lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAF1ivSbYF=wYaPR3XQOZZ_KcvAVYdnU0=deDaCYMLTnhoJ3OZw@mail.gmail.com> Date: Thu, 12 Jul 2012 19:17:18 +0800 From: Lin Ming <mlin@...pku.edu.cn> To: Huang Qiang <h.huangqiang@...wei.com> Cc: David Miller <davem@...emloft.net>, glommer@...allels.com, netdev@...r.kernel.org, containers@...ts.linux-foundation.org, yangzhenzhang@...wei.com Subject: Re: [PATCH v2] netns: correctly use per-netns ipv4 sysctl_tcp_mem On Thu, Jul 12, 2012 at 5:33 PM, Huang Qiang <h.huangqiang@...wei.com> wrote: > From: Yang Zhenzhang <yangzhenzhang@...wei.com> > > Now, kernel allows each net namespace to independently set up its levels > for tcp memory pressure thresholds. > > But it seems there is a bug, as using the following steps: > > [root@...t socket]# lxc-start -n test -f config /bin/bash > [root@...-test socket]# ip route add default via 192.168.58.2 > [root@...-test socket]# echo 0 0 0 > /proc/sys/net/ipv4/tcp_mem > [root@...-test socket]# scp root@....168.58.174:/home/tcp_mem_test . > > and it still can transport the "tcp_mem_test" file which we hope it > would not. > > It's because inet_init() (net/ipv4/af_inet.c)initialize the tcp_prot.sysctl_mem: > tcp_prot.sysctl_mem = init_net.ipv4.sysctl_tcp_mem; > > So when the protocal is TCP, sk->sk_prot->sysctl_mem(following code) s/protocal/protocol/ > always use the ipv4 sysctl_tcp_mem of init_net namespace rather than > it's own net namespace. > This patch simply set "prot" equal to net->ipv4.sysctl_tcp_mem when > the protocol type is TCP. > > Signed-off-by: Yang Zhenzhang <yangzhenzhang@...wei.com> > Signed-off-by: Huang Qiang <h.huangqiang@...wei.com> -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists