diff options
author | Shan Wei <davidshan@tencent.com> | 2012-12-04 19:49:15 +0100 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2012-12-05 22:01:28 +0100 |
commit | ce46cc64d47a8afaf13c300b09a7f9c29f4979b6 (patch) | |
tree | 2fcaf39d15b41ee1f92f14eb8035f82eb80a5364 /kernel/range.c | |
parent | net/phy: Add interrupt support for dp83640 phy. (diff) | |
download | linux-ce46cc64d47a8afaf13c300b09a7f9c29f4979b6.tar.xz linux-ce46cc64d47a8afaf13c300b09a7f9c29f4979b6.zip |
net: neighbour: prohibit negative value for unres_qlen_bytes parameter
unres_qlen_bytes and unres_qlen are int type.
But multiple relation(unres_qlen_bytes = unres_qlen * SKB_TRUESIZE(ETH_FRAME_LEN))
will cause type overflow when seting unres_qlen. e.g.
$ echo 1027506 > /proc/sys/net/ipv4/neigh/eth1/unres_qlen
$ cat /proc/sys/net/ipv4/neigh/eth1/unres_qlen
1182657265
$ cat /proc/sys/net/ipv4/neigh/eth1/unres_qlen_bytes
-2147479756
The gutted value is not that we setting。
But user/administrator don't know this is caused by int type overflow.
what's more, it is meaningless and even dangerous that unres_qlen_bytes is set
with negative number. Because, for unresolved neighbour address, kernel will cache packets
without limit in __neigh_event_send()(e.g. (u32)-1 = 2GB).
Signed-off-by: Shan Wei <davidshan@tencent.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'kernel/range.c')
0 files changed, 0 insertions, 0 deletions