On (03/15/16 09:38), santosh shilimkar wrote:
> >+ if (rtn->sndbuf_size > 0) {
> So value of 1 is allowed as well. There should be some
> minimum default or multiple of it. Of course above check
> can remain as is as long as you validate the user input
> in handlers.
yes, just as user-space SO_SNDBUF allows ridiculous values
for buffer size..
> >@@ -309,6 +352,7 @@ static void __net_exit rds_tcp_exit_net(struct net *net)
> > {
> > struct rds_tcp_net *rtn = net_generic(net, rds_tcp_netid);
> >
> >+ unregister_net_sysctl_table(rtn->rds_tcp_sysctl);
> > /* If rds_tcp_exit_net() is called as a result of netns deletion,
> > * the rds_tcp_kill_sock() device notifier would already have cleaned
> > * up the listen socket, thus there is no work to do in this function.
> You need to unregister it on rds_tcp_listen_init() failure.
Ok, good point.
> >+ rtn->sndbuf_size = user_atoi(buffer, *lenp);
> As mentioned above, you should make sure the buffer lengths are
> legitimate.
As above. We allow any values that the TCP socket itself allows.
If the user wants to shoot themself in the foot, we dont stop them.
I'll fix the nits and send out another patchset in a bit.
