From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 8910DA0597;
	Wed,  8 Apr 2020 05:14:59 +0200 (CEST)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 052ED1BF9F;
	Wed,  8 Apr 2020 05:14:52 +0200 (CEST)
Received: from mailout1.w1.samsung.com (mailout1.w1.samsung.com
 [210.118.77.11]) by dpdk.org (Postfix) with ESMTP id ED7FD1BF4F
 for <dev@dpdk.org>; Wed,  8 Apr 2020 05:14:49 +0200 (CEST)
Received: from eucas1p1.samsung.com (unknown [182.198.249.206])
 by mailout1.w1.samsung.com (KnoxPortal) with ESMTP id
 20200408031449euoutp01b2c1231dc76c5597ff2e147c146fd455~DubcLjApx2124521245euoutp01S
 for <dev@dpdk.org>; Wed,  8 Apr 2020 03:14:49 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 mailout1.w1.samsung.com
 20200408031449euoutp01b2c1231dc76c5597ff2e147c146fd455~DubcLjApx2124521245euoutp01S
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=samsung.com;
 s=mail20170921; t=1586315689;
 bh=6a2Xly4e2RQVZ5KWe0oFbGy8UD3L0ciDiIJwhpHoi/c=;
 h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
 b=qYmoLAzIA0qCcf88kwwjykoMdUW49/OqUMtkrWQnLRkonovuMMaMt8msJrVce+EgS
 vGM5bZQIktbiCPodkNDxrQ0JKeENXO3RY4B2/SRxzT7Y3xoarCyDwbU6zEMe9Kd/ea
 xgd/BLAb80WofrRjLmPxy6AQOA3VYZG1CKYWExrY=
Received: from eusmges3new.samsung.com (unknown [203.254.199.245]) by
 eucas1p1.samsung.com (KnoxPortal) with ESMTP id
 20200408031448eucas1p1ba27c39a1354539caec0ba5b99839314~DubbLTqcX2413824138eucas1p1T;
 Wed,  8 Apr 2020 03:14:48 +0000 (GMT)
Received: from eucas1p1.samsung.com ( [182.198.249.206]) by
 eusmges3new.samsung.com (EUCPMTA) with SMTP id E6.1A.60698.8A14D8E5; Wed,  8
 Apr 2020 04:14:48 +0100 (BST)
Received: from eusmtrp2.samsung.com (unknown [182.198.249.139]) by
 eucas1p1.samsung.com (KnoxPortal) with ESMTPA id
 20200408031447eucas1p1376332353faa0d217e7be8c32271405f~DubaAsLba2413424134eucas1p1g;
 Wed,  8 Apr 2020 03:14:47 +0000 (GMT)
Received: from eusmgms1.samsung.com (unknown [182.198.249.179]) by
 eusmtrp2.samsung.com (KnoxPortal) with ESMTP id
 20200408031447eusmtrp28054a7c940a9b305cd3575bb7497edb6~DubaAEHfj0734007340eusmtrp2h;
 Wed,  8 Apr 2020 03:14:47 +0000 (GMT)
X-AuditID: cbfec7f5-a29ff7000001ed1a-2e-5e8d41a8a08a
Received: from eusmtip1.samsung.com ( [203.254.199.221]) by
 eusmgms1.samsung.com (EUCPMTA) with SMTP id 21.DA.08375.7A14D8E5; Wed,  8
 Apr 2020 04:14:47 +0100 (BST)
Received: from localhost.localdomain (unknown [106.210.88.70]) by
 eusmtip1.samsung.com (KnoxPortal) with ESMTPA id
 20200408031446eusmtip17ea6353cb9f59779c3ca32e91e744602~DubZKeUD62835528355eusmtip1c;
 Wed,  8 Apr 2020 03:14:46 +0000 (GMT)
From: Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
To: Thomas Monjalon <thomas@monjalon.net>, Akhil Goyal
 <akhil.goyal@nxp.com>, Declan Doherty <declan.doherty@intel.com>, Aviad
 Yehezkel <aviadye@mellanox.com>, Boris Pismenny <borisp@mellanox.com>, Radu
 Nicolau <radu.nicolau@intel.com>, Anoob Joseph
