diff options
| author | Roland McGrath <roland@redhat.com> | 2005-03-07 18:18:00 -0800 |
|---|---|---|
| committer | Linus Torvalds <torvalds@ppc970.osdl.org> | 2005-03-07 18:18:00 -0800 |
| commit | 98e4b451306be8eb831c9ed102cf34c54ef358ea (patch) | |
| tree | 0f3811ce39b38db95c8867a47a3eb6c7809e59fe /fs/proc/array.c | |
| parent | 9046dd435b58f6118d9fa5a9ab2e51ba4e0e9c93 (diff) | |
[PATCH] override RLIMIT_SIGPENDING for non-RT signals
I can read POSIX to say that the siginfo_t data must be available when
`kill' was used, as well. This patch makes it allocate the siginfo_t, even
when that exceeds {RLIMIT_SIGPENDING}, for any non-RT signal (< SIGRTMIN)
not sent by sigqueue (actually, any signal that couldn't have been faked by
a sigqueue call). Of course, in an extreme memory shortage situation, you
are SOL and violate POSIX a little before you die horribly from being out
of memory anyway.
The LEGACY_QUEUE logic already ensures that, for non-RT signals, at most
one is ever on the queue. So there really is no risk at all of unbounded
resource consumption; the usage can reach {RLIMIT_SIGPENDING} + 31, is all.
It's already the case that the limit can be exceeded by (in theory) up to
{RLIMIT_NPROC}-1 in race conditions because the bump and the limit check
are not atomic. (Obviously you can only get anywhere near that many with
assloads of preemption, but exceeding it by a few is not too unlikely.)
This patch also fixes that accounting so that it should not be possible to
exceed {RLIMIT_SIGPENDING} + SIGRTMIN-1 queue items per user in races.
Signed-off-by: Roland McGrath <roland@redhat.com>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Diffstat (limited to 'fs/proc/array.c')
0 files changed, 0 insertions, 0 deletions