lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 12 Jul 2012 19:17:18 +0800
From:	Lin Ming <mlin@...pku.edu.cn>
To:	Huang Qiang <h.huangqiang@...wei.com>
Cc:	David Miller <davem@...emloft.net>, glommer@...allels.com,
	netdev@...r.kernel.org, containers@...ts.linux-foundation.org,
	yangzhenzhang@...wei.com
Subject: Re: [PATCH v2] netns: correctly use per-netns ipv4 sysctl_tcp_mem

On Thu, Jul 12, 2012 at 5:33 PM, Huang Qiang <h.huangqiang@...wei.com> wrote:
> From: Yang Zhenzhang <yangzhenzhang@...wei.com>
>
> Now, kernel allows each net namespace to independently set up its levels
> for tcp memory pressure thresholds.
>
> But it seems there is a bug, as using the following steps:
>
> [root@...t socket]# lxc-start -n test -f config /bin/bash
> [root@...-test socket]# ip route add default via 192.168.58.2
> [root@...-test socket]# echo 0 0 0 > /proc/sys/net/ipv4/tcp_mem
> [root@...-test socket]# scp root@....168.58.174:/home/tcp_mem_test .
>
> and it still can transport the "tcp_mem_test" file which we hope it
> would not.
>
> It's because inet_init() (net/ipv4/af_inet.c)initialize the tcp_prot.sysctl_mem:
> tcp_prot.sysctl_mem = init_net.ipv4.sysctl_tcp_mem;
>
> So when the protocal is TCP, sk->sk_prot->sysctl_mem(following code)

s/protocal/protocol/

> always use the ipv4 sysctl_tcp_mem of init_net namespace rather than
> it's own net namespace.
> This patch simply set "prot" equal to net->ipv4.sysctl_tcp_mem when
> the protocol type is TCP.
>
> Signed-off-by: Yang Zhenzhang <yangzhenzhang@...wei.com>
> Signed-off-by: Huang Qiang <h.huangqiang@...wei.com>
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