On 1/17/19 1:03 PM, Jeff Moyer wrote:
> Jens Axboe <axboe@xxxxxxxxx> writes:
>
>> On 1/17/19 5:48 AM, Roman Penyaev wrote:
>>> On 2019-01-16 18:49, Jens Axboe wrote:
>>>
>>> [...]
>>>
>>>> +static int io_allocate_scq_urings(struct io_ring_ctx *ctx,
>>>> + struct io_uring_params *p)
>>>> +{
>>>> + struct io_sq_ring *sq_ring;
>>>> + struct io_cq_ring *cq_ring;
>>>> + size_t size;
>>>> + int ret;
>>>> +
>>>> + sq_ring = io_mem_alloc(struct_size(sq_ring, array, p->sq_entries));
>>>
>>> It seems that sq_entries, cq_entries are not limited at all. Can nasty
>>> app consume a lot of kernel pages calling io_setup_uring() from a loop
>>> passing random entries number? (or even better: decreasing entries
>>> number,
>>> in order to consume all pages orders with min number of loops).
>>
>> Yes, that's an oversight, we should have a limit in place. I'll add that.
>
> Can we charge the ring memory to the RLIMIT_MEMLOCK as well? I'd prefer
> not to repeat the mistake of fs.aio-max-nr.
Sure, we can do that. With the ring limited in size (it's now 4k entries
at most), the amount of memory gobbled up by that is much smaller than
the fixed buffers. A max sized ring is about 256k of memory.
--
Jens Axboe
