On Wed, Feb 21, 2018 at 10:21:04AM -0800, Andi Kleen wrote: > > But it should be fairly easy to just add a 'struct ratelimit_state' to > > 'struct user_struct', and then you can easily just use > > > > '&file->f_cred->user->ratelimit' > > > > and you're done. Make sure the initial root user has it unlimited, and > > limit it to something reasonable for all other user allocations. > > How about uid name spaces? Someone untrusted in a container could > create a lot of uids and switch between them. > > A global rate limit seems better. While in theory it allows DoS > it's probably not worse than a lot of others we have with > other resources, and it's relatively harmless. The EFI calls are all about checking system configuration. A thing that only a handful of users do on a very occasional basis. I don't see much harm if my "efibootmgr -v" call is slowed down a bit (or even a lot) because you are using a bunch of the available ratelimit reading the efivars. Per-user seems over engineered to solve this problem. -Tony -- To unsubscribe from this list: send the line "unsubscribe linux-efi" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html