net:rfs: adjust table size checking

Make sure root user does not try something stupid. Also make sure mask field in struct rps_sock_flow_table does not share a cache line with the potentially often dirtied flow table. Signed-off-by: Eric Dumazet <edumazet@google.com> Fixes: 567e4b79731c ("net: rfs: add hash collision detection") Signed-off-by: David S. Miller <davem@davemloft.net>
author: Eric Dumazet <edumazet@google.com> 2015-02-08 23:39:13 -0500
committer: David S. Miller <davem@davemloft.net> 2015-02-09 00:54:09 -0500
commit: 93c1af6ca94c1e763efba76a127b5c135e3d23a6 (patch)
tree: 80725b4e6f7b9d10689a7d8a0132db7113d04a30
parent: acde2c2d28c8afee41eb67ee1cbf9e47a3f3e475 (diff)
2 files changed, 3 insertions, 2 deletions
diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
index ab3b7cef4638..d115256ed5a2 100644
--- a/include/linux/netdevice.h
+++ b/include/linux/netdevice.h
@@ -653,7 +653,8 @@ struct rps_dev_flow_table {
 */
 struct rps_sock_flow_table {
        u32     mask;
-        u32     ents[0];
+        u32     ents[0] ____cacheline_aligned_in_smp;
 };
 #define RPS_SOCK_FLOW_TABLE_SIZE(_num) (offsetof(struct rps_sock_flow_table, ents[_num]))
diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c
index 7a31be5e361f..eaa51ddf2368 100644
--- a/net/core/sysctl_net_core.c
+++ b/net/core/sysctl_net_core.c
@@ -52,7 +52,7 @@ static int rps_sock_flow_sysctl(struct ctl_table *table, int write,
        if (write) {
                if (size) {
-                        if (size > 1<<30) {
+                        if (size > 1<<29) {
                                /* Enforce limit to prevent overflow */
                                mutex_unlock(&sock_flow_mutex);
                                return -EINVAL;
author	Eric Dumazet <edumazet@google.com>	2015-02-08 23:39:13 -0500
committer	David S. Miller <davem@davemloft.net>	2015-02-09 00:54:09 -0500
commit	93c1af6ca94c1e763efba76a127b5c135e3d23a6 (patch)
tree	80725b4e6f7b9d10689a7d8a0132db7113d04a30
parent	acde2c2d28c8afee41eb67ee1cbf9e47a3f3e475 (diff)

diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h index ab3b7cef4638..d115256ed5a2 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h
@@ -653,7 +653,8 @@ struct rps_dev_flow_table {
653	*/	653	*/
654	struct rps_sock_flow_table {	654	struct rps_sock_flow_table {
655	u32 mask;	655	u32 mask;
656	u32 ents[0];	656
		657	u32 ents[0] ____cacheline_aligned_in_smp;
657	};	658	};
658	#define RPS_SOCK_FLOW_TABLE_SIZE(_num) (offsetof(struct rps_sock_flow_table, ents[_num]))	659	#define RPS_SOCK_FLOW_TABLE_SIZE(_num) (offsetof(struct rps_sock_flow_table, ents[_num]))
659		660


diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c index 7a31be5e361f..eaa51ddf2368 100644 --- a/net/core/sysctl_net_core.c +++ b/net/core/sysctl_net_core.c
@@ -52,7 +52,7 @@ static int rps_sock_flow_sysctl(struct ctl_table *table, int write,
52		52
53	if (write) {	53	if (write) {
54	if (size) {	54	if (size) {
55	if (size > 1<<30) {	55	if (size > 1<<29) {
56	/* Enforce limit to prevent overflow */	56	/* Enforce limit to prevent overflow */
57	mutex_unlock(&sock_flow_mutex);	57	mutex_unlock(&sock_flow_mutex);
58	return -EINVAL;	58	return -EINVAL;