From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 9B98BA0548 for ; Wed, 10 Nov 2021 07:55:31 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 81CA041100; Wed, 10 Nov 2021 07:55:31 +0100 (CET) Received: from NAM10-DM6-obe.outbound.protection.outlook.com (mail-dm6nam10on2073.outbound.protection.outlook.com [40.107.93.73]) by mails.dpdk.org (Postfix) with ESMTP id 8E4C640142 for ; Wed, 10 Nov 2021 07:55:30 +0100 (CET) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=UIN8k1Urftv8M7t7KdTM82uUVaJF4/0OOHBwxJSk/Ppgx0e/fd0r1rEApoSZqAjMWf9Xr200sIe87bODUs36A2eGhI3pjreMGsqhOHZUMj/73KfpL8g7V1gWDqzRJhatEHYgbnrAY8kYcM1Wn86CUD1ws12ip6PTjakBxyFQxIwmfH6aIX+9oCxdMB1ccM5ao3+IyB7EdhbhQ94ZuQxJg2t/LIqZ1zZcjpC8KrG6u51M8bIeeH52NBMM/bRHjmJ+jt3Lnwfx2zWHVfmFQTr5hIz+mrW7GJzpGU4GIcVGhrEnYnbQGuo9WgeQ5F36EjnLQHk4vAUQAcJOYIjASFdpxA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=Rn+qJXBY2ay0alP1bzEUng/cwqlfYjGA8hUJLSkPxTw=; b=e655n7/1cW4sANdX9FvtOa/bWQ1flskG4SCx8LnryyvODejChKM/sPGeeEU8sx+pepjxFgBE3LRdrKsLhN/QfEecmR58EuJMOgi7CMHPFD7KNjQ8qGT2dStlfDtMC1c0wtBwV30NP0ODLDkr35WncTyqBh4sIQmJ9v4TLlmfeIl0ra0bHjwsyQLO8Qi6JUg8JCE+tXjhygk99zpexEutv5qlh/l/ESl1u+m8iQb9ag3aQXqXhGSQ9cIOPO4XV0kyFkaqbLZXEem/pNYuvHZUwqxQGeJ1685TciQumLT7aCvZF99LVrn/9yYZpCSex1YgqTANvzCKvX8JwL85sG+MZQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.112.34) smtp.rcpttodomain=redhat.com smtp.mailfrom=nvidia.com; dmarc=pass (p=quarantine sp=quarantine pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Rn+qJXBY2ay0alP1bzEUng/cwqlfYjGA8hUJLSkPxTw=; b=C1mNyvYP8ytNPWlFqDTxJDnaTJhDWgh9hbwQYPzWLsmn7D2t3WNbGn0vvoUo1kjC+tXZYEI6Ihz8ETCWbiuYl1MmRGlKj5609Rh/kHZXSkJ2DYAVaJgKW8BYs2y+JyzWgyulKKWw8y4DJDSY65oVWIg6mf+kVdWYg4x1YTqwn/1M58NrONTk1EXr7djtmRqibIl3Ufx4NOx9wxDm2o4bgo+o6PRYFRtuPhUuR46IgBGmQutYj8QIrvH41T1+pGpHSI1w1I9Cbx1jvNoH2Ec/lYh1N+BjL3xyt6dnbYk2qrp7xkZeLbx05yaIIhf8TIqqvGE4M3Wzgx4Nk5TvVzSd7w== Received: from DM6PR02CA0161.namprd02.prod.outlook.com (2603:10b6:5:332::28) by MN2PR12MB4487.namprd12.prod.outlook.com (2603:10b6:208:264::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4669.13; Wed, 10 Nov 2021 06:55:28 +0000 Received: from DM6NAM11FT030.eop-nam11.prod.protection.outlook.com (2603:10b6:5:332:cafe::cd) by DM6PR02CA0161.outlook.office365.com (2603:10b6:5:332::28) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4669.10 via Frontend Transport; Wed, 10 Nov 2021 06:55:28 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.112.34) smtp.mailfrom=nvidia.com; redhat.com; dkim=none (message not signed) header.d=none;redhat.com; dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.112.34 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.112.34; helo=mail.nvidia.com; Received: from mail.nvidia.com (216.228.112.34) by DM6NAM11FT030.mail.protection.outlook.com (10.13.172.146) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.4690.15 via Frontend Transport; Wed, 10 Nov 2021 06:55:28 +0000 Received: from nvidia.com (172.20.187.6) by HQMAIL107.nvidia.com (172.20.187.13) with Microsoft SMTP Server (TLS) id 15.0.1497.18; Wed, 10 Nov 2021 06:55:24 +0000 From: Xueming Li To: David Marchand CC: Luca Boccassi , Yan Xia , Maxime Coquelin , dpdk stable Date: Wed, 10 Nov 2021 14:31:32 +0800 Message-ID: <20211110063216.2744012-209-xuemingl@nvidia.com> X-Mailer: git-send-email 2.33.0 In-Reply-To: <20211110063216.2744012-1-xuemingl@nvidia.com> References: <20211110063216.2744012-1-xuemingl@nvidia.