| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 30 Jul 2015 15:57:00 -0700 (PDT)
From: David Miller <davem@...emloft.net>
To: hideaki.yoshifuji@...aclelinux.com
Cc: liuhangbin@...il.com, netdev@...r.kernel.org, davem@...emloft.com,
hannes@...essinduktion.org
Subject: Re: [[PATCH net-next v5] net/ipv6: add sysctl option
accept_ra_min_hop_limit
From: YOSHIFUJI Hideaki <hideaki.yoshifuji@...aclelinux.com>
Date: Thu, 30 Jul 2015 15:34:21 +0900
> Hangbin Liu wrote:
>> Commit 6fd99094de2b ("ipv6: Don't reduce hop limit for an interface")
>> disabled accept hop limit from RA if it is smaller than the current hop
>> limit for security stuff. But this behavior kind of break the RFC definition.
>>
>> RFC 4861, 6.3.4. Processing Received Router Advertisements
>> A Router Advertisement field (e.g., Cur Hop Limit, Reachable Time,
>> and Retrans Timer) may contain a value denoting that it is
>> unspecified. In such cases, the parameter should be ignored and the
>> host should continue using whatever value it is already using.
>>
>> If the received Cur Hop Limit value is non-zero, the host SHOULD set
>> its CurHopLimit variable to the received value.
>>
>> So add sysctl option accept_ra_min_hop_limit to let user choose the minimum
>> hop limit value they can accept from RA. And set default to 1 to meet RFC
>> standards.
>>
>> Signed-off-by: Hangbin Liu <liuhangbin@...il.com>
>
> Acked-by: YOSHIFUJI Hideaki <hideaki.yoshifuji@...aclelinux.com>
Applied, thanks everyone.
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists