On Fri, May 26, 2017 at 06:02:34PM +0800, Liping Zhang wrote:
> Hi Pablo,
>
> 2017-05-24 17:50 GMT+08:00 Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>:
> [...]
> > - err = -ENOMEM;
> > - set = kzalloc(sizeof(*set) + size + udlen, GFP_KERNEL);
> > + alloc_size = sizeof(*set) + size + udlen;
> > + if (alloc_size <= (PAGE_SIZE << PAGE_ALLOC_COSTLY_ORDER))
> > + set = kzalloc(alloc_size, GFP_KERNEL | __GFP_NOWARN |
> > + __GFP_NORETRY);
> > if (set == NULL)
> > + set = vzalloc(alloc_size);
>
> I think maybe we can use "set = kvzalloc(alloc_size, GFP_KERNEL);" to simplify
> the above codes.
Like this?
diff --git a/net/netfilter/nf_tables_api.c b/net/netfilter/nf_tables_api.c
index 0e54090caa8a..bd4fc8b2cd77 100644
--- a/net/netfilter/nf_tables_api.c
+++ b/net/netfilter/nf_tables_api.c
@@ -2910,7 +2910,6 @@ static int nf_tables_newset(struct net *net, struct sock *nlsk,
{
const struct nfgenmsg *nfmsg = nlmsg_data(nlh);
u8 genmask = nft_genmask_next(net);
- unsigned int size, alloc_size;
const struct nft_set_ops *ops;
struct nft_af_info *afi;
struct nft_table *table;
@@ -2922,6 +2921,7 @@ static int nf_tables_newset(struct net *net, struct sock *nlsk,
u32 ktype, dtype, flags, policy, gc_int, objtype;
struct nft_set_desc desc;
unsigned char *udata;
+ unsigned int size;
u16 udlen;
int err;
@@ -3057,13 +3057,8 @@ static int nf_tables_newset(struct net *net, struct sock *nlsk,
if (ops->privsize != NULL)
size = ops->privsize(nla, &desc);
- alloc_size = sizeof(*set) + size + udlen;
- if (alloc_size <= (PAGE_SIZE << PAGE_ALLOC_COSTLY_ORDER))
- set = kzalloc(alloc_size, GFP_KERNEL | __GFP_NOWARN |
- __GFP_NORETRY);
- if (set == NULL)
- set = vzalloc(alloc_size);
- if (set == NULL) {
+ set = kvzalloc(sizeof(*set) + size + udlen, GFP_KERNEL);
+ if (!set) {
err = -ENOMEM;
goto err1;
}
