| From bde77e2e45d7358ed3a81e78465767544777cb68 Mon Sep 17 00:00:00 2001 |
| From: Mahesh Bandewar <maheshb@google.com> |
| Date: Mon, 9 Mar 2020 15:57:07 -0700 |
| Subject: [PATCH] macvlan: add cond_resched() during multicast processing |
| |
| commit ce9a4186f9ac475c415ffd20348176a4ea366670 upstream. |
| |
| The Rx bound multicast packets are deferred to a workqueue and |
| macvlan can also suffer from the same attack that was discovered |
| by Syzbot for IPvlan. This solution is not as effective as in |
| IPvlan. IPvlan defers all (Tx and Rx) multicast packet processing |
| to a workqueue while macvlan does this way only for the Rx. This |
| fix should address the Rx codition to certain extent. |
| |
| Tx is still suseptible. Tx multicast processing happens when |
| .ndo_start_xmit is called, hence we cannot add cond_resched(). |
| However, it's not that severe since the user which is generating |
| / flooding will be affected the most. |
| |
| Fixes: 412ca1550cbe ("macvlan: Move broadcasts into a work queue") |
| Signed-off-by: Mahesh Bandewar <maheshb@google.com> |
| Signed-off-by: David S. Miller <davem@davemloft.net> |
| Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com> |
| |
| diff --git a/drivers/net/macvlan.c b/drivers/net/macvlan.c |
| index 50f253160d7e..52cc38359960 100644 |
| --- a/drivers/net/macvlan.c |
| +++ b/drivers/net/macvlan.c |
| @@ -334,6 +334,8 @@ static void macvlan_process_broadcast(struct work_struct *w) |
| if (src) |
| dev_put(src->dev); |
| consume_skb(skb); |
| + |
| + cond_resched(); |
| } |
| } |
| |
| -- |
| 2.7.4 |
| |
