[Devel] [PATCH vz9 00/20] part22
Nikita Yushchenko
nikita.yushchenko at virtuozzo.com
Wed Oct 13 18:26:11 MSK 2021
Andrey Ryabinin (6):
ve/page_alloc, kstat: account allocation latencies per-task and
per-thread
/proc/<pid>/vz_latency: Show maximal allocation latency in the last
2min.
/proc/<pid>/vz_latency: Add scheduling stats
/proc/vz/latency: distinguish atomic allocations in irq from in task
atomics.
/proc/vz/latency: Show max latency in 2 min instead of 5sec.
mm/page_alloc: add latency to the page_alloc tracepoint
Jan Dakinevich (1):
net: export net/core/somaxconn sysctl for unprivileged users
Kirill Tkhai (4):
core: Add glob_kstat, percpu kstat and account mm stat
ve/netfilter: Check for permittions while looking for target and match
net: Mark conntrack users in xtables
net: Mark conntrack users in nftables
Konstantin Khorenko (4):
ve/device_cgroup: Introduce "devices.extra_list" cgroup file
xfs: Allow to mount XFS in non-init userns
ve/netfilter: Implement pernet expect_max / virtualize
"net.netfilter.nf_conntrack_expect_max" sysctl
ve/netfilter: Implement pernet net->ct.max / virtualize
"nf_conntrack_max" sysctl
Pavel Tikhomirov (2):
fence-watchdog: Print alive messages
ve/device_cgroup: Show all devices allowed in ct to fool docker
Stanislav Kinsburskiy (2):
ve/netfilter: Send iptables/netfilter kernel error messages to
Containers
net: Primitives to enable conntrack allocation
Vasily Averin (1):
net: export "net/*/neigh/*/*" sysctls for Container
fs/proc/base.c | 105 ++++++++++++++++++++
fs/xfs/xfs_super.c | 2 +-
include/linux/device_cgroup.h | 4 +-
include/linux/kstat.h | 9 +-
include/linux/sched.h | 5 +
include/linux/sched/signal.h | 3 +
include/linux/vzstat.h | 15 +++
include/net/netfilter/nf_conntrack.h | 18 +++-
include/net/netfilter/nf_conntrack_expect.h | 1 -
include/trace/events/kmem.h | 11 +-
kernel/exit.c | 27 +++++
kernel/fence-watchdog.c | 6 ++
kernel/fork.c | 4 +
kernel/sched/fair.c | 13 ++-
kernel/ve/vecalls.c | 2 +-
kernel/ve/vzstat.c | 23 ++++-
kernel/ve/vzstat_core.c | 17 ++--
mm/memory.c | 22 +++-
mm/page_alloc.c | 79 ++++++++++++++-
net/core/neighbour.c | 5 +-
net/core/sysctl_net_core.c | 4 +-
net/ipv4/netfilter/ip_tables.c | 7 +-
net/ipv4/netfilter/ipt_CLUSTERIP.c | 2 +
net/ipv4/netfilter/ipt_REJECT.c | 4 +-
net/ipv4/netfilter/ipt_SYNPROXY.c | 2 +
net/ipv6/netfilter/ip6t_SYNPROXY.c | 2 +
net/netfilter/nf_conncount.c | 2 +
net/netfilter/nf_conntrack_core.c | 38 +++++--
net/netfilter/nf_conntrack_expect.c | 9 +-
net/netfilter/nf_conntrack_netlink.c | 9 +-
net/netfilter/nf_conntrack_standalone.c | 75 ++++++++------
net/netfilter/nft_connlimit.c | 7 +-
net/netfilter/nft_ct.c | 2 +
net/netfilter/nft_flow_offload.c | 6 +-
net/netfilter/nft_masq.c | 6 +-
net/netfilter/nft_nat.c | 6 +-
net/netfilter/nft_redir.c | 6 +-
net/netfilter/nft_synproxy.c | 1 +
net/netfilter/x_tables.c | 99 +++++++++++-------
net/netfilter/xt_CONNSECMARK.c | 2 +
net/netfilter/xt_CT.c | 1 +
net/netfilter/xt_HMARK.c | 1 +
net/netfilter/xt_MASQUERADE.c | 6 +-
net/netfilter/xt_NETMAP.c | 14 ++-
net/netfilter/xt_REDIRECT.c | 13 ++-
net/netfilter/xt_TCPMSS.c | 12 ++-
net/netfilter/xt_cluster.c | 2 +
net/netfilter/xt_connbytes.c | 2 +
net/netfilter/xt_connlabel.c | 3 +-
net/netfilter/xt_connmark.c | 2 +
net/netfilter/xt_conntrack.c | 2 +
net/netfilter/xt_helper.c | 1 +
net/netfilter/xt_ipvs.c | 1 +
net/netfilter/xt_limit.c | 4 +-
net/netfilter/xt_nat.c | 14 ++-
net/netfilter/xt_socket.c | 11 ++
net/netfilter/xt_state.c | 2 +
security/device_cgroup.c | 59 ++++++++++-
58 files changed, 675 insertions(+), 135 deletions(-)
--
2.30.2
More information about the Devel
mailing list