lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20071114021131.GB2523@verge.net.au>
Date:	Tue, 13 Nov 2007 18:12:18 -0800
From:	Simon Horman <horms@...ge.net.au>
To:	David Miller <davem@...emloft.net>
Cc:	borntraeger@...ibm.com, netdev@...r.kernel.org,
	ebiederm@...ssion.com, wensong@...ux-vs.org, ja@....bg
Subject: Re: [PATCH] IPVS: Fix sysctl warnings about missing strategy

On Tue, Nov 13, 2007 at 02:45:00AM -0800, David Miller wrote:
> From: Christian Borntraeger <borntraeger@...ibm.com>
> Date: Tue, 13 Nov 2007 11:29:58 +0100
> 
> > Running the latest git code I get the following messages during boot:
> > sysctl table check failed: /net/ipv4/vs/drop_entry .3.5.21.4 Missing strategy
> > [...]		  
> > sysctl table check failed: /net/ipv4/vs/drop_packet .3.5.21.5 Missing strategy
> > [...]
> > sysctl table check failed: /net/ipv4/vs/secure_tcp .3.5.21.6 Missing strategy
> > [...]
> > sysctl table check failed: /net/ipv4/vs/sync_threshold .3.5.21.24 Missing strategy
> > 
> > I removed the binary sysctl handler for those messages and also removed
> > the definitions in ip_vs.h. The alternative would be to implement a 
> > proper strategy handler, but syscall sysctl is deprecated.
> > 
> > There are other sysctl definitions that are commented out or work with 
> > the default sysctl_data strategy. I did not touch these. 
> > 
> > Eric, IPVS team, are you ok with that change?
> > 
> > CC: Eric W. Biederman <ebiederm@...ssion.com>
> > CC: Wensong Zhang <wensong@...ux-vs.org>
> > CC: Simon Horman <horms@...ge.net.au>
> > CC: Julian Anastasov <ja@....bg>
> > Signed-off-by: Christian Borntraeger <borntraeger@...ibm.com>
> 
> Simon planned to make a similar change to dice all of this
> stuff up.  He is travelling currently, and I think it's
> reasonable to give him some time to get to it.

Hi Christian, Hi Dave,

I have indeed been looking into this of late. Assuming that you use of
CTL_UNNUMBERED is correct, this patch looks fine to me.  Acked.

I was planning to do the same and also switch over all the other entries
over to use CTL_UNNUMBERED, as its hard to imagine that anyone is using
the sys_sysctl interface to IPVS.

As for the commented out entries. They are supposed to be exposed by
some other means - I believe the thinking was to comply with the don't
expose stuff in proc any more idea. Where is the best place to expose
this kind of stuff?

Lastly, as Dave mentions, I'm travelling this week, so please
excuse any slowness.

-- 
Horms
  H: http://www.vergenet.net/~horms/
  W: http://www.valinux.co.jp/en/

-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