DPDK patches and discussions
 help / color / mirror / Atom feed
* [RFC] dpaa2: replace system("echo ...") with file i/o
@ 2022-06-02 21:49 Stephen Hemminger
  2023-05-02  9:54 ` [v2] " Sachin Saxena (OSS)
  2024-08-26 16:11 ` [PATCH v3] bus/fslmc/dpaa2: " Stephen Hemminger
  0 siblings, 2 replies; 5+ messages in thread
From: Stephen Hemminger @ 2022-06-02 21:49 UTC (permalink / raw)
  To: dev; +Cc: Stephen Hemminger, Hemant Agrawal, Sachin Saxena

Using system() is a bad idea in driver code because it introduces
a number of potential security issues. The codeql analysis tool
flags this a potential security issue.

Instead just use normal stdio to do the same thing.

Compile test only, do not have this hardware and therefore can
not test this.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---
 drivers/bus/fslmc/portal/dpaa2_hw_dpio.c | 33 +++++++++++++++---------
 1 file changed, 21 insertions(+), 12 deletions(-)

diff --git a/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c b/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
index 22c51c1a82cc..894871aec19e 100644
--- a/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
+++ b/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
@@ -125,12 +125,12 @@ static void
 dpaa2_affine_dpio_intr_to_respective_core(int32_t dpio_id, int cpu_id)
 {
 #define STRING_LEN	28
-#define COMMAND_LEN	50
+#define AFFINITY_LEN	128
 	uint32_t cpu_mask = 1;
-	int ret;
 	size_t len = 0;
 	char *temp = NULL, *token = NULL;
-	char string[STRING_LEN], command[COMMAND_LEN];
+	char string[STRING_LEN];
+	char smp_affinity[AFFINITY_LEN];
 	FILE *file;
 
 	snprintf(string, STRING_LEN, "dpio.%d", dpio_id);
@@ -153,18 +153,27 @@ dpaa2_affine_dpio_intr_to_respective_core(int32_t dpio_id, int cpu_id)
 		fclose(file);
 		return;
 	}
+	free(temp);
+	fclose(file);
 
+	snprintf(smp_affinity, AFFINITY_LEN,
+		 "/proc/irq/%s/smp_affinity", token);
 	cpu_mask = cpu_mask << cpu_id;
-	snprintf(command, COMMAND_LEN, "echo %X > /proc/irq/%s/smp_affinity",
-		 cpu_mask, token);
-	ret = system(command);
-	if (ret < 0)
-		DPAA2_BUS_DEBUG(
-			"Failed to affine interrupts on respective core");
-	else
-		DPAA2_BUS_DEBUG(" %s command is executed", command);
 
-	free(temp);
+	file = fopen(smp_affinity, "w");
+	if (file == NULL) {
+		DPAA2_BUS_WARN("Failed to open %s", smp_affinity);
+		return;
+	}
+	fprintf(file, "%X\n", cpu_mask);
+	fflush(file);
+
+	if (ferror(file)) {
+		fclose(file);
+		DPAA2_BUS_WARN("Failed to write to %s", smp_affinity);
+		return;
+	}
+
 	fclose(file);
 }
 
-- 
2.35.1


^ permalink raw reply	[flat|nested] 5+ messages in thread

* [v2] [RFC] dpaa2: replace system("echo ...") with file i/o
  2022-06-02 21:49 [RFC] dpaa2: replace system("echo ...") with file i/o Stephen Hemminger
@ 2023-05-02  9:54 ` Sachin Saxena (OSS)
  2023-05-04  7:36   ` Mattias Rönnblom
  2024-08-26 16:11 ` [PATCH v3] bus/fslmc/dpaa2: " Stephen Hemminger
  1 sibling, 1 reply; 5+ messages in thread
From: Sachin Saxena (OSS) @ 2023-05-02  9:54 UTC (permalink / raw)
  To: dev, stephen; +Cc: Sachin Saxena

From: Stephen Hemminger <stephen@networkplumber.org>

 Using system() is a bad idea in driver code because it introduces
 a number of potential security issues. The codeql analysis tool
 flags this a potential security issue.

