IGMP multicast source filter limits via sysctl [PATCH]

netdev.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* IGMP multicast source filter limits via sysctl [PATCH]
@ 2004-03-05  5:04 David Stevens
  2004-03-05 22:20 ` David S. Miller
  0 siblings, 1 reply; 2+ messages in thread
From: David Stevens @ 2004-03-05  5:04 UTC (permalink / raw)
  To: netdev, davem


[-- Attachment #1.1: Type: text/plain, Size: 3975 bytes --]





The following patch adds a sysctl variable for administrators to set
limits on the number of per-socket multicast source filters for IPv4.
The in-line patch for review is for 2.4.25. Attached is the 2.4.25 version
and the 2.6.x version.

multiprotocol socket API version to follow soon.

                              +-DLS

diff -ruN linux-2.4.25F2/include/linux/sysctl.h linux-2.4.25F4/include/linux/sysctl.h
--- linux-2.4.25F2/include/linux/sysctl.h 2004-02-20 15:13:01.000000000 -0800
+++ linux-2.4.25F4/include/linux/sysctl.h 2004-03-04 17:02:54.000000000 -0800
@@ -312,6 +312,7 @@
      NET_TCP_FRTO=92,
      NET_TCP_LOW_LATENCY=93,
      NET_IPV4_IPFRAG_SECRET_INTERVAL=94,
+     NET_IPV4_IGMP_MAX_MSF=96,
 };

 enum {
diff -ruN linux-2.4.25F2/net/ipv4/igmp.c linux-2.4.25F4/net/ipv4/igmp.c
--- linux-2.4.25F2/net/ipv4/igmp.c  2004-02-18 05:36:32.000000000 -0800
+++ linux-2.4.25F4/net/ipv4/igmp.c  2004-03-04 15:47:09.000000000 -0800
@@ -101,7 +101,8 @@
 #endif


-#define IP_MAX_MEMBERSHIPS 20
+#define IP_MAX_MEMBERSHIPS   20
+#define IP_MAX_MSF           10

 #ifdef CONFIG_IP_MULTICAST
 /* Parameter names and values are taken from igmp-v2-06 draft */
@@ -1311,6 +1312,7 @@
  *   Join a socket to a group
  */
 int sysctl_igmp_max_memberships = IP_MAX_MEMBERSHIPS;
+int sysctl_igmp_max_msf = IP_MAX_MSF;


 static int ip_mc_del1_src(struct ip_mc_list *pmc, int sfmode,
@@ -1772,6 +1774,10 @@
      }
      /* else, add a new source to the filter */

+     if (psl && psl->sl_count >= sysctl_igmp_max_msf) {
+           err = -ENOBUFS;
+           goto done;
+     }
      if (!psl || psl->sl_count == psl->sl_max) {
            struct ip_sf_socklist *newpsl;
            int count = IP_SFBLOCK;
diff -ruN linux-2.4.25F2/net/ipv4/ip_sockglue.c linux-2.4.25F4/net/ipv4/ip_sockglue.c
--- linux-2.4.25F2/net/ipv4/ip_sockglue.c 2004-02-23 17:03:10.000000000 -0800
+++ linux-2.4.25F4/net/ipv4/ip_sockglue.c 2004-03-04 19:29:33.000000000 -0800
@@ -609,6 +609,7 @@
            case IP_MSFILTER:
            {
                  extern int sysctl_optmem_max;
+                 extern int sysctl_igmp_max_msf;
                  struct ip_msfilter *msf;

                  if (optlen < IP_MSFILTER_SIZE(0))
@@ -627,9 +628,14 @@
                        kfree(msf);
                        break;
                  }
-                 if (IP_MSFILTER_SIZE(msf->imsf_numsrc) <
-                     IP_MSFILTER_SIZE(0) ||
-                     IP_MSFILTER_SIZE(msf->imsf_numsrc) > optlen) {
+                 /* numsrc >= (1G-4) overflow in 32 bits */
+                 if (msf->imsf_numsrc >= 0x3ffffffcU ||
+                     msf->imsf_numsrc > sysctl_igmp_max_msf) {
+                       kfree(msf);
+                       err = -ENOBUFS;
+                       break;
+                 }
+                 if (IP_MSFILTER_SIZE(msf->imsf_numsrc) > optlen) {
                        kfree(msf);
                        err = -EINVAL;
                        break;
diff -ruN linux-2.4.25F2/net/ipv4/sysctl_net_ipv4.c linux-2.4.25F4/net/ipv4/sysctl_net_ipv4.c
--- linux-2.4.25F2/net/ipv4/sysctl_net_ipv4.c   2003-06-13 07:51:39.000000000 -0700
+++ linux-2.4.25F4/net/ipv4/sysctl_net_ipv4.c   2004-03-04 14:47:31.000000000 -0800
@@ -38,6 +38,7 @@

