On Mon, Jul 26, 2021 at 10:33 PM Vasily Averin <vvs@xxxxxxxxxxxxx> wrote: > > Container admin can create new namespaces and force kernel to allocate > up to several pages of memory for the namespaces and its associated > structures. > Net and uts namespaces have enabled accounting for such allocations. > It makes sense to account for rest ones to restrict the host's memory > consumption from inside the memcg-limited container. > > Signed-off-by: Vasily Averin <vvs@xxxxxxxxxxxxx> > Acked-by: Serge Hallyn <serge@xxxxxxxxxx> > Acked-by: Christian Brauner <christian.brauner@xxxxxxxxxx> > Acked-by: Kirill Tkhai <ktkhai@xxxxxxxxxxxxx> Reviewed-by: Shakeel Butt <shakeelb@xxxxxxxxxx>