 Instead just use normal stdio to do the same thing.

 Compile test only, do not have this hardware and therefore can
 not test this.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Reviewed-by: Sachin Saxena <sachin.saxena@oss.nxp.com>
---
 drivers/bus/fslmc/portal/dpaa2_hw_dpio.c | 45 ++++++++++++++++--------
 1 file changed, 31 insertions(+), 14 deletions(-)

diff --git a/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c b/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
index 4aec7b2cd8..990cfc5d3b 100644
--- a/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
+++ b/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
@@ -125,14 +125,21 @@ static void
 dpaa2_affine_dpio_intr_to_respective_core(int32_t dpio_id, int cpu_id)
 {
 #define STRING_LEN	28
-#define COMMAND_LEN	50
+#define AFFINITY_LEN	128
+#define CMD_LEN	300
 	uint32_t cpu_mask = 1;
-	int ret;
-	size_t len = 0;
-	char *temp = NULL, *token = NULL;
-	char string[STRING_LEN], command[COMMAND_LEN];
+	size_t len = CMD_LEN;
+	char *temp, *token = NULL;
+	char string[STRING_LEN];
+	char smp_affinity[AFFINITY_LEN];
 	FILE *file;
 
+	temp = (char *)malloc(len * sizeof(char));
+	if (temp == NULL) {
+		DPAA2_BUS_WARN("Unable to allocate temp buffer");
+		return;
+	}
+
 	snprintf(string, STRING_LEN, "dpio.%d", dpio_id);
 	file = fopen("/proc/interrupts", "r");
 	if (!file) {
@@ -155,17 +162,27 @@ dpaa2_affine_dpio_intr_to_respective_core(int32_t dpio_id, int cpu_id)
 	}
 
 	cpu_mask = cpu_mask << cpu_id;
-	snprintf(command, COMMAND_LEN, "echo %X > /proc/irq/%s/smp_affinity",
-		 cpu_mask, token);
-	ret = system(command);
-	if (ret < 0)
-		DPAA2_BUS_DEBUG(
-			"Failed to affine interrupts on respective core");
-	else
-		DPAA2_BUS_DEBUG(" %s command is executed", command);
-
+	snprintf(smp_affinity, AFFINITY_LEN,
+		 "/proc/irq/%s/smp_affinity", token);
+	/* Free 'temp' memory after using the substring 'token' */
 	free(temp);
 	fclose(file);
+
+	file = fopen(smp_affinity, "w");
+	if (file == NULL) {
+		DPAA2_BUS_WARN("Failed to open %s", smp_affinity);
+		return;
+	}
+	fprintf(file, "%X\n", cpu_mask);
+	fflush(file);
+
+	if (ferror(file)) {
+		fclose(file);
+		DPAA2_BUS_WARN("Failed to write to %s", smp_affinity);
+		return;
+	}
+
+	fclose(file);
 }
 
 static int dpaa2_dpio_intr_init(struct dpaa2_dpio_dev *dpio_dev)
-- 
2.25.1


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [v2] [RFC] dpaa2: replace system("echo ...") with file i/o
  2023-05-02  9:54 ` [v2] " Sachin Saxena (OSS)
@ 2023-05-04  7:36   ` Mattias Rönnblom
  0 siblings, 0 replies; 5+ messages in thread
From: Mattias Rönnblom @ 2023-05-04  7:36 UTC (permalink / raw)
  To: Sachin Saxena (OSS), dev, stephen

