korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-16 16:54:20 +08:00
Code Issues Packages Projects Releases Wiki Activity
a89893dd7b
linux/net/ipv6
History
Vasily Averin 6126891c6d memcg: enable accounting for IP address and routing-related objects 
An netadmin inside container can use 'ip a a' and 'ip r a'
to assign a large number of ipv4/ipv6 addresses and routing entries
and force kernel to allocate megabytes of unaccounted memory
for long-lived per-netdevice related kernel objects:
'struct in_ifaddr', 'struct inet6_ifaddr', 'struct fib6_node',
'struct rt6_info', 'struct fib_rules' and ip_fib caches.

These objects can be manually removed, though usually they lives
in memory till destroy of its net namespace.

It makes sense to account for them to restrict the host's memory
consumption from inside the memcg-limited container.

One of such objects is the 'struct fib6_node' mostly allocated in
net/ipv6/route.c::__ip6_ins_rt() inside the lock_bh()/unlock_bh() section:

 write_lock_bh(&table->tb6_lock);
 err = fib6_add(&table->tb6_root, rt, info, mxc);
 write_unlock_bh(&table->tb6_lock);

In this case it is not enough to simply add SLAB_ACCOUNT to corresponding
kmem cache. The proper memory cgroup still cannot be found due to the
incorrect 'in_interrupt()' check used in memcg_kmem_bypass().

Obsoleted in_interrupt() does not describe real execution context properly.
>From include/linux/preempt.h:

 The following macros are deprecated and should not be used in new code:
 in_interrupt()	- We're in NMI,IRQ,SoftIRQ context or have BH disabled

To verify the current execution context new macro should be used instead:
 in_task()	- We're in task context

