LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: Ferry Toth <ftoth@telfort.nl>
To: Mike Galbraith <efault@gmx.de>
Cc: lkml <linux-kernel@vger.kernel.org>
Subject: Re: DOS by unprivileged user
Date: Fri, 20 Apr 2018 10:39:21 +0200	[thread overview]
Message-ID: <1911073.n8LaRrY1S6@ferry-quad> (raw)
In-Reply-To: <1524199618.5757.3.camel@gmx.de>

Op vrijdag 20 april 2018 06:46:58 CEST schreef Mike Galbraith:
> On Thu, 2018-04-19 at 21:13 +0200, Ferry Toth wrote:
> > It appears any ordinary user can easily create a DOS on linux.
> > 
> > One sure way to reproduce this is to open gitk on the linux kernel repo 
> > (SIC) on a machine with 8GB RAM 16 GB swap on a HDD with btrfs and quad core 
> > + hyperthreading. But I will be easy enough to get the same effect with more 
> > RAM, other fs etc.
> > 
> > In this case gitk allocates more and more memory (until my system freezes 
> > 6.5GB of 7.5GB avaiable), the system starts swapping or writing to tmp files 
> > (can't investigate as there is no time until it freezes) and the io wait 
> > goes to 100% on all cores. At this point it is impossible to login from 
> > remote and local keyboard and mouse are frozen. Hard reset is the only way 
> > out at this point.
> 
> datapoint: my i4790/ext4 box running master.yesterday booted mem=8G
> became highly unpleasant to use, but I retained control, and the all
> cores going to 100% thing did not happen at any time.
> 
> I didn't try constraining on the gitk user, just turned it loose a few
> times to see if it managed to render box effectively dead.  It failed
> to kill my box, but (expectedly) did make it suck rocks.
> 
> 	-Mike
> 

Yes, might be less dramatic with ext4 than with btrfs (COW icw fsync on hdd'\0s destroys performance 
of things like virtualbox, databases, dpkg).

Nevertheless I feel one process should not be allowed to harm other processes by denying them resources. Even if when btrfs makes it easy abuse I think the scheduler should have throttled gitk.

  reply	other threads:[~2018-04-20  8:46 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-04-19 19:13 Ferry Toth
2018-04-20  4:46 ` Mike Galbraith
2018-04-20  8:39   ` Ferry Toth [this message]
2018-04-20 12:37     ` Mike Galbraith
2018-04-22 10:16 ` Pavel Machek
2018-04-22 17:43   ` vcaputo
2018-04-23  0:27     ` Michal Hocko
2018-04-23  7:13       ` Pavel Machek
     [not found] ` <4285098.DEWjdbWF2X@delfion>
     [not found]   ` <1524325275.8078.2.camel@gmx.de>
     [not found]     ` <6057755.ozdVOybsI6@delfion>
2018-04-23  8:04       ` Mike Galbraith
2018-04-25 14:54         ` Alan Cox
2018-04-25 16:21           ` Mike Galbraith
2018-04-25 16:50           ` Mike Galbraith
2018-04-30 10:00           ` Ferry Toth
2018-04-30 10:35             ` Miguel Ojeda

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1911073.n8LaRrY1S6@ferry-quad \
    --to=ftoth@telfort.nl \
    --cc=efault@gmx.de \
    --cc=linux-kernel@vger.kernel.org \
    --subject='Re: DOS by unprivileged user' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).