Re: message queue limits - Marcelo Tosatti

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Marcelo Tosatti <marcelo.tosatti@cyclades.com>
To: Andrew Morton <akpm@osdl.org>
Cc: manfred@colorfullife.com, linux-kernel@vger.kernel.org
Subject: Re: message queue limits
Date: Thu, 15 Apr 2004 21:10:28 -0300	[thread overview]
Message-ID: <20040416001028.GA1373@logos.cnet> (raw)
In-Reply-To: <20040415155408.0902a0c0.akpm@osdl.org>

[-- Attachment #1: Type: text/plain, Size: 1906 bytes --]


Hi Andrew!

On Thu, Apr 15, 2004 at 03:54:08PM -0700, Andrew Morton wrote:
> Marcelo Tosatti <marcelo.tosatti@cyclades.com> wrote:
> >
> > This adds a new "RLIMIT_SIGPENDING" limit, which is used to limit
> > per-uid pending signals. Currently an unpriviledged user can queue 
> > more than maximum of allowed signals and cause overall system 
> > malfunction.
> 
> So now it takes two users to gang up and do the same thing.  

Decrease rlim_cur then. Usually people dont have several accounts 
on the same box.

> We should either exempt root from the global check or simply remove the global > limit
> altogether.

Then allow for unlimited pending signals? Are you sure?

> Is it possible for a process to do setuid() with outstanding signals?  If
> so, they may end up with a negative current->user->signal_pending?

Nice catch, root can do that and I think current->user->signal_pending can get
negative. Not completly sure though.

> You need to initialise ->signal_pending in alloc_uid().

--- signal.c.orig	2004-04-15 20:44:17.458438104 -0300
+++ signal.c	2004-04-15 20:45:36.850368696 -0300
@@ -288,7 +288,8 @@
 		return;
 	kmem_cache_free(sigqueue_cachep, q);
 	atomic_dec(&nr_queued_signals);
-	atomic_dec(&current->user->signal_pending);
+	if (atomic_read(&current->user->signal_pending) > 0)
+		atomic_dec(&current->user->signal_pending);
 }
 
 static void flush_sigqueue(struct sigpending *queue)
--- user.c.orig	2004-04-15 20:44:20.395991528 -0300
+++ user.c	2004-04-15 20:44:37.069456776 -0300
@@ -98,6 +98,7 @@
 		atomic_set(&new->__count, 1);
 		atomic_set(&new->processes, 0);
 		atomic_set(&new->files, 0);
+		atomic_set(&new->signal_pending, 0);
 
 		/*
 		 * Before adding this, check whether we raced

> What are you doing for testing of this?

Simple app posted by Nikita (attached) together with MySQL and 
sql-bench for creating mysql threads.
The setuid() was added by me now.


[-- Attachment #2: signal.c --]
[-- Type: text/plain, Size: 921 bytes --]

#include <signal.h>
#include <unistd.h>
#include <stdlib.h>
                                                                                                                                                                                    
int main()
{
        sigset_t set;
        int i;
        pid_t pid;
                                                                                                                                                                                    
        sigemptyset(&set);
        sigaddset(&set, 40);
        sigprocmask(SIG_BLOCK, &set, 0);
                                                                                                                                                                                    
        pid = getpid();
        for (i = 0; i < 1024; i++)
                kill(pid, 40);

	setuid(500);

        while (1)
                sleep(1);
}

next prev parent reply	other threads:[~2004-04-16  0:44 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-04-12  5:48 message queue limits Ulrich Drepper
2004-04-13 20:16 ` Bill Davidsen
2004-04-15 14:53 ` Marcelo Tosatti
2004-04-15 19:24   ` Andrew Morton
2004-04-15 19:54     ` Marcelo Tosatti
2004-04-15 21:46       ` Marcelo Tosatti
2004-04-15 22:54         ` Andrew Morton
2004-04-16  0:10           ` Marcelo Tosatti [this message]
2004-04-16  1:48             ` Andrew Morton
2004-04-16 13:13               ` Marcelo Tosatti
     [not found] ` <20040415141846.GE2085@logos.cnet>
     [not found]   ` <407EB08D.4010607@colorfullife.com>
2004-04-16 14:06     ` Marcelo Tosatti
2004-04-16 21:35       ` Andrew Morton

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20040416001028.GA1373@logos.cnet \
    --to=marcelo.tosatti@cyclades.com \
    --cc=akpm@osdl.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=manfred@colorfullife.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.