| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 11 Apr 2024 18:30:13 +0800
From: Lei Chen <lei.chen@...rtx.com>
To: Willem de Bruijn <willemdebruijn.kernel@...il.com>
Cc: Jason Wang <jasowang@...hat.com>, "David S. Miller" <davem@...emloft.net>,
Eric Dumazet <edumazet@...gle.com>, Jakub Kicinski <kuba@...nel.org>, Paolo Abeni <pabeni@...hat.com>,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] net:tun: limit printing rate when illegal packet
received by tun dev
On Wed, Apr 10, 2024 at 11:12 PM Willem de Bruijn
<willemdebruijn.kernel@...il.com> wrote:
>
> For a next patch, include the target branch: [PATCH net-next v2]
>
> Lei Chen wrote:
> > vhost_worker will call tun call backs to receive packets. If too many
> > illegal packets arrives, tun_do_read will keep dumping packet contents.
> > When console is enabled, it will costs much more cpu time to dump
> > packet and soft lockup will be detected.
> >
> > net_ratelimit mechanism can be used to limit the dumping rate.
> >
> > PID: 33036 TASK: ffff949da6f20000 CPU: 23 COMMAND: "vhost-32980"
> > #0 [fffffe00003fce50] crash_nmi_callback at ffffffff89249253
> > #1 [fffffe00003fce58] nmi_handle at ffffffff89225fa3
> > #2 [fffffe00003fceb0] default_do_nmi at ffffffff8922642e
> > #3 [fffffe00003fced0] do_nmi at ffffffff8922660d
> > #4 [fffffe00003fcef0] end_repeat_nmi at ffffffff89c01663
> > [exception RIP: io_serial_in+20]
> > RIP: ffffffff89792594 RSP: ffffa655314979e8 RFLAGS: 00000002
> > RAX: ffffffff89792500 RBX: ffffffff8af428a0 RCX: 0000000000000000
> > RDX: 00000000000003fd RSI: 0000000000000005 RDI: ffffffff8af428a0
> > RBP: 0000000000002710 R8: 0000000000000004 R9: 000000000000000f
> > R10: 0000000000000000 R11: ffffffff8acbf64f R12: 0000000000000020
> > R13: ffffffff8acbf698 R14: 0000000000000058 R15: 0000000000000000
> > ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018
> > #5 [ffffa655314979e8] io_serial_in at ffffffff89792594
> > #6 [ffffa655314979e8] wait_for_xmitr at ffffffff89793470
> > #7 [ffffa65531497a08] serial8250_console_putchar at ffffffff897934f6
> > #8 [ffffa65531497a20] uart_console_write at ffffffff8978b605
> > #9 [ffffa65531497a48] serial8250_console_write at ffffffff89796558
> > #10 [ffffa65531497ac8] console_unlock at ffffffff89316124
> > #11 [ffffa65531497b10] vprintk_emit at ffffffff89317c07
> > #12 [ffffa65531497b68] printk at ffffffff89318306
> > #13 [ffffa65531497bc8] print_hex_dump at ffffffff89650765
> > #14 [ffffa65531497ca8] tun_do_read at ffffffffc0b06c27 [tun]
> > #15 [ffffa65531497d38] tun_recvmsg at ffffffffc0b06e34 [tun]
> > #16 [ffffa65531497d68] handle_rx at ffffffffc0c5d682 [vhost_net]
> > #17 [ffffa65531497ed0] vhost_worker at ffffffffc0c644dc [vhost]
> > #18 [ffffa65531497f10] kthread at ffffffff892d2e72
> > #19 [ffffa65531497f50] ret_from_fork at ffffffff89c0022f
> >
> > Signed-off-by: Lei Chen <lei.chen@...rtx.com>
>
> Reviewed-by: Willem de Bruijn <willemb@...gle.com>
> >
> > ---
> > Changes from v1:
> > https://lore.kernel.org/all/20240409062407.1952728-1-lei.chen@smartx.com/
> > 1. Use net_ratelimit instead of raw __ratelimit.
> > 2. Use netdev_err instead of pr_err to print more info abort net dev.
> > 3. Adjust git commit message to make git am happy.
> >
> > drivers/net/tun.c | 18 ++++++++++--------
> > 1 file changed, 10 insertions(+), 8 deletions(-)
> >
> > diff --git a/drivers/net/tun.c b/drivers/net/tun.c
> > index 0b3f21cba552..ca9b4bc89de7 100644
> > --- a/drivers/net/tun.c
> > +++ b/drivers/net/tun.c
> > @@ -2125,14 +2125,16 @@ static ssize_t tun_put_user(struct tun_struct *tun,
> > tun_is_little_endian(tun), true,
> > vlan_hlen)) {
> > struct skb_shared_info *sinfo = skb_shinfo(skb);
> > - pr_err("unexpected GSO type: "
> > - "0x%x, gso_size %d, hdr_len %d\n",
> > - sinfo->gso_type, tun16_to_cpu(tun, gso.gso_size),
> > - tun16_to_cpu(tun, gso.hdr_len));
> > - print_hex_dump(KERN_ERR, "tun: ",
> > - DUMP_PREFIX_NONE,
> > - 16, 1, skb->head,
> > - min((int)tun16_to_cpu(tun, gso.hdr_len), 64), true);
> > +
> > + if (net_ratelimit()) {
> > + netdev_err(tun->dev, "unexpected GSO type: 0x%x, gso_size %d, hdr_len %d\n",
> > + sinfo->gso_type, tun16_to_cpu(tun, gso.gso_size),
> > + tun16_to_cpu(tun, gso.hdr_len));
> > + print_hex_dump(KERN_ERR, "tun: ",
> > + DUMP_PREFIX_NONE,
> > + 16, 1, skb->head,
> > + min((int)tun16_to_cpu(tun, gso.hdr_len), 64), true);
> > + }
> > WARN_ON_ONCE(1);
> > return -EINVAL;
> > }
> >
> > base-commit: fec50db7033ea478773b159e0e2efb135270e3b7
> > prerequisite-patch-id: 8952e320c0272899e153c953db09446879ed0d87
> > prerequisite-patch-id: 2f1e3234a4ac0bf421df2061505612538f128672
>
> Where does this footer come from? Should not be present.
>
Thanks for your review. This footer comes from "git format-patch --base=auto",
I will remake the patch with "--base" options removed.
Powered by blists - more mailing lists