lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 25 Nov 2022 09:22:38 -0300 From: Marcelo Ricardo Leitner <marcelo.leitner@...il.com> To: Firo Yang <firo.yang@...e.com> Cc: vyasevich@...il.com, nhorman@...driver.com, mkubecek@...e.com, davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org, pabeni@...hat.com, linux-sctp@...r.kernel.org, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, firogm@...il.com Subject: Re: [PATCH v2 1/1] sctp: sysctl: make extra pointers netns aware On Fri, Nov 25, 2022 at 08:11:27PM +0800, Firo Yang wrote: > Recently, a customer reported that from their container whose > net namespace is different to the host's init_net, they can't set > the container's net.sctp.rto_max to any value smaller than > init_net.sctp.rto_min. > > For instance, > Host: > sudo sysctl net.sctp.rto_min > net.sctp.rto_min = 1000 > > Container: > echo 100 > /mnt/proc-net/sctp/rto_min > echo 400 > /mnt/proc-net/sctp/rto_max > echo: write error: Invalid argument > > This is caused by the check made from this'commit 4f3fdf3bc59c > ("sctp: add check rto_min and rto_max in sysctl")' > When validating the input value, it's always referring the boundary > value set for the init_net namespace. > > Having container's rto_max smaller than host's init_net.sctp.rto_min > does make sense. Consider that the rto between two containers on the > same host is very likely smaller than it for two hosts. > > So to fix this problem, as suggested by Marcelo, this patch makes the > extra pointers of rto_min, rto_max, pf_retrans, and ps_retrans point > to the corresponding variables from the newly created net namespace while > the new net namespace is being registered in sctp_sysctl_net_register. > > Fixes: 4f3fdf3bc59c ("sctp: add check rto_min and rto_max in sysctl") > Reviewed-by: Marcelo Ricardo Leitner <marcelo.leitner@...il.com> > Signed-off-by: Firo Yang <firo.yang@...e.com> and Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@...il.com> Thanks Firo.
Powered by blists - more mailing lists