Re: [PATCH v2] memcg: enable accounting for nft objects

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Re: [PATCH v2] memcg: enable accounting for nft objects
From: Florian Westphal <fw@xxxxxxxxx>
Date: Tue, 22 Mar 2022 11:25:31 +0100
Cc: Florian Westphal <fw@xxxxxxxxx>, Jozsef Kadlecsik <kadlec@xxxxxxxxxxxxx>, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>, linux-kernel@xxxxxxxxxxxxxxx, netfilter-devel@xxxxxxxxxxxxxxx, kernel@xxxxxxxxxx
In-reply-to: <f359be78-c95d-555a-67ec-f665f90e93b8@linux.dev>
User-agent: Mutt/1.10.1 (2018-07-13)

Vasily Averin <vasily.averin@xxxxxxxxx> wrote:
> nftables replaces iptables, but it lacks memcg accounting.
> 
> This patch account most of the memory allocation associated with nft
> and should protect the host from misusing nft inside a memcg restricted
> container.

LGTM.

Acked-by: Florian Westphal <fw@xxxxxxxxx>

References:
- Re: [PATCH RFC] memcg: Enable accounting for nft objects
  - From: Florian Westphal
- [PATCH v2] memcg: enable accounting for nft objects
  - From: Vasily Averin

Prev by Date: Re: bug report and future request
Next by Date: Re: bug report and future request
Previous by thread: [PATCH v2] memcg: enable accounting for nft objects
Next by thread: Re: [PATCH v2] memcg: enable accounting for nft objects
Index(es):
- Date
- Thread

[Index of Archives] [Netfitler Users] [Berkeley Packet Filter] [LARTC] [Bugtraq] [Yosemite Forum]

Powered by Linux