linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH net-next] net: bcmgenet: Add a check for oversized packets
@ 2023-01-27  0:08 Florian Fainelli
  2023-01-29  9:42 ` Leon Romanovsky
  2023-01-30  7:30 ` patchwork-bot+netdevbpf
  0 siblings, 2 replies; 7+ messages in thread
From: Florian Fainelli @ 2023-01-27  0:08 UTC (permalink / raw)
  To: netdev
  Cc: maxime, Florian Fainelli, Doug Berger,
	Broadcom internal kernel review list, David S. Miller,
	Eric Dumazet, Jakub Kicinski, Paolo Abeni, open list

Occasionnaly we may get oversized packets from the hardware which
exceed the nomimal 2KiB buffer size we allocate SKBs with. Add an early
check which drops the packet to avoid invoking skb_over_panic() and move
on to processing the next packet.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
---
 drivers/net/ethernet/broadcom/genet/bcmgenet.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/drivers/net/ethernet/broadcom/genet/bcmgenet.c b/drivers/net/ethernet/broadcom/genet/bcmgenet.c
index 21973046b12b..d937daa8ee88 100644
--- a/drivers/net/ethernet/broadcom/genet/bcmgenet.c
+++ b/drivers/net/ethernet/broadcom/genet/bcmgenet.c
@@ -2316,6 +2316,14 @@ static unsigned int bcmgenet_desc_rx(struct bcmgenet_rx_ring *ring,
 			  __func__, p_index, ring->c_index,
 			  ring->read_ptr, dma_length_status);
 
+		if (unlikely(len > RX_BUF_LENGTH)) {
+			netif_err(priv, rx_status, dev, "oversized packet\n");
+			dev->stats.rx_length_errors++;
+			dev->stats.rx_errors++;
+			dev_kfree_skb_any(skb);
+			goto next;
+		}
+
 		if (unlikely(!(dma_flag & DMA_EOP) || !(dma_flag & DMA_SOP))) {
 			netif_err(priv, rx_status, dev,
 				  "dropping fragmented packet!\n");
-- 
2.25.1


^ permalink raw reply related	[flat|nested] 7+ messages in thread
* Re: [PATCH net-next] net: bcmgenet: Add a check for oversized packets
  2023-01-27  0:08 [PATCH net-next] net: bcmgenet: Add a check for oversized packets Florian Fainelli
@ 2023-01-29  9:42 ` Leon Romanovsky
  2023-01-29 21:17   ` Florian Fainelli
  2023-01-30  7:30 ` patchwork-bot+netdevbpf
  1 sibling, 1 reply; 7+ messages in thread
From: Leon Romanovsky @ 2023-01-29  9:42 UTC (permalink / raw)
  To: Florian Fainelli
  Cc: netdev, maxime, Doug Berger,
	Broadcom internal kernel review list, David S. Miller,
	Eric Dumazet, Jakub Kicinski, Paolo Abeni, open list

On Thu, Jan 26, 2023 at 04:08:19PM -0800, Florian Fainelli wrote:
> Occasionnaly we may get oversized packets from the hardware which
> exceed the nomimal 2KiB buffer size we allocate SKBs with. Add an early
> check which drops the packet to avoid invoking skb_over_panic() and move
> on to processing the next packet.
> 
> Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
> ---
>  drivers/net/ethernet/broadcom/genet/bcmgenet.c | 8 ++++++++
>  1 file changed, 8 insertions(+)
> 
> diff --git a/drivers/net/ethernet/broadcom/genet/bcmgenet.c b/drivers/net/ethernet/broadcom/genet/bcmgenet.c
> index 21973046b12b..d937daa8ee88 100644
> --- a/drivers/net/ethernet/broadcom/genet/bcmgenet.c
> +++ b/drivers/net/ethernet/broadcom/genet/bcmgenet.c
> @@ -2316,6 +2316,14 @@ static unsigned int bcmgenet_desc_rx(struct bcmgenet_rx_ring *ring,
>  			  __func__, p_index, ring->c_index,
>  			  ring->read_ptr, dma_length_status);
>  
> +		if (unlikely(len > RX_BUF_LENGTH)) {
> +			netif_err(priv, rx_status, dev, "oversized packet\n");

I don't think that it is wise move to print to dmesg something that can
be triggered by user over network.

