diff mbox series

[3/6] tools/pygrub: Restrict depriv operation with RLIMIT_AS

Message ID 20231106150508.22665-4-alejandro.vallejo@cloud.com (mailing list archive)
State New, archived
Headers show
Series Pygrub security enhancements and bugfixes | expand

Commit Message

Alejandro Vallejo Nov. 6, 2023, 3:05 p.m. UTC 
Prevents the depriv pygrub from consuming more than a fixed amount of
memory.

Signed-off-by: Alejandro Vallejo <alejandro.vallejo@cloud.com>
---
 tools/pygrub/src/pygrub | 10 ++++++++++
 1 file changed, 10 insertions(+)

Comments

Andrew Cooper Nov. 22, 2023, 8:16 p.m. UTC | #1 
On 06/11/2023 3:05 pm, Alejandro Vallejo wrote:
> diff --git a/tools/pygrub/src/pygrub b/tools/pygrub/src/pygrub
> index 327cf51774..b96bdfd849 100755
> --- a/tools/pygrub/src/pygrub
> +++ b/tools/pygrub/src/pygrub
> @@ -75,6 +80,11 @@ def downgrade_rlimits():
>      resource.setrlimit(resource.RLIMIT_CORE,     (0, 0))
>      resource.setrlimit(resource.RLIMIT_MEMLOCK,  (0, 0))
>  
> +    max_ram_usage = LIMIT_AS
> +    if "PYGRUB_MAX_RAM_USAGE_MB" in os.environ.keys():

With the .keys() dropped as per patch 2.5/6,

Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>

Happy to do this on commit.
Alejandro Vallejo Nov. 23, 2023, 5:07 p.m. UTC | #2 
On 22/11/2023 20:16, Andrew Cooper wrote:
> On 06/11/2023 3:05 pm, Alejandro Vallejo wrote:
>> diff --git a/tools/pygrub/src/pygrub b/tools/pygrub/src/pygrub
>> index 327cf51774..b96bdfd849 100755
>> --- a/tools/pygrub/src/pygrub
>> +++ b/tools/pygrub/src/pygrub
>> @@ -75,6 +80,11 @@ def downgrade_rlimits():
>>       resource.setrlimit(resource.RLIMIT_CORE,     (0, 0))
>>       resource.setrlimit(resource.RLIMIT_MEMLOCK,  (0, 0))
>>   
>> +    max_ram_usage = LIMIT_AS
>> +    if "PYGRUB_MAX_RAM_USAGE_MB" in os.environ.keys():
> 
> With the .keys() dropped as per patch 2.5/6,
> 
> Acked-by: Andrew Cooper <andrew.cooper3@citrix.com>
> 
> Happy to do this on commit.

Sure

Cheers,
Alejandro
diff mbox series

Patch

diff --git a/tools/pygrub/src/pygrub b/tools/pygrub/src/pygrub
index 327cf51774..b96bdfd849 100755
--- a/tools/pygrub/src/pygrub
+++ b/tools/pygrub/src/pygrub
@@ -39,6 +39,11 @@  SECTOR_SIZE = 512
 # pygrub
 LIMIT_FSIZE = 128 << 20
 
+# Unless provided through the env variable PYGRUB_MAX_RAM_USAGE_MB, then
+# this is the maximum amount of memory allowed to be used by the depriv
+# pygrub.
+LIMIT_AS = 2 * LIMIT_FSIZE
+
 CLONE_NEWNS = 0x00020000 # mount namespace
 CLONE_NEWNET = 0x40000000 # network namespace
 CLONE_NEWIPC = 0x08000000 # IPC namespace
@@ -75,6 +80,11 @@  def downgrade_rlimits():
     resource.setrlimit(resource.RLIMIT_CORE,     (0, 0))
     resource.setrlimit(resource.RLIMIT_MEMLOCK,  (0, 0))
 
+    max_ram_usage = LIMIT_AS
+    if "PYGRUB_MAX_RAM_USAGE_MB" in os.environ.keys():
+        max_ram_usage = int(os.environ["PYGRUB_MAX_RAM_USAGE_MB"]) << 20
+    resource.setrlimit(resource.RLIMIT_AS,  (max_ram_usage, max_ram_usage))
+
     # py2's resource module doesn't know about resource.RLIMIT_MSGQUEUE
     #
     # TODO: Use resource.RLIMIT_MSGQUEUE after python2 is deprecated