VmData exceeded data ulimit: should be forbidden?

Discuss usability issues, general maintenance, and general support issues for a grsecurity-enabled system.

VmData exceeded data ulimit: should be forbidden?

Postby Carlos Carvalho » Sat May 14, 2016 1:23 pm

I got this in the logs with 4.5.4-201605112030.patch:

kernel: : mmap: pure-ftpd (65643): VmData 8425472 exceed data ulimit 8388608. Will be forbidden soon.

I don't understand what it means but it sounds like a resource overstep. "Will be forbidden soon" may take longer than one might expect. Should grsec deal with this?
Carlos Carvalho
 
Posts: 27
Joined: Thu Apr 21, 2011 4:48 pm

Re: VmData exceeded data ulimit: should be forbidden?

Postby spender » Sat May 14, 2016 4:20 pm

In 4.5 for whatever reason, upstream Linux decided to reinterpret completely what various resource limits are supposed to apply to, essentially setting up any application setting these limits itself to be broken unless modified (so much for not breaking userland). So of course what I anticipated when this change went through is starting to happen. Unless they revert it, you'll need to update to newer versions of that software that can detect the kernel version and set its resource limits appropriately. The log you see is their current warning -- it'll be turned into an actual denial in some unknown future kernel version.

-Brad
spender
 
Posts: 2185
Joined: Wed Feb 20, 2002 8:00 pm


Return to grsecurity support