Page MenuHomeFreeBSD
Differential D57031

limits: Further RLIMIT_VMM cleanup
ClosedPublic
Actions

Authored by des on May 16 2026, 4:38 PM.
Tags
None
Referenced Files
Unknown Object (File)
Wed, Jun 10, 5:28 PM
Unknown Object (File)
Tue, Jun 9, 11:24 AM
Unknown Object (File)
Thu, Jun 4, 3:01 PM
Unknown Object (File)
Thu, Jun 4, 5:11 AM
Unknown Object (File)
Thu, Jun 4, 5:07 AM
Unknown Object (File)
Thu, Jun 4, 4:24 AM
Unknown Object (File)
Thu, Jun 4, 4:19 AM
Unknown Object (File)
Wed, Jun 3, 5:44 PM
View All Files
Subscribers
andrew_tao173.riddles.org.uk
imp

Details

Reviewers
bnovkov
jilles
olce
Commits
rG363ea40c7654: limits: Further RLIMIT_VMM cleanup
Summary

Teach limits(1), sh(1), and setclassresources(3) about RLIMIT_VMM.

Fixes: 1092ec8b3375 ("kern: Introduce RLIMIT_VMM")

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

des created this revision.May 16 2026, 4:38 PM
Herald added a reviewer: jilles. · View Herald TranscriptMay 16 2026, 4:38 PM
Herald added a reviewer: olce. · View Herald Transcript
Herald added a subscriber: imp. · View Herald Transcript
des requested review of this revision.May 16 2026, 4:38 PM
Herald added a subscriber: andrew_tao173.riddles.org.uk. · View Herald TranscriptMay 16 2026, 4:38 PM
Harbormaster completed remote builds in B73149: Diff 177928.May 16 2026, 4:38 PM
des mentioned this in D55041: login: install per-UID setrlimit(2) limits on login.May 16 2026, 4:41 PM
jilles added a comment.May 16 2026, 9:09 PM

It feels a little weird to clutter up ulimit -a and limits with a limit for this pretty exotic feature.

jilles added inline comments.May 17 2026, 2:26 PM
lib/libutil/login_class.c
69

Does the keyword vmm need to be documented somewhere, especially because limits calls it vms instead?

des updated this revision to Diff 177965.May 17 2026, 2:51 PM

typo

Harbormaster completed remote builds in B73162: Diff 177965.May 17 2026, 2:51 PM
des marked an inline comment as done.May 17 2026, 2:51 PM
des added inline comments.
lib/libutil/login_class.c
69

That's a typo, it should be vms in both cases. It is intended to be descriptive.

des marked an inline comment as done.May 17 2026, 2:52 PM
bnovkov added a comment.May 17 2026, 4:20 PM
In D57031#1306916, @jilles wrote:

It feels a little weird to clutter up ulimit -a and limits with a limit for this pretty exotic feature.

Virtual machines are hardly an exotic feature, and ever since af099eaa5ec3 landed unprivileged users are able to create virtual machines.
This limit is meant to prevent unprivileged users from exhausting kernel memory by repeatedly creating new virtual machines.

bnovkov accepted this revision.May 17 2026, 4:21 PM

Looks good to me, thank you for working on this. I'll follow up on this with a patch that fully incorporates the uses of RLIMIT_VMM into the setrlimit(2) machinery tomorrow.

This revision is now accepted and ready to land.May 17 2026, 4:21 PM
Closed by commit rG363ea40c7654: limits: Further RLIMIT_VMM cleanup (authored by des). · Explain WhyMay 17 2026, 4:24 PM
This revision was automatically updated to reflect the committed changes.
des added a commit: rG363ea40c7654: limits: Further RLIMIT_VMM cleanup.

Revision Contents
Changeset List

PathSize
bin/
sh/
5 lines
lib/
libutil/
1 line
usr.bin/
limits/
2 lines

Diff 177970

View Options

bin/sh/miscbltin.c

Loading...
View Options

lib/libutil/login_class.c

Loading...
View Options

usr.bin/limits/limits.c

Loading...