From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by dpdk.space (Postfix) with ESMTP id 714F5A0096 for ; Wed, 10 Apr 2019 18:46:01 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 657461B128; Wed, 10 Apr 2019 18:46:01 +0200 (CEST) Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by dpdk.org (Postfix) with ESMTP id B55151B1E9 for ; Wed, 10 Apr 2019 18:45:59 +0200 (CEST) Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 27723BCD24; Wed, 10 Apr 2019 16:45:59 +0000 (UTC) Received: from rh.redhat.com (ovpn-117-94.ams2.redhat.com [10.36.117.94]) by smtp.corp.redhat.com (Postfix) with ESMTP id 067915D962; Wed, 10 Apr 2019 16:45:57 +0000 (UTC) From: Kevin Traynor To: Hyong Youb Kim Cc: John Daley , dpdk stable Date: Wed, 10 Apr 2019 17:44:04 +0100 Message-Id: <20190410164411.10546-56-ktraynor@redhat.com> In-Reply-To: <20190410164411.10546-1-ktraynor@redhat.com> References: <20190410164411.10546-1-ktraynor@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.38]); Wed, 10 Apr 2019 16:45:59 +0000 (UTC) Subject: [dpdk-stable] patch 'net/enic: check for unsupported flow item types' has been queued to LTS release 18.11.2 X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Sender: "stable" Hi, FYI, your patch has been queued to LTS release 18.11.2 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 04/16/19. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. This will indicate if there was any rebasing needed to apply to the stable branch. If there were code changes for rebasing (ie: not only metadata diffs), please double check that the rebase was correctly done. Thanks. Kevin Traynor --- >From 946cb3b1ca679b2e964cf1a3ceebc7e8d8764629 Mon Sep 17 00:00:00 2001 From: Hyong Youb Kim Date: Sat, 2 Mar 2019 02:42:43 -0800 Subject: [PATCH] net/enic: check for unsupported flow item types [ upstream commit 4d8e9aa48328edb58f8a843a8e6bee327e12d181 ] Currently a pattern with an unsupported item type causes segfault, because the flow handler is using the type as an array index without checking bounds. Add an explicit check for unsupported item types and avoid out-of-bound accesses. Fixes: 6ced137607d0 ("net/enic: flow API for NICs with advanced filters enabled") Signed-off-by: Hyong Youb Kim Reviewed-by: John Daley --- drivers/net/enic/enic_flow.c | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/drivers/net/enic/enic_flow.c b/drivers/net/enic/enic_flow.c index e12a6ec73..c60476c8c 100644 --- a/drivers/net/enic/enic_flow.c +++ b/drivers/net/enic/enic_flow.c @@ -41,4 +41,6 @@ struct enic_filter_cap { /** list of valid items and their handlers and attributes. */ const struct enic_items *item_info; + /* Max type in the above list, used to detect unsupported types */ + enum rte_flow_item_type max_item_type; }; @@ -258,10 +260,13 @@ static const struct enic_filter_cap enic_filter_cap[] = { [FILTER_IPV4_5TUPLE] = { .item_info = enic_items_v1, + .max_item_type = RTE_FLOW_ITEM_TYPE_TCP, }, [FILTER_USNIC_IP] = { .item_info = enic_items_v2, + .max_item_type = RTE_FLOW_ITEM_TYPE_VXLAN, }, [FILTER_DPDK_1] = { .item_info = enic_items_v3, + .max_item_type = RTE_FLOW_ITEM_TYPE_VXLAN, }, }; @@ -947,5 +952,5 @@ item_stacking_valid(enum rte_flow_item_type prev_item, static int enic_copy_filter(const struct rte_flow_item pattern[], - const struct enic_items *items_info, + const struct enic_filter_cap *cap, struct filter_v2 *enic_filter, struct rte_flow_error *error) @@ -970,5 +975,12 @@ enic_copy_filter(const struct rte_flow_item pattern[], continue; - item_info = &items_info[item->type]; + item_info = &cap->item_info[item->type]; + if (item->type > cap->max_item_type || + item_info->copy_item == NULL) { + rte_flow_error_set(error, ENOTSUP, + RTE_FLOW_ERROR_TYPE_ITEM, + NULL, "Unsupported item."); + return -rte_errno; + } /* check to see if item stacking is valid */ @@ -1424,5 +1436,5 @@ enic_flow_parse(struct rte_eth_dev *dev, } enic_filter->type = enic->flow_filter_mode; - ret = enic_copy_filter(pattern, enic_filter_cap->item_info, + ret = enic_copy_filter(pattern, enic_filter_cap, enic_filter, error); return ret; -- 2.20.1 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2019-04-10 14:06:12.160587523 +0100 +++ 0056-net-enic-check-for-unsupported-flow-item-types.patch 2019-04-10 14:06:08.010290901 +0100 @@ -1,15 +1,16 @@ -From 4d8e9aa48328edb58f8a843a8e6bee327e12d181 Mon Sep 17 00:00:00 2001 +From 946cb3b1ca679b2e964cf1a3ceebc7e8d8764629 Mon Sep 17 00:00:00 2001 From: Hyong Youb Kim Date: Sat, 2 Mar 2019 02:42:43 -0800 Subject: [PATCH] net/enic: check for unsupported flow item types +[ upstream commit 4d8e9aa48328edb58f8a843a8e6bee327e12d181 ] + Currently a pattern with an unsupported item type causes segfault, because the flow handler is using the type as an array index without checking bounds. Add an explicit check for unsupported item types and avoid out-of-bound accesses. Fixes: 6ced137607d0 ("net/enic: flow API for NICs with advanced filters enabled") -Cc: stable@dpdk.org Signed-off-by: Hyong Youb Kim Reviewed-by: John Daley