Commit 4a995d37 authored May 20, 2026 by Wei Fang Committed by Jakub Kicinski May 21, 2026

net: enetc: add ratelimiting to VF mailbox error messages

Sashiko reported that a buggy or malicious guest VM can flood the host
kernel log by repeatedly sending VF-to-PF messages at a high rate,
degrading host performance and hiding important system logs [1].

Fix by replacing dev_err()/dev_warn() with dev_err_ratelimited(),
limiting output to the default kernel ratelimit. This ensures errors are
still logged for debugging while preventing log flooding attacks.

Link: https://sashiko.dev/#/patchset/20260511080805.2052495-1-wei.fang%40nxp.com

 #1
Fixes: beb74ac8 ("enetc: Add vf to pf messaging support")
Signed-off-by: Wei Fang <wei.fang@nxp.com>
Reviewed-by: Harshitha Ramamurthy <hramamurthy@google.com>
Link: https://patch.msgid.link/20260520064421.91569-4-wei.fang@nxp.com


Signed-off-by: Jakub Kicinski <kuba@kernel.org>

parent 5027266d

drivers/net/ethernet/freescale/enetc/enetc_pf.c

+6 −4

Original line number	Diff line number	Diff line
		@@ -494,7 +494,8 @@ static u16 enetc_msg_pf_set_vf_primary_mac_addr(struct enetc_pf *pf,

		addr = cmd->mac.sa_data;
		if (vf_state->flags & ENETC_VF_FLAG_PF_SET_MAC) {
		dev_warn(dev, "Attempt to override PF set mac addr for VF%d\n",
		dev_err_ratelimited(dev,
		"VF%d attempted to override PF set MAC\n",
		vf_id);
		return ENETC_MSG_CMD_STATUS_FAIL;
		}
		@@ -520,7 +521,8 @@ void enetc_msg_handle_rxmsg(struct enetc_pf pf, int vf_id, u16 status)
		break;
		default:
		*status = ENETC_MSG_CMD_STATUS_FAIL;
		dev_err(dev, "command not supported (cmd_type: 0x%x)\n",
		dev_err_ratelimited(dev,
		"command not supported (cmd_type: 0x%x)\n",
		cmd_type);
		}
		}