Signed-off-by: Vasily Averin <vvs@virtuozzo.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2021-07-20 06:00:38 -07:00
..
ila net: Add MODULE_DESCRIPTION entries to network modules 2020-06-20 21:33:57 -07:00
netfilter Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-06-18 19:47:02 -07:00
addrconf_core.c ipv6: add ipv6_dev_find to stubs 2021-03-30 13:29:39 -07:00
addrconf.c memcg: enable accounting for IP address and routing-related objects 2021-07-20 06:00:38 -07:00
addrlabel.c ipv6: addrlabel: fix possible memory leak in ip6addrlbl_net_init 2020-11-25 11:20:16 -08:00
af_inet6.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 2021-04-02 11:03:07 -07:00
ah6.c xfrm: remove hdr_offset indirection 2021-06-11 14:48:50 +02:00
anycast.c ipv6: fix memory leaks on IPV6_ADDRFORM path 2020-07-30 16:30:55 -07:00
calipso.c cipso,calipso: resolve a number of problems with the DOI refcounts 2021-03-04 15:26:57 -08:00
datagram.c lsm,selinux: pass flowi_common instead of flowi to the LSM hooks 2020-11-23 18:36:21 -05:00
esp6_offload.c xfrm: remove description from xfrm_type struct 2021-06-09 09:38:52 +02:00
esp6.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-06-29 15:45:27 -07:00
exthdrs_core.c ipv6: remove printk 2019-07-27 14:23:48 -07:00
exthdrs_offload.c
exthdrs.c ipv6: fix out-of-bound access in ip6_parse_tlv() 2021-06-24 12:42:57 -07:00
fib6_notifier.c net: fib_notifier: propagate extack down to the notifier block callback 2019-10-04 11:10:56 -07:00
fib6_rules.c ipv6: fib6: remove redundant initialization of variable err 2021-06-14 12:42:26 -07:00
fou6.c net: Add MODULE_DESCRIPTION entries to network modules 2020-06-20 21:33:57 -07:00
icmp.c ipv6: ICMPV6: add response to ICMPV6 RFC 8335 PROBE messages 2021-06-28 14:29:45 -07:00
inet6_connection_sock.c lsm,selinux: pass flowi_common instead of flowi to the LSM hooks 2020-11-23 18:36:21 -05:00
inet6_hashtables.c net: ipv6: remove unused arg exact_dif in compute_score 2020-08-31 13:08:10 -07:00
ip6_checksum.c
ip6_fib.c memcg: enable accounting for IP address and routing-related objects 2021-07-20 06:00:38 -07:00
ip6_flowlabel.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next 2020-08-05 20:13:21 -07:00
ip6_gre.c ipv6: remove extra dev_hold() for fallback tunnels 2021-03-31 14:53:11 -07:00
ip6_icmp.c net: icmp: pass zeroed opts from icmp{,v6}_ndo_send before sending 2021-02-23 11:29:52 -08:00
ip6_input.c ipv6: weaken the v4mapped source check 2021-03-18 11:19:23 -07:00
ip6_offload.c net/core: move gro function declarations to separate header 2021-02-04 18:37:57 -08:00
ip6_offload.h
ip6_output.c ipv6: allocate enough headroom in ip6_finish_output2() 2021-07-12 11:25:12 -07:00
ip6_tunnel.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-06-29 15:45:27 -07:00
ip6_udp_tunnel.c net: Make locking in sock_bindtoindex optional 2020-06-01 14:57:14 -07:00
ip6_vti.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2021-04-09 20:48:35 -07:00
ip6mr.c net/ipv6: switch ip6_mroute_setsockopt to sockptr_t 2020-07-24 15:41:54 -07:00
ipcomp6.c xfrm: remove hdr_offset indirection 2021-06-11 14:48:50 +02:00
ipv6_sockglue.c net/ipv6: propagate user pointer annotation 2020-12-01 11:42:33 -08:00
Kconfig net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC 2020-09-18 17:45:04 -07:00
Makefile net: ipv6: add rpl sr tunnel 2020-03-29 22:30:57 -07:00
mcast_snoop.c net: bridge: mcast: fix broken length + header check for MRDv6 Adv. 2021-04-27 14:02:06 -07:00
mcast.c mld: avoid unnecessary high order page allocation in mld_newpack() 2021-06-14 12:46:00 -07:00
mip6.c xfrm: ipv6: move mip6_rthdr_offset into xfrm core 2021-06-11 14:48:50 +02:00
ndisc.c net: allow user to set metric on default route learned via Router Advertisement 2021-01-26 18:39:45 -08:00
netfilter.c netfilter: Dissect flow after packet mangling 2021-04-18 22:04:16 +02:00
output_core.c ipv6: use prandom_u32() for ID generation 2021-05-31 22:12:08 -07:00
ping.c lsm,selinux: pass flowi_common instead of flowi to the LSM hooks 2020-11-23 18:36:21 -05:00
proc.c net: udp: introduce UDP_MIB_MEMERRORS for udp_mem 2020-11-09 15:34:44 -08:00
protocol.c
raw.c net: sock: introduce sk_error_report 2021-06-29 11:28:21 -07:00
reassembly.c ipv6: record frag_max_size in atomic fragments in input path 2021-05-21 15:02:25 -07:00
route.c memcg: enable accounting for IP address and routing-related objects 2021-07-20 06:00:38 -07:00
rpl_iptunnel.c net: ipv6: rpl_iptunnel: simplify the return expression of rpl_do_srh() 2020-12-08 16:22:54 -08:00
rpl.c net: ipv6: rpl*: Fix strange kerneldoc warnings due to bad header 2020-10-30 12:12:52 -07:00
seg6_hmac.c crypto: sha - split sha.h into sha1.h and sha2.h 2020-11-20 14:45:33 +11:00
seg6_iptunnel.c seg6_iptunnel: Refactor seg6_lwt_headroom out of uapi header 2020-08-03 17:57:40 -07:00
seg6_local.c seg6: add support for SRv6 End.DT46 Behavior 2021-06-18 11:35:47 -07:00
seg6.c net: Remove redundant assignment to err 2021-04-29 15:34:15 -07:00
sit.c sit: allow redirecting ip6ip, ipip and mplsip packets to eth devices 2021-06-28 12:44:17 -07:00
syncookies.c selinux/stable-5.11 PR 20201214 2020-12-16 11:01:04 -08:00
sysctl_net_ipv6.c net: Add notifications when multipath hash field change 2021-05-19 12:47:47 -07:00
tcp_ipv6.c net: send SYNACK packet with accepted fwmark 2021-07-09 11:24:02 -07:00
tcpv6_offload.c
tunnel6.c tunnel6: add tunnel6_input_afinfo for ipip and ipv6 tunnels 2020-07-09 12:52:37 +02:00
udp_impl.h net: pass a sockptr_t into ->setsockopt 2020-07-24 15:41:54 -07:00
udp_offload.c udp: properly complete L4 GRO over UDP tunnel packet 2021-03-30 17:06:49 -07:00
udp.c udp: annotate data races around unix_sk(sk)->gso_size 2021-07-01 13:23:19 -07:00
udplite.c net/ipv6: remove compat_ipv6_{get,set}sockopt 2020-07-19 18:16:41 -07:00
xfrm6_input.c xfrm: state: remove extract_input indirection from xfrm_state_afinfo 2020-05-06 09:40:08 +02:00
xfrm6_output.c net: ipv6: fix return value of ip6_skb_dst_mtu 2021-07-02 11:57:01 -07:00
xfrm6_policy.c net: add bool confirm_neigh parameter for dst_ops.update_pmtu 2019-12-24 22:28:54 -08:00
xfrm6_protocol.c xfrm: add support for UDPv6 encapsulation of ESP 2020-04-28 11:28:36 +02:00
xfrm6_state.c xfrm: remove output_finish indirection from xfrm_state_afinfo 2020-05-06 09:40:08 +02:00
xfrm6_tunnel.c xfrm: remove description from xfrm_type struct 2021-06-09 09:38:52 +02:00