On Wed, 22 Sept 2021 at 09:20, Frank Hofmann <fhofmann@xxxxxxxxxxxxxx> wrote: > > > That jit limit is not there on older kernels and doesn't apply to root. > > How would you notice such a kernel bug in such conditions? > > I'm talking about bpf_jit_current - it's an "overall gauge" for > allocation, priv and unpriv. I understood Lorenz' note as "change it > so it only tracks unpriv BPF mem usage - since we'll never act on > privileged usage anyway" > > FrankH. Yes, that was my suggestion indeed. What Frank is saying: it looks like our leak of JIT memory is due to a privileged process. By exempting privileged processes it would be even harder to notice / debug. That's true, and brings me back to my question: what is different about JIT memory that we can't do a better limit? Lorenz -- Lorenz Bauer | Systems Engineer 6th Floor, County Hall/The Riverside Building, SE1 7PB, UK www.cloudflare.com
