From: Eric Dumazet <dada1@cosmosbay.com>
To: Patrick McHardy <kaber@trash.net>
Cc: "David S. Miller" <davem@davemloft.net>,
Linux Netdev List <netdev@vger.kernel.org>,
Netfilter Development Mailinglist
<netfilter-devel@lists.netfilter.org>
Subject: Re: [PATCH, take2] netfilter : struct xt_table_info diet
Date: Thu, 15 Nov 2007 16:45:16 +0100 [thread overview]
Message-ID: <20071115164516.ced96a9e.dada1@cosmosbay.com> (raw)
In-Reply-To: <473C3E92.30004@trash.net>
On Thu, 15 Nov 2007 13:41:54 +0100
Patrick McHardy <kaber@trash.net> wrote:
> Eric Dumazet wrote:
> > [PATCH] netfilter : struct xt_table_info diet
> >
> > Instead of using a big array of NR_CPUS entries, we can compute the size
> > needed at runtime, using nr_cpu_ids
> >
> > This should save some ram (especially on David's machines where
> > NR_CPUS=4096 :
> > 32 KB can be saved per table, and 64KB for dynamically allocated ones
> > (because
> > of slab/slub alignements) )
> >
> > In particular, the 'bootstrap' tables are not any more static (in data
> > section) but on stack as their size is now very small.
> >
> > This also should reduce the size used on stack in compat functions
> > (get_info() declares an automatic variable, that could be bigger than
> > kernel
> > stack size for big NR_CPUS)
>
>
> I fixed a compilation error with CONFIG_COMPAT and applied it, thanks
> Eric. One question though:
>
> > +#define XT_TABLE_INFO_SZ (offsetof(struct xt_table_info, entries) \
> > + + nr_cpu_ids * sizeof(char *))
>
>
> > /* overflow check */
> > - if (tmp.size >= (INT_MAX - sizeof(struct xt_table_info)) / NR_CPUS -
> > - SMP_CACHE_BYTES)
> > + if (tmp.size >= INT_MAX / num_possible_cpus())
> > return -ENOMEM;
>
> We need to make sure offsetof(struct xt_table_info, entries) +
> nr_cpu_ids * sizeof(char *) doesn't overflow, so why doesn't it
> use nr_cpu_ids here as well?
>
nr_cpu_ids is <= NR_CPUS, so XT_TABLE_INFO_SZ cannot overflow
The 'overflow check' we do here is in fact not very usefull now
that we dont need to multiply tmp.size by NR_CPUS and potentially
overflow the result.
We can delete the test, because kmalloc()/vmalloc() will probably
fail gracefully if we ask too much memory.
We could imagine a dual Opteron machine, with a total of 32GB of ram, and
it could be possible to load a 3GB iptable (that would consume 2*3GB of ram),
but the 'overflow check' test actually forbids such a scenario.
next prev parent reply other threads:[~2007-11-15 15:45 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-11-14 21:50 [PATCH, take2] netfilter : struct xt_table_info diet Eric Dumazet
2007-11-15 12:41 ` Patrick McHardy
2007-11-15 15:45 ` Eric Dumazet [this message]
2007-11-15 15:58 ` Patrick McHardy
2007-11-20 6:32 ` Simon Horman
2007-11-20 7:02 ` Herbert Xu
2007-11-20 7:50 ` Patrick McHardy
2007-11-20 7:54 ` Patrick McHardy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20071115164516.ced96a9e.dada1@cosmosbay.com \
--to=dada1@cosmosbay.com \
--cc=davem@davemloft.net \
--cc=kaber@trash.net \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).