On Sat, Nov 20, 2021 at 7:12 PM Amir Goldstein <amir73il@xxxxxxxxx> wrote: > > Update documentation about the new configurable fanotify limits > that will be available from Linux kernel 5.13. > > Signed-off-by: Amir Goldstein <amir73il@xxxxxxxxx> Forgot to add Reviewed-by: Jan Kara <jack@xxxxxxx> From: https://lore.kernel.org/linux-man/20210319102532.GA4910@xxxxxxxxxxxxxx/ > --- > man2/fanotify_init.2 | 22 ++++++++++++++++------ > man2/fanotify_mark.2 | 5 ++++- > man7/fanotify.7 | 35 +++++++++++++++++++++++++++++++++-- > 3 files changed, 53 insertions(+), 9 deletions(-) > > diff --git a/man2/fanotify_init.2 b/man2/fanotify_init.2 > index b2ceb17f3..0d83e817f 100644 > --- a/man2/fanotify_init.2 > +++ b/man2/fanotify_init.2 > @@ -53,9 +53,10 @@ descriptor. > Multiple programs may be using the fanotify interface at the same time to > monitor the same files. > .PP > -In the current implementation, the number of fanotify groups per user is > -limited to 128. > -This limit cannot be overridden. > +The number of fanotify groups per user is limited. > +See > +.BR fanotify (7) > +for details about this limit. > .PP > The > .I flags > @@ -130,13 +131,19 @@ fails with the error > .BR EAGAIN . > .TP > .B FAN_UNLIMITED_QUEUE > -Remove the limit of 16384 events for the event queue. > +Remove the limit on the number of events in the event queue. > +See > +.BR fanotify (7) > +for details about this limit. > Use of this flag requires the > .B CAP_SYS_ADMIN > capability. > .TP > .B FAN_UNLIMITED_MARKS > -Remove the limit of 8192 marks. > +Remove the limit on the number of fanotify marks per user. > +See > +.BR fanotify (7) > +for details about this limit. > Use of this flag requires the > .B CAP_SYS_ADMIN > capability. > @@ -366,7 +373,10 @@ defines all allowable bits for > .IR flags . > .TP > .B EMFILE > -The number of fanotify groups for this user exceeds 128. > +The number of fanotify groups for this user exceeds the limit. > +See > +.BR fanotify (7) > +for details about this limit. > .TP > .B EMFILE > The per-process limit on the number of open file descriptors has been reached. > diff --git a/man2/fanotify_mark.2 b/man2/fanotify_mark.2 > index 9cf71320c..cb69ac592 100644 > --- a/man2/fanotify_mark.2 > +++ b/man2/fanotify_mark.2 > @@ -431,10 +431,13 @@ which is not marked. > The necessary memory could not be allocated. > .TP > .B ENOSPC > -The number of marks exceeds the limit of 8192 and the > +The number of marks for this user exceeds the limit and the > .B FAN_UNLIMITED_MARKS > flag was not specified when the fanotify file descriptor was created with > .BR fanotify_init (2). > +See > +.BR fanotify (7) > +for details about this limit. > .TP > .B ENOSYS > This kernel does not implement > diff --git a/man7/fanotify.7 b/man7/fanotify.7 > index 9c66c24f0..455e3ed17 100644 > --- a/man7/fanotify.7 > +++ b/man7/fanotify.7 > @@ -336,7 +336,7 @@ A file or directory that was opened read-only > was closed. > .TP > .B FAN_Q_OVERFLOW > -The event queue exceeded the limit of 16384 entries. > +The event queue exceeded the limit on number of events. > This limit can be overridden by specifying the > .BR FAN_UNLIMITED_QUEUE > flag when calling > @@ -606,7 +606,7 @@ are freed for reuse by the kernel. > Upon > .BR close (2), > outstanding permission events will be set to allowed. > -.SS /proc/[pid]/fdinfo > +.SS /proc interfaces > The file > .I /proc/[pid]/fdinfo/[fd] > contains information about fanotify marks for file descriptor > @@ -616,6 +616,37 @@ of process > See > .BR proc (5) > for details. > +.PP > +Since Linux 5.13, > +.\" commit 5b8fea65d197f408bb00b251c70d842826d6b70b > +the following interfaces can be used to control the amount of > +kernel resources consumed by fanotify: > +.TP > +.I /proc/sys/fs/fanotify/max_queued_events > +The value in this file is used when an application calls > +.BR fanotify_init (2) > +to set an upper limit on the number of events that can be > +queued to the corresponding fanotify group. > +Events in excess of this limit are dropped, but an > +.B FAN_Q_OVERFLOW > +event is always generated. > +Prior to Linux kernel 5.13, > +.\" commit 5b8fea65d197f408bb00b251c70d842826d6b70b > +the hardcoded limit was 16384 events. > +.TP > +.I /proc/sys/fs/fanotify/max_user_group > +This specifies an upper limit on the number of fanotify groups > +that can be created per real user ID. > +Prior to Linux kernel 5.13, > +.\" commit 5b8fea65d197f408bb00b251c70d842826d6b70b > +the hardcoded limit was 128 groups per user. > +.TP > +.I /proc/sys/fs/fanotify/max_user_marks > +This specifies an upper limit on the number of fanotify marks > +that can be created per real user ID. > +Prior to Linux kernel 5.13, > +.\" commit 5b8fea65d197f408bb00b251c70d842826d6b70b > +the hardcoded limit was 8192 marks per group (not per user). > .SH ERRORS > In addition to the usual errors for > .BR read (2), > -- > 2.33.1 >
