diff options
| author | Eric W. Biederman <ebiederm@xmission.com> | 2013-10-19 19:24:52 -0400 |
|---|---|---|
| committer | David S. Miller <davem@davemloft.net> | 2013-10-21 18:43:02 -0400 |
| commit | f594d63199688ad568fb69f6a790b11d6d6d1ba5 (patch) | |
| tree | 13dacd5aab7a7ff6a22388321a1cb7df3c793a76 /net/ipv4/sysctl_net_ipv4.c | |
| parent | cd91cce620907eb3c5b3e8b4d62aadf0a19baba9 (diff) | |
tcp_memcontrol: Remove setting cgroup settings via sysctl
The code is broken and does not constrain sysctl_tcp_mem as
tcp_update_limit does. With the result that it allows the cgroup tcp
memory limits to be bypassed.
The semantics are broken as the settings are not per netns and are in a
per netns table, and instead looks at current.
Since the code is broken in both design and implementation and does not
implement the functionality for which it was written remove it.
Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net/ipv4/sysctl_net_ipv4.c')
| -rw-r--r-- | net/ipv4/sysctl_net_ipv4.c | 39 |
1 files changed, 2 insertions, 37 deletions
diff --git a/net/ipv4/sysctl_net_ipv4.c b/net/ipv4/sysctl_net_ipv4.c index 4b161d5aba0b..8457f7bc4d89 100644 --- a/net/ipv4/sysctl_net_ipv4.c +++ b/net/ipv4/sysctl_net_ipv4.c | |||
| @@ -204,43 +204,8 @@ static int ipv4_tcp_mem(struct ctl_table *ctl, int write, | |||
| 204 | void __user *buffer, size_t *lenp, | 204 | void __user *buffer, size_t *lenp, |
| 205 | loff_t *ppos) | 205 | loff_t *ppos) |
| 206 | { | 206 | { |
| 207 | int ret; | 207 | ctl->data = ¤t->nsproxy->net_ns->ipv4.sysctl_tcp_mem; |
| 208 | unsigned long vec[3]; | 208 | return proc_doulongvec_minmax(ctl, write, buffer, lenp, ppos); |
| 209 | struct net *net = current->nsproxy->net_ns; | ||
| 210 | #ifdef CONFIG_MEMCG_KMEM | ||
| 211 | struct mem_cgroup *memcg; | ||
| 212 | #endif | ||
| 213 | |||
| 214 | struct ctl_table tmp = { | ||
| 215 | .data = &vec, | ||
| 216 | .maxlen = sizeof(vec), | ||
| 217 | .mode = ctl->mode, | ||
| 218 | }; | ||
| 219 | |||
| 220 | if (!write) { | ||
| 221 | ctl->data = &net->ipv4.sysctl_tcp_mem; | ||
| 222 | return proc_doulongvec_minmax(ctl, write, buffer, lenp, ppos); | ||
| 223 | } | ||
| 224 | |||
| 225 | ret = proc_doulongvec_minmax(&tmp, write, buffer, lenp, ppos); | ||
| 226 | if (ret) | ||
| 227 | return ret; | ||
| 228 | |||
| 229 | #ifdef CONFIG_MEMCG_KMEM | ||
| 230 | rcu_read_lock(); | ||
| 231 | memcg = mem_cgroup_from_task(current); | ||
| 232 | |||
| 233 | tcp_prot_mem(memcg, vec[0], 0); | ||
| 234 | tcp_prot_mem(memcg, vec[1], 1); | ||
| 235 | tcp_prot_mem(memcg, vec[2], 2); | ||
| 236 | rcu_read_unlock(); | ||
| 237 | #endif | ||
| 238 | |||
| 239 | net->ipv4.sysctl_tcp_mem[0] = vec[0]; | ||
| 240 | net->ipv4.sysctl_tcp_mem[1] = vec[1]; | ||
| 241 | net->ipv4.sysctl_tcp_mem[2] = vec[2]; | ||
| 242 | |||
| 243 | return 0; | ||
| 244 | } | 209 | } |
| 245 | 210 | ||
| 246 | static int proc_tcp_fastopen_key(struct ctl_table *ctl, int write, | 211 | static int proc_tcp_fastopen_key(struct ctl_table *ctl, int write, |