LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

user_namespaces.7: Document new 340 line idmap limit 

This patch documents the following kernel commit:

    commit 6397fac4915ab3002dc15aae751455da1a852f25
    Author: Christian Brauner <christian.brauner@ubuntu.com>
    Date:   Wed Oct 25 00:04:41 2017 +0200

        userns: bump idmap limits to 340

Since Linux 4.15 the number of idmap lines has been bumped to 340.
The patch also removes the "(arbitrary)" in "There is an
(arbitrary) limit on the number of lines in the file." since the
340 line limit is well-explained by the current implementation.
The struct recording the idmaps is 12 bytes and quite some proc
files only allow writes the size of a single page size which is
4096kB. This leaves room for 340 idmappings (340 * 12 = 4080
bytes).  The struct layout itself has been chosen very carefully
to allow for an implementation that limits the time-complexity for
the idmap codepaths to O(log n). However, I think it's unnecessary
to expose this much implementation detail to users in the man
page. So only mention this in the commit message.  Furthermore,
the comment about the page size restriction is misleading. The
kernel sources show that >= page size is considered an error.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Christian Brauner 2017-11-19 02:25:05 +01:00 committed by Michael Kerrisk
parent df5b5f9aa8
commit dc04b65274
1 changed files with 2 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
man7/user_namespaces.7
View File

@ -510,13 +510,10 @@ and the last field must be greater than 0.
.IP *
Lines are terminated by newline characters.
.IP *
There is an (arbitrary) limit on the number of lines in the file.
As at Linux 3.18, the limit is five lines.
There is a limit on the number of lines in the file.
As of Linux 4.15, the limit is 340 lines.
In addition, the number of bytes written to
the file must be less than the system page size,
.\" FIXME(Eric): the restriction "less than" rather than "less than or equal"
.\" seems strangely arbitrary. Furthermore, the comment does not agree
.\" with the code in kernel/user_namespace.c. Which is correct?
and the write must be performed at the start of the file (i.e.,
.BR lseek (2)
and