net: enetc: add ratelimiting to VF mailbox error messages

Sashiko reported that a buggy or malicious guest VM can flood the host
kernel log by repeatedly sending VF-to-PF messages at a high rate,
degrading host performance and hiding important system logs [1].

Fix by replacing dev_err()/dev_warn() with dev_err_ratelimited(),
limiting output to the default kernel ratelimit. This ensures errors are
still logged for debugging while preventing log flooding attacks.

Link: https://sashiko.dev/#/patchset/20260511080805.2052495-1-wei.fang%40nxp.com
Fixes: beb74ac878c8 ("enetc: Add vf to pf messaging support")
Signed-off-by: Wei Fang <wei.fang@nxp.com>
Reviewed-by: Harshitha Ramamurthy <hramamurthy@google.com>
Link: https://patch.msgid.link/20260520064421.91569-4-wei.fang@nxp.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>

diff --git a/drivers/net/ethernet/freescale/enetc/enetc_pf.c b/drivers/net/ethernet/freescale/enetc/enetc_pf.c
index b743b6d33ccc8b730559212657053d0099abc5ce..dea3a92c472228626949950357d4dfeb3d84c090 100644 (file)
--- a/drivers/net/ethernet/freescale/enetc/enetc_pf.c
+++ b/drivers/net/ethernet/freescale/enetc/enetc_pf.c
@@ -494,8 +494,9 @@ static u16 enetc_msg_pf_set_vf_primary_mac_addr(struct enetc_pf *pf,
 
        addr = cmd->mac.sa_data;
        if (vf_state->flags & ENETC_VF_FLAG_PF_SET_MAC) {
-               dev_warn(dev, "Attempt to override PF set mac addr for VF%d\n",
-                        vf_id);
+               dev_err_ratelimited(dev,
+                                   "VF%d attempted to override PF set MAC\n",
+                                   vf_id);
                return ENETC_MSG_CMD_STATUS_FAIL;
        }
 
@@ -520,8 +521,9 @@ void enetc_msg_handle_rxmsg(struct enetc_pf *pf, int vf_id, u16 *status)
                break;
        default:
                *status = ENETC_MSG_CMD_STATUS_FAIL;
-               dev_err(dev, "command not supported (cmd_type: 0x%x)\n",
-                       cmd_type);
+               dev_err_ratelimited(dev,
+                                   "command not supported (cmd_type: 0x%x)\n",
+                                   cmd_type);
        }
 }