On Sat, Aug 14, 2021 at 05:03:44PM -0600, Jens Axboe wrote: > What's the plan in terms of limiting the amount of direct descriptors > (for lack of a better word)? That seems like an important aspect that > should get sorted out upfront. [...] > Maybe we have a way to size the direct table, which will consume entries > from the same pool that the regular file table does? That would then > work both ways, and could potentially just be done dynamically similarly > to how we expand the regular file table when we exceed its current size. I think we'll want a way to size the direct table regardless, so that it's pre-allocated and doesn't need to be resized when an index is used. Then, we could do one of two equally easy things, depending on what policy we want to set: - Deduct the full size of the fixed-file table from the allowed number of files the process can have open. So, if RLIMIT_NOFILE is 1048576, and you pre-allocate 1000000 entries in the fixed-file table, you can have no more than 48576 file descriptors open. Stricter, but potentially problematic: a program *might* expect that it can dup2(some_fd, nofile - 1) successfully. - Use RLIMIT_NOFILE as the maximum size of the fixed-file table. There's precedent for this: we already use RLIMIT_NOFILE as the maximum number of file descriptors you can have in flight over UNIX sockets. I personally would favor the latter; it seems simple and straightforward.
