* [PATCH net-next-2.6] can: Use WARN_ONCE() instead of BUG_ON() for sanity check in receive path
@ 2009-08-14 8:54 Oliver Hartkopp
2009-08-14 23:37 ` David Miller
0 siblings, 1 reply; 2+ messages in thread
From: Oliver Hartkopp @ 2009-08-14 8:54 UTC (permalink / raw)
To: David Miller; +Cc: Urs Thuermann, Luotao Fu, Michael Olbrich, Linux Netdev List
[-- Attachment #1: Type: text/plain, Size: 612 bytes --]
To ensure a proper handling of CAN frames transported in skbuffs some checks
need to be performed at receive time.
As stated by Michael Olbrich and Luotao Fu BUG_ON() might be to restrictive.
This is right as we can just drop the non conform skbuff and the Kernel can
continue working.
This patch replaces the BUG_ON() with a WARN_ONCE() so that the system remains
healthy but we made the problem visible (once).
Signed-off-by: Oliver Hartkopp <oliver@hartkopp.net>
Signed-off-by: Urs Thuermann <urs@isnogud.escape.de>
CC: Michael Olbrich <m.olbrich@pengutronix.de>
CC: Luotao Fu <l.fu@pengutronix.de>
---
[-- Attachment #2: af_can_convert_bug_to_warn.patch --]
[-- Type: text/x-patch, Size: 985 bytes --]
diff --git a/net/can/af_can.c b/net/can/af_can.c
index e733725..f9c027b 100644
--- a/net/can/af_can.c
+++ b/net/can/af_can.c
@@ -651,12 +651,16 @@ static int can_rcv(struct sk_buff *skb, struct net_device *dev,
struct can_frame *cf = (struct can_frame *)skb->data;
int matches;
- if (dev->type != ARPHRD_CAN || !net_eq(dev_net(dev), &init_net)) {
- kfree_skb(skb);
- return 0;
- }
+ if (!net_eq(dev_net(dev), &init_net))
+ goto drop;
- BUG_ON(skb->len != sizeof(struct can_frame) || cf->can_dlc > 8);
+ if (WARN_ONCE(dev->type != ARPHRD_CAN ||
+ skb->len != sizeof(struct can_frame) ||
+ cf->can_dlc > 8,
+ "PF_CAN: dropped non conform skbuf: "
+ "dev type %d, len %d, can_dlc %d\n",
+ dev->type, skb->len, cf->can_dlc))
+ goto drop;
/* update statistics */
can_stats.rx_frames++;
@@ -683,6 +687,10 @@ static int can_rcv(struct sk_buff *skb, struct net_device *dev,
}
return 0;
+
+drop:
+ kfree_skb(skb);
+ return 0;
}
/*
^ permalink raw reply related [flat|nested] 2+ messages in thread* Re: [PATCH net-next-2.6] can: Use WARN_ONCE() instead of BUG_ON() for sanity check in receive path
2009-08-14 8:54 [PATCH net-next-2.6] can: Use WARN_ONCE() instead of BUG_ON() for sanity check in receive path Oliver Hartkopp
@ 2009-08-14 23:37 ` David Miller
0 siblings, 0 replies; 2+ messages in thread
From: David Miller @ 2009-08-14 23:37 UTC (permalink / raw)
To: oliver; +Cc: urs, l.fu, m.olbrich, netdev
From: Oliver Hartkopp <oliver@hartkopp.net>
Date: Fri, 14 Aug 2009 10:54:25 +0200
> To ensure a proper handling of CAN frames transported in skbuffs some checks
> need to be performed at receive time.
>
> As stated by Michael Olbrich and Luotao Fu BUG_ON() might be to restrictive.
> This is right as we can just drop the non conform skbuff and the Kernel can
> continue working.
>
> This patch replaces the BUG_ON() with a WARN_ONCE() so that the system remains
> healthy but we made the problem visible (once).
>
> Signed-off-by: Oliver Hartkopp <oliver@hartkopp.net>
> Signed-off-by: Urs Thuermann <urs@isnogud.escape.de>
Applied, thanks.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2009-08-14 23:37 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-08-14 8:54 [PATCH net-next-2.6] can: Use WARN_ONCE() instead of BUG_ON() for sanity check in receive path Oliver Hartkopp
2009-08-14 23:37 ` David Miller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).