 /* From igmp.c */
 extern int sysctl_igmp_max_memberships;
+extern int sysctl_igmp_max_msf;

 /* From inetpeer.c */
 extern int inet_peer_threshold;
@@ -182,6 +183,8 @@
      {NET_IPV4_IGMP_MAX_MEMBERSHIPS, "igmp_max_memberships",
       &sysctl_igmp_max_memberships, sizeof(int), 0644, NULL, &proc_dointvec},
 #endif
+     {NET_IPV4_IGMP_MAX_MSF, "igmp_max_msf",
+      &sysctl_igmp_max_msf, sizeof(int), 0644, NULL, &proc_dointvec},
      {NET_IPV4_INET_PEER_THRESHOLD, "inet_peer_threshold",
       &inet_peer_threshold, sizeof(int), 0644, NULL, &proc_dointvec},
      {NET_IPV4_INET_PEER_MINTTL, "inet_peer_minttl",

(See attached file: 2.4.25igmpmsflimit2.patch)
(See attached file: 2.6.4rc2igmpmsflimit2.patch)

[-- Attachment #1.2: Type: text/html, Size: 4068 bytes --]

[-- Attachment #2: 2.4.25igmpmsflimit2.patch --]
[-- Type: application/octet-stream, Size: 3090 bytes --]

diff -ruN linux-2.4.25F2/include/linux/sysctl.h linux-2.4.25F4/include/linux/sysctl.h
--- linux-2.4.25F2/include/linux/sysctl.h	2004-02-20 15:13:01.000000000 -0800
+++ linux-2.4.25F4/include/linux/sysctl.h	2004-03-04 17:02:54.000000000 -0800
@@ -312,6 +312,7 @@
 	NET_TCP_FRTO=92,
 	NET_TCP_LOW_LATENCY=93,
 	NET_IPV4_IPFRAG_SECRET_INTERVAL=94,
+	NET_IPV4_IGMP_MAX_MSF=96,
 };
 
 enum {
diff -ruN linux-2.4.25F2/net/ipv4/igmp.c linux-2.4.25F4/net/ipv4/igmp.c
--- linux-2.4.25F2/net/ipv4/igmp.c	2004-02-18 05:36:32.000000000 -0800
+++ linux-2.4.25F4/net/ipv4/igmp.c	2004-03-04 15:47:09.000000000 -0800
@@ -101,7 +101,8 @@
 #endif
 
 
-#define IP_MAX_MEMBERSHIPS 20
+#define IP_MAX_MEMBERSHIPS	20
+#define IP_MAX_MSF		10
 
 #ifdef CONFIG_IP_MULTICAST
 /* Parameter names and values are taken from igmp-v2-06 draft */
@@ -1311,6 +1312,7 @@
  *	Join a socket to a group
  */
 int sysctl_igmp_max_memberships = IP_MAX_MEMBERSHIPS;
+int sysctl_igmp_max_msf = IP_MAX_MSF;
 
 
 static int ip_mc_del1_src(struct ip_mc_list *pmc, int sfmode,
@@ -1772,6 +1774,10 @@
 	}
 	/* else, add a new source to the filter */
 
+	if (psl && psl->sl_count >= sysctl_igmp_max_msf) {
+		err = -ENOBUFS;
+		goto done;
+	}
 	if (!psl || psl->sl_count == psl->sl_max) {
 		struct ip_sf_socklist *newpsl;
 		int count = IP_SFBLOCK;
diff -ruN linux-2.4.25F2/net/ipv4/ip_sockglue.c linux-2.4.25F4/net/ipv4/ip_sockglue.c
--- linux-2.4.25F2/net/ipv4/ip_sockglue.c	2004-02-23 17:03:10.000000000 -0800
+++ linux-2.4.25F4/net/ipv4/ip_sockglue.c	2004-03-04 19:29:33.000000000 -0800
@@ -609,6 +609,7 @@
 		case IP_MSFILTER:
 		{
 			extern int sysctl_optmem_max;
+			extern int sysctl_igmp_max_msf;
 			struct ip_msfilter *msf;
 
