Michal Hocko <mho...@kernel.org> writes: > On Wed 23-05-18 14:46:43, Eric W. Biederman wrote: > [...] >> As two processes sharing an mm is useless and highly unlikely there is >> no need to handle this case well, it just needs to be handled well >> enough to prevent an indefinite loop. So when css_tryget_online fails >> just treat the mm as belong to the root memory cgroup. > > Does that mean that a malicious user can construct such a task and > runaway from its limits?
Unfortunately if the memory cgroup is delegated than yes that can happen. So removing the loop in get_mem_cgroup_from_mm won't work. Eric
