| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <m2ikx2dem4.fsf@chopps.org>
Date: Thu, 18 Jul 2024 06:15:07 -0700
From: Christian Hopps <chopps@...pps.org>
To: Sabrina Dubroca <sd@...asysnail.net>
Cc: Christian Hopps <chopps@...pps.org>, devel@...ux-ipsec.org, Steffen
Klassert <steffen.klassert@...unet.com>, netdev@...r.kernel.org, Christian
Hopps <chopps@...n.net>
Subject: Re: [PATCH ipsec-next v5 04/17] xfrm: sysctl: allow configuration
of global default values
Sabrina Dubroca <sd@...asysnail.net> writes:
> 2024-07-14, 16:22:32 -0400, Christian Hopps wrote:
>> diff --git a/net/xfrm/xfrm_sysctl.c b/net/xfrm/xfrm_sysctl.c
>> index ca003e8a0376..b70bb91d6984 100644
>> --- a/net/xfrm/xfrm_sysctl.c
>> +++ b/net/xfrm/xfrm_sysctl.c
>> @@ -10,34 +10,50 @@ static void __net_init __xfrm_sysctl_init(struct net *net)
>> net->xfrm.sysctl_aevent_rseqth = XFRM_AE_SEQT_SIZE;
>> net->xfrm.sysctl_larval_drop = 1;
>> net->xfrm.sysctl_acq_expires = 30;
>> +#if IS_ENABLED(CONFIG_XFRM_IPTFS)
>> + net->xfrm.sysctl_iptfs_max_qsize = 1024 * 1024; /* 1M */
>> + net->xfrm.sysctl_iptfs_drop_time = 1000000; /* 1s */
>> + net->xfrm.sysctl_iptfs_init_delay = 0; /* no initial delay */
>> + net->xfrm.sysctl_iptfs_reorder_window = 3; /* tcp folks suggested */
>> +#endif
>> }
>>
>> #ifdef CONFIG_SYSCTL
>> static struct ctl_table xfrm_table[] = {
>> - {
>> - .procname = "xfrm_aevent_etime",
>> - .maxlen = sizeof(u32),
>> - .mode = 0644,
>> - .proc_handler = proc_douintvec
>> - },
>> - {
>> - .procname = "xfrm_aevent_rseqth",
>> - .maxlen = sizeof(u32),
>> - .mode = 0644,
>> - .proc_handler = proc_douintvec
>> - },
>> - {
>> - .procname = "xfrm_larval_drop",
>> - .maxlen = sizeof(int),
>> - .mode = 0644,
>> - .proc_handler = proc_dointvec
>> - },
>> - {
>> - .procname = "xfrm_acq_expires",
>> - .maxlen = sizeof(int),
>> - .mode = 0644,
>> - .proc_handler = proc_dointvec
>> - },
>> + { .procname = "xfrm_aevent_etime",
>> + .maxlen = sizeof(u32),
>> + .mode = 0644,
>> + .proc_handler = proc_douintvec },
>> + { .procname = "xfrm_aevent_rseqth",
>> + .maxlen = sizeof(u32),
>> + .mode = 0644,
>> + .proc_handler = proc_douintvec },
>> + { .procname = "xfrm_larval_drop",
>> + .maxlen = sizeof(int),
>> + .mode = 0644,
>> + .proc_handler = proc_dointvec },
>> + { .procname = "xfrm_acq_expires",
>> + .maxlen = sizeof(int),
>> + .mode = 0644,
>> + .proc_handler = proc_dointvec },
>> +#if IS_ENABLED(CONFIG_XFRM_IPTFS)
>> + { .procname = "xfrm_iptfs_drop_time",
>> + .maxlen = sizeof(uint),
>> + .mode = 0644,
>> + .proc_handler = proc_douintvec },
>> + { .procname = "xfrm_iptfs_init_delay",
>> + .maxlen = sizeof(uint),
>> + .mode = 0644,
>> + .proc_handler = proc_douintvec },
>> + { .procname = "xfrm_iptfs_max_qsize",
>> + .maxlen = sizeof(uint),
>> + .mode = 0644,
>> + .proc_handler = proc_douintvec },
>> + { .procname = "xfrm_iptfs_reorder_window",
>> + .maxlen = sizeof(uint),
>> + .mode = 0644,
>> + .proc_handler = proc_douintvec },
>> +#endif
>
> What happened here?
Sigh, overly aggressive clang-format happened here, and I missed it. Will fix.
Thanks,
Chris.
Download attachment "signature.asc" of type "application/pgp-signature" (858 bytes)
Powered by blists - more mailing lists