[rh7] ms/netfilter: ipset: fix ip_set_list allocation failure

Submitted by Andrey Ryabinin on Aug. 2, 2018, 8:58 a.m.

Details

Message ID 20180802085814.5707-1-aryabinin@virtuozzo.com
State New
Series "ms/netfilter: ipset: fix ip_set_list allocation failure"
Headers show

Commit Message

Andrey Ryabinin Aug. 2, 2018, 8:58 a.m.
ip_set_create() and ip_set_net_init() attempt to allocate physically
contiguous memory for ip_set_list. If memory is fragmented, the
allocations could easily fail:

	vzctl: page allocation failure: order:7, mode:0xc0d0

	Call Trace:
	 dump_stack+0x19/0x1b
	 warn_alloc_failed+0x110/0x180
	 __alloc_pages_nodemask+0x7bf/0xc60
	 alloc_pages_current+0x98/0x110
	 kmalloc_order+0x18/0x40
	 kmalloc_order_trace+0x26/0xa0
	 __kmalloc+0x279/0x290
	 ip_set_net_init+0x4b/0x90 [ip_set]
	 ops_init+0x3b/0xb0
	 setup_net+0xbb/0x170
	 copy_net_ns+0xf1/0x1c0
	 create_new_namespaces+0xf9/0x180
	 copy_namespaces+0x8e/0xd0
	 copy_process+0xb61/0x1a00
	 do_fork+0x91/0x320

Use kvcalloc() to fallback to 0-order allocations if high order
page isn't available.

https://jira.sw.ru/browse/PSBM-87338
Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com>
---
 net/netfilter/ipset/ip_set_core.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

Patch hide | download patch | download mbox

diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c
index c94094b6f500..916ef23e5d90 100644
--- a/net/netfilter/ipset/ip_set_core.c
+++ b/net/netfilter/ipset/ip_set_core.c
@@ -837,7 +837,7 @@  ip_set_create(struct sock *ctnl, struct sk_buff *skb,
 			/* Wraparound */
 			goto cleanup;
 
-		list = kzalloc(sizeof(struct ip_set *) * i, GFP_KERNEL);
+		list = kvzalloc(sizeof(struct ip_set *) * i, GFP_KERNEL);
 		if (!list)
 			goto cleanup;
 		/* nfnl mutex is held, both lists are valid */
@@ -849,7 +849,7 @@  ip_set_create(struct sock *ctnl, struct sk_buff *skb,
 		/* Use new list */
 		index = inst->ip_set_max;
 		inst->ip_set_max = i;
-		kfree(tmp);
+		kvfree(tmp);
 		ret = 0;
 	} else if (ret)
 		goto cleanup;
@@ -1903,7 +1903,7 @@  ip_set_net_init(struct net *net)
 	if (inst->ip_set_max >= IPSET_INVALID_ID)
 		inst->ip_set_max = IPSET_INVALID_ID - 1;
 
-	list = kzalloc(sizeof(struct ip_set *) * inst->ip_set_max, GFP_KERNEL);
+	list = kvzalloc(sizeof(struct ip_set *) * inst->ip_set_max, GFP_KERNEL);
 	if (!list)
 		return -ENOMEM;
 	inst->is_deleted = false;
@@ -1929,7 +1929,7 @@  ip_set_net_exit(struct net *net)
 			ip_set_destroy_set(set);
 		}
 	}
-	kfree(rcu_dereference_protected(inst->ip_set_list, 1));
+	kvfree(rcu_dereference_protected(inst->ip_set_list, 1));
 }
 
 static struct pernet_operations ip_set_net_ops = {