From patchwork Mon Mar 25 11:08:22 2013 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Wei Liu X-Patchwork-Id: 230626 X-Patchwork-Delegate: davem@davemloft.net Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id A44F72C00A9 for ; Mon, 25 Mar 2013 22:08:39 +1100 (EST) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1756449Ab3CYLIf (ORCPT ); Mon, 25 Mar 2013 07:08:35 -0400 Received: from smtp02.citrix.com ([66.165.176.63]:49608 "EHLO SMTP02.CITRIX.COM" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1756380Ab3CYLId (ORCPT ); Mon, 25 Mar 2013 07:08:33 -0400 X-IronPort-AV: E=Sophos;i="4.84,904,1355097600"; d="scan'208";a="14600468" Received: from accessns.citrite.net (HELO FTLPEX01CL03.citrite.net) ([10.9.154.239]) by FTLPIPO02.CITRIX.COM with ESMTP/TLS/AES128-SHA; 25 Mar 2013 11:08:32 +0000 Received: from ukmail1.uk.xensource.com (10.80.16.128) by smtprelay.citrix.com (10.13.107.80) with Microsoft SMTP Server id 14.2.342.3; Mon, 25 Mar 2013 07:08:32 -0400 Received: from dt47.uk.xensource.com ([10.80.229.47]) by ukmail1.uk.xensource.com with esmtp (Exim 4.69) (envelope-from ) id 1UK5GS-0002VI-19; Mon, 25 Mar 2013 11:08:32 +0000 From: Wei Liu To: , CC: , , , , Wei Liu Subject: [PATCH 6/6] xen-netback: don't disconnect frontend when seeing oversize frame Date: Mon, 25 Mar 2013 11:08:22 +0000 Message-ID: <1364209702-12437-7-git-send-email-wei.liu2@citrix.com> X-Mailer: git-send-email 1.7.10.4 In-Reply-To: <1364209702-12437-1-git-send-email-wei.liu2@citrix.com> References: <1364209702-12437-1-git-send-email-wei.liu2@citrix.com> MIME-Version: 1.0 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Some buggy frontends may generate frames larger than 64 KiB. We should aggresively consume all slots and drop the packet instead of disconnecting the frontend. Signed-off-by: David Vrabel Signed-off-by: Wei Liu --- drivers/net/xen-netback/netback.c | 32 ++++++++++++++++++++++++++------ 1 file changed, 26 insertions(+), 6 deletions(-) diff --git a/drivers/net/xen-netback/netback.c b/drivers/net/xen-netback/netback.c index a634dc5..1971623 100644 --- a/drivers/net/xen-netback/netback.c +++ b/drivers/net/xen-netback/netback.c @@ -924,10 +924,12 @@ static void netbk_fatal_tx_err(struct xenvif *vif) static int netbk_count_requests(struct xenvif *vif, struct xen_netif_tx_request *first, struct xen_netif_tx_request *txp, - int work_to_do) + int work_to_do, + RING_IDX first_idx) { RING_IDX cons = vif->tx.req_cons; int slots = 0; + bool drop = false; if (!(first->flags & XEN_NETTXF_more_data)) return 0; @@ -947,10 +949,21 @@ static int netbk_count_requests(struct xenvif *vif, memcpy(txp, RING_GET_REQUEST(&vif->tx, cons + slots), sizeof(*txp)); - if (txp->size > first->size) { - netdev_err(vif->dev, "Packet is bigger than frame.\n"); - netbk_fatal_tx_err(vif); - return -EIO; + + /* If the guest submitted a frame >= 64 KiB then + * first->size overflowed and following slots will + * appear to be larger than the frame. + * + * This cannot be fatal error as there are buggy + * frontends that do this. + * + * Consume all slots and drop the packet. + */ + if (!drop && txp->size > first->size) { + if (net_ratelimit()) + netdev_dbg(vif->dev, + "Packet is bigger than frame.\n"); + drop = true; } first->size -= txp->size; @@ -963,6 +976,12 @@ static int netbk_count_requests(struct xenvif *vif, return -EINVAL; } } while ((txp++)->flags & XEN_NETTXF_more_data); + + if (drop) { + netbk_tx_err(vif, first, first_idx + slots); + return -EIO; + } + return slots; } @@ -1429,7 +1448,8 @@ static unsigned xen_netbk_tx_build_gops(struct xen_netbk *netbk) continue; } - ret = netbk_count_requests(vif, &txreq, txfrags, work_to_do); + ret = netbk_count_requests(vif, &txreq, txfrags, + work_to_do, idx); if (unlikely(ret < 0)) continue;