| Message ID | 1498170573-24082-1-git-send-email-xiyou.wangcong@gmail.com |
|---|---|
| State | Accepted, archived |
| Delegated to: | David Miller |
| Headers | show |
On Fri, Jun 23, 2017 at 12:29 AM, Cong Wang <xiyou.wangcong@gmail.com> wrote: > The memory allocation size is controlled by user-space, > if it is too large just fail silently and return NULL, > not to mention there is a fallback allocation later. Thanks! Tested-by: Andrey Konovalov <andreyknvl.com> > > Reported-by: Andrey Konovalov <andreyknvl@google.com> > Cc: Andrey Konovalov <andreyknvl@google.com> > Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> > --- > net/ipv6/sit.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c > index 2378503..f8ad158 100644 > --- a/net/ipv6/sit.c > +++ b/net/ipv6/sit.c > @@ -305,7 +305,7 @@ static int ipip6_tunnel_get_prl(struct ip_tunnel *t, > * we try harder to allocate. > */ > kp = (cmax <= 1 || capable(CAP_NET_ADMIN)) ? > - kcalloc(cmax, sizeof(*kp), GFP_KERNEL) : > + kcalloc(cmax, sizeof(*kp), GFP_KERNEL | __GFP_NOWARN) : > NULL; > > rcu_read_lock(); > -- > 2.5.5 >
On Fri, Jun 23, 2017 at 2:21 PM, Andrey Konovalov <andreyknvl@google.com> wrote: > On Fri, Jun 23, 2017 at 12:29 AM, Cong Wang <xiyou.wangcong@gmail.com> wrote: >> The memory allocation size is controlled by user-space, >> if it is too large just fail silently and return NULL, >> not to mention there is a fallback allocation later. > > Thanks! > > Tested-by: Andrey Konovalov <andreyknvl.com> Should be: Tested-by: Andrey Konovalov <andreyknvl@google.com> > >> >> Reported-by: Andrey Konovalov <andreyknvl@google.com> >> Cc: Andrey Konovalov <andreyknvl@google.com> >> Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> >> --- >> net/ipv6/sit.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c >> index 2378503..f8ad158 100644 >> --- a/net/ipv6/sit.c >> +++ b/net/ipv6/sit.c >> @@ -305,7 +305,7 @@ static int ipip6_tunnel_get_prl(struct ip_tunnel *t, >> * we try harder to allocate. >> */ >> kp = (cmax <= 1 || capable(CAP_NET_ADMIN)) ? >> - kcalloc(cmax, sizeof(*kp), GFP_KERNEL) : >> + kcalloc(cmax, sizeof(*kp), GFP_KERNEL | __GFP_NOWARN) : >> NULL; >> >> rcu_read_lock(); >> -- >> 2.5.5 >>
From: Cong Wang <xiyou.wangcong@gmail.com> Date: Thu, 22 Jun 2017 15:29:33 -0700 > The memory allocation size is controlled by user-space, > if it is too large just fail silently and return NULL, > not to mention there is a fallback allocation later. > > Reported-by: Andrey Konovalov <andreyknvl@google.com> > Cc: Andrey Konovalov <andreyknvl@google.com> > Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> Applied, thanks.
diff --git a/net/ipv6/sit.c b/net/ipv6/sit.c index 2378503..f8ad158 100644 --- a/net/ipv6/sit.c +++ b/net/ipv6/sit.c @@ -305,7 +305,7 @@ static int ipip6_tunnel_get_prl(struct ip_tunnel *t, * we try harder to allocate. */ kp = (cmax <= 1 || capable(CAP_NET_ADMIN)) ? - kcalloc(cmax, sizeof(*kp), GFP_KERNEL) : + kcalloc(cmax, sizeof(*kp), GFP_KERNEL | __GFP_NOWARN) : NULL; rcu_read_lock();
The memory allocation size is controlled by user-space, if it is too large just fail silently and return NULL, not to mention there is a fallback allocation later. Reported-by: Andrey Konovalov <andreyknvl@google.com> Cc: Andrey Konovalov <andreyknvl@google.com> Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com> --- net/ipv6/sit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)