On Sun, Apr 18, 2021 at 8:46 AM gregkh@linuxfoundation.org wrote:
This is a note to let you know that I've just added the patch titled
net: Make tcp_allowed_congestion_control readonly in non-init netnsto the 5.10-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git%3Ba=su...
The filename of the patch is: net-make-tcp_allowed_congestion_control-readonly-in-non-init-netns.patch and it can be found in the queue-5.10 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree, please let stable@vger.kernel.org know about it.
From 97684f0970f6e112926de631fdd98d9693c7e5c1 Mon Sep 17 00:00:00 2001 From: Jonathon Reinhart jonathon.reinhart@gmail.com Date: Tue, 13 Apr 2021 03:08:48 -0400 Subject: net: Make tcp_allowed_congestion_control readonly in non-init netns
From: Jonathon Reinhart jonathon.reinhart@gmail.com
commit 97684f0970f6e112926de631fdd98d9693c7e5c1 upstream.
Hi Greg,
Thanks for picking this into the stable trees.
There's an earlier, somewhat related fix, which is only on net-next:
2671fa4dc010 ("netfilter: conntrack: Make global sysctls readonly in non-init netns")
That probably could have been on "net", but it followed this other commit which was not strictly a bug-fix. It's additional logic to detect bugs like the former:
31c4d2f160eb ("net: Ensure net namespace isolation of sysctls")
Here's the series on Patchwork: https://patchwork.kernel.org/project/netdevbpf/cover/20210412042453.32168-1-...
I'm not yet sure where the threshold is for inclusion into "net" or "stable". Could you please take a look and see if the first (or both) of these should be included into the stable trees? If so, please feel free to pick them yourself, or let me know which patches I should send to "stable".
Thanks! Jonathon Reinhart