diff options
author | Thomas Graf <tgraf@suug.ch> | 2013-11-30 13:21:31 +0100 |
---|---|---|
committer | Jesse Gross <jesse@nicira.com> | 2014-01-07 00:52:06 +0100 |
commit | aae9f0e22c07f6b97752741156ac0b3637d37a1a (patch) | |
tree | 164aafabd87e384e55527a37ab67761ef7473c86 | |
parent | genl: Add genlmsg_new_unicast() for unicast message allocation (diff) | |
download | linux-aae9f0e22c07f6b97752741156ac0b3637d37a1a.tar.xz linux-aae9f0e22c07f6b97752741156ac0b3637d37a1a.zip |
netlink: Avoid netlink mmap alloc if msg size exceeds frame size
An insufficent ring frame size configuration can lead to an
unnecessary skb allocation for every Netlink message. Check frame
size before taking the queue lock and allocating the skb and
re-check with lock to be safe.
Signed-off-by: Thomas Graf <tgraf@suug.ch>
Reviewed-by: Daniel Borkmann <dborkman@redhat.com>
Signed-off-by: Jesse Gross <jesse@nicira.com>
-rw-r--r-- | net/netlink/af_netlink.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/net/netlink/af_netlink.c b/net/netlink/af_netlink.c index bca50b95c182..64334893c61c 100644 --- a/net/netlink/af_netlink.c +++ b/net/netlink/af_netlink.c @@ -1769,6 +1769,9 @@ struct sk_buff *netlink_alloc_skb(struct sock *ssk, unsigned int size, if (ring->pg_vec == NULL) goto out_put; + if (ring->frame_size - NL_MMAP_HDRLEN < size) + goto out_put; + skb = alloc_skb_head(gfp_mask); if (skb == NULL) goto err1; @@ -1778,6 +1781,7 @@ struct sk_buff *netlink_alloc_skb(struct sock *ssk, unsigned int size, if (ring->pg_vec == NULL) goto out_free; + /* check again under lock */ maxlen = ring->frame_size - NL_MMAP_HDRLEN; if (maxlen < size) goto out_free; |