lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Fri, 22 Nov 2019 16:14:34 -0800
From:   Ben Greear <>
To:     David Ahern <>, netdev <>
Subject: Re: VRF and/or cgroups problem on Fedora-30, 5.2.21+ kernel

On 11/22/19 4:06 PM, David Ahern wrote:
> On 11/22/19 5:03 PM, Ben Greear wrote:
>> Hello,
>> We see a problem on a particular system when trying to run 'ip vrf exec
>> _vrf1 ping'.
>> This system reproduces the problem all the time, but other systems with
>> exact same (as far as
>> we can tell) software may fail occasionally, but then it will work again.
>> Here is an strace output.  I changed to the
>> "/sys/fs/cgroup/unified/user.slice/user-1000.slice/session-2.scope/vrf/_vrf1"
>> directory as root user, and could view the files in that directory, so
>> I'm not sure why the strace shows error 5.
>> Any idea what could be the problem and/or how to fix it or debug further?
>> This command was run as root user.
> check 'ulimit -l'. BPF is used to set the VRF and it requires locked memory.

It is set to '64'.  What is a good value to use?


Ben Greear <>
Candela Technologies Inc

Powered by blists - more mailing lists