mirror of
https://github.com/openwrt/openwrt.git
synced 2024-12-23 15:32:33 +00:00
0232f57e1a
Refreshed all patches. Remove upstreamed: - 0001-net-thunderx-workaround-BGX-TX-Underflow-issue.patch - 600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch - 003-ARM-dts-oxnas-Fix-clear-mask-property.patch Fixes: - CVE-2020-8647 - CVE-2020-8648 (potentially) - CVE-2020-8649 Compile-tested on: cns3xxx, octeontx Runtime-tested on: cns3xxx Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
71 lines
1.8 KiB
Diff
71 lines
1.8 KiB
Diff
From 584bc4a6093ceb9aea07673185ee0084edc8690b Mon Sep 17 00:00:00 2001
|
|
From: Phil Elwell <phil@raspberrypi.org>
|
|
Date: Mon, 27 Nov 2017 17:14:54 +0000
|
|
Subject: [PATCH 136/454] cgroup: Disable cgroup "memory" by default
|
|
|
|
Some Raspberry Pis have limited RAM and most users won't use the
|
|
cgroup memory support so it is disabled by default. Enable with:
|
|
|
|
cgroup_enable=memory
|
|
|
|
See: https://github.com/raspberrypi/linux/issues/1950
|
|
|
|
Signed-off-by: Phil Elwell <phil@raspberrypi.org>
|
|
---
|
|
kernel/cgroup/cgroup.c | 30 ++++++++++++++++++++++++++++++
|
|
1 file changed, 30 insertions(+)
|
|
|
|
--- a/kernel/cgroup/cgroup.c
|
|
+++ b/kernel/cgroup/cgroup.c
|
|
@@ -5220,6 +5220,8 @@ int __init cgroup_init_early(void)
|
|
}
|
|
|
|
static u16 cgroup_disable_mask __initdata;
|
|
+static u16 cgroup_enable_mask __initdata;
|
|
+static int __init cgroup_disable(char *str);
|
|
|
|
/**
|
|
* cgroup_init - cgroup initialization
|
|
@@ -5258,6 +5260,12 @@ int __init cgroup_init(void)
|
|
|
|
mutex_unlock(&cgroup_mutex);
|
|
|
|
+ /* Apply an implicit disable... */
|
|
+ cgroup_disable("memory");
|
|
+
|
|
+ /* ...knowing that an explicit enable will override it. */
|
|
+ cgroup_disable_mask &= ~cgroup_enable_mask;
|
|
+
|
|
for_each_subsys(ss, ssid) {
|
|
if (ss->early_init) {
|
|
struct cgroup_subsys_state *css =
|
|
@@ -5649,6 +5657,28 @@ static int __init cgroup_disable(char *s
|
|
}
|
|
__setup("cgroup_disable=", cgroup_disable);
|
|
|
|
+static int __init cgroup_enable(char *str)
|
|
+{
|
|
+ struct cgroup_subsys *ss;
|
|
+ char *token;
|
|
+ int i;
|
|
+
|
|
+ while ((token = strsep(&str, ",")) != NULL) {
|
|
+ if (!*token)
|
|
+ continue;
|
|
+
|
|
+ for_each_subsys(ss, i) {
|
|
+ if (strcmp(token, ss->name) &&
|
|
+ strcmp(token, ss->legacy_name))
|
|
+ continue;
|
|
+
|
|
+ cgroup_enable_mask |= 1 << i;
|
|
+ }
|
|
+ }
|
|
+ return 1;
|
|
+}
|
|
+__setup("cgroup_enable=", cgroup_enable);
|
|
+
|
|
/**
|
|
* css_tryget_online_from_dir - get corresponding css from a cgroup dentry
|
|
* @dentry: directory dentry of interest
|