diff options
author | Daniel Borkmann <daniel@iogearbox.net> | 2017-02-08 01:19:43 +0100 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2017-02-08 14:40:03 -0500 |
commit | c502faf94153bd0fedc5389a936f728a659cc6ab (patch) | |
tree | 603e482c1467bc7d156623c9b83df0cee514d6aa /include/net/netns/nftables.h | |
parent | 8ef9594764617e3fd4500205b080b53c45c14c4b (diff) |
bpf, lpm: fix overflows in trie_alloc checks
Cap the maximum (total) value size and bail out if larger than KMALLOC_MAX_SIZE
as otherwise it doesn't make any sense to proceed further, since we're
guaranteed to fail to allocate elements anyway in lpm_trie_node_alloc();
likleyhood of failure is still high for large values, though, similarly
as with htab case in non-prealloc.
Next, make sure that cost vars are really u64 instead of size_t, so that we
don't overflow on 32 bit and charge only tiny map.pages against memlock while
allowing huge max_entries; cap also the max cost like we do with other map
types.
Fixes: b95a5c4db09b ("bpf: add a longest prefix match trie map implementation")
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'include/net/netns/nftables.h')
0 files changed, 0 insertions, 0 deletions