From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756445Ab2FYSiZ (ORCPT ); Mon, 25 Jun 2012 14:38:25 -0400 Received: from mail-pz0-f46.google.com ([209.85.210.46]:35909 "EHLO mail-pz0-f46.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1754750Ab2FYSiX (ORCPT ); Mon, 25 Jun 2012 14:38:23 -0400 Date: Mon, 25 Jun 2012 11:38:18 -0700 From: Tejun Heo To: Frederic Weisbecker Cc: Glauber Costa , cgroups@vger.kernel.org, linux-mm@kvack.org, Andrew Morton , linux-kernel@vger.kernel.org, Frederic Weisbecker , David Rientjes , Pekka Enberg , Michal Hocko , Johannes Weiner , Christoph Lameter , devel@openvz.org, kamezawa.hiroyu@jp.fujitsu.com, Pekka Enberg , Suleiman Souhlal Subject: Re: [PATCH 11/11] protect architectures where THREAD_SIZE >= PAGE_SIZE against fork bombs Message-ID: <20120625183818.GH3869@google.com> References: <1340633728-12785-1-git-send-email-glommer@parallels.com> <1340633728-12785-12-git-send-email-glommer@parallels.com> <4FE89807.50708@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4FE89807.50708@redhat.com> User-Agent: Mutt/1.5.20 (2009-06-14) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, Jun 25, 2012 at 06:55:35PM +0200, Frederic Weisbecker wrote: > On 06/25/2012 04:15 PM, Glauber Costa wrote: > > > Because those architectures will draw their stacks directly from > > the page allocator, rather than the slab cache, we can directly > > pass __GFP_KMEMCG flag, and issue the corresponding free_pages. > > > > This code path is taken when the architecture doesn't define > > CONFIG_ARCH_THREAD_INFO_ALLOCATOR (only ia64 seems to), and has > > THREAD_SIZE >= PAGE_SIZE. Luckily, most - if not all - of the > > remaining architectures fall in this category. > > > > This will guarantee that every stack page is accounted to the memcg > > the process currently lives on, and will have the allocations to fail > > if they go over limit. > > > > For the time being, I am defining a new variant of THREADINFO_GFP, not > > to mess with the other path. Once the slab is also tracked by memcg, > > we can get rid of that flag. > > > > Tested to successfully protect against :(){ :|:& };: > > > > Signed-off-by: Glauber Costa > > CC: Christoph Lameter > > CC: Pekka Enberg > > CC: Michal Hocko > > CC: Kamezawa Hiroyuki > > CC: Johannes Weiner > > CC: Suleiman Souhlal > > > Acked-by: Frederic Weisbecker Frederic, does this (with proper slab accounting added later) achieve what you wanted with the task counter? Thanks. -- tejun From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from psmtp.com (na3sys010amx129.postini.com [74.125.245.129]) by kanga.kvack.org (Postfix) with SMTP id 9C0546B0388 for ; Mon, 25 Jun 2012 14:38:23 -0400 (EDT) Received: by pbbrp2 with SMTP id rp2so8611528pbb.14 for ; Mon, 25 Jun 2012 11:38:22 -0700 (PDT) Date: Mon, 25 Jun 2012 11:38:18 -0700 From: Tejun Heo Subject: Re: [PATCH 11/11] protect architectures where THREAD_SIZE >= PAGE_SIZE against fork bombs Message-ID: <20120625183818.GH3869@google.com> References: <1340633728-12785-1-git-send-email-glommer@parallels.com> <1340633728-12785-12-git-send-email-glommer@parallels.com> <4FE89807.50708@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4FE89807.50708@redhat.com> Sender: owner-linux-mm@kvack.org List-ID: To: Frederic Weisbecker Cc: Glauber Costa , cgroups@vger.kernel.org, linux-mm@kvack.org, Andrew Morton , linux-kernel@vger.kernel.org, Frederic Weisbecker , David Rientjes , Pekka Enberg , Michal Hocko , Johannes Weiner , Christoph Lameter , devel@openvz.org, kamezawa.hiroyu@jp.fujitsu.com, Pekka Enberg , Suleiman Souhlal On Mon, Jun 25, 2012 at 06:55:35PM +0200, Frederic Weisbecker wrote: > On 06/25/2012 04:15 PM, Glauber Costa wrote: > > > Because those architectures will draw their stacks directly from > > the page allocator, rather than the slab cache, we can directly > > pass __GFP_KMEMCG flag, and issue the corresponding free_pages. > > > > This code path is taken when the architecture doesn't define > > CONFIG_ARCH_THREAD_INFO_ALLOCATOR (only ia64 seems to), and has > > THREAD_SIZE >= PAGE_SIZE. Luckily, most - if not all - of the > > remaining architectures fall in this category. > > > > This will guarantee that every stack page is accounted to the memcg > > the process currently lives on, and will have the allocations to fail > > if they go over limit. > > > > For the time being, I am defining a new variant of THREADINFO_GFP, not > > to mess with the other path. Once the slab is also tracked by memcg, > > we can get rid of that flag. > > > > Tested to successfully protect against :(){ :|:& };: > > > > Signed-off-by: Glauber Costa > > CC: Christoph Lameter > > CC: Pekka Enberg > > CC: Michal Hocko > > CC: Kamezawa Hiroyuki > > CC: Johannes Weiner > > CC: Suleiman Souhlal > > > Acked-by: Frederic Weisbecker Frederic, does this (with proper slab accounting added later) achieve what you wanted with the task counter? Thanks. -- tejun -- To unsubscribe, send a message with 'unsubscribe linux-mm' in the body to majordomo@kvack.org. For more info on Linux MM, see: http://www.linux-mm.org/ . Don't email: email@kvack.org From mboxrd@z Thu Jan 1 00:00:00 1970 From: Tejun Heo Subject: Re: [PATCH 11/11] protect architectures where THREAD_SIZE >= PAGE_SIZE against fork bombs Date: Mon, 25 Jun 2012 11:38:18 -0700 Message-ID: <20120625183818.GH3869@google.com> References: <1340633728-12785-1-git-send-email-glommer@parallels.com> <1340633728-12785-12-git-send-email-glommer@parallels.com> <4FE89807.50708@redhat.com> Mime-Version: 1.0 Return-path: DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=sender:date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to:user-agent; bh=fjGspcfk4rxWUox+BvAv4VLU1Lez7GA2K241/n4yUt0=; b=hNd49usGy/Iu/pL5O0chWDV0xQzbL0Gpk9IERLLTnh0Tjbzmyf3wtIpDtpFVGNOG05 3Lybk3nmBpUey6BFtN82mYrMBIK4A0br/7xnzyxU2NxVZMqMTBhwdpocQcqRHATK857u cmkAw2jZSGWang7XMg3tRZkVl7K02q9yONgrBX9nhHwQI7TvpI7raBPSc370ukLIpmL8 gyIfeTxGHaMeIGZz87lZQrU0nUjcj9jPVA1te2KA7lkdHmAjWzuv3olHJzxKNG0K2Jkl finmB9fgxd7Iyma9CpGk4ctOibcnNDxR5975JblcV0hOsOtDWo/hDBShXiqifbMXy86m UetQ== Content-Disposition: inline In-Reply-To: <4FE89807.50708-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org> Sender: cgroups-owner-u79uwXL29TY76Z2rM5mHXA@public.gmane.org List-ID: Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: Frederic Weisbecker Cc: Glauber Costa , cgroups-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, linux-mm-Bw31MaZKKs3YtjvyW6yDsg@public.gmane.org, Andrew Morton , linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org, Frederic Weisbecker , David Rientjes , Pekka Enberg , Michal Hocko , Johannes Weiner , Christoph Lameter , devel-GEFAQzZX7r8dnm+yROfE0A@public.gmane.org, kamezawa.hiroyu-+CUm20s59erQFUHtdCDX3A@public.gmane.org, Pekka Enberg , Suleiman Souhlal On Mon, Jun 25, 2012 at 06:55:35PM +0200, Frederic Weisbecker wrote: > On 06/25/2012 04:15 PM, Glauber Costa wrote: > > > Because those architectures will draw their stacks directly from > > the page allocator, rather than the slab cache, we can directly > > pass __GFP_KMEMCG flag, and issue the corresponding free_pages. > > > > This code path is taken when the architecture doesn't define > > CONFIG_ARCH_THREAD_INFO_ALLOCATOR (only ia64 seems to), and has > > THREAD_SIZE >= PAGE_SIZE. Luckily, most - if not all - of the > > remaining architectures fall in this category. > > > > This will guarantee that every stack page is accounted to the memcg > > the process currently lives on, and will have the allocations to fail > > if they go over limit. > > > > For the time being, I am defining a new variant of THREADINFO_GFP, not > > to mess with the other path. Once the slab is also tracked by memcg, > > we can get rid of that flag. > > > > Tested to successfully protect against :(){ :|:& };: > > > > Signed-off-by: Glauber Costa > > CC: Christoph Lameter > > CC: Pekka Enberg > > CC: Michal Hocko > > CC: Kamezawa Hiroyuki > > CC: Johannes Weiner > > CC: Suleiman Souhlal > > > Acked-by: Frederic Weisbecker Frederic, does this (with proper slab accounting added later) achieve what you wanted with the task counter? Thanks. -- tejun