[ovs-dev] [PATCH net-next v1 2/3] net: openvswitch: set max limitation to meters

xiangxia . m . yue Sat, 28 Mar 2020 08:47:00 -0700

From: Tonghao Zhang <[email protected]>

Don't allow user to create meter unlimitedly, which
may cause to consume a large amount of kernel memory.
The 200,000 meters may be fine in general case.


Cc: Pravin B Shelar <[email protected]>
Cc: Andy Zhou <[email protected]>
Signed-off-by: Tonghao Zhang <[email protected]>
---
 net/openvswitch/meter.c | 14 +++++++++-----
 net/openvswitch/meter.h |  3 ++-
 2 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/net/openvswitch/meter.c b/net/openvswitch/meter.c
index 98003b201b45..5efd48e024f0 100644
--- a/net/openvswitch/meter.c
+++ b/net/openvswitch/meter.c
@@ -256,7 +256,7 @@ static int ovs_meter_cmd_features(struct sk_buff *skb, 
struct genl_info *info)
        if (IS_ERR(reply))
                return PTR_ERR(reply);
 
-       if (nla_put_u32(reply, OVS_METER_ATTR_MAX_METERS, U32_MAX) ||
+       if (nla_put_u32(reply, OVS_METER_ATTR_MAX_METERS, DP_MAX_METERS) ||
            nla_put_u32(reply, OVS_METER_ATTR_MAX_BANDS, DP_MAX_BANDS))
                goto nla_put_failure;
 
@@ -284,13 +284,17 @@ static int ovs_meter_cmd_features(struct sk_buff *skb, 
struct genl_info *info)
 
 static struct dp_meter *dp_meter_create(struct nlattr **a)
 {
+       u32 meter_id = nla_get_u32(a[OVS_METER_ATTR_ID]);
+       struct dp_meter_band *band;
+       struct dp_meter *meter;
        struct nlattr *nla;
-       int rem;
        u16 n_bands = 0;
-       struct dp_meter *meter;
-       struct dp_meter_band *band;
+       int rem;
        int err;
 
+       if (meter_id > DP_MAX_METERS)
+               return ERR_PTR(-EFBIG);
+
        /* Validate attributes, count the bands. */
        if (!a[OVS_METER_ATTR_BANDS])
                return ERR_PTR(-EINVAL);
@@ -304,7 +308,7 @@ static struct dp_meter *dp_meter_create(struct nlattr **a)
        if (!meter)
                return ERR_PTR(-ENOMEM);
 
-       meter->id = nla_get_u32(a[OVS_METER_ATTR_ID]);
+       meter->id = meter_id;
        meter->used = div_u64(ktime_get_ns(), 1000 * 1000);
        meter->kbps = a[OVS_METER_ATTR_KBPS] ? 1 : 0;
        meter->keep_stats = !a[OVS_METER_ATTR_CLEAR];
diff --git a/net/openvswitch/meter.h b/net/openvswitch/meter.h
index bc84796d7d4d..9ff7a9200d0d 100644
--- a/net/openvswitch/meter.h
+++ b/net/openvswitch/meter.h
@@ -17,7 +17,8 @@
 #include "flow.h"
 struct datapath;
 
-#define DP_MAX_BANDS           1
+#define DP_MAX_METERS  (200000ULL)
+#define DP_MAX_BANDS   1
 
 struct dp_meter_band {
        u32 type;
-- 
2.23.0

_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev

[ovs-dev] [PATCH net-next v1 2/3] net: openvswitch: set max limitation to meters

Reply via email to