Re: [ovs-dev] [PATCH 3/3] ipfix: Fix SIGFPE in bridge exporter sampling.

Fri, 11 Sep 2015 11:13:07 -0700 

LGTM, thanks!

Acked-by: Romain Lenglet <romain.leng...@oracle.com>
-- 
Romain Lenglet

On September 10, 2015 at 6:41:43 PM, Joe Stringer (joestrin...@nicira.com) 
wrote:

A divide-by-zero exception like the below could occur when IPFIX  
configuration is cleared while handling sampled packets from the  
datapath. While it's not valid to configure the sampling probability of  
IPFIX to zero via explicitly setting it in OVSDB, it is possible to  
clear the configuration, which results in a probability of zero. In this  
case, there is a window during which it is possible for upcalls to find  
the cleared IPFIX object and attempt to perform sampling using it. Fix  
the issue by ensuring that the probability is nonzero before using it.  

"Program terminated with signal SIGFPE, Arithmetic exception."  

dpif_ipfix_bridge_sample (...) at ../ofproto/ofproto-dpif-ipfix.c:1701  
process_upcall (...) at ../ofproto/ofproto-dpif-upcall.c:1145  
recv_upcalls (...) at ../ofproto/ofproto-dpif-upcall.c:705  
udpif_upcall_handler (...) at ../ofproto/ofproto-dpif-upcall.c:631  
ovsthread_wrapper (...) at ../lib/ovs-thread.c:340  
start_thread (...) at pthread_create.c:312  
clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111  

Signed-off-by: Joe Stringer <joestrin...@nicira.com>  
---  
Given that there's a couple of other places in the IPFIX code that check  
the probability before using it, I'm assuming this isn't an invariant and  
this is a reasonable place to fix the bug. I haven't looked into whether  
this kind of bug may affect other sampling implementations in OVS.  
---  
ofproto/ofproto-dpif-ipfix.c | 4 ++++  
1 file changed, 4 insertions(+)  

diff --git a/ofproto/ofproto-dpif-ipfix.c b/ofproto/ofproto-dpif-ipfix.c  
index 48ff827..9ad8fa2 100644  
--- a/ofproto/ofproto-dpif-ipfix.c  
+++ b/ofproto/ofproto-dpif-ipfix.c  
@@ -1692,6 +1692,10 @@ dpif_ipfix_bridge_sample(struct dpif_ipfix *di, const 
struct dp_packet *packet,  
struct dpif_ipfix_port * tunnel_port = NULL;  

ovs_mutex_lock(&mutex);  
+ if (!bridge_exporter_enabled(di)) {  
+ ovs_mutex_unlock(&mutex);  
+ return;  
+ }  
/* Use the sampling probability as an approximation of the number  
* of matched packets. */  
packet_delta_count = UINT32_MAX / di->bridge_exporter.probability;  
--  
2.1.4  

_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

Reply via email to