Track maximum number of processes per user and present it in /proc/self/limits.
Signed-off-by: Topi Miettinen <toiwo...@gmail.com> --- fs/proc/base.c | 4 ++++ include/linux/sched.h | 1 + kernel/fork.c | 5 +++++ kernel/sys.c | 5 +++++ 4 files changed, 15 insertions(+) diff --git a/fs/proc/base.c b/fs/proc/base.c index 1df4fc8..02576c6 100644 --- a/fs/proc/base.c +++ b/fs/proc/base.c @@ -670,6 +670,10 @@ static int proc_pid_limits(struct seq_file *m, struct pid_namespace *ns, seq_printf(m, "%-20lu\n", psecs); } break; + case RLIMIT_NPROC: + seq_printf(m, "%-20d\n", + atomic_read(&task->real_cred->user->max_processes)); + break; default: seq_printf(m, "%-20lu\n", task->signal->rlim_curmax[i]); diff --git a/include/linux/sched.h b/include/linux/sched.h index 0150380..feb9bb7 100644 --- a/include/linux/sched.h +++ b/include/linux/sched.h @@ -838,6 +838,7 @@ static inline int signal_group_exit(const struct signal_struct *sig) struct user_struct { atomic_t __count; /* reference count */ atomic_t processes; /* How many processes does this user have? */ + atomic_t max_processes; /* How many processes has this user had at the same time? */ atomic_t sigpending; /* How many pending signals does this user have? */ #ifdef CONFIG_INOTIFY_USER atomic_t inotify_watches; /* How many inotify watches does this user have? */ diff --git a/kernel/fork.c b/kernel/fork.c index 5c2c355..667290f 100644 --- a/kernel/fork.c +++ b/kernel/fork.c @@ -1653,6 +1653,11 @@ static struct task_struct *copy_process(unsigned long clone_flags, trace_task_newtask(p, clone_flags); uprobe_copy_process(p, clone_flags); + if (atomic_read(&p->real_cred->user->max_processes) < + atomic_read(&p->real_cred->user->processes)) + atomic_set(&p->real_cred->user->max_processes, + atomic_read(&p->real_cred->user->processes)); + return p; bad_fork_cancel_cgroup: diff --git a/kernel/sys.c b/kernel/sys.c index 6629f6f..955cf21 100644 --- a/kernel/sys.c +++ b/kernel/sys.c @@ -439,6 +439,11 @@ static int set_user(struct cred *new) else current->flags &= ~PF_NPROC_EXCEEDED; + if (atomic_read(&new_user->max_processes) < + atomic_read(&new_user->processes)) + atomic_set(&new_user->max_processes, + atomic_read(&new_user->processes)); + free_uid(new->user); new->user = new_user; return 0; -- 2.8.1