git: kernel - Automatically downscasle NPROC resource limit
Matthew Dillon
dillon at crater.dragonflybsd.org
Wed Jul 5 09:14:11 PDT 2017
commit e7e1189fb188fbaff70fbfd50b4ecde079c824e6
Author: Matthew Dillon <dillon at apollo.backplane.com>
Date: Wed Jul 5 09:07:06 2017 -0700
kernel - Automatically downscasle NPROC resource limit
* Downscale the NPROC resource limit based on fork and chroot depth, up
to 50%, and also make the limit apply to root processes. This is intended
to be a poor-man's safety, preventing run-away (root or other) process
creation from completely imploding a system.
* Each level of fork() downscales the NPROC resource limit by 1/3%,
capped at 32 levels (~10%)
* Each chroot (including that made by a jail) downscales the NPROC
resource limit by 10%, up to 40%.
Summary of changes:
sys/kern/kern_fork.c | 23 +++++++++++++++++------
sys/kern/kern_plimit.c | 32 ++++++++++++++++++++++++++++++++
sys/kern/vfs_syscalls.c | 7 +++++++
sys/sys/proc.h | 3 ++-
sys/sys/resourcevar.h | 1 +
5 files changed, 59 insertions(+), 7 deletions(-)
http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e7e1189fb188fbaff70fbfd50b4ecde079c824e6
--
DragonFly BSD source repository
More information about the Commits
mailing list