Displaying 19 results from an estimated 19 matches for "rlimit_memlock".
2019 Aug 21
2
RLIMIT_MEMLOCK in container environment
...PI resources. In this case, libvirtd is running inside an
unprivileged pod, with some host mounts / capabilities added to the
pod, needed by libvirtd and other services.
One of the capabilities libvirtd requires for successful startup
inside a pod is SYS_RESOURCE. This capability is used to adjust
RLIMIT_MEMLOCK ulimit value depending on devices attached to the
managed guest, both on startup and during hotplug. AFAIU the need to
lock the memory is to avoid pages being pushed out from RAM into swap.
In KubeVirt world, several libvirtd assumptions do not apply:
1. In Kubernetes environments, swap is usuall...
2019 Aug 22
0
Re: RLIMIT_MEMLOCK in container environment
...bvirtd is running inside an
> unprivileged pod, with some host mounts / capabilities added to the
> pod, needed by libvirtd and other services.
>
> One of the capabilities libvirtd requires for successful startup
> inside a pod is SYS_RESOURCE. This capability is used to adjust
> RLIMIT_MEMLOCK ulimit value depending on devices attached to the
> managed guest, both on startup and during hotplug. AFAIU the need to
> lock the memory is to avoid pages being pushed out from RAM into swap.
Libvirt shouldn't set RLIMIT_MEMLOCK by default, unless there's
something in the XML that...
2019 Aug 22
0
Re: RLIMIT_MEMLOCK in container environment
...ileged pod, with some host mounts / capabilities added to the
>>> pod, needed by libvirtd and other services.
>>>
>>> One of the capabilities libvirtd requires for successful startup
>>> inside a pod is SYS_RESOURCE. This capability is used to adjust
>>> RLIMIT_MEMLOCK ulimit value depending on devices attached to the
>>> managed guest, both on startup and during hotplug. AFAIU the need to
>>> lock the memory is to avoid pages being pushed out from RAM into swap.
I recall successfully testing GPU assignment from an unprivileged
libvirtd sever...
2019 Aug 22
2
Re: RLIMIT_MEMLOCK in container environment
...gt; > unprivileged pod, with some host mounts / capabilities added to the
> > pod, needed by libvirtd and other services.
> >
> > One of the capabilities libvirtd requires for successful startup
> > inside a pod is SYS_RESOURCE. This capability is used to adjust
> > RLIMIT_MEMLOCK ulimit value depending on devices attached to the
> > managed guest, both on startup and during hotplug. AFAIU the need to
> > lock the memory is to avoid pages being pushed out from RAM into swap.
>
> Libvirt shouldn't set RLIMIT_MEMLOCK by default, unless there's
> so...
2019 Aug 22
0
Re: RLIMIT_MEMLOCK in container environment
...bilities added to the
>>>>> pod, needed by libvirtd and other services.
>>>>>
>>>>> One of the capabilities libvirtd requires for successful startup
>>>>> inside a pod is SYS_RESOURCE. This capability is used to adjust
>>>>> RLIMIT_MEMLOCK ulimit value depending on devices attached to the
>>>>> managed guest, both on startup and during hotplug. AFAIU the need to
>>>>> lock the memory is to avoid pages being pushed out from RAM into swap.
>>
>>
>> I recall successfully testing GPU assign...
2019 Aug 22
2
Re: RLIMIT_MEMLOCK in container environment
...t mounts / capabilities added to the
> >>> pod, needed by libvirtd and other services.
> >>>
> >>> One of the capabilities libvirtd requires for successful startup
> >>> inside a pod is SYS_RESOURCE. This capability is used to adjust
> >>> RLIMIT_MEMLOCK ulimit value depending on devices attached to the
> >>> managed guest, both on startup and during hotplug. AFAIU the need to
> >>> lock the memory is to avoid pages being pushed out from RAM into swap.
>
>
> I recall successfully testing GPU assignment from an unpri...
2019 Aug 24
1
Re: RLIMIT_MEMLOCK in container environment
...; >>>>> pod, needed by libvirtd and other services.
> >>>>>
> >>>>> One of the capabilities libvirtd requires for successful startup
> >>>>> inside a pod is SYS_RESOURCE. This capability is used to adjust
> >>>>> RLIMIT_MEMLOCK ulimit value depending on devices attached to the
> >>>>> managed guest, both on startup and during hotplug. AFAIU the need to
> >>>>> lock the memory is to avoid pages being pushed out from RAM into
> swap.
