• Wei Liu's avatar
    xen-netback: disable rogue vif in kthread context · e9d8b2c2
    Wei Liu authored
    When netback discovers frontend is sending malformed packet it will
    disables the interface which serves that frontend.
    
    However disabling a network interface involving taking a mutex which
    cannot be done in softirq context, so we need to defer this process to
    kthread context.
    
    This patch does the following:
    1. introduce a flag to indicate the interface is disabled.
    2. check that flag in TX path, don't do any work if it's true.
    3. check that flag in RX path, turn off that interface if it's true.
    
    The reason to disable it in RX path is because RX uses kthread. After
    this change the behavior of netback is still consistent -- it won't do
    any TX work for a rogue frontend, and the interface will be eventually
    turned off.
    
    Also change a "continue" to "break" after xenvif_fatal_tx_err, as it
    doesn't make sense to continue processing packets if frontend is rogue.
    
    This is a fix for XSA-90.
    Reported-by: default avatarTörök Edwin <edwin@etorok.net>
    Signed-off-by: default avatarWei Liu <wei.liu2@citrix.com>
    Cc: Ian Campbell <ian.campbell@citrix.com>
    Reviewed-by: default avatarDavid Vrabel <david.vrabel@citrix.com>
    Acked-by: default avatarIan Campbell <ian.campbell@citrix.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    e9d8b2c2
netback.c 49 KB