Re: [PATCH v2 1/1] sctp: sysctl: make extra pointers netns aware
From: Marcelo Ricardo Leitner
Date: Fri Nov 25 2022 - 07:22:48 EST
On Fri, Nov 25, 2022 at 08:11:27PM +0800, Firo Yang wrote:
> Recently, a customer reported that from their container whose
> net namespace is different to the host's init_net, they can't set
> the container's net.sctp.rto_max to any value smaller than
> init_net.sctp.rto_min.
>
> For instance,
> Host:
> sudo sysctl net.sctp.rto_min
> net.sctp.rto_min = 1000
>
> Container:
> echo 100 > /mnt/proc-net/sctp/rto_min
> echo 400 > /mnt/proc-net/sctp/rto_max
> echo: write error: Invalid argument
>
> This is caused by the check made from this'commit 4f3fdf3bc59c
> ("sctp: add check rto_min and rto_max in sysctl")'
> When validating the input value, it's always referring the boundary
> value set for the init_net namespace.
>
> Having container's rto_max smaller than host's init_net.sctp.rto_min
> does make sense. Consider that the rto between two containers on the
> same host is very likely smaller than it for two hosts.
>
> So to fix this problem, as suggested by Marcelo, this patch makes the
> extra pointers of rto_min, rto_max, pf_retrans, and ps_retrans point
> to the corresponding variables from the newly created net namespace while
> the new net namespace is being registered in sctp_sysctl_net_register.
>
> Fixes: 4f3fdf3bc59c ("sctp: add check rto_min and rto_max in sysctl")
> Reviewed-by: Marcelo Ricardo Leitner <marcelo.leitner@xxxxxxxxx>
> Signed-off-by: Firo Yang <firo.yang@xxxxxxxx>
and
Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@xxxxxxxxx>
Thanks Firo.