> >>
> >>
> >> I recall s...
2008 Aug 04
1
pam max locked memory issue after updating to 5.2 and rebooting
...and on most of
the nodes we haven't yet rebooted them due to log running processes
but a few nodes have been restarted and now that jobs are starting to
be put on them we are back to max locked memory of 32k rather than
16gb.
The error we are receiving on those jobs is :
libibverbs: Warning: RLIMIT_MEMLOCK is 32768 bytes.
This will severely limit memory registrations.
libibverbs: Warning: RLIMIT_MEMLOCK is 32768 bytes.
This will severely limit memory registrations.
Fatal error in MPI_Init:
Other MPI error, error stack:
MPIR_Init_thread(306).......: Initialization failed
MPID_Init(113)...........
2001 Feb 08
0
openssh2.3.0p1 and /etc/limits
...t][Uu][Ll][Pp]
+ * (eg. 'C2F256D2048N5' or 'C2 F256 D2048 N5')
+ * where:
+ * [Aa]: a = RLIMIT_AS max address space (KB)
+ * [Cc]: c = RLIMIT_CORE max core file size (KB)
+ * [Dd]: d = RLIMIT_DATA max data size (KB)
+ * [Ff]: f = RLIMIT_FSIZE Maximum filesize (KB)
+ * [Mm]: m = RLIMIT_MEMLOCK max locked-in-memory address space (KB)
+ * [Nn]: n = RLIMIT_NOFILE max number of open files
+ * [Rr]: r = RLIMIT_RSS max resident set size (KB)
+ * [Ss]: s = RLIMIT_STACK max stack size (KB)
+ * [Tt]: t = RLIMIT_CPU max CPU time (MIN)
+ * [Uu]: u = RLIMIT_NPROC max number of processes
+ * [Ll]:...
2013 Nov 15
2
Using hostdev to plug a PCI-E host device into Q35 pcie-root port
...ue='-device'/>
<qemu:arg value='vfio-pci,host=05:00.0,bus=pcie.0'/>
</qemu:commandline>
but I insist on running the VM as non-root, and if I got that right I
need to configure at least one vfio device (or memory locking) in order
for libvirt to set a proper RLIMIT_MEMLOCK value.
Any help would be be appreciated.
Regards,
Thomas
2002 Jun 26
0
[Bug 301] New: In openssh 3.3 and 3.4 pam session seems be called from non-root
...m_cur=50000*1024, rlim_max=50000*1024}) = -1
EPERM (Operation not permitted)
11860 setrlimit(RLIMIT_RSS, {rlim_cur=2147483647, rlim_max=2147483647}) = 0
11860 setrlimit(RLIMIT_NPROC, {rlim_cur=257, rlim_max=257}) = 0
11860 setrlimit(RLIMIT_NOFILE, {rlim_cur=1024, rlim_max=1024}) = 0
11860 setrlimit(RLIMIT_MEMLOCK, {rlim_cur=2147483647, rlim_max=2147483647}) = 0
11860 setrlimit(RLIMIT_AS, {rlim_cur=2147483647, rlim_max=2147483647}) = 0
11860 setrlimit(0xa /* RLIMIT_??? */, {rlim_cur=2147483647,
rlim_max=2147483647}) = 0
11860 setpriority(PRIO_PROCESS, 0, 0) = 0
11860 open("/etc/security/pam_mail.conf&...
2012 Jan 20
1
secpwgen
Hi,
secpwgen is always reporting
"mlock: Cannot allocate memory"
even with user root.
CentOS 6.2.
Problem with selinux?
Thank you for help in advance.
Best regards
Helmut Drodofsky
2016 May 09
0
CentOS-6.5 - CD/DVD does not sense media
...S30'
Revision : '1.01'
Device seems to be: Generic mmc2 DVD-R/DVD-RW.
But cdrecord says that their is no media present although I have
empirically determined that a blank dvd is in fact loaded into the
device:
cdrecord -load
wodim: Operation not permitted. Warning: Cannot raise RLIMIT_MEMLOCK
limits.Device was not specified. Trying to find an appropriate
drive...
Detected CD-R drive: /dev/cdrw
Using /dev/cdrom of unknown capabilities
Device type : Removable CD-ROM
Version : 5
Response Format: 2
Capabilities :
Vendor_info : 'HL-DT-ST'
Identification : 'DVD-RAM...
