From owner-freebsd-threads@FreeBSD.ORG Mon Sep 19 14:02:16 2011 Return-Path: Delivered-To: freebsd-threads@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B30D6106566B; Mon, 19 Sep 2011 14:02:16 +0000 (UTC) (envelope-from misho@elwix.org) Received: from x0r.aitnet.org (x0r.aitnet.org [84.238.153.240]) by mx1.freebsd.org (Postfix) with ESMTP id 6DC318FC15; Mon, 19 Sep 2011 14:02:16 +0000 (UTC) Received: from localhost (unknown [127.0.0.1]) by x0r.aitnet.org (Postfix) with ESMTP id 74CA53F731; Mon, 19 Sep 2011 16:43:48 +0300 (EEST) X-Virus-Scanned: amavisd-new at aitnet.org Received: from x0r.aitnet.org ([127.0.0.1]) by localhost (x0r.aitnet.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ktR6gHi83ytv; Mon, 19 Sep 2011 16:43:48 +0300 (EEST) Received: from localhost (unknown [212.116.129.162]) by x0r.aitnet.org (Postfix) with ESMTPSA id 010983F72B; Mon, 19 Sep 2011 16:43:47 +0300 (EEST) Date: Mon, 19 Sep 2011 16:47:57 +0300 From: Michael Pounov To: John Baldwin Message-Id: <20110919164757.dcbae5a1.misho@elwix.org> In-Reply-To: <201109190843.27576.jhb@freebsd.org> References: <201109171150.p8HBo8lZ071542@freefall.freebsd.org> <201109190843.27576.jhb@freebsd.org> Organization: ELWIX X-Mailer: Sylpheed 3.1.0 (GTK+ 2.22.1; i386-portbld-freebsd8.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: freebsd-threads@freebsd.org Subject: Re: threads/160708: Bypass process stack quota :) X-BeenThere: freebsd-threads@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Threading on FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Sep 2011 14:02:16 -0000 On Mon, 19 Sep 2011 08:43:27 -0400 John Baldwin wrote: > On Saturday, September 17, 2011 7:50:08 am Michael Pounov wrote: > > The following reply was made to PR threads/160708; it has been noted by > GNATS. > > > > From: Michael Pounov > > To: freebsd-gnats-submit@freebsd.org > > Cc: > > Subject: Re: threads/160708: Bypass process stack quota :) > > Date: Sat, 17 Sep 2011 14:26:11 +0300 > > > > Hmm, you no so right Peter. > > > > Yes I can move esp pointer in any other address, but please > > start program and see address of allocated memory for every thread. > > All this allocations is made in upper memory called stack. > > > > Try same alloca() in main program thread and you see how > > system terminate program if you going over stack limit. > > It's not very practical to apply this limit to multithreaded apps. Would you > want it to be a global limit (i.e. all stacks summed together must be <= > limit) or a per-thread limit (i.e. each thread's stack must be <= limit). > Also, given that RLIMIT_DATA is now obsolete (since malloc() defaults to using > MAP_ANON with mmap() rather than sbrk()), using RLIMIT_AS is probably the > right thing if you are trying to prevent local DOS. > > -- > John Baldwin My opinion from security viewpoint is all stacks summed together must be <= limit. Also reasonable solution is each thread's stack must be <= limit. Problem is not from own software, problem appears from buggy software of customer installed on server. I am not happy with that, when customer able get all resources with user account. This should be avoided when posible. -- Michael Pounov