Re: [PATCH RFC] memcg: Enable accounting for nft objects

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On 2/28/22 15:24, Florian Westphal wrote:
Vasily Averin <vvs@xxxxxxxxxxxxx> wrote:
nftables replaces iptables but still lacks memcg accounting.

diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 5fa16990da95..5e1987ec9715 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -149,7 +149,7 @@ static struct nft_trans *nft_trans_alloc_gfp(const struct nft_ctx *ctx,
  {
  	struct nft_trans *trans;
-	trans = kzalloc(sizeof(struct nft_trans) + size, gfp);
+	trans = kzalloc(sizeof(struct nft_trans) + size, gfp | __GFP_ACCOUNT);

trans_alloc is temporary in nature, they are always free'd by the
time syscall returns (else, bug).

dropped this hunk in v2

@@ -1084,6 +1084,7 @@ static int nf_tables_newtable(struct sk_buff *skb, const struct nfnl_info *info,
  	struct nft_table *table;
  	struct nft_ctx ctx;
  	u32 flags = 0;
+	gfp_t gfp = GFP_KERNEL_ACCOUNT;
  	int err;
  	lockdep_assert_held(&nft_net->commit_mutex);
@@ -1113,16 +1114,16 @@ static int nf_tables_newtable(struct sk_buff *skb, const struct nfnl_info *info,
  	}
  	err = -ENOMEM;
-	table = kzalloc(sizeof(*table), GFP_KERNEL);
+	table = kzalloc(sizeof(*table), gfp);

Why gfp temporary variable?  Readability? The subsititution looks correct.

Out of habit.
Some lines with GFP_KERNEL -> GFP_KERNEL_ACCOUNT changes exceeded 80 symbols,but it isn't required now. I've replaced it in v2.

Thank you,
	Vasily Averin




[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux