Re: [PATCH 3/3] mlock: avoid dirtying pages and triggeringwriteback
From: Dustin Kirkland
Date: Fri Nov 19 2010 - 19:30:27 EST
On Fri, 2010-11-19 at 18:22 -0500, Ted Ts'o wrote:
> On Fri, Nov 19, 2010 at 02:54:42PM -0800, Andrew Morton wrote:
> >
> > Dirtying all that memory at mlock() time is pretty obnoxious.
> > ...
> > So all that leaves me thinking that we merge your patches as-is. Then
> > work out why users can fairly trivially use mlock to hang the kernel on
> > ext2 and ext3 (and others?)
>
> So at least on RHEL 4 and 5 systems, pam_limits was configured so that
> unprivileged processes could only mlock() at most 16k. This was
> deemed enough so that programs could protect crypto keys. The
> thinking when we added the mlock() ulimit setting was that
> unprivileged users could very easily make a nuisance of themselves,
> and grab way too much system resources, by using mlock() in obnoxious
> ways.
>
> I was just checking to see if my memory was correct, and to my
> surprise, I've just found that Ubuntu deliberately sets the memlock
> ulimit to be unlimited. Which means that Ubuntu systems are
> completely wide open for this particular DOS attack. So if you
> administer an Ubuntu-based server, it might be a good idea to make a
> tiny little change to /etc/security/limits.conf....
>
> - Ted
Kees,
Copying you into this thread, in case you'd like to respond from the
Ubuntu side. Thanks for the heads-up, Ted.
--
:-Dustin
Dustin Kirkland
Canonical, LTD
kirkland@xxxxxxxxxxxxx
GPG: 1024D/83A61194
Attachment:
signature.asc
Description: This is a digitally signed message part