| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 10 Sep 2015 11:19:04 +0200 From: Sabrina Dubroca <sd@...asysnail.net> To: Hangbin Liu <liuhangbin@...il.com> Cc: David Miller <davem@...emloft.net>, Florian Westphal <fw@...len.de>, network dev <netdev@...r.kernel.org>, 吉藤英明 <hideaki.yoshifuji@...aclelinux.com> Subject: Re: [PATCH net-next] Revert "net/ipv6: add sysctl option accept_ra_min_hop_limit" Hello, 2015-09-10, 10:54:38 +0800, Hangbin Liu wrote: > > Can we still modify the behavior of this sysctl? It's already been in > > Linus's tree for a while, but if we can, I would rather restrict the > > values we let the user write to accept_ra_min_hop_limit, as anything > > outside [0..255] does not really make sense. > > Yes, so the checked if (in6_dev->cnf.accept_ra_min_hop_limit < 256 && > ra_msg->icmph.icmp6_hop_limit) make sure we only update the value between > [1..255]. I was thinking of returning -EINVAL when the user tries to set it to 300, using proc_dointvec_minmax. > > Allowing an RA to update the hop limit if > > > > current hop limit < RA.hop_limit < accept_ra_min_hop_limit > > > > might also be desirable, but I'm not so sure about this case. > > Yes, and we also should allow an RA to update the hop limit if > > accept_ra_min_hop_limit <= RA.hop_limit < current hop limit > > e.g accept_ra_min_hop_limit = RA.hop_limit =64, current hop limit = 128 Yes, that's what we're doing at the moment, and I would leave it as is. Thanks, -- Sabrina -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists