aboutsummaryrefslogtreecommitdiffstats
path: root/net
diff options
context:
space:
mode:
authorDavid S. Miller <davem@davemloft.net>2005-10-13 17:41:23 -0400
committerDavid S. Miller <davem@davemloft.net>2005-10-13 17:41:23 -0400
commitc8923c6b852d3a97c1faad0566e38fca330375a7 (patch)
treeeb79e97c5468bba641c7a34b83514876f4902cf2 /net
parentc931488cc4619eecfe68a2f046b5898fddc2f904 (diff)
[NETFILTER]: Fix OOPSes on machines with discontiguous cpu numbering.
Original patch by Harald Welte, with feedback from Herbert Xu and testing by Sébastien Bernard. EBTABLES, ARP tables, and IP/IP6 tables all assume that cpus are numbered linearly. That is not necessarily true. This patch fixes that up by calculating the largest possible cpu number, and allocating enough per-cpu structure space given that. Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'net')
-rw-r--r--net/bridge/netfilter/ebtables.c27
-rw-r--r--net/ipv4/netfilter/arp_tables.c14
-rw-r--r--net/ipv4/netfilter/ip_tables.c17
-rw-r--r--net/ipv6/netfilter/ip6_tables.c16
4 files changed, 48 insertions, 26 deletions
diff --git a/net/bridge/netfilter/ebtables.c b/net/bridge/netfilter/ebtables.c
index c4540144f0f4..f8ffbf6e2333 100644
--- a/net/bridge/netfilter/ebtables.c
+++ b/net/bridge/netfilter/ebtables.c
@@ -26,6 +26,7 @@
26#include <linux/spinlock.h> 26#include <linux/spinlock.h>
27#include <asm/uaccess.h> 27#include <asm/uaccess.h>
28#include <linux/smp.h> 28#include <linux/smp.h>
29#include <linux/cpumask.h>
29#include <net/sock.h> 30#include <net/sock.h>
30/* needed for logical [in,out]-dev filtering */ 31/* needed for logical [in,out]-dev filtering */
31#include "../br_private.h" 32#include "../br_private.h"
@@ -823,10 +824,11 @@ static int translate_table(struct ebt_replace *repl,
823 /* this will get free'd in do_replace()/ebt_register_table() 824 /* this will get free'd in do_replace()/ebt_register_table()
824 if an error occurs */ 825 if an error occurs */
825 newinfo->chainstack = (struct ebt_chainstack **) 826 newinfo->chainstack = (struct ebt_chainstack **)
826 vmalloc(num_possible_cpus() * sizeof(struct ebt_chainstack)); 827 vmalloc((highest_possible_processor_id()+1)
828 * sizeof(struct ebt_chainstack));
827 if (!newinfo->chainstack) 829 if (!newinfo->chainstack)
828 return -ENOMEM; 830 return -ENOMEM;
829 for (i = 0; i < num_possible_cpus(); i++) { 831 for_each_cpu(i) {
830 newinfo->chainstack[i] = 832 newinfo->chainstack[i] =
831 vmalloc(udc_cnt * sizeof(struct ebt_chainstack)); 833 vmalloc(udc_cnt * sizeof(struct ebt_chainstack));
832 if (!newinfo->chainstack[i]) { 834 if (!newinfo->chainstack[i]) {
@@ -895,9 +897,12 @@ static void get_counters(struct ebt_counter *oldcounters,
895 897
896 /* counters of cpu 0 */ 898 /* counters of cpu 0 */
897 memcpy(counters, oldcounters, 899 memcpy(counters, oldcounters,
898 sizeof(struct ebt_counter) * nentries); 900 sizeof(struct ebt_counter) * nentries);
901
899 /* add other counters to those of cpu 0 */ 902 /* add other counters to those of cpu 0 */
900 for (cpu = 1; cpu < num_possible_cpus(); cpu++) { 903 for_each_cpu(cpu) {
904 if (cpu == 0)
905 continue;
901 counter_base = COUNTER_BASE(oldcounters, nentries, cpu); 906 counter_base = COUNTER_BASE(oldcounters, nentries, cpu);
902 for (i = 0; i < nentries; i++) { 907 for (i = 0; i < nentries; i++) {
903 counters[i].pcnt += counter_base[i].pcnt; 908 counters[i].pcnt += counter_base[i].pcnt;
@@ -929,7 +934,8 @@ static int do_replace(void __user *user, unsigned int len)
929 BUGPRINT("Entries_size never zero\n"); 934 BUGPRINT("Entries_size never zero\n");
930 return -EINVAL; 935 return -EINVAL;
931 } 936 }
932 countersize = COUNTER_OFFSET(tmp.nentries) * num_possible_cpus(); 937 countersize = COUNTER_OFFSET(tmp.nentries) *
938 (highest_possible_processor_id()+1);
933 newinfo = (struct ebt_table_info *) 939 newinfo = (struct ebt_table_info *)
934 vmalloc(sizeof(struct ebt_table_info) + countersize); 940 vmalloc(sizeof(struct ebt_table_info) + countersize);
935 if (!newinfo) 941 if (!newinfo)
@@ -1022,7 +1028,7 @@ static int do_replace(void __user *user, unsigned int len)
1022 1028
1023 vfree(table->entries); 1029 vfree(table->entries);
1024 if (table->chainstack) { 1030 if (table->chainstack) {
1025 for (i = 0; i < num_possible_cpus(); i++) 1031 for_each_cpu(i)
1026 vfree(table->chainstack[i]); 1032 vfree(table->chainstack[i]);
1027 vfree(table->chainstack); 1033 vfree(table->chainstack);
1028 } 1034 }
@@ -1040,7 +1046,7 @@ free_counterstmp:
1040 vfree(counterstmp); 1046 vfree(counterstmp);
1041 /* can be initialized in translate_table() */ 1047 /* can be initialized in translate_table() */
1042 if (newinfo->chainstack) { 1048 if (newinfo->chainstack) {
1043 for (i = 0; i < num_possible_cpus(); i++) 1049 for_each_cpu(i)
1044 vfree(newinfo->chainstack[i]); 1050 vfree(newinfo->chainstack[i]);
1045 vfree(newinfo->chainstack); 1051 vfree(newinfo->chainstack);
1046 } 1052 }
@@ -1132,7 +1138,8 @@ int ebt_register_table(struct ebt_table *table)
1132 return -EINVAL; 1138 return -EINVAL;
1133 } 1139 }
1134 1140
1135 countersize = COUNTER_OFFSET(table->table->nentries) * num_possible_cpus(); 1141 countersize = COUNTER_OFFSET(table->table->nentries) *
1142 (highest_possible_processor_id()+1);
1136 newinfo = (struct ebt_table_info *) 1143 newinfo = (struct ebt_table_info *)
1137 vmalloc(sizeof(struct ebt_table_info) + countersize); 1144 vmalloc(sizeof(struct ebt_table_info) + countersize);
1138 ret = -ENOMEM; 1145 ret = -ENOMEM;
@@ -1186,7 +1193,7 @@ free_unlock:
1186 up(&ebt_mutex); 1193 up(&ebt_mutex);
1187free_chainstack: 1194free_chainstack:
1188 if (newinfo->chainstack) { 1195 if (newinfo->chainstack) {
1189 for (i = 0; i < num_possible_cpus(); i++) 1196 for_each_cpu(i)
1190 vfree(newinfo->chainstack[i]); 1197 vfree(newinfo->chainstack[i]);
1191 vfree(newinfo->chainstack); 1198 vfree(newinfo->chainstack);
1192 } 1199 }
@@ -1209,7 +1216,7 @@ void ebt_unregister_table(struct ebt_table *table)
1209 up(&ebt_mutex); 1216 up(&ebt_mutex);
1210 vfree(table->private->entries); 1217 vfree(table->private->entries);
1211 if (table->private->chainstack) { 1218 if (table->private->chainstack) {
1212 for (i = 0; i < num_possible_cpus(); i++) 1219 for_each_cpu(i)
1213 vfree(table->private->chainstack[i]); 1220 vfree(table->private->chainstack[i]);
1214 vfree(table->private->chainstack); 1221 vfree(table->private->chainstack);
1215 } 1222 }
diff --git a/net/ipv4/netfilter/arp_tables.c b/net/ipv4/netfilter/arp_tables.c
index fa1634256680..a7969286e6e7 100644
--- a/net/ipv4/netfilter/arp_tables.c
+++ b/net/ipv4/netfilter/arp_tables.c
@@ -716,8 +716,10 @@ static int translate_table(const char *name,
716 } 716 }
717 717
718 /* And one copy for every other CPU */ 718 /* And one copy for every other CPU */
719 for (i = 1; i < num_possible_cpus(); i++) { 719 for_each_cpu(i) {
720 memcpy(newinfo->entries + SMP_ALIGN(newinfo->size)*i, 720 if (i == 0)
721 continue;
722 memcpy(newinfo->entries + SMP_ALIGN(newinfo->size) * i,
721 newinfo->entries, 723 newinfo->entries,
722 SMP_ALIGN(newinfo->size)); 724 SMP_ALIGN(newinfo->size));
723 } 725 }
@@ -767,7 +769,7 @@ static void get_counters(const struct arpt_table_info *t,
767 unsigned int cpu; 769 unsigned int cpu;
768 unsigned int i; 770 unsigned int i;
769 771
770 for (cpu = 0; cpu < num_possible_cpus(); cpu++) { 772 for_each_cpu(cpu) {
771 i = 0; 773 i = 0;
772 ARPT_ENTRY_ITERATE(t->entries + TABLE_OFFSET(t, cpu), 774 ARPT_ENTRY_ITERATE(t->entries + TABLE_OFFSET(t, cpu),
773 t->size, 775 t->size,
@@ -885,7 +887,8 @@ static int do_replace(void __user *user, unsigned int len)
885 return -ENOMEM; 887 return -ENOMEM;
886 888
887 newinfo = vmalloc(sizeof(struct arpt_table_info) 889 newinfo = vmalloc(sizeof(struct arpt_table_info)
888 + SMP_ALIGN(tmp.size) * num_possible_cpus()); 890 + SMP_ALIGN(tmp.size) *
891 (highest_possible_processor_id()+1));
889 if (!newinfo) 892 if (!newinfo)
890 return -ENOMEM; 893 return -ENOMEM;
891 894
@@ -1158,7 +1161,8 @@ int arpt_register_table(struct arpt_table *table,
1158 = { 0, 0, 0, { 0 }, { 0 }, { } }; 1161 = { 0, 0, 0, { 0 }, { 0 }, { } };
1159 1162
1160 newinfo = vmalloc(sizeof(struct arpt_table_info) 1163 newinfo = vmalloc(sizeof(struct arpt_table_info)
1161 + SMP_ALIGN(repl->size) * num_possible_cpus()); 1164 + SMP_ALIGN(repl->size) *
1165 (highest_possible_processor_id()+1));
1162 if (!newinfo) { 1166 if (!newinfo) {
1163 ret = -ENOMEM; 1167 ret = -ENOMEM;
1164 return ret; 1168 return ret;
diff --git a/net/ipv4/netfilter/ip_tables.c b/net/ipv4/netfilter/ip_tables.c
index eef99a1b5de6..75c27e92f6ab 100644
--- a/net/ipv4/netfilter/ip_tables.c
+++ b/net/ipv4/netfilter/ip_tables.c
@@ -27,6 +27,7 @@
27#include <asm/semaphore.h> 27#include <asm/semaphore.h>
28#include <linux/proc_fs.h> 28#include <linux/proc_fs.h>
29#include <linux/err.h> 29#include <linux/err.h>
30#include <linux/cpumask.h>
30 31
31#include <linux/netfilter_ipv4/ip_tables.h> 32#include <linux/netfilter_ipv4/ip_tables.h>
32 33
@@ -921,8 +922,10 @@ translate_table(const char *name,
921 } 922 }
922 923
923 /* And one copy for every other CPU */ 924 /* And one copy for every other CPU */
924 for (i = 1; i < num_possible_cpus(); i++) { 925 for_each_cpu(i) {
925 memcpy(newinfo->entries + SMP_ALIGN(newinfo->size)*i, 926 if (i == 0)
927 continue;
928 memcpy(newinfo->entries + SMP_ALIGN(newinfo->size) * i,
926 newinfo->entries, 929 newinfo->entries,
927 SMP_ALIGN(newinfo->size)); 930 SMP_ALIGN(newinfo->size));
928 } 931 }
@@ -943,7 +946,7 @@ replace_table(struct ipt_table *table,
943 struct ipt_entry *table_base; 946 struct ipt_entry *table_base;
944 unsigned int i; 947 unsigned int i;
945 948
946 for (i = 0; i < num_possible_cpus(); i++) { 949 for_each_cpu(i) {
947 table_base = 950 table_base =
948 (void *)newinfo->entries 951 (void *)newinfo->entries
949 + TABLE_OFFSET(newinfo, i); 952 + TABLE_OFFSET(newinfo, i);
@@ -990,7 +993,7 @@ get_counters(const struct ipt_table_info *t,
990 unsigned int cpu; 993 unsigned int cpu;
991 unsigned int i; 994 unsigned int i;
992 995
993 for (cpu = 0; cpu < num_possible_cpus(); cpu++) { 996 for_each_cpu(cpu) {
994 i = 0; 997 i = 0;
995 IPT_ENTRY_ITERATE(t->entries + TABLE_OFFSET(t, cpu), 998 IPT_ENTRY_ITERATE(t->entries + TABLE_OFFSET(t, cpu),
996 t->size, 999 t->size,
@@ -1128,7 +1131,8 @@ do_replace(void __user *user, unsigned int len)
1128 return -ENOMEM; 1131 return -ENOMEM;
1129 1132
1130 newinfo = vmalloc(sizeof(struct ipt_table_info) 1133 newinfo = vmalloc(sizeof(struct ipt_table_info)
