060028bac9
System V shared memory a) can be abused to trigger out-of-memory conditions and the standard measures against out-of-memory do not work: - it is not possible to use setrlimit to limit the size of shm segments. - segments can exist without association with any processes, thus the oom-killer is unable to free that memory. b) is typically used for shared information - today often multiple GB. (e.g. database shared buffers) The current default is a maximum segment size of 32 MB and a maximum total size of 8 GB. This is often too much for a) and not enough for b), which means that lots of users must change the defaults. This patch increases the default limits (nearly) to the maximum, which is perfect for case b). The defaults are used after boot and as the initial value for each new namespace. Admins/distros that need a protection against a) should reduce the limits and/or enable shm_rmid_forced. Unix has historically required setting these limits for shared memory, and Linux inherited such behavior. The consequence of this is added complexity for users and administrators. One very common example are Database setup/installation documents and scripts, where users must manually calculate the values for these limits. This also requires (some) knowledge of how the underlying memory management works, thus causing, in many occasions, the limits to just be flat out wrong. Disabling these limits sooner could have saved companies a lot of time, headaches and money for support. But it's never too late, simplify users life now. Further notes: - The patch only changes default, overrides behave as before: # sysctl kernel.shmall=33554432 would recreate the previous limit for SHMMAX (for the current namespace). - Disabling sysv shm allocation is possible with: # sysctl kernel.shmall=0 (not a new feature, also per-namespace) - The limits are intentionally set to a value slightly less than ULONG_MAX, to avoid triggering overflows in user space apps. [not unreasonable, see http://marc.info/?l=linux-mm&m=139638334330127] Signed-off-by: Manfred Spraul <manfred@colorfullife.com> Signed-off-by: Davidlohr Bueso <davidlohr@hp.com> Reported-by: Davidlohr Bueso <davidlohr@hp.com> Acked-by: Michael Kerrisk <mtk.manpages@gmail.com> Acked-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
67 lines
1.8 KiB
C
67 lines
1.8 KiB
C
#ifndef _LINUX_SHM_H_
|
|
#define _LINUX_SHM_H_
|
|
|
|
#include <asm/page.h>
|
|
#include <uapi/linux/shm.h>
|
|
#include <asm/shmparam.h>
|
|
|
|
struct shmid_kernel /* private to the kernel */
|
|
{
|
|
struct kern_ipc_perm shm_perm;
|
|
struct file *shm_file;
|
|
unsigned long shm_nattch;
|
|
unsigned long shm_segsz;
|
|
time_t shm_atim;
|
|
time_t shm_dtim;
|
|
time_t shm_ctim;
|
|
pid_t shm_cprid;
|
|
pid_t shm_lprid;
|
|
struct user_struct *mlock_user;
|
|
|
|
/* The task created the shm object. NULL if the task is dead. */
|
|
struct task_struct *shm_creator;
|
|
};
|
|
|
|
/* shm_mode upper byte flags */
|
|
#define SHM_DEST 01000 /* segment will be destroyed on last detach */
|
|
#define SHM_LOCKED 02000 /* segment will not be swapped */
|
|
#define SHM_HUGETLB 04000 /* segment will use huge TLB pages */
|
|
#define SHM_NORESERVE 010000 /* don't check for reservations */
|
|
|
|
/* Bits [26:31] are reserved */
|
|
|
|
/*
|
|
* When SHM_HUGETLB is set bits [26:31] encode the log2 of the huge page size.
|
|
* This gives us 6 bits, which is enough until someone invents 128 bit address
|
|
* spaces.
|
|
*
|
|
* Assume these are all power of twos.
|
|
* When 0 use the default page size.
|
|
*/
|
|
#define SHM_HUGE_SHIFT 26
|
|
#define SHM_HUGE_MASK 0x3f
|
|
#define SHM_HUGE_2MB (21 << SHM_HUGE_SHIFT)
|
|
#define SHM_HUGE_1GB (30 << SHM_HUGE_SHIFT)
|
|
|
|
#ifdef CONFIG_SYSVIPC
|
|
long do_shmat(int shmid, char __user *shmaddr, int shmflg, unsigned long *addr,
|
|
unsigned long shmlba);
|
|
extern int is_file_shm_hugepages(struct file *file);
|
|
extern void exit_shm(struct task_struct *task);
|
|
#else
|
|
static inline long do_shmat(int shmid, char __user *shmaddr,
|
|
int shmflg, unsigned long *addr,
|
|
unsigned long shmlba)
|
|
{
|
|
return -ENOSYS;
|
|
}
|
|
static inline int is_file_shm_hugepages(struct file *file)
|
|
{
|
|
return 0;
|
|
}
|
|
static inline void exit_shm(struct task_struct *task)
|
|
{
|
|
}
|
|
#endif
|
|
|
|
#endif /* _LINUX_SHM_H_ */
|