 <anoob.joseph@caviumnetworks.com>
Cc: dev@dpdk.org, stable@dpdk.org
Date: Wed,  8 Apr 2020 05:13:39 +0200
Message-Id: <20200408031351.4288-2-l.wojciechow@partner.samsung.com>
X-Mailer: git-send-email 2.17.1
In-Reply-To: <20200408031351.4288-1-l.wojciechow@partner.samsung.com>
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFmpnleLIzCtJLcpLzFFi42LZduznOd0Vjr1xBpu2iVusPzOP0eLU7Q/M
 Fh8mL2G0OPajnd3izYMmFot3n7YzWbR1CVj86/jDbvHpwQkWB06PDSf6WT1+LVjK6rF4z0sm
 j2fTDzN5HLs5jd1j47sdTAFsUVw2Kak5mWWpRfp2CVwZp+YsZCxYYlyx8lEfawPjCu0uRk4O
 CQETiY7Px1i6GLk4hARWMErsvLWeCcL5wihx4sF2qMxnRolfn+czwrTcmPGCGcQWEljOKLFp
 jylc0YKpS9lAEmwCthJHZn5lBUmICCxmktjzYRVYN7OAosTdlV/BioQFnCQmvH/G3sXIwcEi
 oCqx/n4+SJhXwEVix9UpLBDL5CVWbzjADFLCKeAqsfssF0S4nV3i3okECNtF4nDjczYIW1ji
 1fEt7BC2jMT/nfPBvpEQ2MYocfX3T0YIZz+jxPXeFVBV1hKH//1mA1nALKApsX6XPogpIeAo
 8euBDoTJJ3HjrSDE8XwSk7ZNZ4YI80p0tAlBzNCTeNozlRFm65+1T6CO95Bof/GeHRJSlxkl
 bk/wm8AoPwth1QJGxlWM4qmlxbnpqcXGeanlesWJucWleel6yfm5mxiByeP0v+NfdzDu+5N0
 iFGAg1GJh/dBYk+cEGtiWXFl7iFGCQ5mJRFeqd7OOCHelMTKqtSi/Pii0pzU4kOM0hwsSuK8
 xotexgoJpCeWpGanphakFsFkmTg4pRoYV5v9VHmyZI+XpHXAVqb/P81yHk1c/+333haJ+FP1
 vSXFE7/o7LzlsmYK6y31rVUtW+52h787qVz/Z4fC9VtN7vw/W37eWKhkFBdyQzjXetrl9Pjz
 f2JqFxlUPq1aWqPesNDW5cr849ItQs2/ZzDumXir89Ot4PpcVd+eUzr3UoQyXQ8ZshdOVmIp
 zkg01GIuKk4EAAoIBVkaAwAA
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFnrJLMWRmVeSWpSXmKPExsVy+t/xu7rLHXvjDJ5d5rBYf2Yeo8Wp2x+Y
 LT5MXsJocexHO7vFmwdNLBbvPm1nsmjrErD41/GH3eLTgxMsDpweG070s3r8WrCU1WPxnpdM
 Hs+mH2byOHZzGrvHxnc7mALYovRsivJLS1IVMvKLS2yVog0tjPQMLS30jEws9QyNzWOtjEyV
 9O1sUlJzMstSi/TtEvQyTs1ZyFiwxLhi5aM+1gbGFdpdjJwcEgImEjdmvGDuYuTiEBJYyiix
 /dsO9i5GDqCEjMSHSwIQNcISf651sUHUfGSUaFjZzgySYBOwlTgy8ysrSEJEYDmTxNJP85lB
 mpkFlCX6tliB1AgLOElMeP8MbCaLgKrE+vv5IGFeAReJHVensEDMl5dYveEAWCengKvE7rNc
 IGEhgXqJw3cvs01g5FvAyLCKUSS1tDg3PbfYUK84Mbe4NC9dLzk/dxMjMJi3Hfu5eQfjpY3B
 hxgFOBiVeHgfJPbECbEmlhVX5h5ilOBgVhLhlertjBPiTUmsrEotyo8vKs1JLT7EaAp00kRm
 KdHkfGCk5ZXEG5oamltYGpobmxubWSiJ83YIHIwREkhPLEnNTk0tSC2C6WPi4JRqYPS6r8L2
 tVW9xIOx9/CVwG9XJ+qyf/cqZ1x30vYc/8PfchPVLnyd16Nus55TpOhvub/sJfepMsbc/3XT
 9z1NnbxGOeNuckplpY6F8IoNzx73PXPrPuizL6Iy4Lfo813F11dZRN5tE4y7v4Zp8VPhR0Uq
 k7/IX56lxHnDpF+zVmjF1n4xZam+HCWW4oxEQy3mouJEADOB6L58AgAA
X-CMS-MailID: 20200408031447eucas1p1376332353faa0d217e7be8c32271405f
X-Msg-Generator: CA
Content-Type: text/plain; charset="utf-8"
X-RootMTR: 20200408031447eucas1p1376332353faa0d217e7be8c32271405f
X-EPHeader: CA
CMS-TYPE: 201P
X-CMS-RootMailID: 20200408031447eucas1p1376332353faa0d217e7be8c32271405f
References: <20200312151654.7218-1-l.wojciechow@partner.samsung.com>
 <20200408031351.4288-1-l.wojciechow@partner.samsung.com>
 <CGME20200408031447eucas1p1376332353faa0d217e7be8c32271405f@eucas1p1.samsung.com>
Subject: [dpdk-dev] [PATCH v2 01/13] security: fix verification of parameters
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

