Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1757263Ab0KSXXS (ORCPT ); Fri, 19 Nov 2010 18:23:18 -0500 Received: from thunk.org ([69.25.196.29]:47463 "EHLO thunker.thunk.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1757148Ab0KSXXQ (ORCPT ); Fri, 19 Nov 2010 18:23:16 -0500 Date: Fri, 19 Nov 2010 18:22:54 -0500 From: "Ted Ts'o" To: Andrew Morton Cc: Michel Lespinasse , Hugh Dickins , Christoph Hellwig , Dave Chinner , Peter Zijlstra , Nick Piggin , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Rik van Riel , Kosaki Motohiro , Theodore Tso , Michael Rubin , Suleiman Souhlal , Dustin Kirkland Subject: Re: [PATCH 3/3] mlock: avoid dirtying pages and triggering writeback Message-ID: <20101119232254.GA28151@thunk.org> Mail-Followup-To: Ted Ts'o , Andrew Morton , Michel Lespinasse , Hugh Dickins , Christoph Hellwig , Dave Chinner , Peter Zijlstra , Nick Piggin , linux-mm@kvack.org, linux-kernel@vger.kernel.org, Rik van Riel , Kosaki Motohiro , Theodore Tso , Michael Rubin , Suleiman Souhlal , Dustin Kirkland References: <1289996638-21439-1-git-send-email-walken@google.com> <1289996638-21439-4-git-send-email-walken@google.com> <20101117125756.GA5576@amd> <1290007734.2109.941.camel@laptop> <20101117231143.GQ22876@dastard> <20101118133702.GA18834@infradead.org> <20101119072316.GA14388@google.com> <20101119145442.ddf0c0e8.akpm@linux-foundation.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20101119145442.ddf0c0e8.akpm@linux-foundation.org> User-Agent: Mutt/1.5.20 (2009-06-14) X-SA-Exim-Connect-IP: X-SA-Exim-Mail-From: tytso@thunk.org X-SA-Exim-Scanned: No (on thunker.thunk.org); SAEximRunCond expanded to false Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1354 Lines: 29 On Fri, Nov 19, 2010 at 02:54:42PM -0800, Andrew Morton wrote: > > Dirtying all that memory at mlock() time is pretty obnoxious. > ... > So all that leaves me thinking that we merge your patches as-is. Then > work out why users can fairly trivially use mlock to hang the kernel on > ext2 and ext3 (and others?) So at least on RHEL 4 and 5 systems, pam_limits was configured so that unprivileged processes could only mlock() at most 16k. This was deemed enough so that programs could protect crypto keys. The thinking when we added the mlock() ulimit setting was that unprivileged users could very easily make a nuisance of themselves, and grab way too much system resources, by using mlock() in obnoxious ways. I was just checking to see if my memory was correct, and to my surprise, I've just found that Ubuntu deliberately sets the memlock ulimit to be unlimited. Which means that Ubuntu systems are completely wide open for this particular DOS attack. So if you administer an Ubuntu-based server, it might be a good idea to make a tiny little change to /etc/security/limits.conf.... - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/