On Tue, Jul 27, 2021 at 02:08:27PM -0700, akpm@xxxxxxxxxxxxxxxxxxxx wrote: > > The patch titled > Subject: memcg: enable accounting for tty-related objects > has been added to the -mm tree. Its filename is > memcg-enable-accounting-for-tty-related-objects.patch > > This patch should soon appear at > https://ozlabs.org/~akpm/mmots/broken-out/memcg-enable-accounting-for-tty-related-objects.patch > and later at > https://ozlabs.org/~akpm/mmotm/broken-out/memcg-enable-accounting-for-tty-related-objects.patch > > Before you just go and hit "reply", please: > a) Consider who else should be cc'ed > b) Prefer to cc a suitable mailing list as well > c) Ideally: find the original patch on the mailing list and do a > reply-to-all to that, adding suitable additional cc's > > *** Remember to use Documentation/process/submit-checklist.rst when testing your code *** > > The -mm tree is included into linux-next and is updated > there every 3-4 working days > > ------------------------------------------------------ > From: Vasily Averin <vvs@xxxxxxxxxxxxx> > Subject: memcg: enable accounting for tty-related objects > > At each login the user forces the kernel to create a new terminal and > allocate up to ~1Kb memory for the tty-related structures. > > By default it's allowed to create up to 4096 ptys with 1024 reserve for > initial mount namespace only and the settings are controlled by host > admin. > > Though this default is not enough for hosters with thousands of containers > per node. Host admin can be forced to increase it up to NR_UNIX98_PTY_MAX > = 1<<20. > > By default container is restricted by pty mount_opt.max = 1024, but admin > inside container can change it via remount. As a result, one container > can consume almost all allowed ptys and allocate up to 1Gb of unaccounted > memory. > > It is not enough per-se to trigger OOM on host, however anyway, it allows > to significantly exceed the assigned memcg limit and leads to troubles on > the over-committed node. > > It makes sense to account for them to restrict the host's memory > consumption from inside the memcg-limited container. > > Link: https://lkml.kernel.org/r/b8baa04f-e789-0321-b39d-07c5696ff755@xxxxxxxxxxxxx > Signed-off-by: Vasily Averin <vvs@xxxxxxxxxxxxx> > Acked-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> > Cc: Alexander Viro <viro@xxxxxxxxxxxxxxxxxx> > Cc: Alexey Dobriyan <adobriyan@xxxxxxxxx> > Cc: Andrei Vagin <avagin@xxxxxxxxx> > Cc: Borislav Petkov <bp@xxxxxxxxx> > Cc: Borislav Petkov <bp@xxxxxxx> > Cc: Christian Brauner <christian.brauner@xxxxxxxxxx> > Cc: Dmitry Safonov <0x7f454c46@xxxxxxxxx> > Cc: "Eric W. Biederman" <ebiederm@xxxxxxxxxxxx> > Cc: "H. Peter Anvin" <hpa@xxxxxxxxx> > Cc: Ingo Molnar <mingo@xxxxxxxxxx> > Cc: "J. Bruce Fields" <bfields@xxxxxxxxxxxx> > Cc: Jeff Layton <jlayton@xxxxxxxxxx> > Cc: Jens Axboe <axboe@xxxxxxxxx> > Cc: Jiri Slaby <jirislaby@xxxxxxxxxx> > Cc: Johannes Weiner <hannes@xxxxxxxxxxx> > Cc: Kirill Tkhai <ktkhai@xxxxxxxxxxxxx> > Cc: Michal Hocko <mhocko@xxxxxxxxxx> > Cc: Oleg Nesterov <oleg@xxxxxxxxxx> > Cc: Roman Gushchin <guro@xxxxxx> > Cc: Serge Hallyn <serge@xxxxxxxxxx> > Cc: Shakeel Butt <shakeelb@xxxxxxxxxx> > Cc: Tejun Heo <tj@xxxxxxxxxx> > Cc: Thomas Gleixner <tglx@xxxxxxxxxxxxx> > Cc: Vladimir Davydov <vdavydov.dev@xxxxxxxxx> > Cc: Yutian Yang <nglaive@xxxxxxxxx> > Cc: Zefan Li <lizefan.x@xxxxxxxxxxxxx> > Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> > --- > > drivers/tty/tty_io.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > --- a/drivers/tty/tty_io.c~memcg-enable-accounting-for-tty-related-objects > +++ a/drivers/tty/tty_io.c > @@ -1493,7 +1493,7 @@ void tty_save_termios(struct tty_struct > /* Stash the termios data */ > tp = tty->driver->termios[idx]; > if (tp == NULL) { > - tp = kmalloc(sizeof(*tp), GFP_KERNEL); > + tp = kmalloc(sizeof(*tp), GFP_KERNEL_ACCOUNT); > if (tp == NULL) > return; > tty->driver->termios[idx] = tp; > @@ -3119,7 +3119,7 @@ struct tty_struct *alloc_tty_struct(stru > { > struct tty_struct *tty; > > - tty = kzalloc(sizeof(*tty), GFP_KERNEL); > + tty = kzalloc(sizeof(*tty), GFP_KERNEL_ACCOUNT); > if (!tty) > return NULL; > > _ > > Patches currently in -mm which might be from vvs@xxxxxxxxxxxxx are > > memcg-enable-accounting-for-pids-in-nested-pid-namespaces.patch > memcg-enable-accounting-for-mnt_cache-entries.patch > memcg-enable-accounting-for-pollfd-and-select-bits-arrays.patch > memcg-enable-accounting-for-file-lock-caches.patch > memcg-enable-accounting-for-fasync_cache.patch > memcg-enable-accounting-for-new-namesapces-and-struct-nsproxy.patch > memcg-enable-accounting-of-ipc-resources.patch > memcg-enable-accounting-for-signals.patch > memcg-enable-accounting-for-posix_timers_cache-slab.patch > memcg-enable-accounting-for-tty-related-objects.patch > memcg-enable-accounting-for-ldt_struct-objects.patch > This patch should be dropped, as per review it was rejected as being incorrect. thanks, greg k-h
