[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20220329183340.471474-2-minyard@acm.org>
Date: Tue, 29 Mar 2022 13:33:37 -0500
From: minyard@....org
To: Chen Guanqiao <chen.chenchacha@...mail.com>
Cc: openipmi-developer@...ts.sourceforge.net,
linux-kernel@...r.kernel.org, Corey Minyard <cminyard@...sta.com>
Subject: [PATCH 1/4] ipmi: Add a limit on the number of users that may use IPMI
From: Corey Minyard <cminyard@...sta.com>
Each user uses memory, we need limits to avoid a rogue program from
running the system out of memory.
Based on work by Chen Guanqiao <chen.chenchacha@...mail.com>
Cc: Chen Guanqiao <chen.chenchacha@...mail.com>
Signed-off-by: Corey Minyard <cminyard@...sta.com>
---
drivers/char/ipmi/ipmi_msghandler.c | 15 +++++++++++++++
1 file changed, 15 insertions(+)
diff --git a/drivers/char/ipmi/ipmi_msghandler.c b/drivers/char/ipmi/ipmi_msghandler.c
index c59265146e9c..de80bf4c4e4c 100644
--- a/drivers/char/ipmi/ipmi_msghandler.c
+++ b/drivers/char/ipmi/ipmi_msghandler.c
@@ -145,6 +145,12 @@ module_param(default_max_retries, uint, 0644);
MODULE_PARM_DESC(default_max_retries,
"The time (milliseconds) between retry sends in maintenance mode");
+/* The default maximum number of users that may register. */
+static unsigned int max_users = 30;
+module_param(max_users, uint, 0644);
+MODULE_PARM_DESC(max_users,
+ "The most users that may use the IPMI stack at one time.");
+
/* Call every ~1000 ms. */
#define IPMI_TIMEOUT_TIME 1000
@@ -442,6 +448,7 @@ struct ipmi_smi {
*/
struct list_head users;
struct srcu_struct users_srcu;
+ atomic_t nr_users;
/* Used for wake ups at startup. */
wait_queue_head_t waitq;
@@ -1230,6 +1237,11 @@ int ipmi_create_user(unsigned int if_num,
goto out_kfree;
found:
+ if (atomic_add_return(1, &intf->nr_users) > max_users) {
+ rv = -EBUSY;
+ goto out_kfree;
+ }
+
INIT_WORK(&new_user->remove_work, free_user_work);
rv = init_srcu_struct(&new_user->release_barrier);
@@ -1262,6 +1274,7 @@ int ipmi_create_user(unsigned int if_num,
return 0;
out_kfree:
+ atomic_sub(1, &intf->nr_users);
srcu_read_unlock(&ipmi_interfaces_srcu, index);
vfree(new_user);
return rv;
@@ -1336,6 +1349,7 @@ static void _ipmi_destroy_user(struct ipmi_user *user)
/* Remove the user from the interface's sequence table. */
spin_lock_irqsave(&intf->seq_lock, flags);
list_del_rcu(&user->link);
+ atomic_dec(&intf->nr_users);
for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
if (intf->seq_table[i].inuse
@@ -3529,6 +3543,7 @@ int ipmi_add_smi(struct module *owner,
if (slave_addr != 0)
intf->addrinfo[0].address = slave_addr;
INIT_LIST_HEAD(&intf->users);
+ atomic_set(&intf->nr_users, 0);
intf->handlers = handlers;
intf->send_info = send_info;
spin_lock_init(&intf->seq_lock);
--
2.25.1
Powered by blists - more mailing lists