On 2023-05-02 11:54, Sachin Saxena (OSS) wrote:
> From: Stephen Hemminger <stephen@networkplumber.org>
> 
>   Using system() is a bad idea in driver code because it introduces
>   a number of potential security issues. The codeql analysis tool
>   flags this a potential security issue.
> 
>   Instead just use normal stdio to do the same thing.
> 
>   Compile test only, do not have this hardware and therefore can
>   not test this.
> 
> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
> Reviewed-by: Sachin Saxena <sachin.saxena@oss.nxp.com>
> ---
>   drivers/bus/fslmc/portal/dpaa2_hw_dpio.c | 45 ++++++++++++++++--------
>   1 file changed, 31 insertions(+), 14 deletions(-)
> 
> diff --git a/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c b/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
> index 4aec7b2cd8..990cfc5d3b 100644
> --- a/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
> +++ b/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
> @@ -125,14 +125,21 @@ static void
>   dpaa2_affine_dpio_intr_to_respective_core(int32_t dpio_id, int cpu_id)
>   {
>   #define STRING_LEN	28
> -#define COMMAND_LEN	50
> +#define AFFINITY_LEN	128
> +#define CMD_LEN	300
>   	uint32_t cpu_mask = 1;
> -	int ret;
> -	size_t len = 0;
> -	char *temp = NULL, *token = NULL;
> -	char string[STRING_LEN], command[COMMAND_LEN];
> +	size_t len = CMD_LEN;
> +	char *temp, *token = NULL;
> +	char string[STRING_LEN];
> +	char smp_affinity[AFFINITY_LEN];
>   	FILE *file;
>   
> +	temp = (char *)malloc(len * sizeof(char));

No cast is necessary to go from void * to any other pointer.

sizeof(char) is by definition one. What you allocate from the heap are 
in units of chars, so multiplying with sizeof(char) doesn't make sense.

How is pre-allocating the buffer an improvement over the old code 
(deferring memory allocation to getline())?

> +	if (temp == NULL) {
> +		DPAA2_BUS_WARN("Unable to allocate temp buffer");
> +		return;
> +	}
> +
>   	snprintf(string, STRING_LEN, "dpio.%d", dpio_id);
>   	file = fopen("/proc/interrupts", "r");
>   	if (!file) {
> @@ -155,17 +162,27 @@ dpaa2_affine_dpio_intr_to_respective_core(int32_t dpio_id, int cpu_id)
>   	}
>   
>   	cpu_mask = cpu_mask << cpu_id;
> -	snprintf(command, COMMAND_LEN, "echo %X > /proc/irq/%s/smp_affinity",
> -		 cpu_mask, token);
> -	ret = system(command);
> -	if (ret < 0)
> -		DPAA2_BUS_DEBUG(
> -			"Failed to affine interrupts on respective core");
> -	else
> -		DPAA2_BUS_DEBUG(" %s command is executed", command);
> -
> +	snprintf(smp_affinity, AFFINITY_LEN,
> +		 "/proc/irq/%s/smp_affinity", token);
> +	/* Free 'temp' memory after using the substring 'token' */
>   	free(temp);
>   	fclose(file);
> +
> +	file = fopen(smp_affinity, "w");
> +	if (file == NULL) {
> +		DPAA2_BUS_WARN("Failed to open %s", smp_affinity);
> +		return;
> +	}
> +	fprintf(file, "%X\n", cpu_mask);
> +	fflush(file);
> +
> +	if (ferror(file)) {
> +		fclose(file);
> +		DPAA2_BUS_WARN("Failed to write to %s", smp_affinity);
> +		return;
> +	}
> +
> +	fclose(file);
>   }
>   
>   static int dpaa2_dpio_intr_init(struct dpaa2_dpio_dev *dpio_dev)

^ permalink raw reply	[flat|nested] 5+ messages in thread

* [PATCH v3] bus/fslmc/dpaa2: replace system("echo ...") with file i/o
  2022-06-02 21:49 [RFC] dpaa2: replace system("echo ...") with file i/o Stephen Hemminger
  2023-05-02  9:54 ` [v2] " Sachin Saxena (OSS)
@ 2024-08-26 16:11 ` Stephen Hemminger
  2024-10-17 16:15   ` Thomas Monjalon
  1 sibling, 1 reply; 5+ messages in thread
From: Stephen Hemminger @ 2024-08-26 16:11 UTC (permalink / raw)
  To: dev; +Cc: Stephen Hemminger, Sachin Saxena, Hemant Agrawal, Sachin Saxena

Using system() is a bad idea in driver code because it introduces
a number of potential security issues. The codeql analysis tool
flags this a potential security issue.

Instead just use normal stdio to do the same thing.

