On Thu, Oct 11, 2018 at 04:27:46PM +0200, Greg KH wrote: > On Mon, May 14, 2018 at 11:46:00AM +0100, Roman Gushchin wrote: > > On Sat, May 12, 2018 at 03:35:59PM +0200, gregkh@xxxxxxxxxxxxxxxxxxx wrote: > > > > > > The patch below does not apply to the 4.16-stable tree. > > > If someone wants it applied there, or to any other stable or longterm > > > tree, then please email the backport, including the original git commit > > > id to <stable@xxxxxxxxxxxxxxx>. > > > > > > thanks, > > > > > > greg k-h > > > > Hi, Greg! > > > > This patch is a part of the following patchset: > > 7aaf77272358 mm: don't show nr_indirectly_reclaimable in /proc/vmstat > > d79f7aa496fc mm: treat indirectly reclaimable memory as free in overcommit logic > > f1782c9bc547 dcache: account external names as indirectly reclaimable memory > > 034ebf65c3c2 mm: treat indirectly reclaimable memory as available in MemAvailable > > eb59254608bc mm: introduce NR_INDIRECTLY_RECLAIMABLE_BYTES > > > > It should be backported as a whole. It applies cleanly on 4.16-stable, > > and with a minor trivial adjustment to 4.14-stable. > > Sorry for the long delay, digging out of my stable backlog... > > Anyway, is this still needed for 4.14-stable? There is a security issue, which these patches are closing. It allows to cause a system-wide memory allocation failure, if overcommit logic is enabled and it's possible to create negative dentries (e.g. asking httpd for non-existing files). The issue is very old and exists in most stable branches, so Idk how bad is to leave it open in 4.14. Anyway, please, let me know if I can help somehow. Thanks!
