lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <b39454ab-3a4c-4dca-8446-c80afff18f41@gmail.com>
Date: Tue, 27 Jan 2026 19:00:58 +0100
From: Justin Iurman <justin.iurman@...il.com>
To: Tom Herbert <tom@...bertland.com>, davem@...emloft.net, kuba@...nel.org,
 netdev@...r.kernel.org
Subject: Re: [PATCH net-next v5 7/7] ipv6: Document enforce_ext_hdr_order
 sysctl

On 1/26/26 20:48, Tom Herbert wrote:
> Document the enforce_ext_hdr_order sysctl that controls whether
> Extension Header order is enforced on receive.
> 
> Signed-off-by: Tom Herbert <tom@...bertland.com>
> ---
>   Documentation/networking/ip-sysctl.rst | 28 ++++++++++++++++++++++++++
>   1 file changed, 28 insertions(+)
> 
> diff --git a/Documentation/networking/ip-sysctl.rst b/Documentation/networking/ip-sysctl.rst
> index 4f568b0e39d2..1b12b955fa34 100644
> --- a/Documentation/networking/ip-sysctl.rst
> +++ b/Documentation/networking/ip-sysctl.rst
> @@ -2581,6 +2581,34 @@ ioam6_id_wide - LONG INTEGER
>   
>           Default: 0xFFFFFFFFFFFFFF
>   
> +enforce_ext_hdr_order - BOOLEAN
> +	Enforce recommended Extension Header ordering in RFC8200.
> +	If the sysctl is set to 1 then the ordering the ordering is

Reported by AI:
s/the ordering the ordering/the ordering

> +	enforced in received packets and each Extension Header
> +	may be present at most once per packet. If the sysctl is
> +	set to 0 then ordering is not enforced and Extension Headers
> +	may be present in any order and have any number of
> +	occurences per packet (except for Hop-by-Hop Options).


Reported by AI:
s/occurences/occurrences

> +
> +	The Extension Header order is:
> +
> +	    IPv6 header
> +	    Hop-by-Hop Options header
> +	    Destination Options before the Routing header
> +	    Routing header
> +	    Fragment header
> +	    Authentication header
> +	    Encapsulating Security Payload header
> +	    Destination Options header
> +	    Upper-Layer header
> +
> +	Possible values:
> +
> +	- 0 (disabled)
> +	- 1 (enabled)
> +
> +	Default: 1 (enabled)
> +
>   IPv6 Fragmentation:
>   
>   ip6frag_high_thresh - INTEGER

Reviewed-by: Justin Iurman <justin.iurman@...il.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