From nobody Mon Nov 24 15:58:26 2025 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4dFVq64Wg7z6HQL1 for ; Mon, 24 Nov 2025 15:58:26 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R12" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4dFVq640S0z3sM4 for ; Mon, 24 Nov 2025 15:58:26 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1763999906; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=zKneL1/xN+VkHjHXd0b1gaGA1/nDLxJT54cG+1YW6rA=; b=qG6KzMnAhLpnleT8sPZ6R8noxviICvho3+o7bGU/LxoJ3/ORBIByrI1DvXB14Z39Cnk6Nz IWI7LP2u75MoGxH+xGl1BfR223hXf5nTWzdzpa11uXuHv0AWAzS/GFOjHwXYYwv1BdLFd8 Q2ok+82p4MKcWYR0E0Ti8hss+UYeGSYCEYpaU21a0nZHWHaXUD46P6mF6JAgaYuw38FlJc JAn8w6F5bkzFoor6UN4YP/b7tsD4yJZNPMpFybZUyZ71HgWuAPYOq4oli73eZxZfUjlUKh H2+2XYgf+YSOpoUAar+89HkPD8Mv9WEOHsDREVJ+avs/lvRzcNOlHjpNcMg02w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1763999906; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=zKneL1/xN+VkHjHXd0b1gaGA1/nDLxJT54cG+1YW6rA=; b=RF71XWqyMcFpUiJ4V4aTmCaKBY3Dwgs0VJ7qbekRndlaRbkuCWCUSvaGGv9tuRqNXAse7b LUsecodfNcCqJV5cJFgbs0n3ttVSHV7573yZQ+CUO4O2SpYrMQmsXjHatVd/w+DTkTm6sO vja9z+k6H+p86Q+CIRyGNd5Vavu3xIqqS/1Alhis42IL13khM5wDeo3SwSS7k3ZO1OOPv0 w6a0BoVS15r5djejpCtjZAiw3yaYkhuOKglq9yZIH4HQh1caseBzdQQK+DaJw8O3+i/l1p e2h1i8csGpoKrakZpf/9LEbeYocwR0fB4VzvjmcP3xc6sjVLEN3gQYxb4o3Bwg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1763999906; a=rsa-sha256; cv=none; b=bAQaW79ZI699iiBPU2Rbuz80dpP5hkLH9Bz1+NGTYa5F3j479UBxODC2Aa5XjmZxL4MGTG NrOr/bU1xpIn7MZEEo6wM/4Z/R47cZ93qAqR8QsNCCOflLK/eXqZr+PsqJKqkd8ou2ozx3 tDoLVZ4Nkw5+R3WDwDKyLPTWbyzFMmIgGyM10qvN2MBin0W31/ygHg1F5jj6zSt8q469CU XAwwZrk9YJxmgv4MKyybTl3vDUQO7/amvuvXxCCPYQSxuDhY+C4kHoyETGgUTLta2extfM OJIIxluAyKgTFkSG4y7vCMCiz7429oVOVgYdwWnqGoDG8iseAeEj8Hu7bdhphQ== ARC-Authentication-Results: i=1; mx1.freebsd.org; none Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4dFVq637vZz5fW for ; Mon, 24 Nov 2025 15:58:26 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from git (uid 1279) (envelope-from git@FreeBSD.org) id 350ac by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org); Mon, 24 Nov 2025 15:58:26 +0000 To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: John Baldwin Subject: git: 828df4d36d9d - main - netlink: Fix overallocation of netlink message buffers List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: jhb X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 828df4d36d9d5a6ca0dcc294d65572b4a0474142 Auto-Submitted: auto-generated Date: Mon, 24 Nov 2025 15:58:26 +0000 Message-Id: <692480a2.350ac.238c5337@gitrepo.freebsd.org> The branch main has been updated by jhb: URL: https://cgit.FreeBSD.org/src/commit/?id=828df4d36d9d5a6ca0dcc294d65572b4a0474142 commit 828df4d36d9d5a6ca0dcc294d65572b4a0474142 Author: John Baldwin AuthorDate: 2025-11-24 15:55:05 +0000 Commit: John Baldwin CommitDate: 2025-11-24 15:55:05 +0000 netlink: Fix overallocation of netlink message buffers Prior to commit 0c511bafdd5b309505c13c8dc7c6816686d1e103, each time snl_realloc_msg_buffer was called, it called snl_allocz to request a new buffer. If an existing linear buffer was used, then after the call, the linear buffer effectively contained the old buffer contents followed by the new buffer (so there was definitely