netns sysctl isolation
Jonathon Reinhart
jonathon.reinhart at gmail.com
Tue May 25 05:11:39 UTC 2021
Hello Ubuntu kernel team,
I have recently gone about ensuring that all 'net' sysctls are
properly isolated within kernel network namespaces. In doing so, I
fixed three Linux kernel bugs in mainline and backported to all
relevant LTS kernels.
The README on this GitHub project should provide all relevant
information about the motivation, bugs, and fixes:
https://github.com/JonathonReinhart/linux-netns-sysctl-verify
I have confirmed the the following Ubuntu kernels exhibit these bugs:
Ubuntu 18.04 (bionic) 4.15.0-143-generic exhibits "Bug 1", and "Bug 3".
Ubuntu 20.04 (focal): 5.4.0-73-generic exhibits "Bug 1", and "Bug 3".
Ubuntu 20.10 (groovy) 5.8.0-53-generic exhibits "Bug 1", "Bug 2", and "Bug 3".
Ubuntu 21.04 (hirsute) 5.11.0-17-generic exhibis "Bug 1", "Bug 2", and "Bug 3".
My questions for you
What is the best way to go about getting these fixes backported to the
Ubuntu kernels?
Is this something the Ubuntu kernel team will pick up on their own?
(I'm guessing not, since these kernels don't track upstream stable.)
Is this something the kernel team can handle with the provided
information, or should I submit patches? If the latter, are these the
kernels for which I should submit patches? And are they submitted to
this mailing list?
Thank you,
Jonathon Reinhart
More information about the kernel-team
mailing list