lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ZXsyfFHcFnaqeWe+@baltimore>
Date: Thu, 14 Dec 2023 17:51:08 +0100
From: Pawel Chmielewski <pawel.chmielewski@...el.com>
To: Michal Schmidt <mschmidt@...hat.com>
CC: <intel-wired-lan@...ts.osuosl.org>, <netdev@...r.kernel.org>,
	<pmenzel@...gen.mpg.de>, <lukasz.czapnik@...el.com>, Liang-Min Wang
	<liang-min.wang@...el.com>, Michal Swiatkowski
	<michal.swiatkowski@...ux.intel.com>
Subject: Re: [PATCH iwl-next v2] ice: Reset VF on Tx MDD event

On Thu, Dec 14, 2023 at 09:37:32AM +0100, Michal Schmidt wrote:
> On Thu, Nov 2, 2023 at 4:56 PM Pawel Chmielewski
> <pawel.chmielewski@...el.com> wrote:
> > From: Liang-Min Wang <liang-min.wang@...el.com>
> >
> > In cases when VF sends malformed packets that are classified as malicious,
> > sometimes it causes Tx queue to freeze. This frozen queue can be stuck
> > for several minutes being unusable. This behavior can be reproduced with
> > DPDK application, testpmd.
> >
> > When Malicious Driver Detection event occurs, perform graceful VF reset
> > to quickly bring VF back to operational state. Add a log message to
> > notify about the cause of the reset.
> 
> Sorry for bringing this up so late, but I have just now realized this:
> Wasn't freezing of the queue originally the intended behavior, as a
> penalty for being malicious?
> Shouldn't these resets at least be guarded by ICE_FLAG_MDD_AUTO_RESET_VF?
> 
> Michal

In some cases, the MDD can be caused also by a regular software error
(like the one mentioned in commit message), and not the actual malicious
action. There was decision to change the default behavior to avoid denial
of service. 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