| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <213aa1d3-5df9-0337-c583-34f3de5f1582@candelatech.com> Date: Fri, 22 Nov 2019 16:14:34 -0800 From: Ben Greear <greearb@...delatech.com> To: David Ahern <dsahern@...il.com>, netdev <netdev@...r.kernel.org> Subject: Re: VRF and/or cgroups problem on Fedora-30, 5.2.21+ kernel On 11/22/19 4:06 PM, David Ahern wrote: > On 11/22/19 5:03 PM, Ben Greear wrote: >> Hello, >> >> We see a problem on a particular system when trying to run 'ip vrf exec >> _vrf1 ping 1.1.1.1'. >> This system reproduces the problem all the time, but other systems with >> exact same (as far as >> we can tell) software may fail occasionally, but then it will work again. >> >> Here is an strace output. I changed to the >> "/sys/fs/cgroup/unified/user.slice/user-1000.slice/session-2.scope/vrf/_vrf1" >> >> directory as root user, and could view the files in that directory, so >> I'm not sure why the strace shows error 5. >> >> Any idea what could be the problem and/or how to fix it or debug further? >> >> >> This command was run as root user. > > check 'ulimit -l'. BPF is used to set the VRF and it requires locked memory. It is set to '64'. What is a good value to use? Thanks, Ben -- Ben Greear <greearb@...delatech.com> Candela Technologies Inc http://www.candelatech.com
Powered by blists - more mailing lists