2020 Nov 03
0
[PATCH 1/2] Revert "vhost-vdpa: fix page pinning leakage in error path"
...izeof(struct vm_area_struct *),
> - GFP_KERNEL);
> - if (!page_list || !vmas) {
> - ret = -ENOMEM;
> - goto free;
> - }
> -
> mmap_read_lock(dev->mm);
>
> + locked = atomic64_add_return(npages, &dev->mm->pinned_vm);
> lock_limit = rlimit(RLIMIT_MEMLOCK) >> PAGE_SHIFT;
> - if (npages + atomic64_read(&dev->mm->pinned_vm) > lock_limit) {
> - ret = -ENOMEM;
> - goto unlock;
> - }
>
> - pinned = pin_user_pages(msg->uaddr & PAGE_MASK, npages, gup_flags,
> - page_list, vmas);
> - if (npages != pi...
2013 Nov 19
0
Re: Using hostdev to plug a PCI-E host device into Q35 pcie-root port
...> <qemu:arg value='vfio-pci,host=05:00.0,bus=pcie.0'/>
> </qemu:commandline>
>
> but I insist on running the VM as non-root, and if I got that right I
> need to configure at least one vfio device (or memory locking) in
> order for libvirt to set a proper RLIMIT_MEMLOCK value.
>
> Any help would be be appreciated.
For now at least, you'll need to let it plug into the pci-bridge device
pci.2 (which, as you've found, libvirt will automatically find when you
don't specify any address). Unfortunately that doesn't do you much good,
since that par...
2020 Oct 01
0
[PATCH] vhost-vdpa: fix page pinning leakage in error path
...ge *), GFP_KERNEL);
+ vmas = kvmalloc_array(npages, sizeof(struct vm_area_struct *),
+ GFP_KERNEL);
+ if (!page_list || !vmas) {
+ ret = -ENOMEM;
+ goto free;
+ }
+
mmap_read_lock(dev->mm);
- locked = atomic64_add_return(npages, &dev->mm->pinned_vm);
lock_limit = rlimit(RLIMIT_MEMLOCK) >> PAGE_SHIFT;
-
- if (locked > lock_limit) {
+ if (npages + atomic64_read(&dev->mm->pinned_vm) > lock_limit) {
ret = -ENOMEM;
- goto out;
+ goto unlock;
}
- cur_base = msg->uaddr & PAGE_MASK;
- iova &= PAGE_MASK;
+ pinned = pin_user_pages(msg->uaddr &a...
2020 Oct 01
0
[PATCH v2] vhost-vdpa: fix page pinning leakage in error path
...ge *), GFP_KERNEL);
+ vmas = kvmalloc_array(npages, sizeof(struct vm_area_struct *),
+ GFP_KERNEL);
+ if (!page_list || !vmas) {
+ ret = -ENOMEM;
+ goto free;
+ }
+
mmap_read_lock(dev->mm);
- locked = atomic64_add_return(npages, &dev->mm->pinned_vm);
lock_limit = rlimit(RLIMIT_MEMLOCK) >> PAGE_SHIFT;
-
- if (locked > lock_limit) {
+ if (npages + atomic64_read(&dev->mm->pinned_vm) > lock_limit) {
ret = -ENOMEM;
- goto out;
+ goto unlock;
}
- cur_base = msg->uaddr & PAGE_MASK;
- iova &= PAGE_MASK;
+ pinned = pin_user_pages(msg->uaddr &a...
1998 Nov 21
2
simple perl script bypasses limits
Any user with shell access, or with access to upload a cgi
script can exploit this to make machine thrash badly.
Seems to circumvent any limits in the kernel
Here are my settings
dlai@whale.home.org:/home/dlai?limit
cputime unlimited
filesize 20000 kbytes
datasize 8192 kbytes
stacksize 8192 kbytes
coredumpsize 1000000 kbytes
memoryuse 8192 kbytes
descriptors
2013 Nov 19
1
Re: Using hostdev to plug a PCI-E host device into Q35 pcie-root port
...g value='vfio-pci,host=05:00.0,bus=pcie.0'/>
>> </qemu:commandline>
>>
>> but I insist on running the VM as non-root, and if I got that right I
>> need to configure at least one vfio device (or memory locking) in
>> order for libvirt to set a proper RLIMIT_MEMLOCK value.
>>
>> Any help would be be appreciated.
>
> For now at least, you'll need to let it plug into the pci-bridge device
> pci.2 (which, as you've found, libvirt will automatically find when you
> don't specify any address). Unfortunately that doesn't do...