• Neil Horman's avatar
    Introduce core pipe limiting sysctl. · 395c70c4
    Neil Horman authored
    Since we can dump cores to pipe, rather than directly to the filesystem,
    we create a condition in which a user can create a very high load on the
    system simply by running bad applications.
    
    If the pipe reader specified in core_pattern is poorly written, we can
    have lots of ourstandig resources and processes in the system.
    
    This sysctl introduces an ability to limit that resource consumption. 
    core_pipe_limit defines how many in-flight dumps may be run in parallel,
    dumps beyond this value are skipped and a note is made in the kernel log. 
    A special value of 0 in core_pipe_limit denotes unlimited core dumps may
    be handled (this is the default value).
    Signed-off-by: default avatarNeil Horman <nhorman@tuxdriver.com>
    Reported-by: default avatarEarl Chew <earl_chew@agilent.com>
    Cc: Oleg Nesterov <oleg@tv-sign.ru>
    Cc: Andi Kleen <andi@firstfloor.org>
    Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    395c70c4
exec.c 43.9 KB