• Shan Wei's avatar
    net: neighbour: prohibit negative value for unres_qlen_bytes parameter · ce46cc64
    Shan Wei authored
    unres_qlen_bytes and unres_qlen are int type.
    But multiple relation(unres_qlen_bytes = unres_qlen * SKB_TRUESIZE(ETH_FRAME_LEN))
    will cause type overflow when seting unres_qlen. e.g.
    
    $ echo 1027506 > /proc/sys/net/ipv4/neigh/eth1/unres_qlen
    $ cat /proc/sys/net/ipv4/neigh/eth1/unres_qlen
    1182657265
    $ cat /proc/sys/net/ipv4/neigh/eth1/unres_qlen_bytes
    -2147479756
    
    The gutted value is not that we setting。
    But user/administrator don't know this is caused by int type overflow.
    
    what's more, it is meaningless and even dangerous that unres_qlen_bytes is set
    with negative number. Because, for unresolved neighbour address, kernel will cache packets
    without limit in __neigh_event_send()(e.g. (u32)-1 = 2GB).
    Signed-off-by: default avatarShan Wei <davidshan@tencent.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    ce46cc64
neighbour.c 73.3 KB