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-Originating-IP: [172.20.187.6] X-ClientProxiedBy: HQMAIL101.nvidia.com (172.20.187.10) To HQMAIL107.nvidia.com (172.20.187.13) X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: d1642f79-7da3-4663-7604-08d9a417149e X-MS-TrafficTypeDiagnostic: MN2PR12MB4487: X-Microsoft-Antispam-PRVS: X-MS-Oob-TLC-OOBClassifiers: OLM:9508; X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: EM5Eab8FbUX0/O1pAxHihG5rV2gEoJTh5W1rz7T97rIzF6Dayc6nZRwhH9ROvpab9pb36b9H5/5vwbhAc7h+bcY+oQmKUrd1+iE2jEKPuGIVmoXXjMBSBMQzqcPxHma2uvhDLH/r2m2suZkPPfzIr9SgQ3rfvpSfMyK0yPQLePIAKZiBa7HucGQr/zUjTlkSV1Wz96WvAy5hIy5m6jnUBmSI/9LwYdS3+neh8e3+T1VsEOYPXYxf6jN4IfPv5UfjbNml6q2Oc97awoVoEPHTzy+/5hIR3etfgPFIgTV5fzUCBE0iSTdchwK3YVexiDRpuHPEbMqTueqWYgT8hZJPzTTX+5dEpXNBEFYqHL4faTSuWwAyQBrcJCkzSkfyhr0tB0hI7UbmpChLGL3rugQUcomob/I8ZkdqESKhMcXRvGaMbruWjMWS1Y3o7WFvjzexan4JyhrP5ZUfFeFj+itYILHSybeV90G+CIeWDmCOhvmh8eTK/8YV4Rft1KnvDzoLcIno/pHk/jTXzwaAqc97J5wAKFTHO5m8uC4lJgL2RElpbKCyIiVUAP2y2wq/f4IB7GKoiWCzDM1bUhUFB+dHu8eDMaDaNgRTYANhPIRnugLJa+TGeELFQLj/fg7Lt75yKyrt9ZTVYiGspaZTpM54M32QcG3xn6CQOcLyJcDSS1IfBqNFAwOMX/O6lMg+ya9ozIc0cVkp8KKvJdshmjqVBFKFTMyM9aIeyZWLZIH5jb3wjQIRcTAajhCb79fi5jflaFQDtAosMjy+UtjZnscoDA/FsXpaAtsIUd8bxyJdbPxAvoXP35KVNTBvmAdrO7f3/MbTcNSUnEFOodLW9irg4g== X-Forefront-Antispam-Report: CIP:216.228.112.34; CTRY:US; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:mail.nvidia.com; PTR:schybrid03.nvidia.com; CAT:NONE; SFS:(4636009)(46966006)(36840700001)(2616005)(6916009)(426003)(4326008)(4001150100001)(55016002)(47076005)(508600001)(8676002)(53546011)(336012)(16526019)(5660300002)(356005)(8936002)(15650500001)(70586007)(82310400003)(7636003)(6666004)(316002)(36906005)(186003)(86362001)(54906003)(26005)(6286002)(2906002)(966005)(7696005)(36860700001)(83380400001)(1076003)(70206006)(36756003); DIR:OUT; SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Nov 2021 06:55:28.5598 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: d1642f79-7da3-4663-7604-08d9a417149e X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a; Ip=[216.228.112.34]; Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DM6NAM11FT030.eop-nam11.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR12MB4487 Subject: [dpdk-stable] patch 'eal/linux: fix uevent message parsing' has been queued to stable release 20.11.4 X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Sender: "stable" Hi, FYI, your patch has been queued to stable release 20.11.4 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 11/12/21. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. This will indicate if there was any rebasing needed to apply to the stable branch. If there were code changes for rebasing (ie: not only metadata diffs), please double check that the rebase was correctly done. Queued patches are on a temporary branch at: https://github.com/steevenlee/dpdk This queued commit can be viewed at: https://github.com/steevenlee/dpdk/commit/3c1d9e3840a22f606b40fa8972d62cd848ffdbac Thanks. Xueming Li --- >From 3c1d9e3840a22f606b40fa8972d62cd848ffdbac Mon Sep 17 00:00:00 2001 From: David Marchand Date: Tue, 2 Nov 2021 19:40:20 +0100 Subject: [PATCH] eal/linux: fix uevent message parsing Cc: Xueming Li [ upstream commit 4847122aab5ced55b3c656e8ee425e90c6eb5904 ] Caught