1131 + SMP_ALIGN(tmp.size) * num_possible_cpus()); 1134 + SMP_ALIGN(tmp.size) *
1135 (highest_possible_processor_id()+1));
1132 if (!newinfo) 1136 if (!newinfo)
1133 return -ENOMEM; 1137 return -ENOMEM;
1134 1138
@@ -1458,7 +1462,8 @@ int ipt_register_table(struct ipt_table *table, const struct ipt_replace *repl)
1458 = { 0, 0, 0, { 0 }, { 0 }, { } }; 1462 = { 0, 0, 0, { 0 }, { 0 }, { } };
1459 1463
1460 newinfo = vmalloc(sizeof(struct ipt_table_info) 1464 newinfo = vmalloc(sizeof(struct ipt_table_info)
1461 + SMP_ALIGN(repl->size) * num_possible_cpus()); 1465 + SMP_ALIGN(repl->size) *
1466 (highest_possible_processor_id()+1));
1462 if (!newinfo) 1467 if (!newinfo)
1463 return -ENOMEM; 1468 return -ENOMEM;
1464 1469
diff --git a/net/ipv6/netfilter/ip6_tables.c b/net/ipv6/netfilter/ip6_tables.c
index 2da514b16d95..b03e90649eb5 100644
--- a/net/ipv6/netfilter/ip6_tables.c
+++ b/net/ipv6/netfilter/ip6_tables.c
@@ -28,6 +28,7 @@
28#include <asm/uaccess.h> 28#include <asm/uaccess.h>
29#include <asm/semaphore.h> 29#include <asm/semaphore.h>
30#include <linux/proc_fs.h> 30#include <linux/proc_fs.h>
31#include <linux/cpumask.h>
31 32
32#include <linux/netfilter_ipv6/ip6_tables.h> 33#include <linux/netfilter_ipv6/ip6_tables.h>
33 34
@@ -950,8 +951,10 @@ translate_table(const char *name,
950 } 951 }
951 952
952 /* And one copy for every other CPU */ 953 /* And one copy for every other CPU */
953 for (i = 1; i < num_possible_cpus(); i++) { 954 for_each_cpu(i) {
954 memcpy(newinfo->entries + SMP_ALIGN(newinfo->size)*i, 955 if (i == 0)
956 continue;
957 memcpy(newinfo->entries + SMP_ALIGN(newinfo->size) * i,
955 newinfo->entries, 958 newinfo->entries,
956 SMP_ALIGN(newinfo->size)); 959 SMP_ALIGN(newinfo->size));
957 } 960 }
@@ -973,6 +976,7 @@ replace_table(struct ip6t_table *table,
973 unsigned int i; 976 unsigned int i;
974 977
975 for (i = 0; i < num_possible_cpus(); i++) { 978 for (i = 0; i < num_possible_cpus(); i++) {
979 for_each_cpu(i) {
976 table_base = 980 table_base =
977 (void *)newinfo->entries 981 (void *)newinfo->entries
978 + TABLE_OFFSET(newinfo, i); 982 + TABLE_OFFSET(newinfo, i);
@@ -1019,7 +1023,7 @@ get_counters(const struct ip6t_table_info *t,
1019 unsigned int cpu; 1023 unsigned int cpu;
1020 unsigned int i; 1024 unsigned int i;
1021 1025
1022 for (cpu = 0; cpu < num_possible_cpus(); cpu++) { 1026 for_each_cpu(cpu) {
1023 i = 0; 1027 i = 0;
1024 IP6T_ENTRY_ITERATE(t->entries + TABLE_OFFSET(t, cpu), 1028 IP6T_ENTRY_ITERATE(t->entries + TABLE_OFFSET(t, cpu),
1025 t->size, 1029 t->size,
@@ -1153,7 +1157,8 @@ do_replace(void __user *user, unsigned int len)
1153 return -ENOMEM; 1157 return -ENOMEM;
1154 1158
1155 newinfo = vmalloc(sizeof(struct ip6t_table_info) 1159 newinfo = vmalloc(sizeof(struct ip6t_table_info)
1156 + SMP_ALIGN(tmp.size) * num_possible_cpus()); 1160 + SMP_ALIGN(tmp.size) *
1161 (highest_possible_processor_id()+1));
1157 if (!newinfo) 1162 if (!newinfo)
1158 return -ENOMEM; 1163 return -ENOMEM;
1159 1164
@@ -1467,7 +1472,8 @@ int ip6t_register_table(struct ip6t_table *table,
1467 = { 0, 0, 0, { 0 }, { 0 }, { } }; 1472 = { 0, 0, 0, { 0 }, { 0 }, { } };
1468 1473
1469 newinfo = vmalloc(sizeof(struct ip6t_table_info) 1474 newinfo = vmalloc(sizeof(struct ip6t_table_info)
1470 + SMP_ALIGN(repl->size) * num_possible_cpus()); 1475 + SMP_ALIGN(repl->size) *
1476 (highest_possible_processor_id()+1));
1471 if (!newinfo) 1477 if (!newinfo)
1472 return -ENOMEM; 1478 return -ENOMEM;
1473 1479