1. 03 Mar, 2016 38 commits
  2. 02 Mar, 2016 2 commits
    • Neil Horman's avatar
      sctp: Fix port hash table size computation · 57008ec9
      Neil Horman authored
      [ Upstream commit d9749fb5 ]
      
      Dmitry Vyukov noted recently that the sctp_port_hashtable had an error in
      its size computation, observing that the current method never guaranteed
      that the hashsize (measured in number of entries) would be a power of two,
      which the input hash function for that table requires.  The root cause of
      the problem is that two values need to be computed (one, the allocation
      order of the storage requries, as passed to __get_free_pages, and two the
      number of entries for the hash table).  Both need to be ^2, but for
      different reasons, and the existing code is simply computing one order
      value, and using it as the basis for both, which is wrong (i.e. it assumes
      that ((1<<order)*PAGE_SIZE)/sizeof(bucket) is still ^2 when its not).
      
      To fix this, we change the logic slightly.  We start by computing a goal
      allocation order (which is limited by the maximum size hash table we want
      to support.  Then we attempt to allocate that size table, decreasing the
      order until a successful allocation is made.  Then, with the resultant
      successful order we compute the number of buckets that hash table supports,
      which we then round down to the nearest power of two, giving us the number
      of entries the table actually supports.
      
      I've tested this locally here, using non-debug and spinlock-debug kernels,
      and the number of entries in the hashtable consistently work out to be
      powers of two in all cases.
      Signed-off-by: default avatarNeil Horman <nhorman@tuxdriver.com>
      Reported-by: default avatarDmitry Vyukov <dvyukov@google.com>
      CC: Dmitry Vyukov <dvyukov@google.com>
      CC: Vladislav Yasevich <vyasevich@gmail.com>
      CC: "David S. Miller" <davem@davemloft.net>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarJiri Slaby <jslaby@suse.cz>
      57008ec9
    • Dmitry V. Levin's avatar
      unix_diag: fix incorrect sign extension in unix_lookup_by_ino · ecee2369
      Dmitry V. Levin authored
      [ Upstream commit b5f05492 ]
      
      The value passed by unix_diag_get_exact to unix_lookup_by_ino has type
      __u32, but unix_lookup_by_ino's argument ino has type int, which is not
      a problem yet.
      However, when ino is compared with sock_i_ino return value of type
      unsigned long, ino is sign extended to signed long, and this results
      to incorrect comparison on 64-bit architectures for inode numbers
      greater than INT_MAX.
      
      This bug was found by strace test suite.
      
      Fixes: 5d3cae8b ("unix_diag: Dumping exact socket core")
      Signed-off-by: default avatarDmitry V. Levin <ldv@altlinux.org>
      Acked-by: default avatarCong Wang <xiyou.wangcong@gmail.com>
      Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
      Signed-off-by: default avatarJiri Slaby <jslaby@suse.cz>
      ecee2369