From: Frederic Weisbecker <fweisbec@gmail.com>
To: Glauber Costa <glommer@parallels.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
cgroups@vger.kernel.org, linux-mm@kvack.org,
linux-kernel@vger.kernel.org,
David Rientjes <rientjes@google.com>,
Pekka Enberg <penberg@kernel.org>, Michal Hocko <mhocko@suse.cz>,
Johannes Weiner <hannes@cmpxchg.org>,
Christoph Lameter <cl@linux.com>,
devel@openvz.org, kamezawa.hiroyu@jp.fujitsu.com,
Tejun Heo <tj@kernel.org>, Rik van Riel <riel@redhat.com>,
Daniel Lezcano <daniel.lezcano@linaro.org>,
Kay Sievers <kay.sievers@vrfy.org>,
Lennart Poettering <lennart@poettering.net>,
"Kirill A. Shutemov" <kirill@shutemov.name>,
Kir Kolyshkin <kir@parallels.com>
Subject: Re: Fork bomb limitation in memcg WAS: Re: [PATCH 00/11] kmem controller for memcg: stripped down version
Date: Wed, 27 Jun 2012 14:35:47 +0200 [thread overview]
Message-ID: <20120627123544.GE20638@somewhere.redhat.com> (raw)
In-Reply-To: <4FEAFC5E.4050104@parallels.com>
On Wed, Jun 27, 2012 at 04:28:14PM +0400, Glauber Costa wrote:
> On 06/27/2012 04:29 PM, Frederic Weisbecker wrote:
> > On Wed, Jun 27, 2012 at 01:29:04PM +0400, Glauber Costa wrote:
> >> On 06/27/2012 01:55 AM, Andrew Morton wrote:
> >>>> I can't speak for everybody here, but AFAIK, tracking the stack through
> >>>> the memory it used, therefore using my proposed kmem controller, was an
> >>>> idea that good quite a bit of traction with the memcg/memory people.
> >>>> So here you have something that people already asked a lot for, in a
> >>>> shape and interface that seem to be acceptable.
> >>>
> >>> mm, maybe. Kernel developers tend to look at code from the point of
> >>> view "does it work as designed", "is it clean", "is it efficient", "do
> >>> I understand it", etc. We often forget to step back and really
> >>> consider whether or not it should be merged at all.
> >>>
> >>> I mean, unless the code is an explicit simplification, we should have
> >>> a very strong bias towards "don't merge".
> >>
> >> Well, simplifications are welcome - this series itself was
> >> simplified beyond what I thought initially possible through the
> >> valuable comments
> >> of other people.
> >>
> >> But of course, this adds more complexity to the kernel as a whole.
> >> And this is true to every single new feature we may add, now or in
> >> the
> >> future.
> >>
> >> What I can tell you about this particular one, is that the justification
> >> for it doesn't come out of nowhere, but from a rather real use case that
> >> we support and maintain in OpenVZ and our line of products for years.
> >
> > Right and we really need a solution to protect against forkbombs in LXC.
> Small correction: In containers. LXC is not the only one out there =p
Sure. I was just speaking for the specific project I'm working on :)
But I'm definetly interested in solutions that work for everyone in containers in
general. And if Openvz is also interested in forkbombs protection that's even
better.
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2012-06-27 12:35 UTC|newest]
Thread overview: 96+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-06-25 14:15 [PATCH 00/11] kmem controller for memcg: stripped down version Glauber Costa
2012-06-25 14:15 ` [PATCH 01/11] memcg: Make it possible to use the stock for more than one page Glauber Costa
2012-06-25 17:44 ` Tejun Heo
2012-06-25 22:29 ` Glauber Costa
2012-06-25 22:33 ` Tejun Heo
2012-06-26 4:01 ` David Rientjes
2012-06-25 14:15 ` [PATCH 02/11] memcg: Reclaim when more than one page needed Glauber Costa
2012-06-25 23:33 ` Suleiman Souhlal
2012-06-26 8:39 ` Glauber Costa
2012-06-27 16:16 ` Suleiman Souhlal
2012-06-26 4:09 ` David Rientjes
2012-06-26 7:12 ` Glauber Costa
2012-06-26 8:54 ` David Rientjes
2012-06-26 9:08 ` Glauber Costa
2012-06-26 9:17 ` David Rientjes
2012-06-26 9:23 ` Glauber Costa
2012-06-27 10:03 ` Glauber Costa
2012-06-27 19:48 ` David Rientjes
2012-06-27 20:47 ` Glauber Costa
2012-06-25 14:15 ` [PATCH 03/11] memcg: change defines to an enum Glauber Costa
2012-06-26 4:11 ` David Rientjes
2012-06-26 8:28 ` Glauber Costa
2012-06-26 9:01 ` David Rientjes
2012-06-25 14:15 ` [PATCH 04/11] kmem slab accounting basic infrastructure Glauber Costa
2012-06-26 4:22 ` David Rientjes
2012-06-26 7:09 ` Glauber Costa
2012-06-25 14:15 ` [PATCH 05/11] Add a __GFP_KMEMCG flag Glauber Costa
2012-06-26 4:25 ` David Rientjes
2012-06-26 7:08 ` Glauber Costa
2012-06-26 9:03 ` David Rientjes
2012-06-25 14:15 ` [PATCH 06/11] memcg: kmem controller infrastructure Glauber Costa
2012-06-25 18:06 ` Tejun Heo
2012-06-25 22:28 ` Glauber Costa
2012-06-25 23:17 ` Andrew Morton
2012-06-26 14:40 ` Glauber Costa
2012-06-26 15:01 ` Glauber Costa
2012-06-26 18:01 ` Andrew Morton
2012-06-26 18:08 ` Tejun Heo
2012-06-26 18:14 ` Glauber Costa
2012-06-26 19:20 ` Andrew Morton
2012-06-26 15:29 ` Glauber Costa
2012-06-26 9:12 ` David Rientjes
2012-06-26 9:17 ` Glauber Costa
2012-06-27 4:01 ` David Rientjes
2012-06-27 9:33 ` Glauber Costa
2012-06-27 19:46 ` David Rientjes
2012-06-25 14:15 ` [PATCH 07/11] mm: Allocate kernel pages to the right memcg Glauber Costa
2012-06-25 18:07 ` Tejun Heo
2012-06-25 22:27 ` Glauber Costa
2012-06-25 14:15 ` [PATCH 08/11] memcg: disable kmem code when not in use Glauber Costa
2012-06-26 5:51 ` Kamezawa Hiroyuki
2012-06-25 14:15 ` [PATCH 09/11] memcg: propagate kmem limiting information to children Glauber Costa
2012-06-25 18:29 ` Tejun Heo
2012-06-25 22:36 ` Glauber Costa
2012-06-25 22:49 ` Tejun Heo
2012-06-25 23:21 ` Andrew Morton
2012-06-26 5:23 ` David Rientjes
2012-06-25 23:23 ` Andrew Morton
2012-06-26 5:24 ` David Rientjes
2012-06-26 5:31 ` Andrew Morton
2012-06-26 7:23 ` Glauber Costa
2012-06-25 14:15 ` [PATCH 10/11] memcg: allow a memcg with kmem charges to be destructed Glauber Costa
2012-06-25 18:34 ` Tejun Heo
2012-06-25 22:25 ` Glauber Costa
2012-06-26 5:59 ` Kamezawa Hiroyuki
2012-06-26 7:21 ` Glauber Costa
2012-06-25 14:15 ` [PATCH 11/11] protect architectures where THREAD_SIZE >= PAGE_SIZE against fork bombs Glauber Costa
2012-06-25 16:55 ` Frederic Weisbecker
2012-06-25 18:38 ` Tejun Heo
2012-06-25 20:57 ` Frederic Weisbecker
2012-06-26 12:48 ` Glauber Costa
2012-06-26 13:38 ` Frederic Weisbecker
2012-06-26 13:37 ` Glauber Costa
2012-06-26 13:44 ` Frederic Weisbecker
2012-06-26 4:57 ` David Rientjes
2012-06-26 5:35 ` Kamezawa Hiroyuki
2012-06-26 7:23 ` Glauber Costa
2012-06-26 8:45 ` David Rientjes
2012-06-26 8:44 ` Glauber Costa
2012-06-26 9:05 ` David Rientjes
2012-06-25 23:27 ` [PATCH 00/11] kmem controller for memcg: stripped down version Andrew Morton
2012-06-26 7:17 ` Glauber Costa
2012-06-26 21:55 ` Andrew Morton
2012-06-27 1:08 ` David Rientjes
2012-06-27 8:39 ` Glauber Costa
2012-06-27 9:29 ` Fork bomb limitation in memcg WAS: " Glauber Costa
2012-06-27 12:29 ` Frederic Weisbecker
2012-06-27 12:28 ` Glauber Costa
2012-06-27 12:35 ` Frederic Weisbecker [this message]
2012-06-27 19:38 ` David Rientjes
2012-06-28 9:01 ` Glauber Costa
2012-06-28 22:25 ` Andrew Morton
2012-07-03 11:38 ` Glauber Costa
2012-07-12 15:40 ` Frederic Weisbecker
2012-08-07 13:59 ` Glauber Costa
2012-08-08 14:15 ` Glauber Costa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120627123544.GE20638@somewhere.redhat.com \
--to=fweisbec@gmail.com \
--cc=akpm@linux-foundation.org \
--cc=cgroups@vger.kernel.org \
--cc=cl@linux.com \
--cc=daniel.lezcano@linaro.org \
--cc=devel@openvz.org \
--cc=glommer@parallels.com \
--cc=hannes@cmpxchg.org \
--cc=kamezawa.hiroyu@jp.fujitsu.com \
--cc=kay.sievers@vrfy.org \
--cc=kir@parallels.com \
--cc=kirill@shutemov.name \
--cc=lennart@poettering.net \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mhocko@suse.cz \
--cc=penberg@kernel.org \
--cc=riel@redhat.com \
--cc=rientjes@google.com \
--cc=tj@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).