[{"id":3677847,"web_url":"http://patchwork.ozlabs.org/comment/3677847/","msgid":"","list_archive_url":null,"date":"2026-04-15T22:41:36","subject":"Re: [ovs-dev] [PATCH net v4] openvswitch: cap upcall PID array size\n and pre-size vport replies","submitter":{"id":76798,"url":"http://patchwork.ozlabs.org/api/people/76798/","name":"Ilya Maximets","email":"i.maximets@ovn.org"},"content":"On 4/15/26 2:51 PM, Weiming Shi wrote:\n> The vport netlink reply helpers allocate a fixed-size skb with\n> nlmsg_new(NLMSG_DEFAULT_SIZE, ...) but serialize the full upcall PID\n> array via ovs_vport_get_upcall_portids(). Since\n> ovs_vport_set_upcall_portids() accepts any non-zero multiple of\n> sizeof(u32) with no upper bound, a CAP_NET_ADMIN user can install a PID\n> array large enough to overflow the reply buffer, causing nla_put() to\n> fail with -EMSGSIZE and hitting BUG_ON(err < 0). On systems with\n> unprivileged user namespaces enabled (e.g., Ubuntu default), this is\n> reachable via unshare -Urn since OVS vport mutation operations use\n> GENL_UNS_ADMIN_PERM.\n> \n> kernel BUG at net/openvswitch/datapath.c:2414!\n> Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\n> CPU: 1 UID: 0 PID: 65 Comm: poc Not tainted 7.0.0-rc7-00195-geb216e422044 #1\n> RIP: 0010:ovs_vport_cmd_set+0x34c/0x400\n> Call Trace:\n> \n> genl_family_rcv_msg_doit (net/netlink/genetlink.c:1116)\n> genl_rcv_msg (net/netlink/genetlink.c:1194)\n> netlink_rcv_skb (net/netlink/af_netlink.c:2550)\n> genl_rcv (net/netlink/genetlink.c:1219)\n> netlink_unicast (net/netlink/af_netlink.c:1344)\n> netlink_sendmsg (net/netlink/af_netlink.c:1894)\n> __sys_sendto (net/socket.c:2206)\n> __x64_sys_sendto (net/socket.c:2209)\n> do_syscall_64 (arch/x86/entry/syscall_64.c:63)\n> entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n> \n> Kernel panic - not syncing: Fatal exception\n> \n> Reject attempts to set more PIDs than nr_cpu_ids in\n> ovs_vport_set_upcall_portids(), and pre-compute the worst-case reply\n> size in ovs_vport_cmd_msg_size() based on that bound, similar to the\n> existing ovs_dp_cmd_msg_size(). nr_cpu_ids matches the cap already\n> used by the per-CPU dispatch configuration on the datapath side\n> (ovs_dp_cmd_fill_info() serialises at most nr_cpu_ids PIDs), so the\n> two sides stay consistent.\n> \n> Fixes: 5cd667b0a456 (\"openvswitch: Allow each vport to have an array of 'port_id's.\")\n> Reported-by: Xiang Mei \n> Signed-off-by: Weiming Shi \n> ---\n> v4 (per Ilya):\n> - Use nr_cpu_ids instead of num_possible_cpus() for consistency with\n> the per-CPU dispatch on the datapath side.\n> - Annotate ovs_vport_cmd_msg_size() per-attribute; split nested sums.\n> v3: Cap at num_possible_cpus(); add ovs_vport_cmd_msg_size(); keep\n> BUG_ON(); fix Fixes tag.