Received: by 2002:a25:b323:0:0:0:0:0 with SMTP id l35csp959153ybj; Fri, 20 Sep 2019 02:48:31 -0700 (PDT) X-Google-Smtp-Source: APXvYqz/y1R1iaiwcWi1Y6O6UkAagF5ZUhwRKPTmG4DpibeUgT2P4xlXPtO4LXdr+sx5rwA/cXZt X-Received: by 2002:a17:906:b7c9:: with SMTP id fy9mr17757244ejb.237.1568972911478; Fri, 20 Sep 2019 02:48:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1568972911; cv=none; d=google.com; s=arc-20160816; b=gmVCzmMwMHeqaERTaB/iwoxppmkeWNd2StMOR29cB/OSA+C7f//JJAHtmtC/okoDwe b0B1oPUjO6BZm0FfSd03IrFPGmIi/0hN64NmPG3FoewgnyftmJihJQITkOTfgVK692GH pb3cHyHl5shqo1PtFws76pH7crolKVTfJvAh1FyC/TXC9xoKNhrzu12OpPrq/8XOWuW+ 9mmpJAUdfUxiNnBxNXeSeiF5yYFMIckxonh4Pbu+2BwDJt5qAPNpHQijN9iU4k4rOK3I GpjULqOxfnpgxZVDDSB6+IQiQHdiZt8EfHowf2HjYaon9tkRP0gjx25V+lP9Moz6nhyq AnkQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :user-agent:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=fcxgKh51NBEkOwOZG8DlDDIoL5zSEs6aMrnCE+v+rVc=; b=nsL9EDOIDrs/fl4Sj72m3MmJaPKJ/rglxSg0l66efxf+SCvIM6d0St0mw/b97miEvo daP/BIMyRpBJHO6tGQcLPTC6LCt9SlJwct7+kTcVcdvHUg+UvqO8IfPMgtTBW1cVokVr hzY43fXIZkaCAdu7ac6Qlrm6U841l3wQ8n4Fb6+e0XbAQoZRPTA3NHfJJs5xXhb5xP1h ARG/J/vv115RiEuQlDGavT0HVBQAFYYVgwkNnr8WiY/a0ZqQdytBTu+tz5yyDThiWTN1 Cl7ysdIAcQ89JEDWhwdolsjEGGNyoynD0yuCHwzHdpe0HBpwnD236AS7CNQBEPcx9C48 v+4g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=JuDDgckm; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id n6si963142edq.228.2019.09.20.02.48.06; Fri, 20 Sep 2019 02:48:31 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=JuDDgckm; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S2405784AbfISWKw (ORCPT + 99 others); Thu, 19 Sep 2019 18:10:52 -0400 Received: from mail.kernel.org ([198.145.29.99]:49380 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S2405772AbfISWKu (ORCPT ); Thu, 19 Sep 2019 18:10:50 -0400 Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id B59B021927; Thu, 19 Sep 2019 22:10:49 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1568931050; bh=pR3CzoiP/l4u9WXOivvJeklVRs9Y9Mr9UyzMcf/eFN0=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=JuDDgckm3tufovLwSqnJYNDgVcksx05v98FV0LT4yQm4Q6BhvV48xLu8zXjymR/7M 4xY56C7Hm+ADdvxIzO9AhBSVUp4By0MlCGBmv2yrtlyMT0qOrgmkAqJhFo5t/nonAJ rtsstb3PnppKZBPrGAIFIz5tBWk5eXnf7rGy+GPE= From: Greg Kroah-Hartman To: linux-kernel@vger.kernel.org Cc: Greg Kroah-Hartman , stable@vger.kernel.org, Shmulik Ladkani , Florian Westphal , Pablo Neira Ayuso , Sasha Levin Subject: [PATCH 5.2 077/124] netfilter: conntrack: make sysctls per-namespace again Date: Fri, 20 Sep 2019 00:02:45 +0200 Message-Id: <20190919214821.809312471@linuxfoundation.org> X-Mailer: git-send-email 2.23.0 In-Reply-To: <20190919214819.198419517@linuxfoundation.org> References: <20190919214819.198419517@linuxfoundation.org> User-Agent: quilt/0.66 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Florian Westphal [ Upstream commit 478553fd1b6f819390b64a2e13ac756c4d1a2836 ] When I merged the extension sysctl tables with the main one I forgot to reset them on netns creation. They currently read/write init_net settings. Fixes: d912dec12428 ("netfilter: conntrack: merge acct and helper sysctl table with main one") Fixes: cb2833ed0044 ("netfilter: conntrack: merge ecache and timestamp sysctl tables with main one") Reported-by: Shmulik Ladkani Signed-off-by: Florian Westphal Signed-off-by: Pablo Neira Ayuso Signed-off-by: Sasha Levin --- net/netfilter/nf_conntrack_standalone.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/net/netfilter/nf_conntrack_standalone.c b/net/netfilter/nf_conntrack_standalone.c index e0d392cb3075a..0006503d2da97 100644 --- a/net/netfilter/nf_conntrack_standalone.c +++ b/net/netfilter/nf_conntrack_standalone.c @@ -1037,8 +1037,13 @@ static int nf_conntrack_standalone_init_sysctl(struct net *net) table[NF_SYSCTL_CT_COUNT].data = &net->ct.count; table[NF_SYSCTL_CT_CHECKSUM].data = &net->ct.sysctl_checksum; table[NF_SYSCTL_CT_LOG_INVALID].data = &net->ct.sysctl_log_invalid; + table[NF_SYSCTL_CT_ACCT].data = &net->ct.sysctl_acct; + table[NF_SYSCTL_CT_HELPER].data = &net->ct.sysctl_auto_assign_helper; #ifdef CONFIG_NF_CONNTRACK_EVENTS table[NF_SYSCTL_CT_EVENTS].data = &net->ct.sysctl_events; +#endif +#ifdef CONFIG_NF_CONNTRACK_TIMESTAMP + table[NF_SYSCTL_CT_TIMESTAMP].data = &net->ct.sysctl_tstamp; #endif table[NF_SYSCTL_CT_PROTO_TIMEOUT_GENERIC].data = &nf_generic_pernet(net)->timeout; table[NF_SYSCTL_CT_PROTO_TIMEOUT_ICMP].data = &nf_icmp_pernet(net)->timeout; -- 2.20.1