* [PATCH v2 net] ipvs: Fix clamp() order in ip_vs_conn_init()
@ 2024-12-11 15:56 Dan Carpenter
0 siblings, 0 replies; only message in thread
From: Dan Carpenter @ 2024-12-11 15:56 UTC (permalink / raw)
To: Julian Anastasov
Cc: Simon Horman, Pablo Neira Ayuso, Jozsef Kadlecsik,
David S. Miller, Eric Dumazet, Jakub Kicinski, Paolo Abeni,
netdev, lvs-devel, netfilter-devel, coreteam, linux-kernel,
Bartosz Golaszewski, David Laight
We recently added some build time asserts to detect incorrect calls to
clamp and it detected this bug which breaks the build. The variable
in this clamp is "max_avail" and it should be the first argument. The
code currently is the equivalent to max = min(max_avail, max).
There probably aren't very many systems out there where we actually can
hit the minimum value so this doesn't affect runtime for most people.
Reported-by: Linux Kernel Functional Testing <lkft@linaro.org>
Closes: https://lore.kernel.org/all/CA+G9fYsT34UkGFKxus63H6UVpYi5GRZkezT9MRLfAbM3f6ke0g@mail.gmail.com/
Suggested-by: David Laight <David.Laight@ACULAB.COM>
Fixes: 4f325e26277b ("ipvs: dynamically limit the connection hash table")
Signed-off-by: Dan Carpenter <dan.carpenter@linaro.org>
Tested-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org>
Reviewed-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org>
---
v2: In the commit message, I said max() but it should have been min().
I added a note that this bug probably doesn't affect too many
people in real life. I also added David Laight as a Suggested-by
because he did all the work root causing this bug and he already
sent a similar patch last week.
Added Bartosz's tested by tags.
net/netfilter/ipvs/ip_vs_conn.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/netfilter/ipvs/ip_vs_conn.c b/net/netfilter/ipvs/ip_vs_conn.c
index 98d7dbe3d787..9f75ac801301 100644
--- a/net/netfilter/ipvs/ip_vs_conn.c
+++ b/net/netfilter/ipvs/ip_vs_conn.c
@@ -1495,7 +1495,7 @@ int __init ip_vs_conn_init(void)
max_avail -= 2; /* ~4 in hash row */
max_avail -= 1; /* IPVS up to 1/2 of mem */
max_avail -= order_base_2(sizeof(struct ip_vs_conn));
- max = clamp(max, min, max_avail);
+ max = clamp(max_avail, min, max);
ip_vs_conn_tab_bits = clamp_val(ip_vs_conn_tab_bits, min, max);
ip_vs_conn_tab_size = 1 << ip_vs_conn_tab_bits;
ip_vs_conn_tab_mask = ip_vs_conn_tab_size - 1;
--
2.45.2
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2024-12-11 15:56 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-12-11 15:56 [PATCH v2 net] ipvs: Fix clamp() order in ip_vs_conn_init() Dan Carpenter
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).