TechQA.

How to restrict users or applications from using hugepage support?

4.6k views Asked by At

We deploy and use (home grown applications internally) all of which actually use hugepages and the mmap() syscall. But I would prefer to restrict some of the applications from actually using huge page support. Can this be achieved by any changes in the code or any system wide config options which could be implemented?

c linux-kernel huge-pages
Original Q&A
1

There are 1 answers

0
askb On BEST ANSWER

I would recommend setting and using the kernel tunable option vm.hugetlb_shm_group=<GID> in /etc/sysctl.conf or manually through hugeadm command. The example below means only members of group mygroup(2341) can allocate "huge" Shared memory segment

vm.hugetlb_shm_group = 2341

Note: Only (the users part of) the group listed in vm.hugetlb_shm_group kernel tunable, sysctl will be able to use shmget() and shmat() calls to access the HugePages. However any user calling mmap() can access HugePages. Your code may require some some changes accordingly, if only using mmap().

Only one group can be defined as the vm.hugetlb_shm_group. After updating the values of kernel parameters in the /etc/sysctl.conf file, either restart the computer, or run the command sysctl -p to make the changes in the /etc/sysctl.conf file available in the active kernel memory.

Refer: hugeadm command.

--set-shm-group=

Users in the group specified in /proc/sys/vm/hugetlb_shm_group are granted full access to huge pages. The sysctl takes a numeric gid, but this hugeadm option can set it for you, using either a gid or group name.

Related Questions in C

Related Questions in LINUX-KERNEL

Related Questions in HUGE-PAGES

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions