inet: frags: fix ip6frag_low_thresh boundary

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Giving an integer to proc_doulongvec_minmax() is dangerous on 64bit arches,
since linker might place next to it a non zero value preventing a change
to ip6frag_low_thresh.

ip6frag_low_thresh is not used anymore in the kernel, but we do not
want to prematuraly break user scripts wanting to change it.

Since specifying a minimal value of 0 for proc_doulongvec_minmax()
is moot, let's remove these zero values in all defrag units.

Fixes: 6e00f7dd5e4e ("ipv6: frags: fix /proc/sys/net/ipv6/ip6frag_low_thresh")
Signed-off-by: Eric Dumazet <edumazet@google.com>
Reported-by: Maciej Żenczykowski <maze@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

authored by

Eric Dumazet and committed by

David S. Miller 8 years ago 3d234012 4b2e6877

+2 -9

4 changed files

expand all

net

ieee802154

6lowpan

reassembly.c

ipv4

ip_fragment.c

ipv6

netfilter

nf_conntrack_reasm.c

reassembly.c

-2

net/ieee802154/6lowpan/reassembly.c

··· 411 411 } 412 412 413 413 #ifdef CONFIG_SYSCTL 414 - static long zero; 415 414 416 415 static struct ctl_table lowpan_frags_ns_ctl_table[] = { 417 416 { ··· 427 428 .maxlen = sizeof(unsigned long), 428 429 .mode = 0644, 429 430 .proc_handler = proc_doulongvec_minmax, 430 - .extra1 = &zero, 431 431 .extra2 = &init_net.ieee802154_lowpan.frags.high_thresh 432 432 }, 433 433 {

+2 -3

net/ipv4/ip_fragment.c

··· 667 667 EXPORT_SYMBOL(ip_check_defrag); 668 668 669 669 #ifdef CONFIG_SYSCTL 670 - static long zero; 670 + static int dist_min; 671 671 672 672 static struct ctl_table ip4_frags_ns_ctl_table[] = { 673 673 { ··· 684 684 .maxlen = sizeof(unsigned long), 685 685 .mode = 0644, 686 686 .proc_handler = proc_doulongvec_minmax, 687 - .extra1 = &zero, 688 687 .extra2 = &init_net.ipv4.frags.high_thresh 689 688 }, 690 689 { ··· 699 700 .maxlen = sizeof(int), 700 701 .mode = 0644, 701 702 .proc_handler = proc_dointvec_minmax, 702 - .extra1 = &zero 703 + .extra1 = &dist_min, 703 704 }, 704 705 { } 705 706 };

-2

net/ipv6/netfilter/nf_conntrack_reasm.c

··· 55 55 static struct inet_frags nf_frags; 56 56 57 57 #ifdef CONFIG_SYSCTL 58 - static long zero; 59 58 60 59 static struct ctl_table nf_ct_frag6_sysctl_table[] = { 61 60 { ··· 70 71 .maxlen = sizeof(unsigned long), 71 72 .mode = 0644, 72 73 .proc_handler = proc_doulongvec_minmax, 73 - .extra1 = &zero, 74 74 .extra2 = &init_net.nf_frag.frags.high_thresh 75 75 }, 76 76 {

-2

net/ipv6/reassembly.c

··· 548 548 }; 549 549 550 550 #ifdef CONFIG_SYSCTL 551 - static int zero; 552 551 553 552 static struct ctl_table ip6_frags_ns_ctl_table[] = { 554 553 { ··· 564 565 .maxlen = sizeof(unsigned long), 565 566 .mode = 0644, 566 567 .proc_handler = proc_doulongvec_minmax, 567 - .extra1 = &zero, 568 568 .extra2 = &init_net.ipv6.frags.high_thresh 569 569 }, 570 570 {