netfilter: conntrack: clamp maximum hashtable size to INT_MAX (5552b4fd) · Commits · CodeLinaro / la / kernel / msm

Commit 5552b4fd authored 3 months ago by Pablo Neira Ayuso Committed by Greg Kroah-Hartman 2 months ago

netfilter: conntrack: clamp maximum hashtable size to INT_MAX


[ Upstream commit b541ba7d ]

Use INT_MAX as maximum size for the conntrack hashtable. Otherwise, it
is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when
resizing hashtable because __GFP_NOWARN is unset. See:

  0708a0af ("mm: Consider __GFP_NOWARN flag for oversized kvmalloc() calls")

Note: hashtable resize is only possible from init_netns.

Fixes: 9cc1c73a ("netfilter: conntrack: avoid integer overflow when resizing")
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>

parent d470b925

No related branches found

No related tags found

Hide whitespace changes

Inline Side-by-side

Showing with 4 additions and 1 deletion

Please register or to comment