[PATCH 2/2] mm: limit VmData with RLIMIT_DATA
From: Konstantin Khlebnikov
Date: Sat Jan 23 2016 - 02:40:52 EST
This adds is correct version of RLIMIT_DATA check.
And kernel boot option "ignore_rlimit_data" for reverting old behavior.
Also could be set by /sys/module/kernel/parameters/ignore_rlimit_data.
Signed-off-by: Konstantin Khlebnikov <koct9i@xxxxxxxxx>
---
Documentation/kernel-parameters.txt | 5 +++++
mm/mmap.c | 8 ++++++++
2 files changed, 13 insertions(+)
diff --git a/Documentation/kernel-parameters.txt b/Documentation/kernel-parameters.txt
index cfb2c0f1a4a8..850239102e86 100644
--- a/Documentation/kernel-parameters.txt
+++ b/Documentation/kernel-parameters.txt
@@ -1461,6 +1461,11 @@ bytes respectively. Such letter suffixes can also be entirely omitted.
could change it dynamically, usually by
/sys/module/printk/parameters/ignore_loglevel.
+ ignore_rlimit_data
+ Ignore setrlimit(RLIMIT_DATA) setting for private
+ mappings (as it was before). Could be changed by
+ /sys/module/kernel/parameters/ignore_rlimit_data.
+
ihash_entries= [KNL]
Set number of hash buckets for inode cache.
diff --git a/mm/mmap.c b/mm/mmap.c
index e0cd98c510ba..af272025b1b9 100644
--- a/mm/mmap.c
+++ b/mm/mmap.c
@@ -42,6 +42,7 @@
#include <linux/memory.h>
#include <linux/printk.h>
#include <linux/userfaultfd_k.h>
+#include <linux/moduleparam.h>
#include <asm/uaccess.h>
#include <asm/cacheflush.h>
@@ -69,6 +70,8 @@ const int mmap_rnd_compat_bits_max = CONFIG_ARCH_MMAP_RND_COMPAT_BITS_MAX;
int mmap_rnd_compat_bits __read_mostly = CONFIG_ARCH_MMAP_RND_COMPAT_BITS;
#endif
+static bool ignore_rlimit_data = false;
+core_param(ignore_rlimit_data, ignore_rlimit_data, bool, 0644);
static void unmap_region(struct mm_struct *mm,
struct vm_area_struct *vma, struct vm_area_struct *prev,
@@ -2982,6 +2985,11 @@ bool may_expand_vm(struct mm_struct *mm, vm_flags_t flags, unsigned long npages)
if (mm->total_vm + npages > rlimit(RLIMIT_AS) >> PAGE_SHIFT)
return false;
+ if (!ignore_rlimit_data && (flags & (VM_WRITE | VM_SHARED |
+ (VM_STACK_FLAGS & (VM_GROWSUP | VM_GROWSDOWN)))) == VM_WRITE &&
+ mm->data_vm + npages > rlimit(RLIMIT_DATA) >> PAGE_SHIFT)
+ return false;
+
return true;
}