From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 6C36F43337; Wed, 15 Nov 2023 13:31:19 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id DFA7740294; Wed, 15 Nov 2023 13:31:18 +0100 (CET) Received: from mgamail.intel.com (mgamail.intel.com [192.55.52.136]) by mails.dpdk.org (Postfix) with ESMTP id 1DD6040285; Wed, 15 Nov 2023 13:31:16 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1700051477; x=1731587477; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=NTF69zo316HcIktfaBdxP54DE/S19agPeV8NiwtII6A=; b=knAD+hKkqFET+X8UwVRRkDzbywKIR9AWpeo5eAURI+JBRGSz+abCe684 +kWsmnGlE8Sd/rCW9U6cSvyCeRX4VuTnldhZWD+SatJake15SXT5AWJRQ 2dwVJfyVPu9Gob3j7EzRFpr2JbgCE+8+q1xR3adKXznobF5vcqU3QAOJP vmn2G6EedBUdsfWkmLpqPBqydszENIGFYHrIh0NZaej+CVZ178SizFcUo HvLHc0ExsyINFXxE9MG8iJdKlBpvsVQ5GrYME3qI2Gc7OPVlLpCqmGuHB vxZpKkqRZrsArxbp8rVjgbRZIIGgShAYs1512FMpB1DCN74NnFaD+2RJv A==; X-IronPort-AV: E=McAfee;i="6600,9927,10894"; a="370212701" X-IronPort-AV: E=Sophos;i="6.03,304,1694761200"; d="scan'208";a="370212701" Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Nov 2023 04:31:15 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10894"; a="938476921" X-IronPort-AV: E=Sophos;i="6.03,304,1694761200"; d="scan'208";a="938476921" Received: from silpixa00400355.ir.intel.com (HELO silpixa00400355.ger.corp.intel.com) ([10.237.222.80]) by orsmga005.jf.intel.com with ESMTP; 15 Nov 2023 04:31:13 -0800 From: Brian Dooley To: dev@dpdk.org Cc: Brian Dooley , sergio.gonzalez.monroy@intel.com, stable@dpdk.org, Radu Nicolau , Akhil Goyal Subject: [PATCH] examples/ipsec-secgw: fix partial overflow Date: Wed, 15 Nov 2023 12:31:01 +0000 Message-Id: <20231115123101.2377544-1-brian.dooley@intel.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Case of partial overflow detected with ASan. Added extra padding to cdev_key structure. This structure is used for the key in hash table. Padding is added to force the struct to use 8 bytes, to ensure memory is notread past this structs boundary (the hash key calculation reads 8 bytes if this struct is size 5 bytes). The padding should be zeroed. If fields are modified in this struct, the padding must be updated to ensure multiple of 8 bytes size overall. Fixes: d299106e8e31 ("examples/ipsec-secgw: add IPsec sample application") Cc: sergio.gonzalez.monroy@intel.com Cc: stable@dpdk.org Signed-off-by: Brian Dooley --- examples/ipsec-secgw/ipsec.h | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/examples/ipsec-secgw/ipsec.h b/examples/ipsec-secgw/ipsec.h index 5059418456..10e7fc179b 100644 --- a/examples/ipsec-secgw/ipsec.h +++ b/examples/ipsec-secgw/ipsec.h @@ -249,11 +249,21 @@ struct offloads { extern struct offloads tx_offloads; +/* + * This structure is used for the key in hash table. + * Padding is added to force the struct to use 8 bytes, + * to ensure memory is notread past this structs boundary + * (the hash key calculation reads 8 bytes if this struct is size 5 bytes). + * The padding should be zeroed. + * If fields are modified in this struct, the padding must be updated to + * ensure multiple of 8 bytes size overall. + */ struct cdev_key { uint16_t lcore_id; uint8_t cipher_algo; uint8_t auth_algo; uint8_t aead_algo; + uint8_t padding[3]; }; struct socket_ctx { -- 2.25.1