netns sysctl isolation

[Krzysztof Kozlowski]

On 26/05/2021 10:07, Krzysztof Kozlowski wrote:
> On 25/05/2021 01:11, Jonathon Reinhart wrote:
>> Hello Ubuntu kernel team,
>>
>> I have recently gone about ensuring that all 'net' sysctls are
>> properly isolated within kernel network namespaces. In doing so, I
>> fixed three Linux kernel bugs in mainline and backported to all
>> relevant LTS kernels.
>>
>> The README on this GitHub project should provide all relevant
>> information about the motivation, bugs, and fixes:
>> https://github.com/JonathonReinhart/linux-netns-sysctl-verify
>>
>> I have confirmed the the following Ubuntu kernels exhibit these bugs:
>>
>> Ubuntu 18.04 (bionic) 4.15.0-143-generic exhibits "Bug 1", and "Bug 3".
>> Ubuntu 20.04 (focal): 5.4.0-73-generic exhibits "Bug 1", and "Bug 3".
>> Ubuntu 20.10 (groovy) 5.8.0-53-generic exhibits "Bug 1", "Bug 2", and "Bug 3".
>> Ubuntu 21.04 (hirsute) 5.11.0-17-generic exhibis "Bug 1", "Bug 2", and "Bug 3".
>>
>> My questions for you
> 
> Hi Jonathon,
> 
> Thanks for letting us now, we appreciate it. Nice work upstream!
> 
>> What is the best way to go about getting these fixes backported to the
>> Ubuntu kernels?
>>
>> Is this something the Ubuntu kernel team will pick up on their own?
>> (I'm guessing not, since these kernels don't track upstream stable.)
> 
> The kernels which follow LTS will get it via upstream stable. For the
> kernels we maintain, we will likely take it manually from the upstream
> however separate submission/fix is also highly welcomed.
> 

Ah, and actual answer to your questions:

>> Is this something the kernel team can handle with the provided
>> information, or should I submit patches? 

The provided information is enough although the patches are welcomed.

>> If the latter, are these the
>> kernels for which I should submit patches? And are they submitted to
>> this mailing list?

Yes, to this one.

Best regards,
Krzysztof