diff mbox

[nf-next,7/9] netfilter: nf_tables: allow large allocations for new sets

Message ID 20170526101829.GA2274@salvia
State RFC
Delegated to: Pablo Neira
Headers show

Commit Message

Pablo Neira Ayuso May 26, 2017, 10:18 a.m. UTC 
On Fri, May 26, 2017 at 06:02:34PM +0800, Liping Zhang wrote:
> Hi Pablo,
> 
> 2017-05-24 17:50 GMT+08:00 Pablo Neira Ayuso <pablo@netfilter.org>:
> [...]
> > -       err = -ENOMEM;
> > -       set = kzalloc(sizeof(*set) + size + udlen, GFP_KERNEL);
> > +       alloc_size = sizeof(*set) + size + udlen;
> > +       if (alloc_size <= (PAGE_SIZE << PAGE_ALLOC_COSTLY_ORDER))
> > +               set = kzalloc(alloc_size, GFP_KERNEL | __GFP_NOWARN |
> > +                                         __GFP_NORETRY);
> >         if (set == NULL)
> > +               set = vzalloc(alloc_size);
> 
> I think maybe we can use "set = kvzalloc(alloc_size, GFP_KERNEL);" to simplify
> the above codes.

Like this?

Comments

Liping Zhang May 26, 2017, 10:33 a.m. UTC | #1 
2017-05-26 18:18 GMT+08:00 Pablo Neira Ayuso <pablo@netfilter.org>:
> On Fri, May 26, 2017 at 06:02:34PM +0800, Liping Zhang wrote:
>> Hi Pablo,
>>
>> 2017-05-24 17:50 GMT+08:00 Pablo Neira Ayuso <pablo@netfilter.org>:
>> [...]
>> > -       err = -ENOMEM;
>> > -       set = kzalloc(sizeof(*set) + size + udlen, GFP_KERNEL);
>> > +       alloc_size = sizeof(*set) + size + udlen;
>> > +       if (alloc_size <= (PAGE_SIZE << PAGE_ALLOC_COSTLY_ORDER))
>> > +               set = kzalloc(alloc_size, GFP_KERNEL | __GFP_NOWARN |
>> > +                                         __GFP_NORETRY);
>> >         if (set == NULL)
>> > +               set = vzalloc(alloc_size);
>>
>> I think maybe we can use "set = kvzalloc(alloc_size, GFP_KERNEL);" to simplify
>> the above codes.
>
> Like this?

Yes. :)
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
diff mbox

Patch

diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 0e54090caa8a..bd4fc8b2cd77 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -2910,7 +2910,6 @@  static int nf_tables_newset(struct net *net, struct sock *nlsk,
 {
 	const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
 	u8 genmask = nft_genmask_next(net);
-	unsigned int size, alloc_size;
 	const struct nft_set_ops *ops;
 	struct nft_af_info *afi;
 	struct nft_table *table;
@@ -2922,6 +2921,7 @@  static int nf_tables_newset(struct net *net, struct sock *nlsk,
 	u32 ktype, dtype, flags, policy, gc_int, objtype;
 	struct nft_set_desc desc;
 	unsigned char *udata;
+	unsigned int size;
 	u16 udlen;
 	int err;
 
@@ -3057,13 +3057,8 @@  static int nf_tables_newset(struct net *net, struct sock *nlsk,
 	if (ops->privsize != NULL)
 		size = ops->privsize(nla, &desc);
 
-	alloc_size = sizeof(*set) + size + udlen;
-	if (alloc_size <= (PAGE_SIZE << PAGE_ALLOC_COSTLY_ORDER))
-		set = kzalloc(alloc_size, GFP_KERNEL | __GFP_NOWARN |
-					  __GFP_NORETRY);
-	if (set == NULL)
-		set = vzalloc(alloc_size);
-	if (set == NULL) {
+	set = kvzalloc(sizeof(*set) + size + udlen, GFP_KERNEL);
+	if (!set) {
 		err = -ENOMEM;
 		goto err1;
 	}