On 3/15/21 6:23 AM, Vasily Averin wrote: > An untrusted netadmin inside a memcg-limited container can create a > huge number of routing entries. Currently, allocated kernel objects > are not accounted to proper memcg, so this can lead to global memory > shortage on the host and cause lot of OOM kiils. > > This patch enables accounting for 'struct fib_rules' > --- > net/core/fib_rules.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > Acked-by: David Ahern <dsahern@xxxxxxxxxx>
