net:rfs: adjust table size checking

Make sure root user does not try something stupid.

Also make sure mask field in struct rps_sock_flow_table
does not share a cache line with the potentially often dirtied
flow table.

Signed-off-by: Eric Dumazet <edumazet@google.com>
Fixes: 567e4b79731c ("net: rfs: add hash collision detection")
Signed-off-by: David S. Miller <davem@davemloft.net>

diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h
index ab3b7cef4638ceba92b749bc35564a60b0ff2a75..d115256ed5a209fe28ce971bdbde7ca421d048aa 100644 (file)
--- a/include/linux/netdevice.h
+++ b/include/linux/netdevice.h
@@ -653,7 +653,8 @@ struct rps_dev_flow_table {
  */
 struct rps_sock_flow_table {
        u32     mask;
-       u32     ents[0];
+
+       u32     ents[0] ____cacheline_aligned_in_smp;
 };
 #define        RPS_SOCK_FLOW_TABLE_SIZE(_num) (offsetof(struct rps_sock_flow_table, ents[_num]))
 

diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c
index 7a31be5e361fbb06d4a5063bf68da507bab3e8ec..eaa51ddf2368747c21399bf44f5a1993c0a0e39b 100644 (file)
--- a/net/core/sysctl_net_core.c
+++ b/net/core/sysctl_net_core.c
@@ -52,7 +52,7 @@ static int rps_sock_flow_sysctl(struct ctl_table *table, int write,
 
        if (write) {
                if (size) {
-                       if (size > 1<<30) {
+                       if (size > 1<<29) {
                                /* Enforce limit to prevent overflow */
                                mutex_unlock(&sock_flow_mutex);
                                return -EINVAL;