Compile test only, do not have this hardware and therefore can
not test this.

Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
Reviewed-by: Sachin Saxena <sachin.saxena@oss.nxp.com>
---
v3 - remove unneccessary pre-allocation of the line buffer

 drivers/bus/fslmc/portal/dpaa2_hw_dpio.c | 32 +++++++++++++++---------
 1 file changed, 20 insertions(+), 12 deletions(-)

diff --git a/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c b/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
index 4aec7b2cd8..d8a98326d9 100644
--- a/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
+++ b/drivers/bus/fslmc/portal/dpaa2_hw_dpio.c
@@ -125,12 +125,12 @@ static void
 dpaa2_affine_dpio_intr_to_respective_core(int32_t dpio_id, int cpu_id)
 {
 #define STRING_LEN	28
-#define COMMAND_LEN	50
+#define AFFINITY_LEN	128
 	uint32_t cpu_mask = 1;
-	int ret;
 	size_t len = 0;
 	char *temp = NULL, *token = NULL;
-	char string[STRING_LEN], command[COMMAND_LEN];
+	char string[STRING_LEN];
+	char smp_affinity[AFFINITY_LEN];
 	FILE *file;
 
 	snprintf(string, STRING_LEN, "dpio.%d", dpio_id);
@@ -155,17 +155,25 @@ dpaa2_affine_dpio_intr_to_respective_core(int32_t dpio_id, int cpu_id)
 	}
 
 	cpu_mask = cpu_mask << cpu_id;
-	snprintf(command, COMMAND_LEN, "echo %X > /proc/irq/%s/smp_affinity",
-		 cpu_mask, token);
-	ret = system(command);
-	if (ret < 0)
-		DPAA2_BUS_DEBUG(
-			"Failed to affine interrupts on respective core");
-	else
-		DPAA2_BUS_DEBUG(" %s command is executed", command);
-
+	snprintf(smp_affinity, AFFINITY_LEN, "/proc/irq/%s/smp_affinity", token);
 	free(temp);
 	fclose(file);
+
+	file = fopen(smp_affinity, "w");
+	if (file == NULL) {
+		DPAA2_BUS_WARN("Failed to open %s", smp_affinity);
+		return;
+	}
+	fprintf(file, "%X\n", cpu_mask);
+	fflush(file);
+
+	if (ferror(file)) {
+		fclose(file);
+		DPAA2_BUS_WARN("Failed to write to %s", smp_affinity);
+		return;
+	}
+
+	fclose(file);
 }
 
 static int dpaa2_dpio_intr_init(struct dpaa2_dpio_dev *dpio_dev)
-- 
2.43.0


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH v3] bus/fslmc/dpaa2: replace system("echo ...") with file i/o
  2024-08-26 16:11 ` [PATCH v3] bus/fslmc/dpaa2: " Stephen Hemminger
@ 2024-10-17 16:15   ` Thomas Monjalon
  0 siblings, 0 replies; 5+ messages in thread
From: Thomas Monjalon @ 2024-10-17 16:15 UTC (permalink / raw)
  To: Sachin Saxena, Stephen Hemminger; +Cc: dev, Sachin Saxena, Hemant Agrawal

26/08/2024 18:11, Stephen Hemminger:
> Using system() is a bad idea in driver code because it introduces
> a number of potential security issues. The codeql analysis tool
> flags this a potential security issue.
> 
> Instead just use normal stdio to do the same thing.
> 
> Compile test only, do not have this hardware and therefore can
> not test this.
> 
> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
> Reviewed-by: Sachin Saxena <sachin.saxena@oss.nxp.com>

Applied, thanks.




^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2024-10-17 16:15 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-06-02 21:49 [RFC] dpaa2: replace system("echo ...") with file i/o Stephen Hemminger
2023-05-02  9:54 ` [v2] " Sachin Saxena (OSS)
2023-05-04  7:36   ` Mattias Rönnblom
2024-08-26 16:11 ` [PATCH v3] bus/fslmc/dpaa2: " Stephen Hemminger
2024-10-17 16:15   ` Thomas Monjalon

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).