Home Explore Help
Sign In
GfA
/
linux_kernel
5
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

net_sched: fix struct tc_u_hnode layout in u32

We dynamically allocate divisor+1 entries for ->ht[] in tc_u_hnode:

  ht = kzalloc(sizeof(*ht) + divisor*sizeof(void *), GFP_KERNEL);

So ->ht is supposed to be the last field of this struct, however
this is broken, since an rcu head is appended after it.

Fixes: 1ce87720d456 ("net: sched: make cls_u32 lockless")
Cc: Jamal Hadi Salim <jhs@mojatatu.com>
Cc: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
Acked-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
WANG Cong 10 years ago
parent
affb8172de
commit
5778d39d07
1 changed files with 4 additions and 1 deletions
Split View Show Diff Stats
  1. 4 1
      net/sched/cls_u32.c

+ 4 - 1
net/sched/cls_u32.c
View File 

@@ -78,8 +78,11 @@ struct tc_u_hnode {
 
 	struct tc_u_common	*tp_c;
 
 	int			refcnt;
 
 	unsigned int		divisor;
 
-	struct tc_u_knode __rcu	*ht[1];
 
 	struct rcu_head		rcu;
 
+	/* The 'ht' field MUST be the last field in structure to allow for
 
+	 * more entries allocated at end of structure.
 
+	 */
 
+	struct tc_u_knode __rcu	*ht[1];
 
 };
 
 
 struct tc_u_common {