public-mirrors/linux
1
0
Fork 0
mirror of git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-08-20 06:20:41 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

ipmi: Add a limit on the number of users that may use IPMI

Browse source 
Each user uses memory, we need limits to avoid a rogue program from
running the system out of memory.

Based on work by Chen Guanqiao <chen.chenchacha@foxmail.com>

Cc: Chen Guanqiao <chen.chenchacha@foxmail.com>
Signed-off-by: Corey Minyard <cminyard@mvista.com>
This commit is contained in:
Corey Minyard 2022-03-28 11:26:08 -05:00
parent a7391ad357
commit 8e76741c3d
1 changed files with 15 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
drivers/char/ipmi/ipmi_msghandler.c
View file

@ -145,6 +145,12 @@ module_param(default_max_retries, uint, 0644);
MODULE_PARM_DESC(default_max_retries, MODULE_PARM_DESC(default_max_retries,
"The time (milliseconds) between retry sends in maintenance mode"); "The time (milliseconds) between retry sends in maintenance mode");
/* The default maximum number of users that may register. */
static unsigned int max_users = 30;
module_param(max_users, uint, 0644);
MODULE_PARM_DESC(max_users,
"The most users that may use the IPMI stack at one time.");
/* Call every ~1000 ms. */ /* Call every ~1000 ms. */
#define IPMI_TIMEOUT_TIME 1000 #define IPMI_TIMEOUT_TIME 1000
@ -442,6 +448,7 @@ struct ipmi_smi {
*/ */
struct list_head users; struct list_head users;
struct srcu_struct users_srcu; struct srcu_struct users_srcu;
atomic_t nr_users;
/* Used for wake ups at startup. */ /* Used for wake ups at startup. */
wait_queue_head_t waitq; wait_queue_head_t waitq;
@ -1230,6 +1237,11 @@ int ipmi_create_user(unsigned int if_num,
goto out_kfree; goto out_kfree;
found: found:
if (atomic_add_return(1, &intf->nr_users) > max_users) {
rv = -EBUSY;
goto out_kfree;
}
INIT_WORK(&new_user->remove_work, free_user_work); INIT_WORK(&new_user->remove_work, free_user_work);
rv = init_srcu_struct(&new_user->release_barrier); rv = init_srcu_struct(&new_user->release_barrier);
@ -1262,6 +1274,7 @@ int ipmi_create_user(unsigned int if_num,
return 0; return 0;
out_kfree: out_kfree:
atomic_dec(&intf->nr_users);
srcu_read_unlock(&ipmi_interfaces_srcu, index); srcu_read_unlock(&ipmi_interfaces_srcu, index);
vfree(new_user); vfree(new_user);
return rv; return rv;
@ -1336,6 +1349,7 @@ static void _ipmi_destroy_user(struct ipmi_user *user)
/* Remove the user from the interface's sequence table. */ /* Remove the user from the interface's sequence table. */
spin_lock_irqsave(&intf->seq_lock, flags); spin_lock_irqsave(&intf->seq_lock, flags);
list_del_rcu(&user->link); list_del_rcu(&user->link);
atomic_dec(&intf->nr_users);
for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) { for (i = 0; i < IPMI_IPMB_NUM_SEQ; i++) {
if (intf->seq_table[i].inuse if (intf->seq_table[i].inuse
@ -3529,6 +3543,7 @@ int ipmi_add_smi(struct module *owner,
if (slave_addr != 0) if (slave_addr != 0)
intf->addrinfo[0].address = slave_addr; intf->addrinfo[0].address = slave_addr;
INIT_LIST_HEAD(&intf->users); INIT_LIST_HEAD(&intf->users);
atomic_set(&intf->nr_users, 0);
intf->handlers = handlers; intf->handlers = handlers;
intf->send_info = send_info; intf->send_info = send_info;
spin_lock_init(&intf->seq_lock); spin_lock_init(&intf->seq_lock);