Re: [PATCH v5 3/4] ipv4: Namespaceify tcp_fastopen_key knob

From: David Miller
Date: Thu Sep 28 2017 - 13:48:00 EST

Next message: David Miller: "Re: [PATCH v5 4/4] ipv4: Namespaceify tcp_fastopen_blackhole_timeout knob"
Previous message: David Miller: "Re: [PATCH v5 2/4] ipv4: Remove the 'publish' logic in tcp_fastopen_init_key_once"
In reply to: Haishuang Yan: "[PATCH v5 3/4] ipv4: Namespaceify tcp_fastopen_key knob"
Next in thread: Haishuang Yan: "[PATCH v5 4/4] ipv4: Namespaceify tcp_fastopen_blackhole_timeout knob"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>
Date: Wed, 27 Sep 2017 11:35:42 +0800

> Different namespace application might require different tcp_fastopen_key
> independently of the host.
>
> David Miller pointed out there is a leak without releasing the context
> of tcp_fastopen_key during netns teardown. So add the release action in
> exit_batch path.
>
> Tested:
> 1. Container namespace:
> # cat /proc/sys/net/ipv4/tcp_fastopen_key:
> 2817fff2-f803cf97-eadfd1f3-78c0992b
>
> cookie key in tcp syn packets:
> Fast Open Cookie
> Kind: TCP Fast Open Cookie (34)
> Length: 10
> Fast Open Cookie: 1e5dd82a8c492ca9
>
> 2. Host:
> # cat /proc/sys/net/ipv4/tcp_fastopen_key:
> 107d7c5f-68eb2ac7-02fb06e6-ed341702
>
> cookie key in tcp syn packets:
> Fast Open Cookie
> Kind: TCP Fast Open Cookie (34)
> Length: 10
> Fast Open Cookie: e213c02bf0afbc8a
>
> Signed-off-by: Haishuang Yan <yanhaishuang@xxxxxxxxxxxxxxxxxxxx>

Applied.

Next message: David Miller: "Re: [PATCH v5 4/4] ipv4: Namespaceify tcp_fastopen_blackhole_timeout knob"
Previous message: David Miller: "Re: [PATCH v5 2/4] ipv4: Remove the 'publish' logic in tcp_fastopen_init_key_once"
In reply to: Haishuang Yan: "[PATCH v5 3/4] ipv4: Namespaceify tcp_fastopen_key knob"
Next in thread: Haishuang Yan: "[PATCH v5 4/4] ipv4: Namespaceify tcp_fastopen_blackhole_timeout knob"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]