Re: [PATCH v2] Document /proc/pid PID reuse behavior

From: Daniel Colascione
Date: Wed Nov 07 2018 - 11:10:06 EST

Next message: Bart Van Assche: "Re: [PATCH] block: respect virtual boundary mask in bvecs"
Previous message: Theodore Y. Ts'o: "Re: [PATCH 5/7] ext4: bs.bh cleanup before re-using in ext4_xattr_block_find()"
In reply to: Michal Hocko: "Re: [PATCH v2] Document /proc/pid PID reuse behavior"
Next in thread: Michal Hocko: "Re: [PATCH v2] Document /proc/pid PID reuse behavior"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Nov 7, 2018 at 4:00 PM, Michal Hocko <mhocko@xxxxxxxxxx> wrote:
> On Wed 07-11-18 15:48:20, Daniel Colascione wrote:
>> On Tue, Nov 6, 2018 at 1:05 PM, Michal Hocko <mhocko@xxxxxxxxxx> wrote:
>> > otherwise anybody could simply DoS the system
>> > by consuming all available pids.
>>
>> People can do that today using the instrument of terror widely known
>> as fork(2). The only thing standing between fork(2) and a full process
>> table is RLIMIT_NPROC.
>
> not really.

What else, besides memory consumption and (as you mention below)
cgroups? In practice, nobody uses RLIMIT_NPROC, so outside of various
container-y namespaced setups, avoidance of
system-DoS-through-PID-exhaustion isn't a pressing problem.

If you really do care about pid space depletion then you
> should use pid cgroup controller.

Or that, sure. But since cgroups are optional, the problem with the
core model remains. In general, if there's a problem X with the core
system API, and you can mitigate X by using a cgroup, X is still a
problem.

Next message: Bart Van Assche: "Re: [PATCH] block: respect virtual boundary mask in bvecs"
Previous message: Theodore Y. Ts'o: "Re: [PATCH 5/7] ext4: bs.bh cleanup before re-using in ext4_xattr_block_find()"
In reply to: Michal Hocko: "Re: [PATCH v2] Document /proc/pid PID reuse behavior"
Next in thread: Michal Hocko: "Re: [PATCH v2] Document /proc/pid PID reuse behavior"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]