\n> v2: Dynamically size reply skb; drop WARN_ON_ONCE, return plain errors.\n\nPlease, don't re-name the patch for every version if there are no changes\nthat actually invalidate the name. It was definitely not necessary in the\npast few versions of this patch. Could've even kept the original name\nfrom v1, it was fine. But please, keep the current v4 name in v5.\n\nThese renames are messing up version tracking. Also, please, add lore links\ninto the changelog for previous versions, especially if you're renaming the\npatch, so reviewers can find the older versions.\n\nIn case you're using AI to help with these patches (which would explain the\nconstant renaming), you should disclose that by adding an Assisted-by tag:\n https://docs.kernel.org/process/coding-assistants.html#attribution\n\n> ---\n> net/openvswitch/datapath.c | 33 +++++++++++++++++++++++++++++++--\n> net/openvswitch/vport.c | 3 +++\n> 2 files changed, 34 insertions(+), 2 deletions(-)\n> \n> diff --git a/net/openvswitch/datapath.c b/net/openvswitch/datapath.c\n> index e209099218b4..35e67e51b0d2 100644\n> --- a/net/openvswitch/datapath.c\n> +++ b/net/openvswitch/datapath.c\n> @@ -2184,9 +2184,38 @@ static int ovs_vport_cmd_fill_info(struct vport *vport, struct sk_buff *skb,\n> \treturn err;\n> }\n> \n> +static size_t ovs_vport_cmd_msg_size(void)\n> +{\n> +\tsize_t msgsize = NLMSG_ALIGN(sizeof(struct ovs_header));\n> +\n> +\tmsgsize += nla_total_size(sizeof(u32)); /* OVS_VPORT_ATTR_PORT_NO */\n> +\tmsgsize += nla_total_size(sizeof(u32)); /* OVS_VPORT_ATTR_TYPE */\n> +\tmsgsize += nla_total_size(IFNAMSIZ); /* OVS_VPORT_ATTR_NAME */\n> +\tmsgsize += nla_total_size(sizeof(u32)); /* OVS_VPORT_ATTR_IFINDEX */\n> +\tmsgsize += nla_total_size(sizeof(s32)); /* OVS_VPORT_ATTR_NETNSID */\n\nAdd an empty line here, it's hard to read when comments are sandwiched\nbetween the code. Same for all the blocks below (empty line before the\ncomment line).\n\n> +\t/* OVS_VPORT_ATTR_STATS */\n> +\tmsgsize += nla_total_size_64bit(sizeof(struct ovs_vport_stats));\n> +\t/* OVS_VPORT_ATTR_UPCALL_STATS(OVS_VPORT_UPCALL_ATTR_SUCCESS +\n> +\t * OVS_VPORT_UPCALL_ATTR_FAIL)\n> +\t */\n> +\tmsgsize += nla_total_size(nla_total_size_64bit(sizeof(u64)) +\n> +\t\t\t\t nla_total_size_64bit(sizeof(u64)));\n> +\t/* OVS_VPORT_ATTR_UPCALL_PID (capped at nr_cpu_ids by\n> +\t * ovs_vport_set_upcall_portids())\n\nThe explanation inside the parentheses is not needed, IMO.\n\nThe rest seems fine to me.