From 306465bef3fbbe14e6270fecf3e2d0c427f4bbc7 Mon Sep 17 00:00:00 2001 From: Michael Brown Date: Mon, 4 Sep 2017 18:00:34 +0100 Subject: [PATCH] [linux] Impose receive quota on tap driver The tap driver can retrieve a potentially unlimited number of packets in a single poll. This can lead to heap exhaustion under heavy load. Fix by imposing an artificial receive quota (as already used in other drivers without natural receive limits). Signed-off-by: Michael Brown --- src/drivers/linux/tap.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/drivers/linux/tap.c b/src/drivers/linux/tap.c index 6fe76fd4..db3b7955 100644 --- a/src/drivers/linux/tap.c +++ b/src/drivers/linux/tap.c @@ -40,6 +40,7 @@ #include #define RX_BUF_SIZE 1536 +#define RX_QUOTA 4 /** @file * @@ -127,6 +128,7 @@ static void tap_poll(struct net_device *netdev) struct tap_nic * nic = netdev->priv; struct pollfd pfd; struct io_buffer * iobuf; + unsigned int quota = RX_QUOTA; int r; pfd.fd = nic->fd; @@ -144,7 +146,8 @@ static void tap_poll(struct net_device *netdev) if (! iobuf) goto allocfail; - while ((r = linux_read(nic->fd, iobuf->data, RX_BUF_SIZE)) > 0) { + while (quota-- && + ((r = linux_read(nic->fd, iobuf->data, RX_BUF_SIZE)) > 0)) { DBGC2(nic, "tap %p read %d bytes\n", nic, r); iob_put(iobuf, r);