1
linux/net/core
Roman Gushchin 5f671d6b4e net: check net.core.somaxconn sysctl values
It's possible to assign an invalid value to the net.core.somaxconn
sysctl variable, because there is no checks at all.

The sk_max_ack_backlog field of the sock structure is defined as
unsigned short. Therefore, the backlog argument in inet_listen()
shouldn't exceed USHRT_MAX. The backlog argument in the listen() syscall
is truncated to the somaxconn value. So, the somaxconn value shouldn't
exceed 65535 (USHRT_MAX).
Also, negative values of somaxconn are meaningless.

before:
$ sysctl -w net.core.somaxconn=256
net.core.somaxconn = 256
$ sysctl -w net.core.somaxconn=65536
net.core.somaxconn = 65536
$ sysctl -w net.core.somaxconn=-100
net.core.somaxconn = -100

after:
$ sysctl -w net.core.somaxconn=256
net.core.somaxconn = 256
$ sysctl -w net.core.somaxconn=65536
error: "Invalid argument" setting key "net.core.somaxconn"
$ sysctl -w net.core.somaxconn=-100
error: "Invalid argument" setting key "net.core.somaxconn"

Based on a prior patch from Changli Gao.

Signed-off-by: Roman Gushchin <klamm@yandex-team.ru>
Reported-by: Changli Gao <xiaosuo@gmail.com>
Suggested-by: Eric Dumazet <edumazet@google.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
2013-08-02 15:18:53 -07:00
..
datagram.c net: rename include/net/ll_poll.h to include/net/busy_poll.h 2013-07-10 17:08:27 -07:00
dev_addr_lists.c net/core: dev_mc_sync_multiple calls wrong helper 2013-05-31 16:56:56 -07:00
dev_ioctl.c net: fix kernel deadlock with interface rename and netdev name retrieval. 2013-06-26 13:42:54 -07:00
dev.c vlan: mask vlan prio bits 2013-07-18 13:05:23 -07:00
drop_monitor.c net: pass info struct via netdevice notifier 2013-05-28 13:11:01 -07:00
dst.c net: pass info struct via netdevice notifier 2013-05-28 13:11:01 -07:00
ethtool.c ethtool: fixed trailing statements in ethtool 2013-07-16 12:14:51 -07:00
fib_rules.c net: pass info struct via netdevice notifier 2013-05-28 13:11:01 -07:00
filter.c sock_diag: fix filter code sent to userspace 2013-06-10 22:23:32 -07:00
flow_dissector.c
flow.c net: delete __cpuinit usage from all net files 2013-07-14 19:36:58 -04:00
gen_estimator.c net_sched: add 64bit rate estimators 2013-06-11 02:51:03 -07:00
gen_stats.c net_sched: add 64bit rate estimators 2013-06-11 02:51:03 -07:00
iovec.c Hoist memcpy_fromiovec/memcpy_toiovec into lib/ 2013-05-20 10:24:22 +09:30
link_watch.c net: make all team port device link events urgent 2013-06-13 02:31:41 -07:00
Makefile
neighbour.c neigh: prevent overflowing params in /proc/sys/net/ipv4/neigh/ 2013-07-26 14:22:10 -07:00
net_namespace.c proc: Split the namespace stuff out into linux/proc_ns.h 2013-05-01 17:29:39 -04:00
net-procfs.c rps: selective flow shedding during softnet overflow 2013-05-20 13:48:04 -07:00
net-sysfs.c rps_dev_flow_table_release(): no need to delay vfree() 2013-05-06 11:06:51 -04:00
net-sysfs.h
net-traces.c
netevent.c
netpoll.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net-next 2013-07-09 18:24:39 -07:00
netprio_cgroup.c net: pass info struct via netdevice notifier 2013-05-28 13:11:01 -07:00
pktgen.c pktgen: ipv6: numa: consolidate skb allocation to pktgen_alloc_skb 2013-06-12 00:47:25 -07:00
request_sock.c
rtnetlink.c rtnetlink: allow using zero MAC address in rtnl_fdb_{add,del} 2013-06-25 09:31:39 -07:00
scm.c netprio_cgroup: remove task_struct parameter from sock_update_netprio() 2013-04-09 13:19:37 -04:00
secure_seq.c net: defer net_secret[] initialization 2013-04-29 15:14:02 -04:00
skbuff.c net: rename CONFIG_NET_LL_RX_POLL to CONFIG_NET_RX_BUSY_POLL 2013-08-01 15:11:17 -07:00
sock_diag.c sock_diag: fix filter code sent to userspace 2013-06-10 22:23:32 -07:00
sock.c net: rename CONFIG_NET_LL_RX_POLL to CONFIG_NET_RX_BUSY_POLL 2013-08-01 15:11:17 -07:00
stream.c
sysctl_net_core.c net: check net.core.somaxconn sysctl values 2013-08-02 15:18:53 -07:00
timestamping.c
user_dma.c
utils.c net: core: move mac_pton() to lib/net_utils.c 2013-06-05 12:00:27 -07:00