Re: [PATCH 14/16] vfs: Implement mount_super_once

From: Eric W. Biederman
Date: Tue Apr 19 2016 - 23:38:32 EST

Next message: éåæ: "Re:next: fuloong2e qemu boot failure due to 'MIPS: Loongson: AddLoongson-3A R2 basic support'"
Previous message: Jiang Qiu: "[PATCH v8 2/3] gpio: dwapb: convert device node to fwnode"
In reply to: H. Peter Anvin: "Re: [PATCH 14/16] vfs: Implement mount_super_once"
Next in thread: Austin S. Hemmelgarn: "Re: [PATCH 14/16] vfs: Implement mount_super_once"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

"H. Peter Anvin" <hpa@xxxxxxxxx> writes:

> On April 19, 2016 12:25:03 PM PDT, "H. Peter Anvin" <hpa@xxxxxxxxx> wrote:
>>
>>Perhaps a (privileged) option to exempt from the global limit, then.
>>Something we can implement if asked for.
>>
>>However, I wouldn't be 100% that the reserved pool isn't used. Someone
>>added it presumably for a reason. An administrator could say it and
>>we'd have no idea.
>
> ... and if I personally was running a container-hosting system, I
> would *absolutely* set it to make sure the administrator could not get
> locked out.

That is likely easier done by setting:
echo RIDICULOUSLY_LARGE_NUMBER > /proc/sys/kernel/pty/max

All I am certain about at this point is that no one cares on a day to
day basis or in any kind of ordinary scenario so this is something that
we can get away with changing.

But yes I would not be surprised if we have to come back and implement
something like your suggested extra mount option for devpts, so some
specified instances can dip into the reserved pool.

Eric

Next message: éåæ: "Re:next: fuloong2e qemu boot failure due to 'MIPS: Loongson: AddLoongson-3A R2 basic support'"
Previous message: Jiang Qiu: "[PATCH v8 2/3] gpio: dwapb: convert device node to fwnode"
In reply to: H. Peter Anvin: "Re: [PATCH 14/16] vfs: Implement mount_super_once"
Next in thread: Austin S. Hemmelgarn: "Re: [PATCH 14/16] vfs: Implement mount_super_once"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]