On 11/22/21 11:26 AM, David Hildenbrand wrote: > On 22.11.21 18:55, Andrew Dona-Couch wrote: >> Forgive me for jumping in to an already overburdened thread. But can >> someone pushing back on this clearly explain the issue with applying >> this patch? > > It will allow unprivileged users to easily and even "accidentally" > allocate more unmovable memory than it should in some environments. Such > limits exist for a reason. And there are ways for admins/distros to > tweak these limits if they know what they are doing. But that's entirely the point, the cases where this change is needed are already screwed by a distro and the user is the administrator. This is _exactly_ the case where things should just work out of the box. If you're managing farms of servers, yeah you have competent administration and you can be expected to tweak settings to get the best experience and performance, but the kernel should provide a sane default. 64K isn't a sane default. > This is not a step into the right direction. This is all just trying to > hide the fact that we're exposing FOLL_LONGTERM usage to random > unprivileged users. > > Maybe we could instead try getting rid of FOLL_LONGTERM usage and the > memlock limit in io_uring altogether, for example, by using mmu > notifiers. But I'm no expert on the io_uring code. You can't use mmu notifiers without impacting the fast path. This isn't just about io_uring, there are other users of memlock right now (like bpf) which just makes it even worse. We should just make this 0.1% of RAM (min(0.1% ram, 64KB)) or something like what was suggested, if that will help move things forward. IMHO the 32MB machine is mostly a theoretical case, but whatever . -- Jens Axboe
