• Wei Liu's avatar
    xen-netback: coalesce slots in TX path and fix regressions · 2810e5b9
    Wei Liu authored
    This patch tries to coalesce tx requests when constructing grant copy
    structures. It enables netback to deal with situation when frontend's
    MAX_SKB_FRAGS is larger than backend's MAX_SKB_FRAGS.
    
    With the help of coalescing, this patch tries to address two regressions
    avoid reopening the security hole in XSA-39.
    
    Regression 1. The reduction of the number of supported ring entries (slots)
    per packet (from 18 to 17). This regression has been around for some time but
    remains unnoticed until XSA-39 security fix. This is fixed by coalescing
    slots.
    
    Regression 2. The XSA-39 security fix turning "too many frags" errors from
    just dropping the packet to a fatal error and disabling the VIF. This is fixed
    by coalescing slots (handling 18 slots when backend's MAX_SKB_FRAGS is 17)
    which rules out false positive (using 18 slots is legit) and dropping packets
    using 19 to `max_skb_slots` slots.
    
    To avoid reopening security hole in XSA-39, frontend sending packet using more
    than max_skb_slots is considered malicious.
    
    The behavior of netback for packet is thus:
    
        1-18            slots: valid
       19-max_skb_slots slots: drop and respond with an error
       max_skb_slots+   slots: fatal error
    
    max_skb_slots is configurable by admin, default value is 20.
    
    Also change variable name from "frags" to "slots" in netbk_count_requests.
    
    Please note that RX path still has dependency on MAX_SKB_FRAGS. This will be
    fixed with separate patch.
    Signed-off-by: default avatarWei Liu <wei.liu2@citrix.com>
    Acked-by: default avatarIan Campbell <ian.campbell@citrix.com>
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    2810e5b9
netback.c 48.4 KB