Thanks

> +			dev->stats.rx_length_errors++;
> +			dev->stats.rx_errors++;
> +			dev_kfree_skb_any(skb);
> +			goto next;
> +		}
> +
>  		if (unlikely(!(dma_flag & DMA_EOP) || !(dma_flag & DMA_SOP))) {
>  			netif_err(priv, rx_status, dev,
>  				  "dropping fragmented packet!\n");
> -- 
> 2.25.1
> 

^ permalink raw reply	[flat|nested] 7+ messages in thread
* Re: [PATCH net-next] net: bcmgenet: Add a check for oversized packets
  2023-01-29  9:42 ` Leon Romanovsky
@ 2023-01-29 21:17   ` Florian Fainelli
  2023-01-30 10:09     ` Leon Romanovsky
  0 siblings, 1 reply; 7+ messages in thread
From: Florian Fainelli @ 2023-01-29 21:17 UTC (permalink / raw)
  To: Leon Romanovsky
  Cc: netdev, maxime, Doug Berger,
	Broadcom internal kernel review list, David S. Miller,
	Eric Dumazet, Jakub Kicinski, Paolo Abeni, open list



On 1/29/2023 1:42 AM, Leon Romanovsky wrote:
> On Thu, Jan 26, 2023 at 04:08:19PM -0800, Florian Fainelli wrote:
>> Occasionnaly we may get oversized packets from the hardware which
>> exceed the nomimal 2KiB buffer size we allocate SKBs with. Add an early
>> check which drops the packet to avoid invoking skb_over_panic() and move
>> on to processing the next packet.
>>
>> Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
>> ---
>>   drivers/net/ethernet/broadcom/genet/bcmgenet.c | 8 ++++++++
>>   1 file changed, 8 insertions(+)
>>
>> diff --git a/drivers/net/ethernet/broadcom/genet/bcmgenet.c b/drivers/net/ethernet/broadcom/genet/bcmgenet.c
>> index 21973046b12b..d937daa8ee88 100644
>> --- a/drivers/net/ethernet/broadcom/genet/bcmgenet.c
>> +++ b/drivers/net/ethernet/broadcom/genet/bcmgenet.c
>> @@ -2316,6 +2316,14 @@ static unsigned int bcmgenet_desc_rx(struct bcmgenet_rx_ring *ring,
>>   			  __func__, p_index, ring->c_index,
>>   			  ring->read_ptr, dma_length_status);
>>   
>> +		if (unlikely(len > RX_BUF_LENGTH)) {
>> +			netif_err(priv, rx_status, dev, "oversized packet\n");
> 
> I don't think that it is wise move to print to dmesg something that can
> be triggered by user over network.

A frame larger than RX_BUF_LENGTH intentionally received would be 
segmented by the MAC, we have seen this happen however while playing 
with unsafe clock ratios for instance or when there are insufficient 
credits given to the Ethernet MAC to write frames into DRAM. The print 
is consistent with other errors that are captured and is only enabled if 
the appropriate ethtool message level bitmask is set.
-- 
Florian

^ permalink raw reply	[flat|nested] 7+ messages in thread
* Re: [PATCH net-next] net: bcmgenet: Add a check for oversized packets
  2023-01-27  0:08 [PATCH net-next] net: bcmgenet: Add a check for oversized packets Florian Fainelli
  2023-01-29  9:42 ` Leon Romanovsky
@ 2023-01-30  7:30 ` patchwork-bot+netdevbpf
  1 sibling, 0 replies; 7+ messages in thread
From: patchwork-bot+netdevbpf @ 2023-01-30  7:30 UTC (permalink / raw)
  To: Florian Fainelli
  Cc: netdev, maxime, opendmb, bcm-kernel-feedback-list, davem,
	edumazet, kuba, pabeni, linux-kernel

Hello:

This patch was applied to netdev/net-next.git (master)
by David S. Miller <davem@davemloft.net>:

On Thu, 26 Jan 2023 16:08:19 -0800 you wrote:
> Occasionnaly we may get oversized packets from the hardware which
> exceed the nomimal 2KiB buffer size we allocate SKBs with. Add an early
> check which drops the packet to avoid invoking skb_over_panic() and move
> on to processing the next packet.
> 
> Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
> 
> [...]

Here is the summary with links:
  - [net-next] net: bcmgenet: Add a check for oversized packets
    https://git.kernel.org/netdev/net-next/c/5c0862c2c962

You are awesome, thank you!
-- 
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html



^ permalink raw reply	[flat|nested] 7+ messages in thread
* Re: [PATCH net-next] net: bcmgenet: Add a check for oversized packets
  2023-01-29 21:17   ` Florian Fainelli
@ 2023-01-30 10:09     ` Leon Romanovsky
  2023-01-30 18:19       ` Florian Fainelli
  0 siblings, 1 reply; 7+ messages in thread
From: Leon Romanovsky @ 2023-01-30 10:09 UTC (permalink / raw)
  To: Florian Fainelli
  Cc: netdev, maxime, Doug Berger,
	Broadcom internal kernel review list, David S. Miller,
	Eric Dumazet, Jakub Kicinski, Paolo Abeni, open list

