On 8/17/20 10:30 AM, Chris Down wrote:
Astractly, I think this really overcomplicates the API a lot. If these
are truly generally useful (and I think that remains to be
demonstrated), they should be additions to the existing API, rather
than a sidestep with prctl.
This patchset is derived from customer requests. With existing API, I
suppose you mean the memory cgroup API. Right? The reason to use prctl()
is that there are users out there who want some kind of per-process
control instead of for a whole group of processes unless the users try
to create one cgroup per process which is not very efficient.
I also worry about some other more concrete things:
1. Doesn't this allow unprivileged applications to potentially bypass
memory.high constraints set by a system administrator?
The memory.high constraint is for triggering memory reclaim. The new
mitigation actions introduced by this patchset will only be applied if
memory reclaim alone fails to limit the physical memory consumption. The
current memory cgroup memory reclaim code will not be affected by this
patchset.
2. What's the purpose of PR_MEMACT_KILL, compared to memory.max?
A user can use this to specify which processes are less important and
can be sacrificed first instead of the other more important ones in case
they are really in a OOM situation. IOW, users can specify the order
where OOM kills can happen.
3. Why add this entirely separate signal delivery path when we already
have eventfd/poll/inotify support, which makes a lot more sense for
modern applications?
Good question, I will look further into this to see if it can be
applicable in this case.
Cheers,
Longman