subject:"\[patch 1\/1\] net\/netfilter\/x_tables.c\: make allocation less aggressive"

Re: [patch 1/1] net/netfilter/x_tables.c: make allocation less aggressive

2018-01-31 Thread Michal Hocko

On Tue 30-01-18 11:53:58, Eric Dumazet wrote: [...] > How is __GFP_NORETRY working exactly ? this is what the documentation says. * __GFP_NORETRY: The VM implementation will try only very lightweight * memory direct reclaim to get some memory under memory pressure (thus * it can sleep). It

Re: [patch 1/1] net/netfilter/x_tables.c: make allocation less aggressive

2018-01-30 Thread Eric Dumazet

On Tue, 2018-01-30 at 11:30 -0800, a...@linux-foundation.org wrote: > From: Michal Hocko > Subject: net/netfilter/x_tables.c: make allocation less aggressive > > syzbot has noticed that xt_alloc_table_info can allocate a lot of memory. > This is an admin only interface but an

[patch 1/1] net/netfilter/x_tables.c: make allocation less aggressive

2018-01-30 Thread akpm

From: Michal Hocko Subject: net/netfilter/x_tables.c: make allocation less aggressive syzbot has noticed that xt_alloc_table_info can allocate a lot of memory. This is an admin only interface but an admin in a namespace is sufficient as well. eacd86ca3b03