| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20260206120154.2548079-1-schalla@marvell.com>
Date: Fri, 6 Feb 2026 17:31:54 +0530
From: Srujana Challa <schalla@...vell.com>
To: <netdev@...r.kernel.org>, <virtualization@...ts.linux.dev>
CC: <pabeni@...hat.com>, <mst@...hat.com>, <jasowang@...hat.com>,
<xuanzhuo@...ux.alibaba.com>, <eperezma@...hat.com>,
<davem@...emloft.net>, <edumazet@...gle.com>, <kuba@...nel.org>,
<ndabilpuram@...vell.com>, <kshankar@...vell.com>,
<schalla@...vell.com>
Subject: [PATCH v2 net-next] virtio_net: Improve RSS key size validation and use NETDEV_RSS_KEY_LEN
Replace hardcoded RSS max key size limit with NETDEV_RSS_KEY_LEN to
align with kernel's standard RSS key length. Add validation for RSS
key size against spec minimum (40 bytes) and driver maximum. When
validation fails, gracefully disable RSS features and continue
initialization rather than failing completely.
Signed-off-by: Srujana Challa <schalla@...vell.com>
---
drivers/net/virtio_net.c | 62 +++++++++++++++++++++++-----------------
1 file changed, 36 insertions(+), 26 deletions(-)
diff --git a/drivers/net/virtio_net.c b/drivers/net/virtio_net.c
index db88dcaefb20..1fa4197dffc3 100644
--- a/drivers/net/virtio_net.c
+++ b/drivers/net/virtio_net.c
@@ -381,7 +381,8 @@ struct receive_queue {
struct xdp_buff **xsk_buffs;
};
-#define VIRTIO_NET_RSS_MAX_KEY_SIZE 40
+#define VIRTIO_NET_RSS_MAX_KEY_SIZE NETDEV_RSS_KEY_LEN
+#define VIRTIO_NET_RSS_MIN_KEY_SIZE 40
/* Control VQ buffers: protected by the rtnl lock */
struct control_buf {
@@ -6823,38 +6824,47 @@ static int virtnet_probe(struct virtio_device *vdev)
if (virtio_has_feature(vdev, VIRTIO_NET_F_HASH_REPORT))
vi->has_rss_hash_report = true;
- if (virtio_has_feature(vdev, VIRTIO_NET_F_RSS)) {
+ if (virtio_has_feature(vdev, VIRTIO_NET_F_RSS))
vi->has_rss = true;
- vi->rss_indir_table_size =
- virtio_cread16(vdev, offsetof(struct virtio_net_config,
- rss_max_indirection_table_length));
- }
- vi->rss_hdr = devm_kzalloc(&vdev->dev, virtnet_rss_hdr_size(vi), GFP_KERNEL);
- if (!vi->rss_hdr) {
- err = -ENOMEM;
- goto free;
- }
-
if (vi->has_rss || vi->has_rss_hash_report) {
vi->rss_key_size =
virtio_cread8(vdev, offsetof(struct virtio_net_config, rss_max_key_size));
- if (vi->rss_key_size > VIRTIO_NET_RSS_MAX_KEY_SIZE) {
- dev_err(&vdev->dev, "rss_max_key_size=%u exceeds the limit %u.\n",
- vi->rss_key_size, VIRTIO_NET_RSS_MAX_KEY_SIZE);
- err = -EINVAL;
- goto free;
- }
- vi->rss_hash_types_supported =
- virtio_cread32(vdev, offsetof(struct virtio_net_config, supported_hash_types));
- vi->rss_hash_types_supported &=
- ~(VIRTIO_NET_RSS_HASH_TYPE_IP_EX |
- VIRTIO_NET_RSS_HASH_TYPE_TCP_EX |
- VIRTIO_NET_RSS_HASH_TYPE_UDP_EX);
+ /* Spec requires at least 40 bytes */
+ if (vi->rss_key_size < VIRTIO_NET_RSS_MIN_KEY_SIZE) {
+ dev_warn(&vdev->dev,
+ "rss_max_key_size=%u is less than spec minimum %u, disabling RSS\n",
+ vi->rss_key_size, VIRTIO_NET_RSS_MIN_KEY_SIZE);
+ vi->has_rss = false;
+ vi->has_rss_hash_report = false;
+ } else if (vi->rss_key_size > VIRTIO_NET_RSS_MAX_KEY_SIZE) {
+ dev_warn(&vdev->dev,
+ "rss_max_key_size=%u exceeds driver limit %u, disabling RSS\n",
+ vi->rss_key_size, VIRTIO_NET_RSS_MAX_KEY_SIZE);
+ vi->has_rss = false;
+ vi->has_rss_hash_report = false;
+ } else {
+ vi->rss_indir_table_size =
+ virtio_cread16(vdev, offsetof(struct virtio_net_config,
+ rss_max_indirection_table_length));
+ vi->rss_hash_types_supported =
+ virtio_cread32(vdev, offsetof(struct virtio_net_config,
+ supported_hash_types));
+ vi->rss_hash_types_supported &=
+ ~(VIRTIO_NET_RSS_HASH_TYPE_IP_EX |
+ VIRTIO_NET_RSS_HASH_TYPE_TCP_EX |
+ VIRTIO_NET_RSS_HASH_TYPE_UDP_EX);
+
+ dev->hw_features |= NETIF_F_RXHASH;
+ dev->xdp_metadata_ops = &virtnet_xdp_metadata_ops;
+ }
+ }
- dev->hw_features |= NETIF_F_RXHASH;
- dev->xdp_metadata_ops = &virtnet_xdp_metadata_ops;
+ vi->rss_hdr = devm_kzalloc(&vdev->dev, virtnet_rss_hdr_size(vi), GFP_KERNEL);
+ if (!vi->rss_hdr) {
+ err = -ENOMEM;
+ goto free;
}
if (virtio_has_feature(vdev, VIRTIO_NET_F_GUEST_UDP_TUNNEL_GSO) ||
--
2.25.1
Powered by blists - more mailing lists