Skip to content

Commit

Permalink
macvlan: add cond_resched() during multicast processing
Browse files Browse the repository at this point in the history
The Rx bound multicast packets are deferred to a workqueue and
macvlan can also suffer from the same attack that was discovered
by Syzbot for IPvlan. This solution is not as effective as in
IPvlan. IPvlan defers all (Tx and Rx) multicast packet processing
to a workqueue while macvlan does this way only for the Rx. This
fix should address the Rx codition to certain extent.

Tx is still suseptible. Tx multicast processing happens when
.ndo_start_xmit is called, hence we cannot add cond_resched().
However, it's not that severe since the user which is generating
 / flooding will be affected the most.

Fixes: 412ca15 ("macvlan: Move broadcasts into a work queue")
Signed-off-by: Mahesh Bandewar <maheshb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
  • Loading branch information
Mahesh Bandewar authored and David S. Miller committed Mar 10, 2020

Unverified

No user is associated with the committer email.
1 parent e18b353 commit ce9a418
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions drivers/net/macvlan.c
Original file line number Diff line number Diff line change
@@ -334,6 +334,8 @@ static void macvlan_process_broadcast(struct work_struct *w)
if (src)
dev_put(src->dev);
consume_skb(skb);

cond_resched();
}
}

0 comments on commit ce9a418

Please sign in to comment.