From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-15.1 required=3.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_SANE_1 autolearn=ham autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6BF49C433ED for ; Wed, 28 Apr 2021 06:54:20 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 3DD156141F for ; Wed, 28 Apr 2021 06:54:20 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236786AbhD1GzD (ORCPT ); Wed, 28 Apr 2021 02:55:03 -0400 Received: from relay.sw.ru ([185.231.240.75]:49510 "EHLO relay.sw.ru" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236695AbhD1GzC (ORCPT ); Wed, 28 Apr 2021 02:55:02 -0400 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=virtuozzo.com; s=relay; h=Content-Type:MIME-Version:Date:Message-ID:Subject :From; bh=/VbrVWS6Ch2vyCB1qTjVFgXYG2RagNwD5SNiTLhlnlM=; b=J2AY0i1XxvmJyAsWfhJ NgvuNjRjx5ACKAbzA5efimghrdGyYa+mjqK16X7aiP25ECkC8RwH0xW0CFqhjY2ili1kRJ4qT7HjK FVnAH9hhnJNVt1hW9svTA/SnP/tQ9o7HKGYoR+xtbn8twdxqhWd5nF+UOZPlaLa+6s6O24s8w48= Received: from [10.93.0.56] by relay.sw.ru with esmtp (Exim 4.94) (envelope-from ) id 1lbe5Q-001Vkj-Ar; Wed, 28 Apr 2021 09:54:16 +0300 From: Vasily Averin Subject: [PATCH v4 15/16] memcg: enable accounting for tty-related objects To: cgroups@vger.kernel.org, Michal Hocko , Shakeel Butt , Johannes Weiner , Vladimir Davydov Cc: Roman Gushchin , Greg Kroah-Hartman , Jiri Slaby , linux-kernel@vger.kernel.org References: <8664122a-99d3-7199-869a-781b21b7e712@virtuozzo.com> Message-ID: Date: Wed, 28 Apr 2021 09:54:16 +0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1 MIME-Version: 1.0 In-Reply-To: <8664122a-99d3-7199-869a-781b21b7e712@virtuozzo.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org At each login the user forces the kernel to create a new terminal and allocate up to ~1Kb memory for the tty-related structures. By default it's allowed to create up to 4096 ptys with 1024 reserve for initial mount namespace only and the settings are controlled by host admin. Though this default is not enough for hosters with thousands of containers per node. Host admin can be forced to increase it up to NR_UNIX98_PTY_MAX = 1<<20. By default container is restricted by pty mount_opt.max = 1024, but admin inside container can change it via remount. As a result, one container can consume almost all allowed ptys and allocate up to 1Gb of unaccounted memory. It is not enough per-se to trigger OOM on host, however anyway, it allows to significantly exceed the assigned memcg limit and leads to troubles on the over-committed node. It makes sense to account for them to restrict the host's memory consumption from inside the memcg-limited container. Signed-off-by: Vasily Averin --- drivers/tty/tty_io.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/tty/tty_io.c b/drivers/tty/tty_io.c index 391bada..e613b8e 100644 --- a/drivers/tty/tty_io.c +++ b/drivers/tty/tty_io.c @@ -1502,7 +1502,7 @@ void tty_save_termios(struct tty_struct *tty) /* Stash the termios data */ tp = tty->driver->termios[idx]; if (tp == NULL) { - tp = kmalloc(sizeof(*tp), GFP_KERNEL); + tp = kmalloc(sizeof(*tp), GFP_KERNEL_ACCOUNT); if (tp == NULL) return; tty->driver->termios[idx] = tp; @@ -3127,7 +3127,7 @@ struct tty_struct *alloc_tty_struct(struct tty_driver *driver, int idx) { struct tty_struct *tty; - tty = kzalloc(sizeof(*tty), GFP_KERNEL); + tty = kzalloc(sizeof(*tty), GFP_KERNEL_ACCOUNT); if (!tty) return NULL; -- 1.8.3.1