| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 11 Oct 2017 12:03:59 -0700
From: Shakeel Butt <shakeelb@...gle.com>
To: Alexander Viro <viro@...iv.linux.org.uk>,
Vladimir Davydov <vdavydov.dev@...il.com>,
Michal Hocko <mhocko@...nel.org>,
Greg Thelen <gthelen@...gle.com>,
Johannes Weiner <hannes@...xchg.org>
Cc: Andrew Morton <akpm@...ux-foundation.org>, linux-mm@...ck.org,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
Shakeel Butt <shakeelb@...gle.com>
Subject: [PATCH v2] fs, mm: account filp cache to kmemcg
The allocations from filp cache can be directly triggered by user
space applications. A buggy application can consume a significant
amount of unaccounted system memory. Though we have not noticed
such buggy applications in our production but upon close inspection,
we found that a lot of machines spend very significant amount of
memory on these caches.
One way to limit allocations from filp cache is to set system level
limit of maximum number of open files. However this limit is shared
between different users on the system and one user can hog this
resource. To cater that, we can charge filp to kmemcg and set the
maximum limit very high and let the memory limit of each user limit
the number of files they can open and indirectly limiting their
allocations from filp cache.
One side effect of this change is that it will allow _sysctl() to
return ENOMEM and the man page of _sysctl() does not specify that.
However the man page also discourages to use _sysctl() at all.
Signed-off-by: Shakeel Butt <shakeelb@...gle.com>
---
Changelog since v1:
- removed names_cache charging to kmemcg
fs/file_table.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/file_table.c b/fs/file_table.c
index 61517f57f8ef..567888cdf7d3 100644
--- a/fs/file_table.c
+++ b/fs/file_table.c
@@ -312,7 +312,7 @@ void put_filp(struct file *file)
void __init files_init(void)
{
filp_cachep = kmem_cache_create("filp", sizeof(struct file), 0,
- SLAB_HWCACHE_ALIGN | SLAB_PANIC, NULL);
+ SLAB_HWCACHE_ALIGN | SLAB_PANIC | SLAB_ACCOUNT, NULL);
percpu_counter_init(&nr_files, 0, GFP_KERNEL);
}
--
2.15.0.rc0.271.g36b669edcc-goog
Powered by blists - more mailing lists