From patchwork Thu Jan 14 23:05:55 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Hannes Frederic Sowa <hannes@stressinduktion.org>
X-Patchwork-Id: 567775
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming@ozlabs.org
Delivered-To: patchwork-incoming@ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 17383140556
	for <patchwork-incoming@ozlabs.org>;
	Fri, 15 Jan 2016 10:06:11 +1100 (AEDT)
Authentication-Results: ozlabs.org; dkim=pass (1024-bit key;
	unprotected) header.d=stressinduktion.org
	header.i=@stressinduktion.org header.b=SkkOWulu;
	dkim=pass (1024-bit key;
	unprotected) header.d=messagingengine.com
	header.i=@messagingengine.com header.b=hU6b2whv;
	dkim-atps=neutral
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1757045AbcANXGF (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);
	Thu, 14 Jan 2016 18:06:05 -0500
Received: from out5-smtp.messagingengine.com ([66.111.4.29]:37157 "EHLO
	out5-smtp.messagingengine.com" rhost-flags-OK-OK-OK-OK)
	by vger.kernel.org with ESMTP id S1756966AbcANXGE (ORCPT
	<rfc822;netdev@vger.kernel.org>); Thu, 14 Jan 2016 18:06:04 -0500
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41])
	by mailout.nyi.internal (Postfix) with ESMTP id 162E0203A3
	for <netdev@vger.kernel.org>; Thu, 14 Jan 2016 18:06:03 -0500 (EST)
Received: from frontend1 ([10.202.2.160])
	by compute1.internal (MEProxy); Thu, 14 Jan 2016 18:06:03 -0500
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=
	stressinduktion.org; h=cc:date:from:message-id:subject:to
	:x-sasl-enc:x-sasl-enc; s=mesmtp; bh=2tiNuvD7FmZW6X0sbAPifaJZR8g
	=; b=SkkOWulufGnmQY9+IfXaWvsQJt0x2AD+uUojiVZA/455SnQ6EXFq7Zg4v3Z
	RSaoHDhsEGrNvgn9aH0Qs11imgU17l9FC0ihuopCmPmEQNC6Lv3ugkaRkNMkQHWv
	+uRGtRZVdrGNAz/etnYWc1N58tARa4gUinWkbc/9XUt+oawc=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:date:from:message-id:subject:to
	:x-sasl-enc:x-sasl-enc; s=smtpout; bh=2tiNuvD7FmZW6X0sbAPifaJZR8
	g=; b=hU6b2whvtKQurob82FpxMq62pUzNCxuyBsn4BlfHxiz7EkS3AJWAhuOMsl
	bAfQLCWLJuE0KubqzDUDtjDPWAVV6bqwXJOEWaDl45w6ALfmItQBQSq+z3IvKAc+
	02/5TGBXxTGarE4lygTcjRpLRFNyZMCGH0kohARUVetSwVuwQ=
X-Sasl-enc: 6NPt4YioM+BfAmWJys27aoP1HJmQYungL0cvNB08Np/m 1452812762
Received: from z.localhost.localdomain (unknown [213.55.184.134])
	by mail.messagingengine.com (Postfix) with ESMTPA id C7C09C016DB;
	Thu, 14 Jan 2016 18:06:01 -0500 (EST)
From: Hannes Frederic Sowa <hannes@stressinduktion.org>
To: netdev@vger.kernel.org
Cc: dev@openvswitch.org, Pravin Shelar <pshelar@ovn.org>
Subject: [PATCH net v2] ovs: add recursion limit to ovs_vport_receive
Date: Fri, 15 Jan 2016 00:05:55 +0100
Message-Id: <1452812755-14018-1-git-send-email-hannes@stressinduktion.org>
X-Mailer: git-send-email 2.5.0
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

It was seen that defective configurations of openvswitch could overwrite
the STACK_END_MAGIC and cause a hard crash of the kernel because of too
many recursions within ovs.

This problem arises due to the high stack usage of openvswitch. The rest
of the kernel is fine with the current limit of 10 (RECURSION_LIMIT).
Thus add an extra recursion limit counter for ovs_vport_receive until
parts of the stack usage is moved to percpu scratch space.

Cc: Pravin Shelar <pshelar@ovn.org>
Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
Reviewed-by: Simon Horman <simon.horman@netronome.com>
---
v2) add preemption protection

 net/openvswitch/vport.c | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

diff --git a/net/openvswitch/vport.c b/net/openvswitch/vport.c
index 31cbc8c5c7db82..238fe435ca5877 100644
--- a/net/openvswitch/vport.c
+++ b/net/openvswitch/vport.c
@@ -426,6 +426,9 @@ u32 ovs_vport_find_upcall_portid(const struct vport *vport, struct sk_buff *skb)
 	return ids->ids[ids_index];
 }
 
+static DEFINE_PER_CPU(int, ovs_recursion);
+static const int ovs_recursion_limit = 8;
+
 /**
  *	ovs_vport_receive - pass up received packet to the datapath for processing
  *
@@ -442,6 +445,15 @@ int ovs_vport_receive(struct vport *vport, struct sk_buff *skb,
 	struct sw_flow_key key;
 	int error;
 
+	preempt_disable();
+	if (__this_cpu_inc_return(ovs_recursion) > ovs_recursion_limit) {
+		net_crit_ratelimited("ovs: recursion limit reached on datapath %s, probable configuration error\n",
+				     ovs_dp_name(vport->dp));
+		error = -ENETDOWN;
+		kfree_skb(skb);
+		goto out;
+	}
+
 	OVS_CB(skb)->input_vport = vport;
 	OVS_CB(skb)->mru = 0;
 	if (unlikely(dev_net(skb->dev) != ovs_dp_get_net(vport->dp))) {
@@ -457,10 +469,14 @@ int ovs_vport_receive(struct vport *vport, struct sk_buff *skb,
 	error = ovs_flow_key_extract(tun_info, skb, &key);
 	if (unlikely(error)) {
 		kfree_skb(skb);
-		return error;
+		goto out;
 	}
+
 	ovs_dp_process_packet(skb, &key);
-	return 0;
+out:
+	__this_cpu_dec(ovs_recursion);
+	preempt_enable();
+	return error;
 }
 EXPORT_SYMBOL_GPL(ovs_vport_receive);