\n\nBest regards, Ilya Maximets.","headers":{"Return-Path":"","X-Original-To":["incoming@patchwork.ozlabs.org","dev@openvswitch.org"],"Delivered-To":["patchwork-incoming@legolas.ozlabs.org","ovs-dev@lists.linuxfoundation.org"],"Authentication-Results":["legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org\n (client-ip=140.211.166.138; helo=smtp1.osuosl.org;\n envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org)","smtp1.osuosl.org;\n dmarc=none (p=none dis=none) header.from=ovn.org"],"Received":["from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4fwx31018Jz1yCv\n\tfor ; Thu, 16 Apr 2026 08:41:47 +1000 (AEST)","from localhost (localhost [127.0.0.1])\n\tby smtp1.osuosl.org (Postfix) with ESMTP id E003C8072B;\n\tWed, 15 Apr 2026 22:41:44 +0000 (UTC)","from smtp1.osuosl.org ([127.0.0.1])\n by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP\n id BqYDe1IHcfSH; Wed, 15 Apr 2026 22:41:44 +0000 (UTC)","from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56])\n\tby smtp1.osuosl.org (Postfix) with ESMTPS id F3D368071D;\n\tWed, 15 Apr 2026 22:41:43 +0000 (UTC)","from lf-lists.osuosl.org (localhost [127.0.0.1])\n\tby lists.linuxfoundation.org (Postfix) with ESMTP id BF1B6C054A;\n\tWed, 15 Apr 2026 22:41:43 +0000 (UTC)","from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138])\n by lists.linuxfoundation.org (Postfix) with ESMTP id 80D3CC0549\n for ; Wed, 15 Apr 2026 22:41:42 +0000 (UTC)","from localhost (localhost [127.0.0.1])\n by smtp1.osuosl.org (Postfix) with ESMTP id 603848071C\n for ; Wed, 15 Apr 2026 22:41:42 +0000 (UTC)","from smtp1.osuosl.org ([127.0.0.1])\n by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP\n id 8iPs8J7v6A0S for ;\n Wed, 15 Apr 2026 22:41:41 +0000 (UTC)","from mail-wm1-f68.google.com (mail-wm1-f68.google.com\n [209.85.128.68])\n by smtp1.osuosl.org (Postfix) with ESMTPS id 0F5FA80719\n for ; Wed, 15 Apr 2026 22:41:40 +0000 (UTC)","by mail-wm1-f68.google.com with SMTP id\n 5b1f17b1804b1-488b3f8fa2bso471595e9.1\n for ; Wed, 15 Apr 2026 15:41:40 -0700 (PDT)","from [192.168.88.241] (89-24-32-159.nat.epc.tmcz.cz. [89.24.32.159])\n by smtp.gmail.com with ESMTPSA id\n 5b1f17b1804b1-488f5827145sm4184545e9.13.2026.04.15.15.41.37\n (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);\n Wed, 15 Apr 2026 15:41:38 -0700 (PDT)"],"X-Virus-Scanned":["amavis at osuosl.org","amavis at osuosl.org"],"X-Comment":"SPF check N/A for local connections - client-ip=140.211.9.56;\n helo=lists.linuxfoundation.org;\n envelope-from=ovs-dev-bounces@openvswitch.org; receiver= ","DKIM-Filter":["OpenDKIM Filter v2.11.0 smtp1.osuosl.org F3D368071D","OpenDKIM Filter v2.11.0 smtp1.osuosl.org 0F5FA80719"],"Received-SPF":"Pass (mailfrom) identity=mailfrom; client-ip=209.85.128.68;\n helo=mail-wm1-f68.google.com; envelope-from=i.maximets.ovn@gmail.com;\n receiver=","DMARC-Filter":"OpenDMARC Filter v1.4.2 smtp1.osuosl.org 0F5FA80719","X-Google-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20251104; t=1776292899; x=1776897699;\n h=content-transfer-encoding:in-reply-to:autocrypt:from\n :content-language:references:to:subject:cc:user-agent:mime-version\n :date:message-id:x-gm-gg:x-gm-message-state:from:to:cc:subject:date\n :message-id:reply-to;\n bh=pIWwLJ/z71SMElCeVQxzvoG2kHlTfG0aEyp1Q0/iHKI=;\n b=cTb43hyy1q3AMhpL6Yiq+pVXpfJVW0TQ06oiUNfM1ewc5JuExcjTYbMWh4qELiH7ut\n u8il1jQl8phtlt2ddU7q/tDyXu7nuW1Bo2mlwT4Bvj/4rkuxS2U1eHN4nWQ2nuIyVd3N\n xbJSCe6ZlgPmG0XuBJe+ZU7HFZH5ryinYfIsZwdFO66LdkYekAPXPP3Fcbzr1h8kcZXh\n 88z7OEtByY8o9wn6RtVYXGl4K5G6dmMBOB7aKtEmB7UEpiJ0tnYv4r2t6uMEHd4vmoiS\n B4R6kDdfZpL5dqsrOaSOir2ttcNvML5pXN3Mv1qqX++uPJUO5NZ/6WDGJyG1QrkwW/Cg\n t+Qw==","X-Forwarded-Encrypted":"i=1;\n AFNElJ9zmY4NiEAFT+wX0I8P/kxgDrqqiFMuzUtu051MPz/zanVKNuj5Cn5HzpBX96O1+u51+fM=@openvswitch.org","X-Gm-Message-State":"AOJu0YxPmtnWVSKhjNx6o2vBRLQehs17H574IteqLWg6alqkpFVGQhsg\n OQCqUATyuWxY8NGdhTj9PDpvVM2mdqPLyvDD1W8CX1iNGMODdwL/9ciX","X-Gm-Gg":"AeBDietIGOeg7pAUsxJqU4cIhcJTCA8iQtudwz80eLn3wYvIcisBLnlYUBiV0dFxmkC\n T4gUqDjex828dtqp0VOrr5671ItfC7DsispxPPP7LF7WZzWMWstFkEg4V/4lrrDhdeI+pEmG2jB\n kJIhs2aAE4n27rfmzbVnzIE+XKPmC5HWJ+fO7pUIbpnOXUhxuxc6rowB5PPG+rBJcPRzKvvsbiu\n 0tX8VS0iJB3zPER/O93uopHfX2RFtybLycbmcwNGN+qB1kG/urfv/6d0YXEbejAegeD+59nrK7Q\n uMxAE26jsMHrkg2su1koczSUCqyEYl5wMu/oJWOD2kaGJanL97xlh5qP6Az/7bute7Ayjc9/X0S\n Zvcyv4m5TtRnFJvp5o+E0waYPECwwGC3IdqNQnZdmP1PO/AeqYVnhCTKM3/orCJQxHYs/wITw1R\n yVxwH654Q+Y+qIa4SDKodDPkbN/FDv/sq7SEgqDUkRgM/peNXTXLJasT0=","X-Received":"by 2002:a05:600c:1e28:b0:488:9c3b:ff40 with SMTP id\n 5b1f17b1804b1-488f4829bc6mr14356225e9.15.1776292898554;\n Wed, 15 Apr 2026 15:41:38 -0700 (PDT)","Message-ID":"","Date":"Thu, 16 Apr 2026 00:41:36 +0200","MIME-Version":"1.0","User-Agent":"Mozilla Thunderbird","Cc":"i.maximets@ovn.org, Simon Horman ,\n netdev@vger.kernel.org, dev@openvswitch.org, Xiang Mei ","To":"Weiming Shi , Aaron Conole ,\n Eelco Chaudron , \"David S . Miller\"\n , Eric Dumazet ,\n Jakub Kicinski , Paolo Abeni ","References":"<20260415125121.110874-2-bestswngs@gmail.com>","Content-Language":"en-US","From":"Ilya Maximets ","Autocrypt":"addr=i.maximets@ovn.org; keydata=\n xsFNBF77bOMBEADVZQ4iajIECGfH3hpQMQjhIQlyKX4hIB3OccKl5XvB/JqVPJWuZQRuqNQG\n /B70MP6km95KnWLZ4H1/5YOJK2l7VN7nO+tyF+I+srcKq8Ai6S3vyiP9zPCrZkYvhqChNOCF\n pNqdWBEmTvLZeVPmfdrjmzCLXVLi5De9HpIZQFg/Ztgj1AZENNQjYjtDdObMHuJQNJ6ubPIW\n cvOOn4WBr8NsP4a2OuHSTdVyAJwcDhu+WrS/Bj3KlQXIdPv3Zm5x9u/56NmCn1tSkLrEgi0i\n /nJNeH5QhPdYGtNzPixKgPmCKz54/LDxU61AmBvyRve+U80ukS+5vWk8zvnCGvL0ms7kx5sA\n tETpbKEV3d7CB3sQEym8B8gl0Ux9KzGp5lbhxxO995KWzZWWokVUcevGBKsAx4a/C0wTVOpP\n FbQsq6xEpTKBZwlCpxyJi3/PbZQJ95T8Uw6tlJkPmNx8CasiqNy2872gD1nN/WOP8m+cIQNu\n o6NOiz6VzNcowhEihE8Nkw9V+zfCxC8SzSBuYCiVX6FpgKzY/Tx+v2uO4f/8FoZj2trzXdLk\n BaIiyqnE0mtmTQE8jRa29qdh+s5DNArYAchJdeKuLQYnxy+9U1SMMzJoNUX5uRy6/3KrMoC/\n 7zhn44x77gSoe7XVM6mr/mK+ViVB7v9JfqlZuiHDkJnS3yxKPwARAQABzSJJbHlhIE1heGlt\n ZXRzIDxpLm1heGltZXRzQG92bi5vcmc+wsGUBBMBCAA+AhsDBQsJCAcCBhUKCQgLAgQWAgMB\n