Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20201015200300.GW17637@brightrain.aerifal.cx>
Date: Thu, 15 Oct 2020 16:03:01 -0400
From: Rich Felker <dalias@...c.org>
To: Alexey Izbyshev <izbyshev@...ras.ru>
Cc: musl@...ts.openwall.com
Subject: Re: Why is setrlimit() considered to have per-thread effect?

On Thu, Oct 15, 2020 at 09:26:33PM +0300, Alexey Izbyshev wrote:
> On 2020-10-15 20:13, Rich Felker wrote:
> >On Thu, Oct 15, 2020 at 07:13:30PM +0300, Alexey Izbyshev wrote:
> >If correct, I agree -- we can avoid the need for __synccall when
> >prlimit works. I'd like to find commits or source lines supporting
> >that in their actual (code) content though rather than just as a
> >mention in commit messages, since it's contrary to what my (probably
> >outdated) understanding of how rlimits worked was.
> >
> Here they are (the first two were referenced in my reply to Szabolcs).
> 
> * Change of setrlimit() to operate on signal_struct in 2.6.10:
> https://elixir.bootlin.com/linux/v2.6.10/source/kernel/sys.c#L1487
> (compare with
> https://elixir.bootlin.com/linux/v2.6.9/source/kernel/sys.c#L1537)
> 
> * Definition of signal_struct in 2.6.10, which is per-thread-group
> (apart from "rlim", it contains many other thread-group-related
> fields): https://elixir.bootlin.com/linux/v2.6.10/source/include/linux/sched.h#L268
> 
> * Usage if signal_struct in 2.6.36 (the first kernel with prlimit())
> in do_prlimit(), which is a common function implementing
> setrlimit(), getrlimit() and prlimit():
> https://elixir.bootlin.com/linux/v2.6.36/source/kernel/sys.c#L1333
> 
> Finally, I performed a simple experiment: on 2.6.30 kernel (with
> glibc 2.5), created a thread and changed RLIMIT_FSIZE via
> setrlimit(). After that, "/proc/pid/limits" reported the new limit,
> so it was applied to the whole process. Strace confirmed that only a
> single setrlimit() system call was performed.

Excellent, thanks for doing this research! I'll adjust setrlimit to
use __synccall only in the fallback where SYS_prlimit fails.

Rich

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.