On Sun, Jan 29, 2023 at 01:17:43PM -0800, Florian Fainelli wrote:
> 
> 
> On 1/29/2023 1:42 AM, Leon Romanovsky wrote:
> > On Thu, Jan 26, 2023 at 04:08:19PM -0800, Florian Fainelli wrote:
> > > Occasionnaly we may get oversized packets from the hardware which
> > > exceed the nomimal 2KiB buffer size we allocate SKBs with. Add an early
> > > check which drops the packet to avoid invoking skb_over_panic() and move
> > > on to processing the next packet.
> > > 
> > > Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
> > > ---
> > >   drivers/net/ethernet/broadcom/genet/bcmgenet.c | 8 ++++++++
> > >   1 file changed, 8 insertions(+)
> > > 
> > > diff --git a/drivers/net/ethernet/broadcom/genet/bcmgenet.c b/drivers/net/ethernet/broadcom/genet/bcmgenet.c
> > > index 21973046b12b..d937daa8ee88 100644
> > > --- a/drivers/net/ethernet/broadcom/genet/bcmgenet.c
> > > +++ b/drivers/net/ethernet/broadcom/genet/bcmgenet.c
> > > @@ -2316,6 +2316,14 @@ static unsigned int bcmgenet_desc_rx(struct bcmgenet_rx_ring *ring,
> > >   			  __func__, p_index, ring->c_index,
> > >   			  ring->read_ptr, dma_length_status);
> > > +		if (unlikely(len > RX_BUF_LENGTH)) {
> > > +			netif_err(priv, rx_status, dev, "oversized packet\n");
> > 
> > I don't think that it is wise move to print to dmesg something that can
> > be triggered by user over network.
> 
> A frame larger than RX_BUF_LENGTH intentionally received would be segmented
> by the MAC, we have seen this happen however while playing with unsafe clock
> ratios for instance or when there are insufficient credits given to the
> Ethernet MAC to write frames into DRAM. The print is consistent with other
> errors that are captured and is only enabled if the appropriate ethtool
> message level bitmask is set.

I saw other prints in that function, but you add new one.
Won't netif_err() be printed by default in almost all distro?

Thanks

> -- 
> Florian

^ permalink raw reply	[flat|nested] 7+ messages in thread
* Re: [PATCH net-next] net: bcmgenet: Add a check for oversized packets
  2023-01-30 10:09     ` Leon Romanovsky
@ 2023-01-30 18:19       ` Florian Fainelli
  2023-01-31  8:16         ` Leon Romanovsky
  0 siblings, 1 reply; 7+ messages in thread
From: Florian Fainelli @ 2023-01-30 18:19 UTC (permalink / raw)
  To: Leon Romanovsky, Florian Fainelli
  Cc: netdev, maxime, Doug Berger,
	Broadcom internal kernel review list, David S. Miller,
	Eric Dumazet, Jakub Kicinski, Paolo Abeni, open list

[-- Attachment #1: Type: text/plain, Size: 2126 bytes --]

On 1/30/23 02:09, Leon Romanovsky wrote:
> On Sun, Jan 29, 2023 at 01:17:43PM -0800, Florian Fainelli wrote:
>>
>>
>> On 1/29/2023 1:42 AM, Leon Romanovsky wrote:
>>> On Thu, Jan 26, 2023 at 04:08:19PM -0800, Florian Fainelli wrote:
>>>> Occasionnaly we may get oversized packets from the hardware which
>>>> exceed the nomimal 2KiB buffer size we allocate SKBs with. Add an early
>>>> check which drops the packet to avoid invoking skb_over_panic() and move
>>>> on to processing the next packet.
>>>>
>>>> Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
>>>> ---
>>>>    drivers/net/ethernet/broadcom/genet/bcmgenet.c | 8 ++++++++
>>>>    1 file changed, 8 insertions(+)
>>>>
>>>> diff --git a/drivers/net/ethernet/broadcom/genet/bcmgenet.c b/drivers/net/ethernet/broadcom/genet/bcmgenet.c
>>>> index 21973046b12b..d937daa8ee88 100644
>>>> --- a/drivers/net/ethernet/broadcom/genet/bcmgenet.c
>>>> +++ b/drivers/net/ethernet/broadcom/genet/bcmgenet.c
>>>> @@ -2316,6 +2316,14 @@ static unsigned int bcmgenet_desc_rx(struct bcmgenet_rx_ring *ring,
>>>>    			  __func__, p_index, ring->c_index,
>>>>    			  ring->read_ptr, dma_length_status);
>>>> +		if (unlikely(len > RX_BUF_LENGTH)) {
>>>> +			netif_err(priv, rx_status, dev, "oversized packet\n");
>>>
>>> I don't think that it is wise move to print to dmesg something that can
>>> be triggered by user over network.
>>
>> A frame larger than RX_BUF_LENGTH intentionally received would be segmented
>> by the MAC, we have seen this happen however while playing with unsafe clock
>> ratios for instance or when there are insufficient credits given to the
>> Ethernet MAC to write frames into DRAM. The print is consistent with other
>> errors that are captured and is only enabled if the appropriate ethtool
>> message level bitmask is set.
> 
> I saw other prints in that function, but you add new one.
> Won't netif_err() be printed by default in almost all distro?

