diff options
| author | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2013-02-21 17:07:14 +0100 |
|---|---|---|
| committer | Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> | 2013-02-21 17:07:14 +0100 |
| commit | e29371d762df5bb35d2bc434ea266a046e5a0a75 (patch) | |
| tree | dac4a8db52d92453415f35606130a49e9f32e4ef /net/core/neighbour.c | |
| parent | 17b14ca25e9cd6c5cd7605941f6120e405a84f8b (diff) | |
| parent | 894e2ac82bd0029adce7ad6c8d25501fdd82c994 (diff) | |
Merge branch 'master' of git://1984.lsi.us.es/nf
Diffstat (limited to 'net/core/neighbour.c')
| -rw-r--r-- | net/core/neighbour.c | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/net/core/neighbour.c b/net/core/neighbour.c index 22571488730..c815f285e5a 100644 --- a/net/core/neighbour.c +++ b/net/core/neighbour.c @@ -1787,8 +1787,7 @@ static int neightbl_fill_parms(struct sk_buff *skb, struct neigh_parms *parms) nla_put_u32(skb, NDTPA_QUEUE_LENBYTES, parms->queue_len_bytes) || /* approximative value for deprecated QUEUE_LEN (in packets) */ nla_put_u32(skb, NDTPA_QUEUE_LEN, - DIV_ROUND_UP(parms->queue_len_bytes, - SKB_TRUESIZE(ETH_FRAME_LEN))) || + parms->queue_len_bytes / SKB_TRUESIZE(ETH_FRAME_LEN)) || nla_put_u32(skb, NDTPA_PROXY_QLEN, parms->proxy_qlen) || nla_put_u32(skb, NDTPA_APP_PROBES, parms->app_probes) || nla_put_u32(skb, NDTPA_UCAST_PROBES, parms->ucast_probes) || @@ -2770,6 +2769,8 @@ EXPORT_SYMBOL(neigh_app_ns); #endif /* CONFIG_ARPD */ #ifdef CONFIG_SYSCTL +static int zero; +static int unres_qlen_max = INT_MAX / SKB_TRUESIZE(ETH_FRAME_LEN); static int proc_unres_qlen(ctl_table *ctl, int write, void __user *buffer, size_t *lenp, loff_t *ppos) @@ -2777,9 +2778,13 @@ static int proc_unres_qlen(ctl_table *ctl, int write, void __user *buffer, int size, ret; ctl_table tmp = *ctl; + tmp.extra1 = &zero; + tmp.extra2 = &unres_qlen_max; tmp.data = &size; - size = DIV_ROUND_UP(*(int *)ctl->data, SKB_TRUESIZE(ETH_FRAME_LEN)); - ret = proc_dointvec(&tmp, write, buffer, lenp, ppos); + + size = *(int *)ctl->data / SKB_TRUESIZE(ETH_FRAME_LEN); + ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos); + if (write && !ret) *(int *)ctl->data = size * SKB_TRUESIZE(ETH_FRAME_LEN); return ret; @@ -2865,7 +2870,8 @@ static struct neigh_sysctl_table { .procname = "unres_qlen_bytes", .maxlen = sizeof(int), .mode = 0644, - .proc_handler = proc_dointvec, + .extra1 = &zero, + .proc_handler = proc_dointvec_minmax, }, [NEIGH_VAR_PROXY_QLEN] = { .procname = "proxy_qlen", @@ -2987,6 +2993,10 @@ int neigh_sysctl_register(struct net_device *dev, struct neigh_parms *p, t->neigh_vars[NEIGH_VAR_BASE_REACHABLE_TIME_MS].extra1 = dev; } + /* Don't export sysctls to unprivileged users */ + if (neigh_parms_net(p)->user_ns != &init_user_ns) + t->neigh_vars[0].procname = NULL; + snprintf(neigh_path, sizeof(neigh_path), "net/%s/neigh/%s", p_name, dev_name_source); t->sysctl_header = |