Re: [46/74] net: restore ip source validation
From: Eric W. Biederman
Date: Fri Feb 05 2010 - 15:18:10 EST
Sven Joachim <svenjoac@xxxxxx> writes:
> On 2010-02-05 15:51 +0100, jamal wrote:
>
>> The problem is elsewhere. Here's the fix.
>>
>> --
>> diff --git a/kernel/sysctl_check.c b/kernel/sysctl_check.c
>> index b6e7aae..469193c 100644
>> --- a/kernel/sysctl_check.c
>> +++ b/kernel/sysctl_check.c
>> @@ -220,6 +220,7 @@ static const struct trans_ctl_table
>> trans_net_ipv4_conf_vars_table[] = {
>> { NET_IPV4_CONF_PROMOTE_SECONDARIES, "promote_secondaries" },
>> { NET_IPV4_CONF_ARP_ACCEPT, "arp_accept" },
>> { NET_IPV4_CONF_ARP_NOTIFY, "arp_notify" },
>> + { NET_IPV4_CONF_SRC_VMARK, "src_valid_mark" },
>> {}
>> };
>> ---
>
> Well spotted, that fixes it. Your mailer is broken however, it
> converted tabs into spaces, so I had to add the changed line manually.
Bah. That DEVINET_SYSCTL_ENTRY requires having a binary sysctl
assigned, just to use as an index.
Which of course trips over all of the fine checks in sysctl_check.c to
keep people from assigning new binary sysctls by accident.
That is the only place in the kernel where he have that problem, I wonder
how much work it will be to finish untangling.
Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/