Do distributions alter the drive default message level:

   #define GENET_MSG_DEFAULT       (NETIF_MSG_DRV | NETIF_MSG_PROBE | \
                                   NETIF_MSG_LINK)
?
-- 
Florian


[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 4221 bytes --]

^ permalink raw reply	[flat|nested] 7+ messages in thread
* Re: [PATCH net-next] net: bcmgenet: Add a check for oversized packets
  2023-01-30 18:19       ` Florian Fainelli
@ 2023-01-31  8:16         ` Leon Romanovsky
  0 siblings, 0 replies; 7+ messages in thread
From: Leon Romanovsky @ 2023-01-31  8:16 UTC (permalink / raw)
  To: Florian Fainelli
  Cc: Florian Fainelli, netdev, maxime, Doug Berger,
	Broadcom internal kernel review list, David S. Miller,
	Eric Dumazet, Jakub Kicinski, Paolo Abeni, open list

On Mon, Jan 30, 2023 at 10:19:07AM -0800, Florian Fainelli wrote:
> On 1/30/23 02:09, Leon Romanovsky wrote:
> > On Sun, Jan 29, 2023 at 01:17:43PM -0800, Florian Fainelli wrote:
> > > 
> > > 
> > > On 1/29/2023 1:42 AM, Leon Romanovsky wrote:
> > > > On Thu, Jan 26, 2023 at 04:08:19PM -0800, Florian Fainelli wrote:
> > > > > Occasionnaly we may get oversized packets from the hardware which
> > > > > exceed the nomimal 2KiB buffer size we allocate SKBs with. Add an early
> > > > > check which drops the packet to avoid invoking skb_over_panic() and move
> > > > > on to processing the next packet.
> > > > > 
> > > > > Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
> > > > > ---
> > > > >    drivers/net/ethernet/broadcom/genet/bcmgenet.c | 8 ++++++++
> > > > >    1 file changed, 8 insertions(+)
> > > > > 
> > > > > diff --git a/drivers/net/ethernet/broadcom/genet/bcmgenet.c b/drivers/net/ethernet/broadcom/genet/bcmgenet.c
> > > > > index 21973046b12b..d937daa8ee88 100644
> > > > > --- a/drivers/net/ethernet/broadcom/genet/bcmgenet.c
> > > > > +++ b/drivers/net/ethernet/broadcom/genet/bcmgenet.c
> > > > > @@ -2316,6 +2316,14 @@ static unsigned int bcmgenet_desc_rx(struct bcmgenet_rx_ring *ring,
> > > > >    			  __func__, p_index, ring->c_index,
> > > > >    			  ring->read_ptr, dma_length_status);
> > > > > +		if (unlikely(len > RX_BUF_LENGTH)) {
> > > > > +			netif_err(priv, rx_status, dev, "oversized packet\n");
> > > > 
> > > > I don't think that it is wise move to print to dmesg something that can
> > > > be triggered by user over network.
> > > 
> > > A frame larger than RX_BUF_LENGTH intentionally received would be segmented
> > > by the MAC, we have seen this happen however while playing with unsafe clock
> > > ratios for instance or when there are insufficient credits given to the
> > > Ethernet MAC to write frames into DRAM. The print is consistent with other
> > > errors that are captured and is only enabled if the appropriate ethtool
> > > message level bitmask is set.
> > 
> > I saw other prints in that function, but you add new one.
> > Won't netif_err() be printed by default in almost all distro?
> 
> Do distributions alter the drive default message level:
> 
>   #define GENET_MSG_DEFAULT       (NETIF_MSG_DRV | NETIF_MSG_PROBE | \
>                                   NETIF_MSG_LINK)
> ?

Ohh, I didn't know about per-driver defaults.

Thanks for the explanation.

> -- 
> Florian
> 



^ permalink raw reply	[flat|nested] 7+ messages in thread
end of thread, other threads:[~2023-01-31  8:16 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-01-27  0:08 [PATCH net-next] net: bcmgenet: Add a check for oversized packets Florian Fainelli
2023-01-29  9:42 ` Leon Romanovsky
2023-01-29 21:17   ` Florian Fainelli
2023-01-30 10:09     ` Leon Romanovsky
2023-01-30 18:19       ` Florian Fainelli
2023-01-31  8:16         ` Leon Romanovsky
2023-01-30  7:30 ` patchwork-bot+netdevbpf

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).