• Neil Horman's avatar
    exec: let do_coredump() limit the number of concurrent dumps to pipes · a293980c
    Neil Horman authored
    Introduce core pipe limiting sysctl.
    
    Since we can dump cores to pipe, rather than directly to the filesystem,
    we create a condition in which a user can create a very high load on the
    system simply by running bad applications.
    
    If the pipe reader specified in core_pattern is poorly written, we can
    have lots of ourstandig resources and processes in the system.
    
    This sysctl introduces an ability to limit that resource consumption.
    core_pipe_limit defines how many in-flight dumps may be run in parallel,
    dumps beyond this value are skipped and a note is made in the kernel log.
    A special value of 0 in core_pipe_limit denotes unlimited core dumps may
    be handled (this is the default value).
    
    [akpm@linux-foundation.org: coding-style fixes]
    Signed-off-by: default avatarNeil Horman <nhorman@tuxdriver.com>
    Reported-by: default avatarEarl Chew <earl_chew@agilent.com>
    Cc: Oleg Nesterov <oleg@tv-sign.ru>
    Cc: Andi Kleen <andi@firstfloor.org>
    Cc: Alan Cox <alan@lxorguk.ukuu.org.uk>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    a293980c
sysctl.c 76 KB