Update documentation about the new configurable fanotify limits that will be available from Linux kernel 5.13. Signed-off-by: Amir Goldstein <amir73il@xxxxxxxxx> --- man2/fanotify_init.2 | 22 ++++++++++++++++------ man2/fanotify_mark.2 | 5 ++++- man7/fanotify.7 | 35 +++++++++++++++++++++++++++++++++-- 3 files changed, 53 insertions(+), 9 deletions(-) diff --git a/man2/fanotify_init.2 b/man2/fanotify_init.2 index b2ceb17f3..0d83e817f 100644 --- a/man2/fanotify_init.2 +++ b/man2/fanotify_init.2 @@ -53,9 +53,10 @@ descriptor. Multiple programs may be using the fanotify interface at the same time to monitor the same files. .PP -In the current implementation, the number of fanotify groups per user is -limited to 128. -This limit cannot be overridden. +The number of fanotify groups per user is limited. +See +.BR fanotify (7) +for details about this limit. .PP The .I flags @@ -130,13 +131,19 @@ fails with the error .BR EAGAIN . .TP .B FAN_UNLIMITED_QUEUE -Remove the limit of 16384 events for the event queue. +Remove the limit on the number of events in the event queue. +See +.BR fanotify (7) +for details about this limit. Use of this flag requires the .B CAP_SYS_ADMIN capability. .TP .B FAN_UNLIMITED_MARKS -Remove the limit of 8192 marks. +Remove the limit on the number of fanotify marks per user. +See +.BR fanotify (7) +for details about this limit. Use of this flag requires the .B CAP_SYS_ADMIN capability. @@ -366,7 +373,10 @@ defines all allowable bits for .IR flags . .TP .B EMFILE -The number of fanotify groups for this user exceeds 128. +The number of fanotify groups for this user exceeds the limit. +See +.BR fanotify (7) +for details about this limit. .TP .B EMFILE The per-process limit on the number of open file descriptors has been reached. diff --git a/man2/fanotify_mark.2 b/man2/fanotify_mark.2 index 9cf71320c..cb69ac592 100644 --- a/man2/fanotify_mark.2 +++ b/man2/fanotify_mark.2 @@ -431,10 +431,13 @@ which is not marked. The necessary memory could not be allocated. .TP .B ENOSPC -The number of marks exceeds the limit of 8192 and the +The number of marks for this user exceeds the limit and the .B FAN_UNLIMITED_MARKS flag was not specified when the fanotify file descriptor was created with .BR fanotify_init (2). +See +.BR fanotify (7) +for details about this limit. .TP .B ENOSYS This kernel does not implement diff --git a/man7/fanotify.7 b/man7/fanotify.7 index 9c66c24f0..455e3ed17 100644 --- a/man7/fanotify.7 +++ b/man7/fanotify.7 @@ -336,7 +336,7 @@ A file or directory that was opened read-only was closed. .TP .B FAN_Q_OVERFLOW -The event queue exceeded the limit of 16384 entries. +The event queue exceeded the limit on number of events. This limit can be overridden by specifying the .BR FAN_UNLIMITED_QUEUE flag when calling @@ -606,7 +606,7 @@ are freed for reuse by the kernel. Upon .BR close (2), outstanding permission events will be set to allowed. -.SS /proc/[pid]/fdinfo +.SS /proc interfaces The file .I /proc/[pid]/fdinfo/[fd] contains information about fanotify marks for file descriptor @@ -616,6 +616,37 @@ of process See .BR proc (5) for details. +.PP +Since Linux 5.13, +.\" commit 5b8fea65d197f408bb00b251c70d842826d6b70b +the following interfaces can be used to control the amount of +kernel resources consumed by fanotify: +.TP +.I /proc/sys/fs/fanotify/max_queued_events +The value in this file is used when an application calls +.BR fanotify_init (2) +to set an upper limit on the number of events that can be +queued to the corresponding fanotify group. +Events in excess of this limit are dropped, but an +.B FAN_Q_OVERFLOW +event is always generated. +Prior to Linux kernel 5.13, +.\" commit 5b8fea65d197f408bb00b251c70d842826d6b70b +the hardcoded limit was 16384 events. +.TP +.I /proc/sys/fs/fanotify/max_user_group +This specifies an upper limit on the number of fanotify groups +that can be created per real user ID. +Prior to Linux kernel 5.13, +.\" commit 5b8fea65d197f408bb00b251c70d842826d6b70b +the hardcoded limit was 128 groups per user. +.TP +.I /proc/sys/fs/fanotify/max_user_marks +This specifies an upper limit on the number of fanotify marks +that can be created per real user ID. +Prior to Linux kernel 5.13, +.\" commit 5b8fea65d197f408bb00b251c70d842826d6b70b +the hardcoded limit was 8192 marks per group (not per user). .SH ERRORS In addition to the usual errors for .BR read (2), -- 2.33.1