 			if (optlen < IP_MSFILTER_SIZE(0))
@@ -627,9 +628,14 @@
 				kfree(msf);
 				break;
 			}
-			if (IP_MSFILTER_SIZE(msf->imsf_numsrc) < 
-			    IP_MSFILTER_SIZE(0) ||
-			    IP_MSFILTER_SIZE(msf->imsf_numsrc) > optlen) {
+			/* numsrc >= (1G-4) overflow in 32 bits */
+			if (msf->imsf_numsrc >= 0x3ffffffcU ||
+			    msf->imsf_numsrc > sysctl_igmp_max_msf) {
+				kfree(msf);
+				err = -ENOBUFS;
+				break;
+			}
+			if (IP_MSFILTER_SIZE(msf->imsf_numsrc) > optlen) {
 				kfree(msf);
 				err = -EINVAL;
 				break;
diff -ruN linux-2.4.25F2/net/ipv4/sysctl_net_ipv4.c linux-2.4.25F4/net/ipv4/sysctl_net_ipv4.c
--- linux-2.4.25F2/net/ipv4/sysctl_net_ipv4.c	2003-06-13 07:51:39.000000000 -0700
+++ linux-2.4.25F4/net/ipv4/sysctl_net_ipv4.c	2004-03-04 14:47:31.000000000 -0800
@@ -38,6 +38,7 @@
 
 /* From igmp.c */
 extern int sysctl_igmp_max_memberships;
+extern int sysctl_igmp_max_msf;
 
 /* From inetpeer.c */
 extern int inet_peer_threshold;
@@ -182,6 +183,8 @@
 	{NET_IPV4_IGMP_MAX_MEMBERSHIPS, "igmp_max_memberships",
 	 &sysctl_igmp_max_memberships, sizeof(int), 0644, NULL, &proc_dointvec},
 #endif
+	{NET_IPV4_IGMP_MAX_MSF, "igmp_max_msf",
+	 &sysctl_igmp_max_msf, sizeof(int), 0644, NULL, &proc_dointvec},
 	{NET_IPV4_INET_PEER_THRESHOLD, "inet_peer_threshold",
 	 &inet_peer_threshold, sizeof(int), 0644, NULL, &proc_dointvec},
 	{NET_IPV4_INET_PEER_MINTTL, "inet_peer_minttl",

[-- Attachment #3: 2.6.4rc2igmpmsflimit2.patch --]
[-- Type: application/octet-stream, Size: 3037 bytes --]

diff -ruN linux-2.6.4rc2/include/linux/sysctl.h linux-2.6.4rc2F1/include/linux/sysctl.h
--- linux-2.6.4rc2/include/linux/sysctl.h	2004-03-04 19:05:17.000000000 -0800
+++ linux-2.6.4rc2F1/include/linux/sysctl.h	2004-03-04 16:57:26.000000000 -0800
@@ -321,6 +321,7 @@
 	NET_TCP_LOW_LATENCY=93,
 	NET_IPV4_IPFRAG_SECRET_INTERVAL=94,
 	NET_TCP_WESTWOOD=95,
+	NET_IPV4_IGMP_MAX_MSF=96,
 };
 
 enum {
diff -ruN linux-2.6.4rc2/net/ipv4/igmp.c linux-2.6.4rc2F1/net/ipv4/igmp.c
--- linux-2.6.4rc2/net/ipv4/igmp.c	2004-02-17 19:59:48.000000000 -0800
+++ linux-2.6.4rc2F1/net/ipv4/igmp.c	2004-03-04 16:18:42.000000000 -0800
@@ -105,7 +105,8 @@
 #include <linux/seq_file.h>
 #endif
 
-#define IP_MAX_MEMBERSHIPS 20
+#define IP_MAX_MEMBERSHIPS	20
+#define IP_MAX_MSF		10
 
 #ifdef CONFIG_IP_MULTICAST
 /* Parameter names and values are taken from igmp-v2-06 draft */
@@ -1325,6 +1326,7 @@
  *	Join a socket to a group
  */
 int sysctl_igmp_max_memberships = IP_MAX_MEMBERSHIPS;
+int sysctl_igmp_max_msf = IP_MAX_MSF;
 
 
 static int ip_mc_del1_src(struct ip_mc_list *pmc, int sfmode,
@@ -1790,6 +1792,10 @@
 	}
 	/* else, add a new source to the filter */
 
