lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 17 Apr 2019 10:46:47 -0700 (PDT)
From:   David Miller <davem@...emloft.net>
To:     ssuryaextr@...il.com
Cc:     netdev@...r.kernel.org, brouer@...hat.com
Subject: Re: [PATCH net-next,v2] ipv6: Add rate limit mask for ICMPv6
 messages

From: Stephen Suryaputra <ssuryaextr@...il.com>
Date: Mon, 15 Apr 2019 20:31:57 -0400

> @@ -850,6 +850,14 @@ static int __net_init inet6_net_init(struct net *net)
>  	net->ipv6.sysctl.icmpv6_echo_ignore_all = 0;
>  	net->ipv6.sysctl.icmpv6_echo_ignore_multicast = 0;
>  	net->ipv6.sysctl.icmpv6_echo_ignore_anycast = 0;
> +	net->ipv6.sysctl.icmpv6_ratemask = kzalloc(ICMPV6_MSG_MAX + 1, GFP_KERNEL);
> +	if (net->ipv6.sysctl.icmpv6_ratemask) {
> +		/* By default, rate limit error messages.
> +		 * Except for pmtu discovery, it would break it.
> +		 */
> +		bitmap_set(net->ipv6.sysctl.icmpv6_ratemask, 0, ICMPV6_ERRMSG_MAX + 1);
> +		bitmap_clear(net->ipv6.sysctl.icmpv6_ratemask, ICMPV6_PKT_TOOBIG, 1);
> +	}

You're allocating space for ICMPV6_MSG_MAX + 1 "bytes" but you only need enough space
for that many "bits".  Which is just four 64-bit words, so you can probably inline it.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