aboutsummaryrefslogtreecommitdiffstats
path: root/ipc/ipc_sysctl.c
diff options
context:
space:
mode:
authorVasiliy Kulikov <segoon@openwall.com>2011-07-26 19:08:48 -0400
committerLinus Torvalds <torvalds@linux-foundation.org>2011-07-26 19:49:44 -0400
commitb34a6b1da371ed8af1221459a18c67970f7e3d53 (patch)
tree5addc850de13623b172395b9d0d7d670930fa6b3 /ipc/ipc_sysctl.c
parentd40dcdb0172a1ba853464983a059fb45e0aaf61a (diff)
ipc: introduce shm_rmid_forced sysctl
Add support for the shm_rmid_forced sysctl. If set to 1, all shared memory objects in current ipc namespace will be automatically forced to use IPC_RMID. The POSIX way of handling shmem allows one to create shm objects and call shmdt(), leaving shm object associated with no process, thus consuming memory not counted via rlimits. With shm_rmid_forced=1 the shared memory object is counted at least for one process, so OOM killer may effectively kill the fat process holding the shared memory. It obviously breaks POSIX - some programs relying on the feature would stop working. So set shm_rmid_forced=1 only if you're sure nobody uses "orphaned" memory. Use shm_rmid_forced=0 by default for compatability reasons. The feature was previously impemented in -ow as a configure option. [akpm@linux-foundation.org: fix documentation, per Randy] [akpm@linux-foundation.org: fix warning] [akpm@linux-foundation.org: readability/conventionality tweaks] [akpm@linux-foundation.org: fix shm_rmid_forced/shm_forced_rmid confusion, use standard comment layout] Signed-off-by: Vasiliy Kulikov <segoon@openwall.com> Cc: Randy Dunlap <rdunlap@xenotime.net> Cc: "Eric W. Biederman" <ebiederm@xmission.com> Cc: "Serge E. Hallyn" <serge.hallyn@canonical.com> Cc: Daniel Lezcano <daniel.lezcano@free.fr> Cc: Oleg Nesterov <oleg@redhat.com> Cc: Tejun Heo <tj@kernel.org> Cc: Ingo Molnar <mingo@elte.hu> Cc: Alan Cox <alan@lxorguk.ukuu.org.uk> Cc: Solar Designer <solar@openwall.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Diffstat (limited to 'ipc/ipc_sysctl.c')
-rw-r--r--ipc/ipc_sysctl.c36
1 files changed, 36 insertions, 0 deletions
diff --git a/ipc/ipc_sysctl.c b/ipc/ipc_sysctl.c
index 56410faa4550..00fba2bab87d 100644
--- a/ipc/ipc_sysctl.c
+++ b/ipc/ipc_sysctl.c
@@ -31,12 +31,37 @@ static int proc_ipc_dointvec(ctl_table *table, int write,
31 void __user *buffer, size_t *lenp, loff_t *ppos) 31 void __user *buffer, size_t *lenp, loff_t *ppos)
32{ 32{
33 struct ctl_table ipc_table; 33 struct ctl_table ipc_table;
34
34 memcpy(&ipc_table, table, sizeof(ipc_table)); 35 memcpy(&ipc_table, table, sizeof(ipc_table));
35 ipc_table.data = get_ipc(table); 36 ipc_table.data = get_ipc(table);
36 37
37 return proc_dointvec(&ipc_table, write, buffer, lenp, ppos); 38 return proc_dointvec(&ipc_table, write, buffer, lenp, ppos);
38} 39}
39 40
41static int proc_ipc_dointvec_minmax(ctl_table *table, int write,
42 void __user *buffer, size_t *lenp, loff_t *ppos)
43{
44 struct ctl_table ipc_table;
45
46 memcpy(&ipc_table, table, sizeof(ipc_table));
47 ipc_table.data = get_ipc(table);
48
49 return proc_dointvec_minmax(&ipc_table, write, buffer, lenp, ppos);
50}
51
52static int proc_ipc_dointvec_minmax_orphans(ctl_table *table, int write,
53 void __user *buffer, size_t *lenp, loff_t *ppos)
54{
55 struct ipc_namespace *ns = current->nsproxy->ipc_ns;
56 int err = proc_ipc_dointvec_minmax(table, write, buffer, lenp, ppos);
57
58 if (err < 0)
59 return err;
60 if (ns->shm_rmid_forced)
61 shm_destroy_orphaned(ns);
62 return err;
63}
64
40static int proc_ipc_callback_dointvec(ctl_table *table, int write, 65static int proc_ipc_callback_dointvec(ctl_table *table, int write,
41 void __user *buffer, size_t *lenp, loff_t *ppos) 66 void __user *buffer, size_t *lenp, loff_t *ppos)
42{ 67{
@@ -125,6 +150,8 @@ static int proc_ipcauto_dointvec_minmax(ctl_table *table, int write,
125#else 150#else
126#define proc_ipc_doulongvec_minmax NULL 151#define proc_ipc_doulongvec_minmax NULL
127#define proc_ipc_dointvec NULL 152#define proc_ipc_dointvec NULL
153#define proc_ipc_dointvec_minmax NULL
154#define proc_ipc_dointvec_minmax_orphans NULL
128#define proc_ipc_callback_dointvec NULL 155#define proc_ipc_callback_dointvec NULL
129#define proc_ipcauto_dointvec_minmax NULL 156#define proc_ipcauto_dointvec_minmax NULL
130#endif 157#endif
@@ -155,6 +182,15 @@ static struct ctl_table ipc_kern_table[] = {
155 .proc_handler = proc_ipc_dointvec, 182 .proc_handler = proc_ipc_dointvec,
156 }, 183 },
157 { 184 {
185 .procname = "shm_rmid_forced",
186 .data = &init_ipc_ns.shm_rmid_forced,
187 .maxlen = sizeof(init_ipc_ns.shm_rmid_forced),
188 .mode = 0644,
189 .proc_handler = proc_ipc_dointvec_minmax_orphans,
190 .extra1 = &zero,
191 .extra2 = &one,
192 },
193 {
158 .procname = "msgmax", 194 .procname = "msgmax",
159 .data = &init_ipc_ns.msg_ctlmax, 195 .data = &init_ipc_ns.msg_ctlmax,
160 .maxlen = sizeof (init_ipc_ns.msg_ctlmax), 196 .maxlen = sizeof (init_ipc_ns.msg_ctlmax),