Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 16 Aug 2012 17:29:16 +1000
From:      Peter Jeremy <peter@rulingia.com>
To:        Konstantin Belousov <kib@freebsd.org>
Cc:        svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org
Subject:   Re: svn commit: r239301 - in head/sys: kern nlm sys
Message-ID:  <20120816072916.GA12294@server.rulingia.com>
In-Reply-To: <201208151556.q7FFuLnM076015@svn.freebsd.org>
References:  <201208151556.q7FFuLnM076015@svn.freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help

--DocE+STaALJfprDB
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On 2012-Aug-15 15:56:21 +0000, Konstantin Belousov <kib@freebsd.org> wrote:
>  Add a sysctl kern.pid_max, which limits the maximum pid the system is
>  allowed to allocate, and corresponding tunable with the same
>  name. Note that existing processes with higher pids are left intact.

Sorry for not picking this up when you first posted the patch but I
think you need to place a lower bound on max_pid to prevent the system
being rendered unusable.

>Modified: head/sys/kern/kern_fork.c
>=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D
>--- head/sys/kern/kern_fork.c	Wed Aug 15 15:53:27 2012	(r239300)
>+++ head/sys/kern/kern_fork.c	Wed Aug 15 15:56:21 2012	(r239301)
>@@ -209,8 +209,8 @@ sysctl_kern_randompid(SYSCTL_HANDLER_ARG
> 	pid =3D randompid;
> 	error =3D sysctl_handle_int(oidp, &pid, 0, req);
> 	if (error =3D=3D 0 && req->newptr !=3D NULL) {
>-		if (pid < 0 || pid > PID_MAX - 100)	/* out of range */
>-			pid =3D PID_MAX - 100;
>+		if (pid < 0 || pid > pid_max - 100)	/* out of range */
>+			pid =3D pid_max - 100;

Setting max_pid to a value less than 100 will have an undesirable effect he=
re.

>+static int
>+sysctl_kern_pid_max(SYSCTL_HANDLER_ARGS)
>+{
>+	int error, pm;
>+
>+	pm =3D pid_max;
>+	error =3D sysctl_handle_int(oidp, &pm, 0, req);
>+	if (error || !req->newptr)
>+		return (error);
>+	sx_xlock(&proctree_lock);
>+	sx_xlock(&allproc_lock);
>+	/* Only permit the values less then PID_MAX. */
>+	if (pm > PID_MAX)
>+		error =3D EINVAL;
>+	else
>+		pid_max =3D pm;
>+	sx_xunlock(&allproc_lock);
>+	sx_xunlock(&proctree_lock);
>+	return (error);
>+}
>+SYSCTL_PROC(_kern, OID_AUTO, pid_max, CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_=
TUN |
>+    CTLFLAG_MPSAFE, 0, 0, sysctl_kern_pid_max, "I",
>+    "Maximum allowed pid");

I don't see anything in this code that would prevent setting max_pid
to an unusably low (as in making the system unusable) or even negative
value

>+	TUNABLE_INT_FETCH("kern.pid_max", &pid_max);
>+	if (pid_max > PID_MAX)
>+		pid_max =3D PID_MAX;
> }

Likewise, this needs a lower bounds check.

--=20
Peter Jeremy

--DocE+STaALJfprDB
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (FreeBSD)

iEYEARECAAYFAlAsoUwACgkQ/opHv/APuIecLgCfb6vRgonlR0UnIf6f6pMioKiK
ki8AnjX7t4aEvoCr+EChC6MRSHF31fQy
=e8AG
-----END PGP SIGNATURE-----

--DocE+STaALJfprDB--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120816072916.GA12294>