On Wed, May 26, 2021 at 6:07 PM Jason Gunthorpe <jgg@xxxxxxxx> wrote:
>
> On Wed, May 26, 2021 at 11:28:41AM +0200, Haris Iqbal wrote:
> > On Tue, May 25, 2021 at 10:18 PM Jason Gunthorpe <jgg@xxxxxxxxxx> wrote:
> > >
> > > On Mon, May 17, 2021 at 11:18:27AM +0200, Gioh Kim wrote:
> > > > From: Md Haris Iqbal <haris.iqbal@xxxxxxxxxxxxxxx>
> > > >
> > > > It was difficult to find out why it failed to establish RDMA
> > > > connection. This patch adds some messages to show which function
> > > > has failed why.
> > > >
> > > > Signed-off-by: Md Haris Iqbal <haris.iqbal@xxxxxxxxx>
> > > > Signed-off-by: Jack Wang <jinpu.wang@xxxxxxxxx>
> > > > Signed-off-by: Gioh Kim <gi-oh.kim@xxxxxxxxx>
> > > > drivers/infiniband/ulp/rtrs/rtrs-srv.c | 8 +++++++-
> > > > 1 file changed, 7 insertions(+), 1 deletion(-)
> > > >
> > > > diff --git a/drivers/infiniband/ulp/rtrs/rtrs-srv.c b/drivers/infiniband/ulp/rtrs/rtrs-srv.c
> > > > index 3d09d01e34b4..df17dd4c1e28 100644
> > > > +++ b/drivers/infiniband/ulp/rtrs/rtrs-srv.c
> > > > @@ -1356,8 +1356,10 @@ static struct rtrs_srv *get_or_create_srv(struct rtrs_srv_ctx *ctx,
> > > > * If this request is not the first connection request from the
> > > > * client for this session then fail and return error.
> > > > */
> > > > - if (!first_conn)
> > > > + if (!first_conn) {
> > > > + pr_err("Error: Not the first connection request for this session\n");
> > > > return ERR_PTR(-ENXIO);
> > >
> > > You really shouldn't be printing based on attacker controlled data..
> >
> > I want to make sure I understand correctly. Did you mean that an
> > attacker can bombard a server with such connection request, which can
> > lead to uncontrolled prints, and possibly DOS?
>
> Yes
>
> > If so, would a ratelimited print be better?
>
> Probably
Alright.. Will change this print to a ratelimited one, and send the
updates patches.
Thanks.
>
> Jason
