lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Wed, 20 Jul 2022 10:26:03 +0200
From:   Nicolas Dichtel <nicolas.dichtel@...nd.com>
To:     Jaehee Park <jhpark1013@...il.com>, netdev@...r.kernel.org
Cc:     davem@...emloft.net, yoshfuji@...ux-ipv6.org, dsahern@...nel.org,
        dsahern@...il.com, edumazet@...gle.com, kuba@...nel.org,
        pabeni@...hat.com, shuah@...nel.org, linux-kernel@...r.kernel.org,
        aajith@...sta.com, roopa@...dia.com, roopa.prabhu@...il.com,
        aroulin@...dia.com, sbrivio@...hat.com
Subject: Re: [PATCH net-next] net: ipv6: avoid accepting values greater than 2
 for accept_untracked_na


Le 20/07/2022 à 08:52, Jaehee Park a écrit :
> The accept_untracked_na sysctl changed from a boolean to an integer
> when a new knob '2' was added. This patch provides a safeguard to avoid
> accepting values that are not defined in the sysctl. When setting a
> value greater than 2, the user will get an 'invalid argument' warning.
> 
> Signed-off-by: Jaehee Park <jhpark1013@...il.com>
> Suggested-by: Nicolas Dichtel <nicolas.dichtel@...nd.com>
> Suggested-by: Roopa Prabhu <roopa@...dia.com>
> ---
>  net/ipv6/addrconf.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c
> index 6ed807b6c647..d3e77ea24f05 100644
> --- a/net/ipv6/addrconf.c
> +++ b/net/ipv6/addrconf.c
> @@ -7042,9 +7042,9 @@ static const struct ctl_table addrconf_sysctl[] = {
>  		.data		= &ipv6_devconf.accept_untracked_na,
>  		.maxlen		= sizeof(int),
>  		.mode		= 0644,
> -		.proc_handler	= proc_dointvec,
> +		.proc_handler	= proc_dointvec_minmax,
>  		.extra1		= (void *)SYSCTL_ZERO,
> -		.extra2		= (void *)SYSCTL_ONE,
> +		.extra2		= (void *)SYSCTL_TWO,
Nit: the cast is useless:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/include/linux/sysctl.h#n40


Regards,
Nicolas

Powered by blists - more mailing lists