From nobody Mon Aug 02 15:06:43 2021 X-Original-To: jail@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id D155E1344686 for ; Mon, 2 Aug 2021 15:06:53 +0000 (UTC) (envelope-from freebsd@grem.de) Received: from mail.evolve.de (mail.evolve.de [213.239.217.29]) (using TLSv1.3 with cipher TLS_CHACHA20_POLY1305_SHA256 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA512 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail.evolve.de", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4GdhDY3tVkz4ZJS for ; Mon, 2 Aug 2021 15:06:53 +0000 (UTC) (envelope-from freebsd@grem.de) Received: by mail.evolve.de (OpenSMTPD) with ESMTP id 91525f9d; Mon, 2 Aug 2021 15:06:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=grem.de; h=content-type :content-transfer-encoding:mime-version:subject:from:in-reply-to :date:cc:message-id:references:to; s=20180501; bh=3lE0XtCo4HXW+X tcuHBQykSwS5k=; b=alqY7AAQC/gxtYQ7ZGytQuIJBzWF9AKbYGRFNekWjHOdrG cjeD+DGEjfARky+G0GwSDzcraQhC1YtEwKih8CNa4HiFipZW+8ApaxqRd0kYeR9b eLr7Gsj2HzT6oBaNNU0Iw6eRCbcsxnyExxAaszE7yNYb5eY6QOoKy7sQWuJNxHCI bP3s3udSw+D788ZMkJRfq7Gf8O5i0yX4cS8LXLUzl7AnJYbXBcE1+vcYqnQC19NF nf4OsH+r8fDURBFpxDVQ2nboRwDTW5v87bhVvz9UM3PIO4emBX3ThEKmN0K1m38o IndYZ6SGM4uKBknkTf5pC1mJrTk4INe+NYrM1jmg== DomainKey-Signature: a=rsa-sha1; c=nofws; d=grem.de; h=content-type :content-transfer-encoding:mime-version:subject:from:in-reply-to :date:cc:message-id:references:to; q=dns; s=20180501; b=WAKmSzMi Cwi9I3WJSo17yICjWOrX0srUodV99LdrZoM0APnx6SPssje9pXV1xK2MCXSphQ3j /174/ruaxOFqcZtsOEZg59OL3O+8PdlSTvVYe5y/jVMt8igZ6eHg2keDW4ZjPUEK 0nAkGiMcP6r56FpGp5EpaTvhL6DFbl6MtKPB8QAi7TB7bRzj4W9Jvb3/BRDqpq7f zj1GVA3jf/afwhzcVywR92iEm5r1vQSlepDg9ZjsLGXeUyJ6eXebCPJjrvMx/Xzd rqWQlDkjaCIXRmxjCGCgTg2GsJwY6GvU1Fef0dM+Nl0S5YokfidLN1A80XRRSXwQ fW2KdstzdzHyfw== Received: by mail.evolve.de (OpenSMTPD) with ESMTPSA id d0bf7f9a (TLSv1.3:AEAD-CHACHA20-POLY1305-SHA256:256:NO); Mon, 2 Aug 2021 15:06:44 +0000 (UTC) Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable List-Id: Discussion about FreeBSD jail(8) List-Archive: https://lists.freebsd.org/archives/freebsd-jail List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-jail@freebsd.org Mime-Version: 1.0 (1.0) Subject: Re: POSIX shared memory, jails, and (lack of) limits From: Michael Gmelin In-Reply-To: Date: Mon, 2 Aug 2021 17:06:43 +0200 Cc: jail@freebsd.org Message-Id: References: To: Konstantin Belousov X-Mailer: iPhone Mail (18F72) X-Rspamd-Queue-Id: 4GdhDY3tVkz4ZJS X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[] X-ThisMailContainsUnwantedMimeParts: N > On 2. Aug 2021, at 15:56, Konstantin Belousov wrote:= >=20 > =EF=BB=BFOn Mon, Aug 02, 2021 at 02:19:00PM +0200, Michael Gmelin wrote: >> Hi, >>=20 >> I've been playing a bit with POSIX shared memory and, unlike for SysV >> shared memory, I couldn't find any way to limit its use by jails. >>=20 >> First, I looked at racct/rctl, but there is no resource for POSIX shared >> memory and memoryuse/vmemoryuse don't seem to have an effect (which >> makes sense). >>=20 >> Then I checked if there are jail parameters that could help, but there >> doesn't seem to be anything like "allow.sysvshm" for POSIX shared >> memory to limit access to the feature. >>=20 >> So, unless I'm missing something, it seems like all jails on a system >> have unlimited access to POSIX shared memory and therefore any single >> jail can use up the jailhost's virtual memory until the jailhost comes >> to a grinding halt. >>=20 >> I wrote a little test program that keeps allocating POSIX shared memory >> inside of a jail and it can easily bring the host down to its knees: >>=20 >> login: Aug 2 12:12:09 test kernel: pid 11825 (getty), jid 0, uid 0, >> was killed: out of swap space >> Aug 2 12:12:10 test init[11827]: getty repeating too quickly on port >> /dev/ttyu0, sleeping 30 secs >> Aug 2 12:12:10 test kernel: pid 11826 (getty), jid 0, uid 0, was >> killed: out of swap space >=20 > Posix shm is limited by the swap accounting. For non-jail consumers, > it is per-uid RLIMIT_SWAP. I do not know if other mechanisms make > RLIMIT_SWAP per-jail per-uid. Unfortunately it seems like POSIX shared memory is not linked to the jail it= was created in (we discussed this on this list in June and I created a few P= Rs about that), so per jail rctl rules don=E2=80=99t apply (and limiting uid= 0 won=E2=80=99t have the desired effect ^_^). Best Michael