Re: mount --bind accounting

Stephen C. Tweedie (sct@redhat.com)
Wed, 6 Jun 2001 19:20:13 +0100


Hi,

On Sun, Jun 03, 2001 at 10:38:29PM +0200, Andries.Brouwer@cwi.nl wrote:

> Each bind does an alloc_vfsmnt() and hence takes some kernel memory.
> Any user can therefore take all kernel memory, until
> kmalloc(sizeof(struct vfsmount), GFP_KERNEL)
> fails. Bad security.

Until we can account properly for basic things like page tables, the
small kmallocs for things like vfsmount and file structs will be
negligible in comparison.

Fortunately we used to have at least skeleton patches for a framework
in which to do this. Whatever happened to beancounter, anyway? Is
somebody maintaining that at all these days?

Cheers,
Stephen
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/