with ASan: ==9727==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7f0daa2fc0d0 at pc 0x7f0daeefacb2 bp 0x7f0daa2fadd0 sp 0x7f0daa2fa578 READ of size 1 at 0x7f0daa2fc0d0 thread T1 #0 0x7f0daeefacb1 (/lib64/libasan.so.5+0xbacb1) #1 0x115eba1 in dev_uev_parse ../lib/eal/linux/eal_dev.c:167 #2 0x115f281 in dev_uev_handler ../lib/eal/linux/eal_dev.c:248 #3 0x1169b91 in eal_intr_process_interrupts ../lib/eal/linux/eal_interrupts.c:1026 #4 0x116a3a2 in eal_intr_handle_interrupts ../lib/eal/linux/eal_interrupts.c:1100 #5 0x116a7f0 in eal_intr_thread_main ../lib/eal/linux/eal_interrupts.c:1172 #6 0x112640a in ctrl_thread_init ../lib/eal/common/eal_common_thread.c:202 #7 0x7f0dade27159 in start_thread (/lib64/libpthread.so.0+0x8159) #8 0x7f0dadb58f72 in clone (/lib64/libc.so.6+0xfcf72) Address 0x7f0daa2fc0d0 is located in stack of thread T1 at offset 4192 in frame #0 0x115f0c9 in dev_uev_handler ../lib/eal/linux/eal_dev.c:226 This frame has 2 object(s): [32, 48) 'uevent' [96, 4192) 'buf' <== Memory access at offset 4192 overflows this variable HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext (longjmp and C++ exceptions *are* supported) Thread T1 created by T0 here: #0 0x7f0daee92ea3 in __interceptor_pthread_create (/lib64/libasan.so.5+0x52ea3) #1 0x1126542 in rte_ctrl_thread_create ../lib/eal/common/eal_common_thread.c:228 #2 0x116a8b5 in rte_eal_intr_init ../lib/eal/linux/eal_interrupts.c:1200 #3 0x1159dd1 in rte_eal_init ../lib/eal/linux/eal.c:1044 #4 0x7a22f8 in main ../app/test-pmd/testpmd.c:4105 #5 0x7f0dada7f802 in __libc_start_main (/lib64/libc.so.6+0x23802) Bugzilla ID: 792 Fixes: 0d0f478d0483 ("eal/linux: add uevent parse and process") Signed-off-by: David Marchand Tested-by: Yan Xia Reviewed-by: Maxime Coquelin --- lib/librte_eal/linux/eal_dev.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/librte_eal/linux/eal_dev.c b/lib/librte_eal/linux/eal_dev.c index 5c0e752b2d..ae0021e7b5 100644 --- a/lib/librte_eal/linux/eal_dev.c +++ b/lib/librte_eal/linux/eal_dev.c @@ -157,6 +157,9 @@ dev_uev_parse(const char *buf, struct rte_dev_event *event, int length) break; buf++; } + if (i >= length) + break; + /** * check device uevent from kernel side, no need to check * uevent from udev. -- 2.33.0 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2021-11-10 14:17:11.104421332 +0800 +++ 0208-eal-linux-fix-uevent-message-parsing.patch 2021-11-10 14:17:02.017411557 +0800 @@ -1 +1 @@ -From 4847122aab5ced55b3c656e8ee425e90c6eb5904 Mon Sep 17 00:00:00 2001 +From 3c1d9e3840a22f606b40fa8972d62cd848ffdbac Mon Sep 17 00:00:00 2001 @@ -4,0 +5,3 @@ +Cc: Xueming Li + +[ upstream commit 4847122aab5ced55b3c656e8ee425e90c6eb5904 ] @@ -48 +50,0 @@ -Cc: stable@dpdk.org @@ -54 +56 @@ - lib/eal/linux/eal_dev.c | 3 +++ + lib/librte_eal/linux/eal_dev.c | 3 +++ @@ -57,5 +59,5 @@ -diff --git a/lib/eal/linux/eal_dev.c b/lib/eal/linux/eal_dev.c -index 06820a3666..6aaeffb4e9 100644 ---- a/lib/eal/linux/eal_dev.c -+++ b/lib/eal/linux/eal_dev.c -@@ -160,6 +160,9 @@ dev_uev_parse(const char *buf, struct rte_dev_event *event, int length) +diff --git a/lib/librte_eal/linux/eal_dev.c b/lib/librte_eal/linux/eal_dev.c +index 5c0e752b2d..ae0021e7b5 100644 +--- a/lib/librte_eal/linux/eal_dev.c ++++ b/lib/librte_eal/linux/eal_dev.c +@@ -157,6 +157,9 @@ dev_uev_parse(const char *buf, struct rte_dev_event *event, int length)