060028bac9
System V shared memory
a) can be abused to trigger out-of-memory conditions and the standard
measures against out-of-memory do not work:
- it is not possible to use setrlimit to limit the size of shm segments.
- segments can exist without association with any processes, thus
the oom-killer is unable to free that memory.
b) is typically used for shared information - today often multiple GB.
(e.g. database shared buffers)
The current default is a maximum segment size of 32 MB and a maximum
total size of 8 GB. This is often too much for a) and not enough for
b), which means that lots of users must change the defaults.
This patch increases the default limits (nearly) to the maximum, which
is perfect for case b). The defaults are used after boot and as the
initial value for each new namespace.
Admins/distros that need a protection against a) should reduce the
limits and/or enable shm_rmid_forced.
Unix has historically required setting these limits for shared memory,
and Linux inherited such behavior. The consequence of this is added
complexity for users and administrators. One very common example are
Database setup/installation documents and scripts, where users must
manually calculate the values for these limits. This also requires
(some) knowledge of how the underlying memory management works, thus
causing, in many occasions, the limits to just be flat out wrong.
Disabling these limits sooner could have saved companies a lot of time,
headaches and money for support. But it's never too late, simplify
users life now.
Further notes:
- The patch only changes default, overrides behave as before:
# sysctl kernel.shmall=33554432
would recreate the previous limit for SHMMAX (for the current namespace).
- Disabling sysv shm allocation is possible with:
# sysctl kernel.shmall=0
(not a new feature, also per-namespace)
- The limits are intentionally set to a value slightly less than ULONG_MAX,
to avoid triggering overflows in user space apps.
[not unreasonable, see http://marc.info/?l=linux-mm&m=139638334330127]
Signed-off-by: Manfred Spraul <manfred@colorfullife.com>
Signed-off-by: Davidlohr Bueso <davidlohr@hp.com>
Reported-by: Davidlohr Bueso <davidlohr@hp.com>
Acked-by: Michael Kerrisk <mtk.manpages@gmail.com>
Acked-by: KOSAKI Motohiro <kosaki.motohiro@jp.fujitsu.com>
Signed-off-by: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
78 lines
2.2 KiB
C
78 lines
2.2 KiB
C
#ifndef _UAPI_LINUX_SHM_H_
|
|
#define _UAPI_LINUX_SHM_H_
|
|
|
|
#include <linux/ipc.h>
|
|
#include <linux/errno.h>
|
|
#ifndef __KERNEL__
|
|
#include <unistd.h>
|
|
#endif
|
|
|
|
/*
|
|
* SHMMAX, SHMMNI and SHMALL are upper limits are defaults which can
|
|
* be modified by sysctl.
|
|
*/
|
|
|
|
#define SHMMIN 1 /* min shared seg size (bytes) */
|
|
#define SHMMNI 4096 /* max num of segs system wide */
|
|
#define SHMMAX (ULONG_MAX - (1L<<24)) /* max shared seg size (bytes) */
|
|
#define SHMALL (ULONG_MAX - (1L<<24)) /* max shm system wide (pages) */
|
|
#define SHMSEG SHMMNI /* max shared segs per process */
|
|
|
|
|
|
/* Obsolete, used only for backwards compatibility and libc5 compiles */
|
|
struct shmid_ds {
|
|
struct ipc_perm shm_perm; /* operation perms */
|
|
int shm_segsz; /* size of segment (bytes) */
|
|
__kernel_time_t shm_atime; /* last attach time */
|
|
__kernel_time_t shm_dtime; /* last detach time */
|
|
__kernel_time_t shm_ctime; /* last change time */
|
|
__kernel_ipc_pid_t shm_cpid; /* pid of creator */
|
|
__kernel_ipc_pid_t shm_lpid; /* pid of last operator */
|
|
unsigned short shm_nattch; /* no. of current attaches */
|
|
unsigned short shm_unused; /* compatibility */
|
|
void *shm_unused2; /* ditto - used by DIPC */
|
|
void *shm_unused3; /* unused */
|
|
};
|
|
|
|
/* Include the definition of shmid64_ds and shminfo64 */
|
|
#include <asm/shmbuf.h>
|
|
|
|
/* permission flag for shmget */
|
|
#define SHM_R 0400 /* or S_IRUGO from <linux/stat.h> */
|
|
#define SHM_W 0200 /* or S_IWUGO from <linux/stat.h> */
|
|
|
|
/* mode for attach */
|
|
#define SHM_RDONLY 010000 /* read-only access */
|
|
#define SHM_RND 020000 /* round attach address to SHMLBA boundary */
|
|
#define SHM_REMAP 040000 /* take-over region on attach */
|
|
#define SHM_EXEC 0100000 /* execution access */
|
|
|
|
/* super user shmctl commands */
|
|
#define SHM_LOCK 11
|
|
#define SHM_UNLOCK 12
|
|
|
|
/* ipcs ctl commands */
|
|
#define SHM_STAT 13
|
|
#define SHM_INFO 14
|
|
|
|
/* Obsolete, used only for backwards compatibility */
|
|
struct shminfo {
|
|
int shmmax;
|
|
int shmmin;
|
|
int shmmni;
|
|
int shmseg;
|
|
int shmall;
|
|
};
|
|
|
|
struct shm_info {
|
|
int used_ids;
|
|
__kernel_ulong_t shm_tot; /* total allocated shm */
|
|
__kernel_ulong_t shm_rss; /* total resident shm */
|
|
__kernel_ulong_t shm_swp; /* total swapped shm */
|
|
__kernel_ulong_t swap_attempts;
|
|
__kernel_ulong_t swap_successes;
|
|
};
|
|
|
|
|
|
#endif /* _UAPI_LINUX_SHM_H_ */
|