Commit aa869b6e authored by Antoine Tenart's avatar Antoine Tenart Committed by Zheng Zengkai
Browse files

netfilter: ipvs: make global sysctl readonly in non-init netns 

stable inclusion
from stable-5.10.76
commit 9c8943812dace238ec49fd62e599aad196a583c6
bugzilla: 182988 https://gitee.com/openeuler/kernel/issues/I4IAHF

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=9c8943812dace238ec49fd62e599aad196a583c6



--------------------------------

[ Upstream commit 174c3762 ]

Because the data pointer of net/ipv4/vs/debug_level is not updated per
netns, it must be marked as read-only in non-init netns.

Fixes: c6d2d445 ("IPVS: netns, final patch enabling network name space.")
Signed-off-by: default avatarAntoine Tenart <atenart@kernel.org>
Acked-by: default avatarJulian Anastasov <ja@ssi.bg>
Signed-off-by: default avatarPablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
Signed-off-by: default avatarChen Jun <chenjun102@huawei.com>
Acked-by: default avatarWeilong Chen <chenweilong@huawei.com>

Signed-off-by: default avatarChen Jun <chenjun102@huawei.com>
Signed-off-by: default avatarZheng Zengkai <zhengzengkai@huawei.com>
parent 79c8f96e
Show whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment