[LTP] [PATCH v1] cve: icmp_rate_limit: set icmp_msgs_burst within network namespace

[Wei Gao]

When network namespaces are used, the kernel resets network sysctls to
their default values. This makes the global .save_restore for
icmp_msgs_burst ineffective for tests that enter a new network
namespace (e.g. via tst_setup_netns() or manual unshare).

Moving the sysctl configuration into the child namespace ensures the
test always runs with the expected burst value of 50, regardless of the
kernel defaults (which were increased to 10000 in newer versions).

Fixes: 8e919bfb2ab0 ("cve: icmp_rate_limit: Make sure icmp_msgs_burst = 50")
Signed-off-by: Wei Gao <wegao@suse.com>
---
 testcases/cve/icmp_rate_limit01.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/testcases/cve/icmp_rate_limit01.c b/testcases/cve/icmp_rate_limit01.c
index 78480cea6..5193c5dfd 100644
--- a/testcases/cve/icmp_rate_limit01.c
+++ b/testcases/cve/icmp_rate_limit01.c
@@ -62,6 +62,8 @@ static void setup(void)
 	/* Do NOT close this FD, or both interfaces will be destroyed */
 	childns = SAFE_OPEN("/proc/self/ns/net", O_RDONLY);
 
+	SAFE_FILE_PRINTF("/proc/sys/net/ipv4/icmp_msgs_burst", "50");
+
 	/* Configure child namespace */
 	CREATE_VETH_PAIR("ltp_veth1", "ltp_veth2");
 	NETDEV_ADD_ADDRESS_INET("ltp_veth2", htonl(DSTADDR), NETMASK,
@@ -255,7 +257,6 @@ static struct tst_test test = {
 	},
 	.save_restore = (const struct tst_path_val[]) {
 		{"/proc/sys/user/max_user_namespaces", "1024", TST_SR_SKIP},
-		{"/proc/sys/net/ipv4/icmp_msgs_burst", "50", TST_SR_TBROK},
 		{}
 	},
 	.tags = (const struct tst_tag[]) {
-- 
2.52.0