diff mbox

[ovs-dev,3/3] ipfix: Fix SIGFPE in bridge exporter sampling.

Message ID etPan.55f3198e.202e2383.2446@rlenglet-mac
State Not Applicable
Headers show

Commit Message

Romain Lenglet Sept. 11, 2015, 6:12 p.m. UTC 
LGTM, thanks!

Acked-by: Romain Lenglet <romain.lenglet@oracle.com>
-- 
Romain Lenglet

On September 10, 2015 at 6:41:43 PM, Joe Stringer (joestringer@nicira.com) wrote:

A divide-by-zero exception like the below could occur when IPFIX  
configuration is cleared while handling sampled packets from the  
datapath. While it's not valid to configure the sampling probability of  
IPFIX to zero via explicitly setting it in OVSDB, it is possible to  
clear the configuration, which results in a probability of zero. In this  
case, there is a window during which it is possible for upcalls to find  
the cleared IPFIX object and attempt to perform sampling using it. Fix  
the issue by ensuring that the probability is nonzero before using it.  

"Program terminated with signal SIGFPE, Arithmetic exception."  

dpif_ipfix_bridge_sample (...) at ../ofproto/ofproto-dpif-ipfix.c:1701  
process_upcall (...) at ../ofproto/ofproto-dpif-upcall.c:1145  
recv_upcalls (...) at ../ofproto/ofproto-dpif-upcall.c:705  
udpif_upcall_handler (...) at ../ofproto/ofproto-dpif-upcall.c:631  
ovsthread_wrapper (...) at ../lib/ovs-thread.c:340  
start_thread (...) at pthread_create.c:312  
clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111  

Signed-off-by: Joe Stringer <joestringer@nicira.com>  
---  
Given that there's a couple of other places in the IPFIX code that check  
the probability before using it, I'm assuming this isn't an invariant and  
this is a reasonable place to fix the bug. I haven't looked into whether  
this kind of bug may affect other sampling implementations in OVS.  
---  
ofproto/ofproto-dpif-ipfix.c | 4 ++++  
1 file changed, 4 insertions(+)  

--  
2.1.4

Comments

Joe Stringer Sept. 11, 2015, 10:27 p.m. UTC | #1 
On 11 September 2015 at 11:12, Romain Lenglet <romain.lenglet@oracle.com> wrote:
> LGTM, thanks!
>
> Acked-by: Romain Lenglet <romain.lenglet@oracle.com>

Thanks, applied to master and branch-2.[134].
diff mbox

Patch

diff --git a/ofproto/ofproto-dpif-ipfix.c b/ofproto/ofproto-dpif-ipfix.c  
index 48ff827..9ad8fa2 100644  
--- a/ofproto/ofproto-dpif-ipfix.c  
+++ b/ofproto/ofproto-dpif-ipfix.c  
@@ -1692,6 +1692,10 @@  dpif_ipfix_bridge_sample(struct dpif_ipfix *di, const struct dp_packet *packet,  
struct dpif_ipfix_port * tunnel_port = NULL;  

ovs_mutex_lock(&mutex);  
+ if (!bridge_exporter_enabled(di)) {  
+ ovs_mutex_unlock(&mutex);  
+ return;  
+ }  
/* Use the sampling probability as an approximation of the number  
* of matched packets. */  
packet_delta_count = UINT32_MAX / di->bridge_exporter.probability;