Ah4BAheAFiEEh+ma1RKWrHCY821auffsd8gpv5YFAmfB9JAFCQyI7q0ACgkQuffsd8gpv5YQ\n og/8DXt1UOznvjdXRHVydbU6Ws+1iUrxlwnFH4WckoFgH4jAabt25yTa1Z4YX8Vz0mbRhTPX\n M/j1uORyObLem3of4YCd4ymh7nSu++KdKnNsZVHxMcoiic9ILPIaWYa8kTvyIDT2AEVfn9M+\n vskM0yDbKa6TAHgr/0jCxbS+mvN0ZzDuR/LHTgy3e58097SWJohj0h3Dpu+XfuNiZCLCZ1/G\n AbBCPMw+r7baH/0evkX33RCBZwvh6tKu+rCatVGk72qRYNLCwF0YcGuNBsJiN9Aa/7ipkrA7\n Xp7YvY3Y1OrKnQfdjp3mSXmknqPtwqnWzXvdfkWkZKShu0xSk+AjdFWCV3NOzQaH3CJ67NXm\n aPjJCIykoTOoQ7eEP6+m3WcgpRVkn9bGK9ng03MLSymTPmdINhC5pjOqBP7hLqYi89GN0MIT\n Ly2zD4m/8T8wPV9yo7GRk4kkwD0yN05PV2IzJECdOXSSStsf5JWObTwzhKyXJxQE+Kb67Wwa\n LYJgltFjpByF5GEO4Xe7iYTjwEoSSOfaR0kokUVM9pxIkZlzG1mwiytPadBt+VcmPQWcO5pi\n WxUI7biRYt4aLriuKeRpk94ai9+52KAk7Lz3KUWoyRwdZINqkI/aDZL6meWmcrOJWCUMW73e\n 4cMqK5XFnGqolhK4RQu+8IHkSXtmWui7LUeEvO/OwU0EXvts4wEQANCXyDOic0j2QKeyj/ga\n OD1oKl44JQfOgcyLVDZGYyEnyl6b/tV1mNb57y/YQYr33fwMS1hMj9eqY6tlMTNz+ciGZZWV\n YkPNHA+aFuPTzCLrapLiz829M5LctB2448bsgxFq0TPrr5KYx6AkuWzOVq/X5wYEM6djbWLc\n VWgJ3o0QBOI4/uB89xTf7mgcIcbwEf6yb/86Cs+jaHcUtJcLsVuzW5RVMVf9F+Sf/b98Lzrr\n 2/mIB7clOXZJSgtV79Alxym4H0cEZabwiXnigjjsLsp4ojhGgakgCwftLkhAnQT3oBLH/6ix\n 87ahawG3qlyIB8ZZKHsvTxbWte6c6xE5dmmLIDN44SajAdmjt1i7SbAwFIFjuFJGpsnfdQv1\n OiIVzJ44kdRJG8kQWPPua/k+AtwJt/gjCxv5p8sKVXTNtIP/sd3EMs2xwbF8McebLE9JCDQ1\n RXVHceAmPWVCq3WrFuX9dSlgf3RWTqNiWZC0a8Hn6fNDp26TzLbdo9mnxbU4I/3BbcAJZI9p\n 9ELaE9rw3LU8esKqRIfaZqPtrdm1C+e5gZa2gkmEzG+WEsS0MKtJyOFnuglGl1ZBxR1uFvbU\n VXhewCNoviXxkkPk/DanIgYB1nUtkPC+BHkJJYCyf9Kfl33s/bai34aaxkGXqpKv+CInARg3\n fCikcHzYYWKaXS6HABEBAAHCwXwEGAEIACYCGwwWIQSH6ZrVEpascJjzbVq59+x3yCm/lgUC\n Z8H0qQUJDIjuxgAKCRC59+x3yCm/loAdD/wJCOhPp9711J18B9c4f+eNAk5vrC9Cj3RyOusH\n Hebb9HtSFm155Zz3xiizw70MSyOVikjbTocFAJo5VhkyuN0QJIP678SWzriwym+EG0B5P97h\n FSLBlRsTi4KD8f1Ll3OT03lD3o/5Qt37zFgD4mCD6OxAShPxhI3gkVHBuA0GxF01MadJEjMu\n jWgZoj75rCLG9sC6L4r28GEGqUFlTKjseYehLw0s3iR53LxS7HfJVHcFBX3rUcKFJBhuO6Ha\n /GggRvTbn3PXxR5UIgiBMjUlqxzYH4fe7pYR7z1m4nQcaFWW+JhY/BYHJyMGLfnqTn1FsIwP\n dbhEjYbFnJE9Vzvf+RJcRQVyLDn/TfWbETf0bLGHeF2GUPvNXYEu7oKddvnUvJK5U/BuwQXy\n TRFbae4Ie96QMcPBL9ZLX8M2K4XUydZBeHw+9lP1J6NJrQiX7MzexpkKNy4ukDzPrRE/ruui\n yWOKeCw9bCZX4a/uFw77TZMEq3upjeq21oi6NMTwvvWWMYuEKNi0340yZRrBdcDhbXkl9x/o\n skB2IbnvSB8iikbPng1ihCTXpA2yxioUQ96Akb+WEGopPWzlxTTK+T03G2ljOtspjZXKuywV\n Wu/eHyqHMyTu8UVcMRR44ki8wam0LMs+fH4dRxw5ck69AkV+JsYQVfI7tdOu7+r465LUfg==","In-Reply-To":"<20260415125121.110874-2-bestswngs@gmail.com>","Subject":"Re: [ovs-dev] [PATCH net v4] openvswitch: cap upcall PID array size\n and pre-size vport replies","X-BeenThere":"ovs-dev@openvswitch.org","X-Mailman-Version":"2.1.30","Precedence":"list","List-Id":"","List-Unsubscribe":",\n ","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n ","Content-Type":"text/plain; charset=\"us-ascii\"","Content-Transfer-Encoding":"7bit","Errors-To":"ovs-dev-bounces@openvswitch.org","Sender":"\"dev\" "}}]