Date: Fri, 17 Sep 1999 22:58:30 -0400 (EDT) From: "Brian F. Feldman" <green@FreeBSD.org> To: Matthew Dillon <dillon@apollo.backplane.com> Cc: Garrett Wollman <wollman@khavrinen.lcs.mit.edu>, Bosko Milekic <bmilekic@dsuper.net>, Stas Kisel <stas@sonet.crimea.ua>, avalon@coombs.anu.edu.au, freebsd-hackers@FreeBSD.org, freebsd-security@FreeBSD.org Subject: Re: mbuf shortage situations (followup) Message-ID: <Pine.BSF.4.10.9909172256200.82747-100000@janus.syracuse.net> In-Reply-To: <199909132017.NAA25509@apollo.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 13 Sep 1999, Matthew Dillon wrote: > The case that is causing the panics is with the non-interrupt mbuf > allocation mechanism. Specifically, the case where M_WAIT is used. > > The second problem under discussion, which really ought to be separated > out from the mbuf panic problem, is the potential for a deadlock or > denial of service attack when the system is attacked in a manner that > eats all available mbufs. > The traditional way to prevent resource-starvation DoSes from the user populus has been to add administrative limits. Using RLIMIT_SBSIZE does this nicely. Yes, this isn't actually fixing the panics, but it is good preventative medicine. > -Matt > Matthew Dillon > <dillon@backplane.com> > -- Brian Fundakowski Feldman \ FreeBSD: The Power to Serve! / green@FreeBSD.org `------------------------------' To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9909172256200.82747-100000>