wasted memory), but the linear buffer state was consistent (lb->offset correctly accounted for both copies). For example, if the initial linear buffer was 256 bytes in size, lb->size would be 256. Using 16 bytes followed by 32 bytes would first set lb->offset to 16, then the second realloc would allocate 48 bytes (16 + 32) setting lb->offset to 64 (16 + 48). Commit 0c511bafdd5b309505c13c8dc7c6816686d1e103 aimed to avoid this memory waste by resetting the base pointer to the start of the existing linear buffer if the new allocation was later in the same linear buffer. This avoided some of the waste, but broke the accounting. Using the same example above, the second realloc would reuse the pointer at an offset of 0, but the linear buffer would still claim that 64 bytes was allocated via lb->offset rather than the true allocation of 48 bytes. One approach to fix this would be to "extend" the allocation of an existing linear buffer where a realloc would try to increase lb->offset without setting a new base pointer so long as there was still room remaining in the linear buffer for the new request. However, this change takes a simpler approach. If snl_allocz() returned an allocation from a new linear buffer, just claim the entire linear buffer for use by the snl_writer ensuring the accounting is correct in both the linear buffer and the snl writer. With this approach, the initial snl_writer size would be 256 bytes for a 256 byte linear buffer and would only grow if it needs to allocate an entirely new linear buffer. Reviewed by: igoro Fixes: 0c511bafdd5b ("netlink: fix snl_writer and linear_buffer re-allocation logic") Sponsored by: AFRL, DARPA Differential Revision: https://reviews.freebsd.org/D53697 --- sys/netlink/netlink_snl.h | 27 ++++++++++++++++----------- 1 file changed, 16 insertions(+), 11 deletions(-) diff --git a/sys/netlink/netlink_snl.h b/sys/netlink/netlink_snl.h index 57f7e1e29d08..1e560e029718 100644 --- a/sys/netlink/netlink_snl.h +++ b/sys/netlink/netlink_snl.h @@ -1082,6 +1082,7 @@ snl_init_writer(struct snl_state *ss, struct snl_writer *nw) static inline bool snl_realloc_msg_buffer(struct snl_writer *nw, size_t sz) { + void *new_base; uint32_t new_size = nw->size * 2; while (new_size < nw->size + sz) @@ -1090,23 +1091,27 @@ snl_realloc_msg_buffer(struct snl_writer *nw, size_t sz) if (nw->error) return (false); - if (snl_allocz(nw->ss, new_size) == NULL) { + new_base = snl_allocz(nw->ss, new_size); + if (new_base == NULL) { nw->error = true; return (false); } - nw->size = new_size; - void *new_base = nw->ss->lb->base; - if (new_base != nw->base) { - memcpy(new_base, nw->base, nw->offset); - if (nw->hdr != NULL) { - int hdr_off = (char *)(nw->hdr) - nw->base; + if (new_base == nw->ss->lb->base) { + /* Claim the entire linear buffer. */ + nw->size = nw->ss->lb->size; + nw->ss->lb->offset = nw->ss->lb->size; + } else + nw->size = new_size; - nw->hdr = (struct nlmsghdr *) - (void *)((char *)new_base + hdr_off); - } - nw->base = (char *)new_base; + memcpy(new_base, nw->base, nw->offset); + if (nw->hdr != NULL) { + int hdr_off = (char *)(nw->hdr) - nw->base; + + nw->hdr = (struct nlmsghdr *) + (void *)((char *)new_base + hdr_off); } + nw->base = (char *)new_base; return (true); }