From nobody Mon Feb 9 09:10:51 2026 Received: from mail-pl1-f227.google.com (mail-pl1-f227.google.com [209.85.214.227]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1FB8331B836 for ; Thu, 5 Feb 2026 07:46:43 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.214.227 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770277603; cv=none; b=Q4IwUp5+Ld7juSdGMg+yYvWaE7ckPgHZjJ1txamYTz7Uv5pUqFu8u9zWt2n+s0N/fJMsaY+lQ5Sg1hjc/7PtZEYBufcFbTqKaHNFrjpX2Q7m6wmVaTwKWM85ZWpP/4n9Iy2X8NPIGnMWWU6Rr8PZlfNoS4AxTtQ+pwJtvZMl9eM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1770277603; c=relaxed/simple; bh=BZAm3zfS+K8re01D7iQcVFbiBjsf6a3DLCN+hVqBjSU=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=ojTC+Rvf6Q9B0WtfbmdRlfgfICvVG5y4TV1docYdvuFiO5acHGJuxjr6uE/YSWxvucqFQC7v8zU+xMoq2r4xIkVb3yqyatASxgo4rMCT+gQe/lrjsRhdj3KT3qutj0o0tmcSo+sYi4mGM/+FidbCrYqapiEqj1br0S6M9ZjXh0E= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=broadcom.com; spf=fail smtp.mailfrom=broadcom.com; dkim=pass (1024-bit key) header.d=broadcom.com header.i=@broadcom.com header.b=Ctf2qtRg; arc=none smtp.client-ip=209.85.214.227 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=broadcom.com Authentication-Results: smtp.subspace.kernel.org; spf=fail smtp.mailfrom=broadcom.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (1024-bit key) header.d=broadcom.com header.i=@broadcom.com header.b="Ctf2qtRg" Received: by mail-pl1-f227.google.com with SMTP id d9443c01a7336-2a9487967a6so189175ad.3 for ; Wed, 04 Feb 2026 23:46:43 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1770277602; x=1770882402; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:dkim-signature:x-gm-gg:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=pSevupTzEHu0sF+WJcXaAghgvNkaKInyzTJ6cRAu8bA=; b=JGk1MCvJAAVzPT0XBzvwoFESixZ/Qr3DCm0pnr6hkTWzb9an90fIid0WPH1iU+s4Yd iQ6rxBfKoBhW4NtXG0SBbtiHYA7kvUwiOjXM1WpVO7WsHvwsULW5oUvHizEM0VaHFq3Y uQYuDoRJPunna7AN7yVErc9pv89Gih0Zcu9rJ3ezfyCDkBlinjZTpJOTqndpTpquEjYV oSQPuT2JTja/8+LdCjXT3J/LPWlaRSPwL4PXqVQ3WCO2JxbtSRMQRomIgna8wHfnFrwp aP34EfKleIbf6rM4FgRo1qpVHeGD64fS12cC7H9MMg5859WbBcZfUs2TVBlRM9w2X2+K d9Ww== X-Forwarded-Encrypted: i=1; AJvYcCXnhEJtgmzAYWf9bP9tnFW6hSJFRHtMWM57OiwTrig8/AkIps90DD2tKIkDD8SDXTzPAPdn1FAjdXhJC8Y=@vger.kernel.org X-Gm-Message-State: AOJu0YwlUuY68A+ts+0jzVDxNPC7ZUitD7lWjO+ULLKwR5sytSVYyKsA FjG3kYZyZI6hOwuBhPsKXBsRYuo3Das3UNPjC3nDuW0D2snah9JtflvuMPA7w/EZbtNP3Ycnug9 QQmO/7Oqwve+b44uaEu4vFk+RTfQUPVWeh2rB7jsEanKsjxKGp3jJhkrJJ4YotEaOgZMf2pXeaG YYsGLQFGjQec1aCAFxAOj+SsiSs/0p23Qr6P4ItlY1UZDHvUYlvNtIlGnUZZ8YV2uRRLtgqSByv LECxHqKEnCCuEVazsvPv/3TV6cOM6kNEOaF X-Gm-Gg: AZuq6aIQrKqsuQrgzZTWKYfFKHi9aVlQqPT4xTCnZNz/zg5HA9RT0Aqavtt0glzTbwt f3xWU+MNlXoxv45ZC2/y12Yfujz65BW5WOL23/8cDXVmXRPC3Bik0dkOfr3UiUV0jusUpz3hLtK dMxTpbqhRX4tma4nmN7G/8mPaADKR3N/9TTxlpIRbRU95HkG1sT6a8tiU+rqFqJw7TFu1aA8fa2 pGWUEWmk0wQmbCoslstoxwP2Tm02/rLmcVk+nEC8nCTFzYcZt6C7EogtE8YY08Cg6DbWIc8ZaM6 +CvQ8PVNpJ2lARBAI9SMMuTtHezYkk02t+GDYaY/kVX4l6oHkbyddp5cTCTNUqTNpN2vvnSgpEZ 557Uq70ONFxIq8hTj8kRcO6Ic5/QvFT39pd61UlQS8BgFIQLQfmVdr704GVOjL7IR9W6WwIQErL wpsEWJ6TLTN2jnuI8advaNKSHN0ZVkJPQ4mC7oYsX/pZGtoSn4f0qd9bzlACg= X-Received: by 2002:a17:902:e5c8:b0:2a7:9b6e:33db with SMTP id d9443c01a7336-2a93400777fmr40571645ad.7.1770277602509; Wed, 04 Feb 2026 23:46:42 -0800 (PST) Received: from smtp-us-east1-p01-i01-si01.dlp.protect.broadcom.com (address-144-49-247-2.dlp.protect.broadcom.com. [144.49.247.2]) by smtp-relay.gmail.com with ESMTPS id d9443c01a7336-2a9338186f7sm6957235ad.23.2026.02.04.23.46.42 