From owner-freebsd-bugs Tue Nov 14 5:50: 5 2000 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 8947D37B4C5 for ; Tue, 14 Nov 2000 05:50:03 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id FAA41456; Tue, 14 Nov 2000 05:50:03 -0800 (PST) (envelope-from gnats@FreeBSD.org) Date: Tue, 14 Nov 2000 05:50:03 -0800 (PST) Message-Id: <200011141350.FAA41456@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org Cc: From: Bruce Evans Subject: Re: kern/22826: Memory limits have no effect in linux compatibility Reply-To: Bruce Evans Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The following reply was made to PR kern/22826; it has been noted by GNATS. From: Bruce Evans To: Harald Hanche-Olsen Cc: freebsd-gnats-submit@FreeBSD.ORG Subject: Re: kern/22826: Memory limits have no effect in linux compatibility Date: Wed, 15 Nov 2000 00:47:13 +1100 (EST) On Tue, 14 Nov 2000, Harald Hanche-Olsen wrote: > More to the point, however, in my experiment I used both -d and -s as > well as -m, and still the process grew without bound. I'm sorry, I > should have mentioned that. mmap() ignores all of the limits even for native processes, so the limits are no use for limiting buggy or malicious programs that use mmap(). vm has surprisingly few references to the limits. Most are just to set the defaults. The others are: - limit on normal stack growth in vm_map.c should work. I think programs can still build abnormally large stacks using mmap(). - limit on locked memory in vm_mmap.c should work. - limit on rss in vm_pageout.c should work. It is only used when the system becomes short of memory. - limit on data size in vm_unix.c works, but only affects the break(2). This limits malloc(3). The data limit also affects loading of programs, but there are problems there too. It has no effect for elf programs. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message