netfilter: xt_recent: avoid high order page allocations
authorEric Dumazet <edumazet@google.com>
Thu, 3 Jan 2013 22:18:39 +0000 (22:18 +0000)
committerPablo Neira Ayuso <pablo@netfilter.org>
Fri, 4 Jan 2013 19:14:42 +0000 (20:14 +0100)
commit2727de76041b2064c0b74f00a2a89678fb3efafc
tree57b15dc3cb1e39d7079c60bcf4d76ce34cdb0084
parent757ae316fb35811cfd8c67de0e0b8680ec4c1f37
netfilter: xt_recent: avoid high order page allocations

xt_recent can try high order page allocations and this can fail.

iptables: page allocation failure: order:9, mode:0xc0d0

It also wastes about half the allocated space because of kmalloc()
power-of-two roundups and struct recent_table layout.

Use vmalloc() instead to save space and be less prone to allocation
errors when memory is fragmented.

Reported-by: Miroslav Kratochvil <exa.exa@gmail.com>
Reported-by: Dave Jones <davej@redhat.com>
Reported-by: Harald Reindl <h.reindl@thelounge.net>
Signed-off-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
net/netfilter/xt_recent.c