mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-10-02 15:18:19 +00:00
Code Issues Releases Wiki Activity
linux-stable/include
History
Eric W. Biederman d29216842a mnt: Add a per mount namespace limit on the number of mounts 
CAI Qian <caiqian@redhat.com> pointed out that the semantics
of shared subtrees make it possible to create an exponentially
increasing number of mounts in a mount namespace.

    mkdir /tmp/1 /tmp/2
    mount --make-rshared /
    for i in $(seq 1 20) ; do mount --bind /tmp/1 /tmp/2 ; done

Will create create 2^20 or 1048576 mounts, which is a practical problem
as some people have managed to hit this by accident.

As such CVE-2016-6213 was assigned.

Ian Kent <raven@themaw.net> described the situation for autofs users
as follows:

> The number of mounts for direct mount maps is usually not very large because of
> the way they are implemented, large direct mount maps can have performance
> problems. There can be anywhere from a few (likely case a few hundred) to less
> than 10000, plus mounts that have been triggered and not yet expired.
>
> Indirect mounts have one autofs mount at the root plus the number of mounts that
> have been triggered and not yet expired.
>
> The number of autofs indirect map entries can range from a few to the common
> case of several thousand and in rare cases up to between 30000 and 50000. I've
> not heard of people with maps larger than 50000 entries.
>
> The larger the number of map entries the greater the possibility for a large
> number of active mounts so it's not hard to expect cases of a 1000 or somewhat
> more active mounts.

So I am setting the default number of mounts allowed per mount
namespace at 100,000.  This is more than enough for any use case I
know of, but small enough to quickly stop an exponential increase
in mounts.  Which should be perfect to catch misconfigurations and
malfunctioning programs.

For anyone who needs a higher limit this can be changed by writing
to the new /proc/sys/fs/mount-max sysctl.

Tested-by: CAI Qian <caiqian@redhat.com>
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
2016-09-30 12:46:48 -05:00
..
acpi treewide: replace obsolete _refok by __ref 2016-08-02 17:31:41 -04:00
asm-generic RTC for 4.8 2016-08-05 09:48:22 -04:00
clocksource
crypto A number of improvements for the /dev/random driver; the most 2016-07-27 15:11:55 -07:00
drm Merge branch 'generic-zpos-v8' of http://git.linaro.org/people/benjamin.gaignard/kernel into drm-next 2016-08-03 08:40:24 +10:00
dt-bindings ARM: DT updates for v4.8 2016-08-01 18:37:45 -04:00
keys
kvm KVM/ARM Changes for v4.8 - Take 2 2016-08-04 13:59:56 +02:00
linux mnt: Add a per mount namespace limit on the number of mounts 2016-09-30 12:46:48 -05:00
math-emu
media dma-mapping: use unsigned long for dma_attrs 2016-08-04 08:50:07 -04:00
memory
misc
net netns: Add a limit on the number of net namespaces 2016-08-08 14:42:04 -05:00
pcmcia
ras
rdma Second round of merge items for 4.8 2016-08-04 20:26:31 -04:00
rxrpc
scsi Merge branch 'for-next' of git://git.kernel.org/pub/scm/linux/kernel/git/nab/target-pending 2016-08-04 20:04:37 -04:00
soc ARM: SoC driver updates for v4.8 2016-08-01 18:36:01 -04:00
sound Merge tag 'drm-for-v4.8' of git://people.freedesktop.org/~airlied/linux 2016-08-01 21:44:08 -04:00
target
trace block: rename bio bi_rw to bi_opf 2016-08-07 14:41:02 -06:00
uapi nsfs: add ioctl to get a parent namespace 2016-09-22 19:59:41 -05:00
video
xen dma-mapping: use unsigned long for dma_attrs 2016-08-04 08:50:07 -04:00
Kbuild