net: fix possible overflow in __sk_mem_raise_allocated() [Linux 5.0]

net: fix possible overflow in __sk_mem_raise_allocated() [Linux 5.0]

This Linux kernel change "net: fix possible overflow in __sk_mem_raise_allocated()" is included in the Linux 5.0 release. This change is authored by Eric Dumazet <edumazet [at] google.com> on Tue Feb 12 12:26:27 2019 -0800. The commit for this change in Linux stable tree is 5bf325a (patch).

net: fix possible overflow in __sk_mem_raise_allocated()

With many active TCP sockets, fat TCP sockets could fool
__sk_mem_raise_allocated() thanks to an overflow.

They would increase their share of the memory, instead
of decreasing it.

Signed-off-by: Eric Dumazet <[email protected]>
Signed-off-by: David S. Miller <[email protected]>

There are 4 lines of Linux source code added/deleted in this change. Code changes to Linux kernel are as follows.

 include/net/sock.h | 2 +-
 net/core/sock.c    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/net/sock.h b/include/net/sock.h
index 2b229f7..f43f935 100644
--- a/include/net/sock.h
+++ b/include/net/sock.h
@@ -1277,7 +1277,7 @@ static inline void sk_sockets_allocated_inc(struct sock *sk)
    percpu_counter_inc(sk->sk_prot->sockets_allocated);
 }

-static inline int
+static inline u64
 sk_sockets_allocated_read_positive(struct sock *sk)
 {
    return percpu_counter_read_positive(sk->sk_prot->sockets_allocated);
diff --git a/net/core/sock.c b/net/core/sock.c
index 6aa2e7e..bc3512f 100644
--- a/net/core/sock.c
+++ b/net/core/sock.c
@@ -2380,7 +2380,7 @@ int __sk_mem_raise_allocated(struct sock *sk, int size, int amt, int kind)
    }

    if (sk_has_memory_pressure(sk)) {
-       int alloc;
+       u64 alloc;

        if (!sk_under_memory_pressure(sk))
            return 1;

Leave a Reply

Your email address will not be published. Required fields are marked *