From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1753734AbdK0RZU (ORCPT <rfc822;w@1wt.eu>);
        Mon, 27 Nov 2017 12:25:20 -0500
Received: from mga05.intel.com ([192.55.52.43]:48244 "EHLO mga05.intel.com"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1752597AbdK0RZS (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 27 Nov 2017 12:25:18 -0500
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.44,465,1505804400"; 
   d="scan'208";a="12537694"
From: Andi Kleen <ak@linux.intel.com>
To: Michal Hocko <mhocko@kernel.org>
Cc: Mikael Pettersson <mikpelinux@gmail.com>, linux-mm@kvack.org,
        linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org,
        linux-api@vger.kernel.org
Subject: Re: [PATCH] mm: disable `vm.max_map_count' sysctl limit
References: <23066.59196.909026.689706@gargle.gargle.HOWL>
        <20171127101232.ykriowhatecnvjvg@dhcp22.suse.cz>
Date: Mon, 27 Nov 2017 09:25:16 -0800
In-Reply-To: <20171127101232.ykriowhatecnvjvg@dhcp22.suse.cz> (Michal Hocko's
        message of "Mon, 27 Nov 2017 11:12:32 +0100")
Message-ID: <87vahv8whv.fsf@linux.intel.com>
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/25.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
Sender: linux-kernel-owner@vger.kernel.org
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Michal Hocko <mhocko@kernel.org> writes:
>
> Could you be more explicit about _why_ we need to remove this tunable?
> I am not saying I disagree, the removal simplifies the code but I do not
> really see any justification here.

It's an arbitrary scaling limit on the how many mappings the process
has. The more memory you have the bigger a problem it is. We've
ran into this problem too on larger systems.

The reason the limit was there originally because it allows a DoS
attack against the kernel by filling all unswappable memory up with VMAs.

The old limit was designed for much smaller systems than we have
today.

There needs to be some limit, but it should be on the number of memory
pinned by the VMAs, and needs to scale with the available memory,
so that large systems are not penalized.

Unfortunately just making it part of the existing mlock limit could
break some existing setups which max out the mlock limit with something
else. Maybe we need a new rlimit for this?

-Andi