This patch adds verification of the parameters to the ret_security API
functions. All required parameters are checked if they are not NULL.

Checks verify full chain of pointers, e.g. in case of verification of
"instance->ops->session_XXX", they check also "instance"
and "instance->ops".

Fixes: c261d1431bd8 ("security: introduce security API and framework")
Cc: akhil.goyal@nxp.com

Fixes: 1a08c379b9b5 ("security: support user data retrieval")
Cc: anoob.joseph@caviumnetworks.com

Cc: stable@dpdk.org

Signed-off-by: Lukasz Wojciechowski <l.wojciechow@partner.samsung.com>
---
 config/common_base                 |  1 +
 lib/librte_security/rte_security.c | 59 +++++++++++++++++++++++-------
 2 files changed, 47 insertions(+), 13 deletions(-)

diff --git a/config/common_base b/config/common_base
index c31175f9d..ef1cdbb62 100644
--- a/config/common_base
+++ b/config/common_base
@@ -695,6 +695,7 @@ CONFIG_RTE_LIBRTE_PMD_NITROX=y
 # Compile generic security library
 #
 CONFIG_RTE_LIBRTE_SECURITY=y
+CONFIG_RTE_LIBRTE_SECURITY_DEBUG=n
 
 #
 # Compile generic compression device library
diff --git a/lib/librte_security/rte_security.c b/lib/librte_security/rte_security.c
index bc81ce15d..f1b4a894e 100644
--- a/lib/librte_security/rte_security.c
+++ b/lib/librte_security/rte_security.c
@@ -1,6 +1,7 @@
 /* SPDX-License-Identifier: BSD-3-Clause
  * Copyright 2017 NXP.
  * Copyright(c) 2017 Intel Corporation.
+ * Copyright (c) 2020 Samsung Electronics Co., Ltd All Rights Reserved
  */
 
 #include <rte_malloc.h>
@@ -9,6 +10,19 @@
 #include "rte_security.h"
 #include "rte_security_driver.h"
 
+/* Macro to check for invalid pointers */
+#define RTE_PTR_OR_ERR_RET(ptr, retval) do {	\
+	if ((ptr) == NULL)			\
+		return retval;			\
+} while (0)
+
+/* Macro to check for invalid pointers chains */
+#define RTE_PTR_CHAIN3_OR_ERR_RET(p1, p2, p3, retval, last_retval) do {	\
+	RTE_PTR_OR_ERR_RET(p1, retval);					\
+	RTE_PTR_OR_ERR_RET(p1->p2, retval);				\
+	RTE_PTR_OR_ERR_RET(p1->p2->p3, last_retval);			\
+} while (0)
+
 struct rte_security_session *
 rte_security_session_create(struct rte_security_ctx *instance,
 			    struct rte_security_session_conf *conf,
@@ -16,10 +30,9 @@ rte_security_session_create(struct rte_security_ctx *instance,
 {
 	struct rte_security_session *sess = NULL;
 
