diff options
author | Gerrit Renker <gerrit@erg.abdn.ac.uk> | 2010-01-31 21:12:19 -0500 |
---|---|---|
committer | David S. Miller <davem@davemloft.net> | 2010-02-03 22:00:30 -0500 |
commit | 8ed030dd0aa400d18c63861c2c6deb7c38f4edde (patch) | |
tree | c84de9bd4c14cc9e565b887638d05597e6b6e56c | |
parent | f6815077e75c5b7f55b56fc3788e328514d4e72a (diff) |
dccp: fix bug in cache allocation
This fixes a bug introduced in commit de4ef86cfce60d2250111f34f8a084e769f23b16
("dccp: fix dccp rmmod when kernel configured to use slub", 17 Jan): the
vsnprintf used sizeof(slab_name_fmt), which became truncated to 4 bytes, since
slab_name_fmt is now a 4-byte pointer and no longer a 32-character array.
This lead to error messages such as
FATAL: Error inserting dccp: No buffer space available
>> kernel: [ 1456.341501] kmem_cache_create: duplicate cache cci
generated due to the truncation after the 3rd character.
Fixed for the moment by introducing a symbolic constant. Tested to fix the bug.
Signed-off-by: Gerrit Renker <gerrit@erg.abdn.ac.uk>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
-rw-r--r-- | net/dccp/ccid.c | 2 | ||||
-rw-r--r-- | net/dccp/ccid.h | 8 |
2 files changed, 6 insertions, 4 deletions
diff --git a/net/dccp/ccid.c b/net/dccp/ccid.c index 57dfb9c8c4f2..ff16e9df1969 100644 --- a/net/dccp/ccid.c +++ b/net/dccp/ccid.c | |||
@@ -83,7 +83,7 @@ static struct kmem_cache *ccid_kmem_cache_create(int obj_size, char *slab_name_f | |||
83 | va_list args; | 83 | va_list args; |
84 | 84 | ||
85 | va_start(args, fmt); | 85 | va_start(args, fmt); |
86 | vsnprintf(slab_name_fmt, sizeof(slab_name_fmt), fmt, args); | 86 | vsnprintf(slab_name_fmt, CCID_SLAB_NAME_LENGTH, fmt, args); |
87 | va_end(args); | 87 | va_end(args); |
88 | 88 | ||
89 | slab = kmem_cache_create(slab_name_fmt, sizeof(struct ccid) + obj_size, 0, | 89 | slab = kmem_cache_create(slab_name_fmt, sizeof(struct ccid) + obj_size, 0, |
diff --git a/net/dccp/ccid.h b/net/dccp/ccid.h index 269958bf7fe9..6df6f8ac9636 100644 --- a/net/dccp/ccid.h +++ b/net/dccp/ccid.h | |||
@@ -19,7 +19,9 @@ | |||
19 | #include <linux/list.h> | 19 | #include <linux/list.h> |
20 | #include <linux/module.h> | 20 | #include <linux/module.h> |
21 | 21 | ||
22 | #define CCID_MAX 255 | 22 | /* maximum value for a CCID (RFC 4340, 19.5) */ |
23 | #define CCID_MAX 255 | ||
24 | #define CCID_SLAB_NAME_LENGTH 32 | ||
23 | 25 | ||
24 | struct tcp_info; | 26 | struct tcp_info; |
25 | 27 | ||
@@ -49,8 +51,8 @@ struct ccid_operations { | |||
49 | const char *ccid_name; | 51 | const char *ccid_name; |
50 | struct kmem_cache *ccid_hc_rx_slab, | 52 | struct kmem_cache *ccid_hc_rx_slab, |
51 | *ccid_hc_tx_slab; | 53 | *ccid_hc_tx_slab; |
52 | char ccid_hc_rx_slab_name[32]; | 54 | char ccid_hc_rx_slab_name[CCID_SLAB_NAME_LENGTH]; |
53 | char ccid_hc_tx_slab_name[32]; | 55 | char ccid_hc_tx_slab_name[CCID_SLAB_NAME_LENGTH]; |
54 | __u32 ccid_hc_rx_obj_size, | 56 | __u32 ccid_hc_rx_obj_size, |
55 | ccid_hc_tx_obj_size; | 57 | ccid_hc_tx_obj_size; |
56 | /* Interface Routines */ | 58 | /* Interface Routines */ |