• Vasily Averin's avatar
    memcg: enable accounting for tty-related objects · c72d8592
    Vasily Averin authored
    At each login the user forces the kernel to create a new terminal and
    allocate up to ~1Kb memory for the tty-related structures.
    
    By default it's allowed to create up to 4096 ptys with 1024 reserve for
    initial mount namespace only and the settings are controlled by host
    admin.
    
    Though this default is not enough for hosters with thousands of
    containers per node.  Host admin can be forced to increase it up to
    NR_UNIX98_PTY_MAX = 1<<20.
    
    By default container is restricted by pty mount_opt.max = 1024, but
    admin inside container can change it via remount.  As a result, one
    container can consume almost all allowed ptys and allocate up to 1Gb of
    unaccounted memory.
    
    It is not enough per-se to trigger OOM on host, however anyway, it
    allows to significantly exceed the assigned memcg limit and leads to
    troubles on the over-committed node.
    
    It makes sense to account for them to restrict the host's memory
    consumption from inside the memcg-limited container.
    
    Link: https://lkml.kernel.org/r/5d4bca06-7d4f-a905-e518-12981ebca1b3@virtuozzo.comSigned-off-by: default avatarVasily Averin <vvs@virtuozzo.com>
    Cc: Michal Hocko <mhocko@kernel.org>
    Cc: Shakeel Butt <shakeelb@google.com>
    Cc: Johannes Weiner <hannes@cmpxchg.org>
    Cc: Vladimir Davydov <vdavydov.dev@gmail.com>
    Cc: Roman Gushchin <roman.gushchin@linux.dev>
    Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
    Cc: Jiri Slaby <jirislaby@kernel.org>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    c72d8592
tty_io.c 88.5 KB