On 07/09/2012 07:21 PM, David Miller wrote: > From: Huang Qiang <h.huangqiang@xxxxxxxxxx> > Date: Mon, 9 Jul 2012 14:05:09 +0800 > >> From: Yang Zhenzhang <yangzhenzhang@xxxxxxxxxx> >> >> Now, kernel allows each net namespace to independently set up its levels >> for tcp memory pressure thresholds. >> >> But it seems there is a bug, as using the following steps: >> >> [root@host socket]# lxc-start -n test -f config /bin/bash >> [root@net-test socket]# ip route add default via 192.168.58.2 >> [root@net-test socket]# echo 0 0 0 > /proc/sys/net/ipv4/tcp_mem >> [root@net-test socket]# scp root@192.168.58.174:/home/tcp_mem_test . >> >> and it still can transport the "tcp_mem_test" file which we hope it >> would not. >> >> It's because inet_init() (net/ipv4/af_inet.c)initialize the >> tcp_prot.sysctl_mem: >> tcp_prot.sysctl_mem = init_net.ipv4.sysctl_tcp_mem; >> >> So when the protocal is TCP, sk->sk_prot->sysctl_mem(following code) >> always use the ipv4 sysctl_tcp_mem of init_net namespace rather than >> it's own net namespace. >> This patch simply set "prot" equal to net->ipv4.sysctl_tcp_mem when >> the protocol type is TCP. >> >> Signed-off-by: Yang Zhenzhang <yangzhenzhang@xxxxxxxxxx> > > Another regression added by the socket memory cgroup code, BIG > SURPRISE. > Back from vacations: If I understand the submission correctly, this is not a regression, since it seems to be only happening when those values are set inside the network namespace - which was not possible before. In any case, I believe from what I can see that the fix is already in the way (haven't seen the whole backlog yet) _______________________________________________ Containers mailing list Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx https://lists.linuxfoundation.org/mailman/listinfo/containers
