From: Thomas Graf <[email protected]> An insufficent ring frame size configuration can lead to an unnecessary skb allocation for every Netlink message. Check frame size before taking the queue lock and allocating the skb and re-check with lock to be safe.
Signed-off-by: Thomas Graf <[email protected]> Reviewed-by: Daniel Borkmann <[email protected]> Signed-off-by: Jesse Gross <[email protected]> --- net/netlink/af_netlink.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c index bca50b9..6433489 100644 --- a/net/netlink/af_netlink.c +++ b/net/netlink/af_netlink.c @@ -1769,6 +1769,9 @@ struct sk_buff *netlink_alloc_skb(struct sock *ssk, unsigned int size, if (ring->pg_vec == NULL) goto out_put; + if (ring->frame_size - NL_MMAP_HDRLEN < size) + goto out_put; + skb = alloc_skb_head(gfp_mask); if (skb == NULL) goto err1; @@ -1778,6 +1781,7 @@ struct sk_buff *netlink_alloc_skb(struct sock *ssk, unsigned int size, if (ring->pg_vec == NULL) goto out_free; + /* check again under lock */ maxlen = ring->frame_size - NL_MMAP_HDRLEN; if (maxlen < size) goto out_free; -- 1.8.3.2 _______________________________________________ dev mailing list [email protected] http://openvswitch.org/mailman/listinfo/dev
