > last_pid && next_safe > p->pid) next_safe = p->pid; if(p->pgrp > last_pid && next_safe > p->pgrp) next_safe = p->pgrp; + if(p->tgid > last_pid && next_safe > p->tgid) + next_safe = p->tgid; if(p->session > last_pid && next_safe > p->session) next_safe = p->session; } @@ -125,6 +131,11 @@ spin_unlock(&lastpid_lock); return pid; + +nomorepids: + read_unlock(&tasklist_lock); + spin_unlock(&lastpid_lock); + return 0; } static inline int dup_mmap(struct mm_struct * mm) @@ -620,6 +631,8 @@ copy_flags(clone_flags, p); p->pid = get_pid(clone_flags); + if (p->pid == 0 && current->pid != 0) + goto bad_fork_cleanup; p->run_list.next = NULL; p->run_list.prev = NULL; - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/