From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Mahesh Bandewar <maheshb@google.com>,
"David S . Miller" <davem@davemloft.net>,
Sasha Levin <sashal@kernel.org>,
netdev@vger.kernel.org
Subject: [PATCH AUTOSEL 5.4 46/73] macvlan: add cond_resched() during multicast processing
Date: Wed, 18 Mar 2020 16:53:10 -0400 [thread overview]
Message-ID: <20200318205337.16279-46-sashal@kernel.org> (raw)
In-Reply-To: <20200318205337.16279-1-sashal@kernel.org>
From: Mahesh Bandewar <maheshb@google.com>
[ Upstream commit ce9a4186f9ac475c415ffd20348176a4ea366670 ]
The Rx bound multicast packets are deferred to a workqueue and
macvlan can also suffer from the same attack that was discovered
by Syzbot for IPvlan. This solution is not as effective as in
IPvlan. IPvlan defers all (Tx and Rx) multicast packet processing
to a workqueue while macvlan does this way only for the Rx. This
fix should address the Rx codition to certain extent.
Tx is still suseptible. Tx multicast processing happens when
.ndo_start_xmit is called, hence we cannot add cond_resched().
However, it's not that severe since the user which is generating
/ flooding will be affected the most.
Fixes: 412ca1550cbe ("macvlan: Move broadcasts into a work queue")
Signed-off-by: Mahesh Bandewar <maheshb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
drivers/net/macvlan.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/drivers/net/macvlan.c b/drivers/net/macvlan.c
index c5bf61565726b..26f6be4796c75 100644
--- a/drivers/net/macvlan.c
+++ b/drivers/net/macvlan.c
@@ -334,6 +334,8 @@ static void macvlan_process_broadcast(struct work_struct *w)
if (src)
dev_put(src->dev);
consume_skb(skb);
+
+ cond_resched();
}
}
--
2.20.1
next prev parent reply other threads:[~2020-03-18 21:06 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20200318205337.16279-1-sashal@kernel.org>
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 04/73] batman-adv: Don't schedule OGM for disabled interface Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 09/73] r8152: check disconnect status after long sleep Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 10/73] net: dsa: mv88e6xxx: fix lockup on warm boot Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 11/73] net: phy: avoid clearing PHY interrupts twice in irq handler Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 12/73] bnxt_en: reinitialize IRQs when MTU is modified Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 13/73] bnxt_en: fix error handling when flashing from file Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 15/73] fib: add missing attribute validation for tun_id Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 16/73] can: add missing attribute validation for termination Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 17/73] macsec: add missing attribute validation for port Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 18/73] team: add missing attribute validation for port ifindex Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 19/73] team: add missing attribute validation for array index Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 20/73] netfilter: cthelper: add missing attribute validation for cthelper Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 21/73] netfilter: nft_payload: add missing attribute validation for payload csum flags Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 22/73] netfilter: nft_tunnel: add missing attribute validation for tunnels Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 23/73] net: phy: bcm63xx: fix OOPS due to missing driver name Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 24/73] drivers/of/of_mdio.c:fix of_mdiobus_register() Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 26/73] netfilter: nf_tables: dump NFTA_CHAIN_FLAGS attribute Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 27/73] netfilter: nf_tables: fix infinite loop when expr is not available Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 28/73] slip: make slhc_compress() more robust against malicious packets Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 29/73] net: hns3: fix a not link up issue when fibre port supports autoneg Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 31/73] netfilter: nft_chain_nat: inet family is missing module ownership Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 32/73] dt-bindings: net: FMan erratum A050385 Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 34/73] fsl/fman: detect " Sasha Levin
2020-03-18 20:52 ` [PATCH AUTOSEL 5.4 35/73] bonding/alb: make sure arp header is pulled before accessing it Sasha Levin
2020-03-18 20:53 ` [PATCH AUTOSEL 5.4 39/73] ipvlan: do not add hardware address of master to its unicast filter list Sasha Levin
2020-03-18 20:53 ` [PATCH AUTOSEL 5.4 40/73] net: stmmac: dwmac1000: Disable ACS if enhanced descs are not used Sasha Levin
2020-03-18 20:53 ` [PATCH AUTOSEL 5.4 44/73] ipvlan: don't deref eth hdr before checking it's set Sasha Levin
2020-03-18 20:53 ` [PATCH AUTOSEL 5.4 45/73] ipvlan: add cond_resched_rcu() while processing muticast backlog Sasha Levin
2020-03-18 20:53 ` Sasha Levin [this message]
2020-03-18 20:53 ` [PATCH AUTOSEL 5.4 47/73] ipvlan: do not use cond_resched_rcu() in ipvlan_process_multicast() Sasha Levin
2020-03-18 20:53 ` [PATCH AUTOSEL 5.4 56/73] nl80211: add missing attribute validation for critical protocol indication Sasha Levin
2020-03-18 20:53 ` [PATCH AUTOSEL 5.4 57/73] nl80211: add missing attribute validation for beacon report scanning Sasha Levin
2020-03-18 20:53 ` [PATCH AUTOSEL 5.4 58/73] nl80211: add missing attribute validation for channel switch Sasha Levin
2020-03-18 20:53 ` [PATCH AUTOSEL 5.4 59/73] mac80211: Do not send mesh HWMP PREQ if HWMP is disabled Sasha Levin
2020-03-18 20:53 ` [PATCH AUTOSEL 5.4 61/73] dpaa_eth: Remove unnecessary boolean expression in dpaa_get_headroom Sasha Levin
2020-03-18 20:53 ` [PATCH AUTOSEL 5.4 62/73] net: fec: validate the new settings in fec_enet_set_coalesce() Sasha Levin
2020-03-18 20:53 ` [PATCH AUTOSEL 5.4 63/73] sxgbe: Fix off by one in samsung driver strncpy size arg Sasha Levin
2020-03-18 20:53 ` [PATCH AUTOSEL 5.4 64/73] net: mvmdio: avoid error message for optional IRQ Sasha Levin
2020-03-18 20:57 ` Chris Packham
2020-03-18 20:53 ` [PATCH AUTOSEL 5.4 65/73] net: hns3: fix "tc qdisc del" failed issue Sasha Levin
2020-03-18 20:53 ` [PATCH AUTOSEL 5.4 66/73] net: systemport: fix index check to avoid an array out of bounds access Sasha Levin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200318205337.16279-46-sashal@kernel.org \
--to=sashal@kernel.org \
--cc=davem@davemloft.net \
--cc=linux-kernel@vger.kernel.org \
--cc=maheshb@google.com \
--cc=netdev@vger.kernel.org \
--cc=stable@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).