29e44f4535
Impose a limit on the number of watches that a user can hold so that
they can't use this mechanism to fill up all the available memory.
This is done by putting a counter in user_struct that's incremented when
a watch is allocated and decreased when it is released. If the number
exceeds the RLIMIT_NOFILE limit, the watch is rejected with EAGAIN.
This can be tested by the following means:
(1) Create a watch queue and attach it to fd 5 in the program given - in
this case, bash:
keyctl watch_session /tmp/nlog /tmp/gclog 5 bash
(2) In the shell, set the maximum number of files to, say, 99:
ulimit -n 99
(3) Add 200 keyrings:
for ((i=0; i<200; i++)); do keyctl newring a$i @s || break; done
(4) Try to watch all of the keyrings:
for ((i=0; i<200; i++)); do echo $i; keyctl watch_add 5 %:a$i || break; done
This should fail when the number of watches belonging to the user hits
99.
(5) Remove all the keyrings and all of those watches should go away:
for ((i=0; i<200; i++)); do keyctl unlink %:a$i; done
(6) Kill off the watch queue by exiting the shell spawned by
watch_session.
Fixes:
|
||
|---|---|---|
| .. | ||
| autogroup.h | ||
| clock.h | ||
| coredump.h | ||
| cpufreq.h | ||
| cputime.h | ||
| deadline.h | ||
| debug.h | ||
| hotplug.h | ||
| idle.h | ||
| init.h | ||
| isolation.h | ||
| jobctl.h | ||
| loadavg.h | ||
| mm.h | ||
| nohz.h | ||
| numa_balancing.h | ||
| prio.h | ||
| rt.h | ||
| signal.h | ||
| smt.h | ||
| stat.h | ||
| sysctl.h | ||
| task.h | ||
| task_stack.h | ||
| topology.h | ||
| types.h | ||
| user.h | ||
| wake_q.h | ||
| xacct.h | ||