From patchwork Mon Sep 27 12:51:09 2010 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jason Wang X-Patchwork-Id: 212132 Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by demeter1.kernel.org (8.14.4/8.14.3) with ESMTP id o8RCpP5D016664 for ; Mon, 27 Sep 2010 12:51:25 GMT Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1759149Ab0I0MvX (ORCPT ); Mon, 27 Sep 2010 08:51:23 -0400 Received: from mx1.redhat.com ([209.132.183.28]:34296 "EHLO mx1.redhat.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1759136Ab0I0MvV (ORCPT ); Mon, 27 Sep 2010 08:51:21 -0400 Received: from int-mx03.intmail.prod.int.phx2.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.16]) by mx1.redhat.com (8.13.8/8.13.8) with ESMTP id o8RCpJeX016824 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK); Mon, 27 Sep 2010 08:51:19 -0400 Received: from dhcp-91-7.nay.redhat.com.englab.nay.redhat.com (dhcp-91-7.nay.redhat.com [10.66.91.7]) by int-mx03.intmail.prod.int.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id o8RCpGYm007737; Mon, 27 Sep 2010 08:51:17 -0400 Subject: [RFC PATCH 3/4] virtio-net: Limit the num of uni/multicast mac addresses To: qemu-devel@nongnu.org, anthony@codemonkey.ws, mst@redhat.com From: Jason Wang Cc: kvm@vger.kernel.org Date: Mon, 27 Sep 2010 20:51:09 +0800 Message-ID: <20100927125109.12060.19145.stgit@dhcp-91-7.nay.redhat.com.englab.nay.redhat.com> In-Reply-To: <20100927124606.12060.66912.stgit@dhcp-91-7.nay.redhat.com.englab.nay.redhat.com> References: <20100927124606.12060.66912.stgit@dhcp-91-7.nay.redhat.com.englab.nay.redhat.com> User-Agent: StGit/0.15 MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.67 on 10.5.11.16 Sender: kvm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: kvm@vger.kernel.org X-Greylist: IP, sender and recipient auto-whitelisted, not delayed by milter-greylist-4.2.3 (demeter1.kernel.org [140.211.167.41]); Mon, 27 Sep 2010 12:51:26 +0000 (UTC) diff --git a/hw/virtio-net.c b/hw/virtio-net.c index 0a9cae2..79afb65 100644 --- a/hw/virtio-net.c +++ b/hw/virtio-net.c @@ -291,7 +291,9 @@ static int virtio_net_handle_mac(VirtIONet *n, uint8_t cmd, mac_data.entries * ETH_ALEN); n->mac_table.in_use += mac_data.entries; } else { - n->mac_table.uni_overflow = 1; + /* Gratuitous packet could not be built properly in overflow mode, so we + * never allow uni_overflow here. */ + return VIRTIO_NET_ERR; } n->mac_table.first_multi = n->mac_table.in_use; @@ -309,7 +311,9 @@ static int virtio_net_handle_mac(VirtIONet *n, uint8_t cmd, mac_data.entries * ETH_ALEN); n->mac_table.in_use += mac_data.entries; } else { - n->mac_table.multi_overflow = 1; + /* Gratuitous packet could not be built properly in overflow mode, + * so we never allow multi_overflow here. */ + return VIRTIO_NET_ERR; } } @@ -844,9 +848,8 @@ static int virtio_net_load(QEMUFile *f, void *opaque, int version_id) qemu_get_buffer(f, n->mac_table.macs, n->mac_table.in_use * ETH_ALEN); } else if (n->mac_table.in_use) { - qemu_fseek(f, n->mac_table.in_use * ETH_ALEN, SEEK_CUR); - n->mac_table.multi_overflow = n->mac_table.uni_overflow = 1; - n->mac_table.in_use = 0; + error_report("virtio-net: Overflow was not permitted."); + return -EINVAL; } } @@ -873,6 +876,10 @@ static int virtio_net_load(QEMUFile *f, void *opaque, int version_id) if (version_id >= 9) { n->mac_table.multi_overflow = qemu_get_byte(f); n->mac_table.uni_overflow = qemu_get_byte(f); + if (n->mac_table.multi_overflow || n->mac_table.uni_overflow) { + error_report("virtio-net: Overflow was not permitted"); + return -EINVAL; + } } if (version_id >= 10) {