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 04 Feb 2026 23:46:42 -0800 (PST) X-Relaying-Domain: broadcom.com X-CFilter-Loop: Reflected Received: by mail-dy1-f200.google.com with SMTP id 5a478bee46e88-2b70a6e1e28so17886eec.2 for ; Wed, 04 Feb 2026 23:46:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=broadcom.com; s=google; t=1770277600; x=1770882400; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=pSevupTzEHu0sF+WJcXaAghgvNkaKInyzTJ6cRAu8bA=; b=Ctf2qtRg6Er8Rimz2QQ8E4SYg8qQhbwrJouZ+iSKHwE9DbPTun5SHjeQZvl1qm0BB9 NgQpZMN1xaOL7qGk4kDWIXf5fb3X+IXrmpIm6YDM/JTWjOfgT3XxvQSE/iZVk9bv1UEN 2isn85mBgpCPTUd/DbB9KjAEzfk/Z1vEvQObk= X-Forwarded-Encrypted: i=1; AJvYcCU87NjwhrO49wxxtzkSpayuR5NuFTPGvwlBio+tMRz4rLYcV55bwwbDO9h/bj1jsSZIySqjibXZMRl8MTc=@vger.kernel.org X-Received: by 2002:a05:7300:c29:b0:2b7:b88d:b75d with SMTP id 5a478bee46e88-2b832743f4dmr1306038eec.0.1770277600539; Wed, 04 Feb 2026 23:46:40 -0800 (PST) X-Received: by 2002:a05:7300:c29:b0:2b7:b88d:b75d with SMTP id 5a478bee46e88-2b832743f4dmr1306025eec.0.1770277599982; Wed, 04 Feb 2026 23:46:39 -0800 (PST) Received: from keerthanak-ph5-dev.. ([192.19.161.250]) by smtp.gmail.com with ESMTPSA id a92af1059eb24-126f503ecf4sm3840166c88.15.2026.02.04.23.46.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 04 Feb 2026 23:46:39 -0800 (PST) From: Keerthana K To: stable@vger.kernel.org, gregkh@linuxfoundation.org Cc: pablo@netfilter.org, kadlec@netfilter.org, fw@strlen.de, davem@davemloft.net, kuba@kernel.org, netfilter-devel@vger.kernel.org, coreteam@netfilter.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org, ajay.kaher@broadcom.com, alexey.makhalov@broadcom.com, vamsi-krishna.brahmajosyula@broadcom.com, yin.ding@broadcom.com, tapas.kundu@broadcom.com, Stefano Brivio , Sasha Levin , Keerthana K Subject: [PATCH v5.10-v6.6 ] netfilter: nft_set_pipapo: clamp maximum map bucket size to INT_MAX Date: Thu, 5 Feb 2026 07:42:29 +0000 Message-ID: <20260205074229.2091135-1-keerthana.kalyanasundaram@broadcom.com> X-Mailer: git-send-email 2.43.7 Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-DetectorID-Processed: b00c1d49-9d2e-4205-b15f-d015386d3d5e Content-Type: text/plain; charset="utf-8" From: Pablo Neira Ayuso [ Upstream commit b85e3367a5716ed3662a4fe266525190d2af76df ] Otherwise, it is possible to hit WARN_ON_ONCE in __kvmalloc_node_noprof() when resizing hashtable because __GFP_NOWARN is unset. Similar to: b541ba7d1f5a ("netfilter: conntrack: clamp maximum hashtable size to INT_= MAX") Reviewed-by: Stefano Brivio Signed-off-by: Pablo Neira Ayuso Signed-off-by: Sasha Levin [ Keerthana: Handle freeing new_lt ] Signed-off-by: Keerthana K --- net/netfilter/nft_set_pipapo.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/net/netfilter/nft_set_pipapo.c b/net/netfilter/nft_set_pipapo.c index 6813ff660b72..484ca8cf2e80 100644 --- a/net/netfilter/nft_set_pipapo.c +++ b/net/netfilter/nft_set_pipapo.c @@ -665,6 +665,11 @@ static int pipapo_resize(struct nft_pipapo_field *f, i= nt old_rules, int rules) } =20 mt: + if (rules > (INT_MAX / sizeof(*new_mt))) { + kvfree(new_lt); + return -ENOMEM; + } + new_mt =3D kvmalloc(rules * sizeof(*new_mt), GFP_KERNEL); if (!new_mt) { kvfree(new_lt); @@ -1358,6 +1361,9 @@ static struct nft_pipapo_match *pipapo_clone(struct n= ft_pipapo_match *old) src->bsize * sizeof(*dst->lt) * src->groups * NFT_PIPAPO_BUCKETS(src->bb)); =20 + if (src->rules > (INT_MAX / sizeof(*src->mt))) + goto out_mt; + dst->mt =3D kvmalloc(src->rules * sizeof(*src->mt), GFP_KERNEL); if (!dst->mt) goto out_mt; --=20 2.43.7