Received: by 2002:a25:d783:0:0:0:0:0 with SMTP id o125csp658911ybg;
        Thu, 19 Mar 2020 06:33:04 -0700 (PDT)
X-Google-Smtp-Source: ADFU+vuyPQDjTkwVYJywCgVbbzrmhXY3Gpno0ITBilQYykjEsP2c7L148bHp7cOMuh6hiSxaXsW7
X-Received: by 2002:aca:fd0d:: with SMTP id b13mr2366906oii.179.1584624784247;
        Thu, 19 Mar 2020 06:33:04 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1584624784; cv=none;
        d=google.com; s=arc-20160816;
        b=vkLEDfzPAHf4QOHqIsxEz0uivLp/Xw5lDwiU/vYdYEIZgrhKLHCgORSstdyo0RQvhk
         qWxpjnlaFqF9Hl/fOCvVcUpOzAnTPtX3B4gnAU/WiyNtJ6mwuW2JtiEAS6g9qxO0GlRv
         7WM+Wo5Arz2lfYGFSbFxWcOjAGNCLeFqg361srxYXpXNg+j8VIkHwZqg6Gm4Hlw0Tfu+
         EA99mPeFnPeA3lOTRIZSnrPaMcsOqVVQNpe3EKCpGt/5uZccNa73SSPAGJj62lANUMjI
         qiIfqK5V3A8mMjkdKfRT2IKqz2YWMIiRxH92pOJ70WO2aJ96GqegffLlhQ4RcK3Z8ugx
         nN4Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding:mime-version
         :user-agent:references:in-reply-to:message-id:date:subject:cc:to
         :from:dkim-signature;
        bh=9z1SC4peY42nAH92cfkL9DxtzFuFNjZsu+huvS2UQys=;
        b=Azl66KxtgSknBWgEZcu+G4kW1n8VwJkANyZ4sVaVyFUGIyGBBzLBgkY8ru0QmYRGSf
         H5eDivgmTW3FHdRe8shj/7BiRHf5yleaOUTDgkPzI9z3SA5PPzSEyCVwVAancLCN2nDs
         ZjjAsyJ/97lT+M0cjX7+WdOln/6y9FGoOjVE73aRLkrE0PVnG34fAoHrJwkJyrPurroS
         Vwnf4yigYaOW7F8wk9byexsnpENPAcPHmD53b4yc9zZs81rnjabyVWmOV0W5OseAY2xg
         +ttMNlJuxNPPzqV/9LGoqSU1yZnxnmxC7HTpYS85d5ZI/WOgRLVOWiYqGDjWCHOE17Nf
         L8TA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=EJ9ziQs+;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id y65si997327oie.92.2020.03.19.06.32.51;
        Thu, 19 Mar 2020 06:33:04 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@kernel.org header.s=default header.b=EJ9ziQs+;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1728779AbgCSNPc (ORCPT <rfc822;lans.zhang2008@gmail.com>
        + 99 others); Thu, 19 Mar 2020 09:15:32 -0400
Received: from mail.kernel.org ([198.145.29.99]:35344 "EHLO mail.kernel.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1729420AbgCSNP3 (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 19 Mar 2020 09:15:29 -0400
Received: from localhost (83-86-89-107.cable.dynamic.v4.ziggo.nl [83.86.89.107])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.kernel.org (Postfix) with ESMTPSA id A486420724;
        Thu, 19 Mar 2020 13:15:28 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
        s=default; t=1584623729;
        bh=LwGtMzxaubBnMYxIqHVX2TSfy4YLY5UyzD5VZ0mCWSs=;
        h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
        b=EJ9ziQs+srM2/PYhD98h/7IcINsV1rhAiO+eF6FyybIui9UWQSofGHJSQt5NZrdpc
         60lQ6jfejyQ72vqWrK1vlvynZMX71cO9k9NWysQMf1PlUUAS27QZOTMDYAqp9M3sXC
         MEmK+no/QCQADQPJYmC+jWklbdzeY/RB7XDUH7sI=
From:   Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To:     linux-kernel@vger.kernel.org
Cc:     Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        stable@vger.kernel.org, Mahesh Bandewar <maheshb@google.com>,
        "David S. Miller" <davem@davemloft.net>
Subject: [PATCH 4.14 32/99] macvlan: add cond_resched() during multicast processing
Date:   Thu, 19 Mar 2020 14:03:10 +0100
Message-Id: <20200319123951.511677378@linuxfoundation.org>
X-Mailer: git-send-email 2.25.2
In-Reply-To: <20200319123941.630731708@linuxfoundation.org>
References: <20200319123941.630731708@linuxfoundation.org>
User-Agent: quilt/0.66
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Mahesh Bandewar <maheshb@google.com>

[ Upstream commit ce9a4186f9ac475c415ffd20348176a4ea366670 ]

The Rx bound multicast packets are deferred to a workqueue and
macvlan can also suffer from the same attack that was discovered
by Syzbot for IPvlan. This solution is not as effective as in
IPvlan. IPvlan defers all (Tx and Rx) multicast packet processing
to a workqueue while macvlan does this way only for the Rx. This
fix should address the Rx codition to certain extent.

Tx is still suseptible. Tx multicast processing happens when
.ndo_start_xmit is called, hence we cannot add cond_resched().
However, it's not that severe since the user which is generating
 / flooding will be affected the most.

Fixes: 412ca1550cbe ("macvlan: Move broadcasts into a work queue")
Signed-off-by: Mahesh Bandewar <maheshb@google.com>
Signed-off-by: David S. Miller <davem@davemloft.net>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 drivers/net/macvlan.c |    2 ++
 1 file changed, 2 insertions(+)

--- a/drivers/net/macvlan.c
+++ b/drivers/net/macvlan.c
@@ -338,6 +338,8 @@ static void macvlan_process_broadcast(st
 		if (src)
 			dev_put(src->dev);
 		kfree_skb(skb);
+
+		cond_resched();
 	}
 }