Re: [PATCH v2] Document /proc/pid PID reuse behavior

From: Michal Hocko
Date: Thu Nov 08 2018 - 08:25:18 EST

Next message: ClÃment PÃron: "Re: [PATCH v7 4/5] clocksource: add driver for i.MX EPIT timer"
Previous message: Neil Armstrong: "[PATCH RESEND] arm64: dts: meson-gx: Add hdmi_5v regulator as hdmi tx supply"
In reply to: David Laight: "RE: [PATCH v2] Document /proc/pid PID reuse behavior"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed 07-11-18 18:04:59, Martin Steigerwald wrote:
> Michal Hocko - 07.11.18, 17:00:
> > > > otherwise anybody could simply DoS the system
> > > > by consuming all available pids.
> > >
> > > People can do that today using the instrument of terror widely known
> > > as fork(2). The only thing standing between fork(2) and a full
> > > process table is RLIMIT_NPROC.
> >
> > not really. If you really do care about pid space depletion then you
> > should use pid cgroup controller.
>
> Its not quite on-topic, but I am curious now: AFAIK PID limit is 16
> bits. Right? Could it be raised to 32 bits? I bet it would be a major
> change throughout different parts of the kernel.
>
> 16 bits sound a bit low these days, not only for PIDs, but also for
> connections / ports.

Do you have any specific example of the pid space exhaustion? Well
except for a fork bomb attacks that could be mitigated by the pid cgroup
controller.
--
Michal Hocko
SUSE Labs

Next message: ClÃment PÃron: "Re: [PATCH v7 4/5] clocksource: add driver for i.MX EPIT timer"
Previous message: Neil Armstrong: "[PATCH RESEND] arm64: dts: meson-gx: Add hdmi_5v regulator as hdmi tx supply"
In reply to: David Laight: "RE: [PATCH v2] Document /proc/pid PID reuse behavior"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]