From: Greg KH <gregkh@linuxfoundation.org>
To: Keerthana K <keerthana.kalyanasundaram@broadcom.com>
Cc: stable@vger.kernel.org, pablo@netfilter.org,
kadlec@netfilter.org, fw@strlen.de, davem@davemloft.net,
edumazet@google.com, kuba@kernel.org, pabeni@redhat.com,
netfilter-devel@vger.kernel.org, coreteam@netfilter.org,
netdev@vger.kernel.org, linux-kernel@vger.kernel.org,
ajay.kaher@broadcom.com, alexey.makhalov@broadcom.com,
vamsi-krishna.brahmajosyula@broadcom.com, yin.ding@broadcom.com,
tapas.kundu@broadcom.com, Stefano Brivio <sbrivio@redhat.com>,
Mukul Sikka <mukul.sikka@broadcom.com>,
Brennan Lamoreaux <brennan.lamoreaux@broadcom.com>
Subject: Re: [PATCH v5.15-v6.1] netfilter: nft_set_pipapo: do not rely on ZERO_SIZE_PTR
Date: Mon, 13 Apr 2026 13:59:29 +0200 [thread overview]
Message-ID: <2026041319-spur-purse-2433@gregkh> (raw)
In-Reply-To: <20260413043247.3327855-1-keerthana.kalyanasundaram@broadcom.com>
On Mon, Apr 13, 2026 at 04:32:47AM +0000, Keerthana K wrote:
> From: Florian Westphal <fw@strlen.de>
>
> commit 07ace0bbe03b3d8e85869af1dec5e4087b1d57b8 upstream
>
> pipapo relies on kmalloc(0) returning ZERO_SIZE_PTR (i.e., not NULL
> but pointer is invalid).
>
> Rework this to not call slab allocator when we'd request a 0-byte
> allocation.
>
> Reviewed-by: Stefano Brivio <sbrivio@redhat.com>
> Signed-off-by: Florian Westphal <fw@strlen.de>
> Signed-off-by: Mukul Sikka <mukul.sikka@broadcom.com>
> Signed-off-by: Brennan Lamoreaux <brennan.lamoreaux@broadcom.com>
> [Keerthana: In older stable branches (v6.6 and earlier), the allocation logic in
> pipapo_clone() still relies on `src->rules` rather than `src->rules_alloc`
> (introduced in v6.9 via 9f439bd6ef4f). Consequently, the previously
> backported INT_MAX clamping check uses `src->rules`. This patch correctly
> moves that `src->rules > (INT_MAX / ...)` check inside the new
> `if (src->rules > 0)` block]
> Signed-off-by: Keerthana K <keerthana.kalyanasundaram@broadcom.com>
> ---
> net/netfilter/nft_set_pipapo.c | 20 ++++++++++++++------
> 1 file changed, 14 insertions(+), 6 deletions(-)
Does not apply to 5.15.y :(
prev parent reply other threads:[~2026-04-13 11:59 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-13 4:32 [PATCH v5.15-v6.1] netfilter: nft_set_pipapo: do not rely on ZERO_SIZE_PTR Keerthana K
2026-04-13 11:59 ` Greg KH [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2026041319-spur-purse-2433@gregkh \
--to=gregkh@linuxfoundation.org \
--cc=ajay.kaher@broadcom.com \
--cc=alexey.makhalov@broadcom.com \
--cc=brennan.lamoreaux@broadcom.com \
--cc=coreteam@netfilter.org \
--cc=davem@davemloft.net \
--cc=edumazet@google.com \
--cc=fw@strlen.de \
--cc=kadlec@netfilter.org \
--cc=keerthana.kalyanasundaram@broadcom.com \
--cc=kuba@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mukul.sikka@broadcom.com \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=pablo@netfilter.org \
--cc=sbrivio@redhat.com \
--cc=stable@vger.kernel.org \
--cc=tapas.kundu@broadcom.com \
--cc=vamsi-krishna.brahmajosyula@broadcom.com \
--cc=yin.ding@broadcom.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox