diff options
author | Ben Pfaff <blp@nicira.com> | 2015-01-11 13:45:36 -0800 |
---|---|---|
committer | Ben Pfaff <blp@nicira.com> | 2015-01-11 13:45:36 -0800 |
commit | 0f3358ea4227bce79580870f139c82c9a5cfe75d (patch) | |
tree | ed439817a6aff037e0dc3cd85caa2dab7c7d023d | |
parent | 91496302bd818aa2b69598cc338a76c4d4c9e2ad (diff) | |
download | openvswitch-0f3358ea4227bce79580870f139c82c9a5cfe75d.tar.gz |
dpif-netlink: Drop oversized packets instead of assert-failing.
A packet sent to a Netlink datapath has to fit within a Netlink attribute.
Until now, this was only checked in an assertion inside the Netlink code,
which meant that trying to send a too-large packet (approximate 64 kB or
larger) would assert-fail. It's better to just drop those packets, which
this commit does.
Reported-by: Shuping Cui <scui@redhat.com>
Reported-by: Jiri Benc <jbenc@redhat.com>
Signed-off-by: Ben Pfaff <blp@nicira.com>
Acked-by: Jesse Gross <jesse@nicira.com>
-rw-r--r-- | lib/dpif-netlink.c | 40 |
1 files changed, 29 insertions, 11 deletions
diff --git a/lib/dpif-netlink.c b/lib/dpif-netlink.c index fe5a1b0d9..8f0eca6e3 100644 --- a/lib/dpif-netlink.c +++ b/lib/dpif-netlink.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013, 2014 Nicira, Inc. + * Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015 Nicira, Inc. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -1534,12 +1534,15 @@ dpif_netlink_encode_execute(int dp_ifindex, const struct dpif_execute *d_exec, } } -#define MAX_OPS 50 - -static void +/* Executes, against 'dpif', up to the first 'n_ops' operations in 'ops'. + * Returns the number actually executed (at least 1, if 'n_ops' is + * positive). */ +static size_t dpif_netlink_operate__(struct dpif_netlink *dpif, struct dpif_op **ops, size_t n_ops) { + enum { MAX_OPS = 50 }; + struct op_auxdata { struct nl_transaction txn; @@ -1553,13 +1556,12 @@ dpif_netlink_operate__(struct dpif_netlink *dpif, struct nl_transaction *txnsp[MAX_OPS]; size_t i; - ovs_assert(n_ops <= MAX_OPS); + n_ops = MIN(n_ops, MAX_OPS); for (i = 0; i < n_ops; i++) { struct op_auxdata *aux = &auxes[i]; struct dpif_op *op = ops[i]; struct dpif_flow_put *put; struct dpif_flow_del *del; - struct dpif_execute *execute; struct dpif_flow_get *get; struct dpif_netlink_flow flow; @@ -1592,9 +1594,24 @@ dpif_netlink_operate__(struct dpif_netlink *dpif, break; case DPIF_OP_EXECUTE: - execute = &op->u.execute; - dpif_netlink_encode_execute(dpif->dp_ifindex, execute, - &aux->request); + /* Can't execute a packet that won't fit in a Netlink attribute. */ + if (OVS_UNLIKELY(nl_attr_oversized( + ofpbuf_size(op->u.execute.packet)))) { + /* Report an error immediately if this is the first operation. + * Otherwise the easiest thing to do is to postpone to the next + * call (when this will be the first operation). */ + if (i == 0) { + VLOG_ERR_RL(&error_rl, + "dropping oversized %"PRIu32"-byte packet", + ofpbuf_size(op->u.execute.packet)); + op->error = ENOBUFS; + return 1; + } + n_ops = i; + } else { + dpif_netlink_encode_execute(dpif->dp_ifindex, &op->u.execute, + &aux->request); + } break; case DPIF_OP_FLOW_GET: @@ -1678,6 +1695,8 @@ dpif_netlink_operate__(struct dpif_netlink *dpif, ofpbuf_uninit(&aux->request); ofpbuf_uninit(&aux->reply); } + + return n_ops; } static void @@ -1686,8 +1705,7 @@ dpif_netlink_operate(struct dpif *dpif_, struct dpif_op **ops, size_t n_ops) struct dpif_netlink *dpif = dpif_netlink_cast(dpif_); while (n_ops > 0) { - size_t chunk = MIN(n_ops, MAX_OPS); - dpif_netlink_operate__(dpif, ops, chunk); + size_t chunk = dpif_netlink_operate__(dpif, ops, n_ops); ops += chunk; n_ops -= chunk; } |