From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754083AbcDTDi1 (ORCPT ); Tue, 19 Apr 2016 23:38:27 -0400 Received: from out01.mta.xmission.com ([166.70.13.231]:46356 "EHLO out01.mta.xmission.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753938AbcDTDiX (ORCPT ); Tue, 19 Apr 2016 23:38:23 -0400 From: ebiederm@xmission.com (Eric W. Biederman) To: "H. Peter Anvin" Cc: Linus Torvalds , Andy Lutomirski , security@debian.org, "security\@kernel.org" , Al Viro , "security\@ubuntu.com \>\> security" , Peter Hurley , Serge Hallyn , Willy Tarreau , Aurelien Jarno , One Thousand Gnomes , Jann Horn , Greg KH , Linux Kernel Mailing List , Jiri Slaby , Florian Weimer References: <877ffyzy1j.fsf_-_@x220.int.ebiederm.org> <1460734532-20134-1-git-send-email-ebiederm@xmission.com> <1460734532-20134-14-git-send-email-ebiederm@xmission.com> <8737qhpifz.fsf@x220.int.ebiederm.org> <25D92F7D-32F9-4913-9995-2F6B430FA29E@zytor.com> <87inzdju98.fsf@x220.int.ebiederm.org> <87C89963-F554-481F-81FF-5DC395062943@zytor.com> Date: Tue, 19 Apr 2016 22:27:43 -0500 In-Reply-To: (H. Peter Anvin's message of "Tue, 19 Apr 2016 12:26:19 -0700") Message-ID: <8737qhdknk.fsf@x220.int.ebiederm.org> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) MIME-Version: 1.0 Content-Type: text/plain X-XM-AID: U2FsdGVkX1/wbAtkqjTUflU1T4PSKJijy8VzMotcgVg= X-SA-Exim-Connect-IP: 97.119.105.151 X-SA-Exim-Mail-From: ebiederm@xmission.com X-Spam-Report: * -1.0 ALL_TRUSTED Passed through trusted hosts only via SMTP * 1.5 XMNoVowels Alpha-numberic number with no vowels * 0.0 TVD_RCVD_IP Message was received from an IP address * 0.0 T_TM2_M_HEADER_IN_MSG BODY: No description available. * 0.8 BAYES_50 BODY: Bayes spam probability is 40 to 60% * [score: 0.5000] * -0.0 DCC_CHECK_NEGATIVE Not listed in DCC * [sa04 1397; Body=1 Fuz1=1 Fuz2=1] * 0.0 T_TooManySym_01 4+ unique symbols in subject X-Spam-DCC: XMission; sa04 1397; Body=1 Fuz1=1 Fuz2=1 X-Spam-Combo: *;"H. Peter Anvin" X-Spam-Relay-Country: X-Spam-Timing: total 232 ms - load_scoreonly_sql: 0.06 (0.0%), signal_user_changed: 8 (3.6%), b_tie_ro: 7 (3.0%), parse: 1.20 (0.5%), extract_message_metadata: 11 (4.9%), get_uri_detail_list: 0.88 (0.4%), tests_pri_-1000: 5 (2.3%), tests_pri_-950: 1.11 (0.5%), tests_pri_-900: 0.95 (0.4%), tests_pri_-400: 21 (9.2%), check_bayes: 20 (8.7%), b_tokenize: 6 (2.5%), b_tok_get_all: 7 (2.8%), b_comp_prob: 2.0 (0.9%), b_tok_touch_all: 3.0 (1.3%), b_finish: 0.82 (0.4%), tests_pri_0: 171 (73.6%), check_dkim_signature: 0.47 (0.2%), check_dkim_adsp: 4.1 (1.8%), tests_pri_500: 8 (3.3%), poll_dns_idle: 0.33 (0.1%), rewrite_mail: 0.00 (0.0%) Subject: Re: [PATCH 14/16] vfs: Implement mount_super_once X-Spam-Flag: No X-SA-Exim-Version: 4.2.1 (built Wed, 24 Sep 2014 11:00:52 -0600) X-SA-Exim-Scanned: Yes (on in01.mta.xmission.com) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org "H. Peter Anvin" writes: > On April 19, 2016 12:25:03 PM PDT, "H. Peter Anvin" wrote: >> >>Perhaps a (privileged) option to exempt from the global limit, then. >>Something we can implement if asked for. >> >>However, I wouldn't be 100% that the reserved pool isn't used. Someone >>added it presumably for a reason. An administrator could say it and >>we'd have no idea. > > ... and if I personally was running a container-hosting system, I > would *absolutely* set it to make sure the administrator could not get > locked out. That is likely easier done by setting: echo RIDICULOUSLY_LARGE_NUMBER > /proc/sys/kernel/pty/max All I am certain about at this point is that no one cares on a day to day basis or in any kind of ordinary scenario so this is something that we can get away with changing. But yes I would not be surprised if we have to come back and implement something like your suggested extra mount option for devpts, so some specified instances can dip into the reserved pool. Eric