+	if (psl && psl->sl_count >= sysctl_igmp_max_msf) {
+		err = -ENOBUFS;
+		goto done;
+	}
 	if (!psl || psl->sl_count == psl->sl_max) {
 		struct ip_sf_socklist *newpsl;
 		int count = IP_SFBLOCK;
diff -ruN linux-2.6.4rc2/net/ipv4/ip_sockglue.c linux-2.6.4rc2F1/net/ipv4/ip_sockglue.c
--- linux-2.6.4rc2/net/ipv4/ip_sockglue.c	2004-03-04 19:05:18.000000000 -0800
+++ linux-2.6.4rc2F1/net/ipv4/ip_sockglue.c	2004-03-04 19:30:26.000000000 -0800
@@ -618,6 +618,7 @@
 		case IP_MSFILTER:
 		{
 			extern int sysctl_optmem_max;
+			extern int sysctl_igmp_max_msf;
 			struct ip_msfilter *msf;
 
 			if (optlen < IP_MSFILTER_SIZE(0))
@@ -636,9 +637,14 @@
 				kfree(msf);
 				break;
 			}
-			if (IP_MSFILTER_SIZE(msf->imsf_numsrc) < 
-			    IP_MSFILTER_SIZE(0) ||
-			    IP_MSFILTER_SIZE(msf->imsf_numsrc) > optlen) {
+			/* numsrc >= (1G-4) overflow in 32 bits */
+			if (msf->imsf_numsrc >= 0x3ffffffcU ||
+			    msf->imsf_numsrc > sysctl_igmp_max_msf) {
+				kfree(msf);
+				err = -ENOBUFS;
+				break;
+			}
+			if (IP_MSFILTER_SIZE(msf->imsf_numsrc) > optlen) {
 				kfree(msf);
 				err = -EINVAL;
 				break;
diff -ruN linux-2.6.4rc2/net/ipv4/sysctl_net_ipv4.c linux-2.6.4rc2F1/net/ipv4/sysctl_net_ipv4.c
--- linux-2.6.4rc2/net/ipv4/sysctl_net_ipv4.c	2004-02-17 19:58:50.000000000 -0800
+++ linux-2.6.4rc2F1/net/ipv4/sysctl_net_ipv4.c	2004-03-04 16:22:05.000000000 -0800
@@ -39,6 +39,7 @@
 
 /* From igmp.c */
 extern int sysctl_igmp_max_memberships;
+extern int sysctl_igmp_max_msf;
 
 /* From inetpeer.c */
 extern int inet_peer_threshold;
@@ -412,6 +413,14 @@
 
 #endif
 	{
+		.ctl_name	= NET_IPV4_IGMP_MAX_MSF,
+		.procname	= "igmp_max_msf",
+		.data		= &sysctl_igmp_max_msf,
+		.maxlen		= sizeof(int),
+		.mode		= 0644,
+		.proc_handler	= &proc_dointvec
+	},
+	{
 		.ctl_name	= NET_IPV4_INET_PEER_THRESHOLD,
 		.procname	= "inet_peer_threshold",
 		.data		= &inet_peer_threshold,

^ permalink raw reply	[flat|nested] 2+ messages in thread

* Re: IGMP multicast source filter limits via sysctl [PATCH]
  2004-03-05  5:04 IGMP multicast source filter limits via sysctl [PATCH] David Stevens
@ 2004-03-05 22:20 ` David S. Miller
  0 siblings, 0 replies; 2+ messages in thread
From: David S. Miller @ 2004-03-05 22:20 UTC (permalink / raw)
  To: David Stevens; +Cc: netdev

On Thu, 4 Mar 2004 22:04:31 -0700
David Stevens <dlstevens@us.ibm.com> wrote:

> The following patch adds a sysctl variable for administrators to set
> limits on the number of per-socket multicast source filters for IPv4.
> The in-line patch for review is for 2.4.25. Attached is the 2.4.25 version
> and the 2.6.x version.

Applied, thanks David.

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2004-03-05 22:20 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-03-05  5:04 IGMP multicast source filter limits via sysctl [PATCH] David Stevens
2004-03-05 22:20 ` David S. Miller

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).