-	if (conf == NULL)
-		return NULL;
-
-	RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_create, NULL);
+	RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_create, NULL, NULL);
+	RTE_PTR_OR_ERR_RET(conf, NULL);
+	RTE_PTR_OR_ERR_RET(mp, NULL);
 
 	if (rte_mempool_get(mp, (void **)&sess))
 		return NULL;
@@ -38,14 +51,19 @@ rte_security_session_update(struct rte_security_ctx *instance,
 			    struct rte_security_session *sess,
 			    struct rte_security_session_conf *conf)
 {
-	RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_update, -ENOTSUP);
+	RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_update, -EINVAL,
+			-ENOTSUP);
+	RTE_PTR_OR_ERR_RET(sess, -EINVAL);
+	RTE_PTR_OR_ERR_RET(conf, -EINVAL);
+
 	return instance->ops->session_update(instance->device, sess, conf);
 }
 
 unsigned int
 rte_security_session_get_size(struct rte_security_ctx *instance)
 {
-	RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_get_size, 0);
+	RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_get_size, 0, 0);
+
 	return instance->ops->session_get_size(instance->device);
 }
 
@@ -54,7 +72,11 @@ rte_security_session_stats_get(struct rte_security_ctx *instance,
 			       struct rte_security_session *sess,
 			       struct rte_security_stats *stats)
 {
-	RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_stats_get, -ENOTSUP);
+	RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_stats_get, -EINVAL,
+			-ENOTSUP);
+	/* Parameter sess can be NULL in case of getting global statistics. */
+	RTE_PTR_OR_ERR_RET(stats, -EINVAL);
+
 	return instance->ops->session_stats_get(instance->device, sess, stats);
 }
 
@@ -64,7 +86,9 @@ rte_security_session_destroy(struct rte_security_ctx *instance,
 {
 	int ret;
 
-	RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_destroy, -ENOTSUP);
+	RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, session_destroy, -EINVAL,
+			-ENOTSUP);
+	RTE_PTR_OR_ERR_RET(sess, -EINVAL);
 
 	if (instance->sess_cnt)
 		instance->sess_cnt--;
@@ -81,7 +105,11 @@ rte_security_set_pkt_metadata(struct rte_security_ctx *instance,
 			      struct rte_security_session *sess,
 			      struct rte_mbuf *m, void *params)
 {
-	RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->set_pkt_metadata, -ENOTSUP);
+#ifdef RTE_LIBRTE_SECURITY_DEBUG
+	RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, set_pkt_metadata, -EINVAL,
+			-ENOTSUP);
+	RTE_PTR_OR_ERR_RET(sess, -EINVAL);
+#endif
 	return instance->ops->set_pkt_metadata(instance->device,
 					       sess, m, params);
 }
@@ -91,7 +119,9 @@ rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md)
 {
 	void *userdata = NULL;
 
-	RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->get_userdata, NULL);
+#ifdef RTE_LIBRTE_SECURITY_DEBUG
+	RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, get_userdata, NULL, NULL);
+#endif
 	if (instance->ops->get_userdata(instance->device, md, &userdata))
 		return NULL;
 
@@ -101,7 +131,8 @@ rte_security_get_userdata(struct rte_security_ctx *instance, uint64_t md)
 const struct rte_security_capability *
 rte_security_capabilities_get(struct rte_security_ctx *instance)
 {
-	RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->capabilities_get, NULL);
+	RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, capabilities_get, NULL, NULL);
+
 	return instance->ops->capabilities_get(instance->device);
 }
 
@@ -113,7 +144,9 @@ rte_security_capability_get(struct rte_security_ctx *instance,
 	const struct rte_security_capability *capability;
 	uint16_t i = 0;
 
-	RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->capabilities_get, NULL);
+	RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, capabilities_get, NULL, NULL);
+	RTE_PTR_OR_ERR_RET(idx, NULL);
+
 	capabilities = instance->ops->capabilities_get(instance->device);
 
 	if (capabilities == NULL)
@@ -121,7 +154,7 @@ rte_security_capability_get(struct rte_security_ctx *instance,
 
 	while ((capability = &capabilities[i++])->action
 			!= RTE_SECURITY_ACTION_TYPE_NONE) {
-		if (capability->action  == idx->action &&
+		if (capability->action == idx->action &&
 				capability->protocol == idx->protocol) {
 			if (idx->protocol == RTE_SECURITY_PROTOCOL_IPSEC) {
 				if (capability->ipsec.proto ==
-- 
2.17.1