On Fri, Nov 25, 2022 at 08:11:27PM +0800, Firo Yang wrote: > Recently, a customer reported that from their container whose > net namespace is different to the host's init_net, they can't set > the container's net.sctp.rto_max to any value smaller than > init_net.sctp.rto_min. > > For instance, > Host: > sudo sysctl net.sctp.rto_min > net.sctp.rto_min = 1000 > > Container: > echo 100 > /mnt/proc-net/sctp/rto_min > echo 400 > /mnt/proc-net/sctp/rto_max > echo: write error: Invalid argument > > This is caused by the check made from this'commit 4f3fdf3bc59c > ("sctp: add check rto_min and rto_max in sysctl")' > When validating the input value, it's always referring the boundary > value set for the init_net namespace. > > Having container's rto_max smaller than host's init_net.sctp.rto_min > does make sense. Consider that the rto between two containers on the > same host is very likely smaller than it for two hosts. > > So to fix this problem, as suggested by Marcelo, this patch makes the > extra pointers of rto_min, rto_max, pf_retrans, and ps_retrans point > to the corresponding variables from the newly created net namespace while > the new net namespace is being registered in sctp_sysctl_net_register. > > Fixes: 4f3fdf3bc59c ("sctp: add check rto_min and rto_max in sysctl") > Reviewed-by: Marcelo Ricardo Leitner <marcelo.leitner@xxxxxxxxx> > Signed-off-by: Firo Yang <firo.yang@xxxxxxxx> and Acked-by: Marcelo Ricardo Leitner <marcelo.leitner@xxxxxxxxx> Thanks Firo.