From a40f9fb184a869ad9fe486d4d05a2420f02e9736 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Mon, 6 Jan 2020 13:49:04 +0100 Subject: [PATCH] drop queue-4.4/memcg-account-security-cred-as-well-to-kmemcg.patch --- ...ount-security-cred-as-well-to-kmemcg.patch | 66 ------------------- queue-4.4/series | 1 - 2 files changed, 67 deletions(-) delete mode 100644 queue-4.4/memcg-account-security-cred-as-well-to-kmemcg.patch diff --git a/queue-4.4/memcg-account-security-cred-as-well-to-kmemcg.patch b/queue-4.4/memcg-account-security-cred-as-well-to-kmemcg.patch deleted file mode 100644 index 56141f21507..00000000000 --- a/queue-4.4/memcg-account-security-cred-as-well-to-kmemcg.patch +++ /dev/null @@ -1,66 +0,0 @@ -From 84029fd04c201a4c7e0b07ba262664900f47c6f5 Mon Sep 17 00:00:00 2001 -From: Shakeel Butt -Date: Sat, 4 Jan 2020 12:59:43 -0800 -Subject: memcg: account security cred as well to kmemcg - -From: Shakeel Butt - -commit 84029fd04c201a4c7e0b07ba262664900f47c6f5 upstream. - -The cred_jar kmem_cache is already memcg accounted in the current kernel -but cred->security is not. Account cred->security to kmemcg. - -Recently we saw high root slab usage on our production and on further -inspection, we found a buggy application leaking processes. Though that -buggy application was contained within its memcg but we observe much -more system memory overhead, couple of GiBs, during that period. This -overhead can adversely impact the isolation on the system. - -One source of high overhead we found was cred->security objects, which -have a lifetime of at least the life of the process which allocated -them. - -Link: http://lkml.kernel.org/r/20191205223721.40034-1-shakeelb@google.com -Signed-off-by: Shakeel Butt -Acked-by: Chris Down -Reviewed-by: Roman Gushchin -Acked-by: Michal Hocko -Cc: Johannes Weiner -Cc: -Signed-off-by: Andrew Morton -Signed-off-by: Linus Torvalds -Signed-off-by: Greg Kroah-Hartman - ---- - kernel/cred.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - ---- a/kernel/cred.c -+++ b/kernel/cred.c -@@ -219,7 +219,7 @@ struct cred *cred_alloc_blank(void) - new->magic = CRED_MAGIC; - #endif - -- if (security_cred_alloc_blank(new, GFP_KERNEL) < 0) -+ if (security_cred_alloc_blank(new, GFP_KERNEL_ACCOUNT) < 0) - goto error; - - return new; -@@ -278,7 +278,7 @@ struct cred *prepare_creds(void) - new->security = NULL; - #endif - -- if (security_prepare_creds(new, old, GFP_KERNEL) < 0) -+ if (security_prepare_creds(new, old, GFP_KERNEL_ACCOUNT) < 0) - goto error; - validate_creds(new); - return new; -@@ -653,7 +653,7 @@ struct cred *prepare_kernel_cred(struct - #ifdef CONFIG_SECURITY - new->security = NULL; - #endif -- if (security_prepare_creds(new, old, GFP_KERNEL) < 0) -+ if (security_prepare_creds(new, old, GFP_KERNEL_ACCOUNT) < 0) - goto error; - - put_cred(old); diff --git a/queue-4.4/series b/queue-4.4/series index 4505ab5888a..e0384343b58 100644 --- a/queue-4.4/series +++ b/queue-4.4/series @@ -14,7 +14,6 @@ taskstats-fix-data-race.patch revert-perf-report-add-warning-when-libunwind-not-co.patch alsa-ice1724-fix-sleep-in-atomic-in-infrasonic-quartet-support-code.patch mips-avoid-vdso-abi-breakage-due-to-global-register-variable.patch -memcg-account-security-cred-as-well-to-kmemcg.patch locks-print-unsigned-ino-in-proc-locks.patch dmaengine-fix-access-to-uninitialized-dma_slave_caps.patch compat_ioctl-block-handle-persistent-reservations.patch -- 2.47.3