From: luca.boccassi@gmail.com
To: Tejasree Kondoj <ktejasree@marvell.com>
Cc: Akhil Goyal <gakhil@marvell.com>, dpdk stable <stable@dpdk.org>
Subject: patch 'examples/ipsec-secgw: fix dequeue count from cryptodev' has been queued to stable release 22.11.7
Date: Wed, 23 Oct 2024 22:15:47 +0100 [thread overview]
Message-ID: <20241023211704.1216956-7-luca.boccassi@gmail.com> (raw)
In-Reply-To: <20241023211704.1216956-1-luca.boccassi@gmail.com>
Hi,
FYI, your patch has been queued to stable release 22.11.7
Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 10/25/24. So please
shout if anyone has objections.
Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.
Queued patches are on a temporary branch at:
https://github.com/bluca/dpdk-stable
This queued commit can be viewed at:
https://github.com/bluca/dpdk-stable/commit/4152dbbb8e267f67a90e5f49524ada3e4af34d6b
Thanks.
Luca Boccassi
---
From 4152dbbb8e267f67a90e5f49524ada3e4af34d6b Mon Sep 17 00:00:00 2001
From: Tejasree Kondoj <ktejasree@marvell.com>
Date: Fri, 13 Sep 2024 12:37:26 +0530
Subject: [PATCH] examples/ipsec-secgw: fix dequeue count from cryptodev
[ upstream commit 88948ff31f57618a74c8985c59e332676995b438 ]
Setting dequeue packet count to max of MAX_PKT_BURST
size instead of MAX_PKTS.
Dequeue from cryptodev is called with MAX_PKTS but
routing functions allocate hop/dst_ip arrays of
size MAX_PKT_BURST. This can corrupt stack causing
stack smashing error when more than MAX_PKT_BURST
packets are returned from cryptodev.
Fixes: a2b445b810ac ("examples/ipsec-secgw: allow larger burst size for vectors")
Signed-off-by: Tejasree Kondoj <ktejasree@marvell.com>
Acked-by: Akhil Goyal <gakhil@marvell.com>
---
examples/ipsec-secgw/ipsec-secgw.c | 6 ++++--
examples/ipsec-secgw/ipsec_process.c | 3 ++-
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/examples/ipsec-secgw/ipsec-secgw.c b/examples/ipsec-secgw/ipsec-secgw.c
index 9620d73fc8..849efbe755 100644
--- a/examples/ipsec-secgw/ipsec-secgw.c
+++ b/examples/ipsec-secgw/ipsec-secgw.c
@@ -626,12 +626,13 @@ drain_inbound_crypto_queues(const struct lcore_conf *qconf,
uint32_t n;
struct ipsec_traffic trf;
unsigned int lcoreid = rte_lcore_id();
+ const int nb_pkts = RTE_DIM(trf.ipsec.pkts);
if (app_sa_prm.enable == 0) {
/* dequeue packets from crypto-queue */
n = ipsec_inbound_cqp_dequeue(ctx, trf.ipsec.pkts,
- RTE_DIM(trf.ipsec.pkts));
+ RTE_MIN(MAX_PKT_BURST, nb_pkts));
trf.ip4.num = 0;
trf.ip6.num = 0;
@@ -663,12 +664,13 @@ drain_outbound_crypto_queues(const struct lcore_conf *qconf,
{
uint32_t n;
struct ipsec_traffic trf;
+ const int nb_pkts = RTE_DIM(trf.ipsec.pkts);
if (app_sa_prm.enable == 0) {
/* dequeue packets from crypto-queue */
n = ipsec_outbound_cqp_dequeue(ctx, trf.ipsec.pkts,
- RTE_DIM(trf.ipsec.pkts));
+ RTE_MIN(MAX_PKT_BURST, nb_pkts));
trf.ip4.num = 0;
trf.ip6.num = 0;
diff --git a/examples/ipsec-secgw/ipsec_process.c b/examples/ipsec-secgw/ipsec_process.c
index b0cece3ad1..1a64a4b49f 100644
--- a/examples/ipsec-secgw/ipsec_process.c
+++ b/examples/ipsec-secgw/ipsec_process.c
@@ -336,6 +336,7 @@ ipsec_cqp_process(struct ipsec_ctx *ctx, struct ipsec_traffic *trf)
struct rte_ipsec_session *ss;
struct traffic_type *out;
struct rte_ipsec_group *pg;
+ const int nb_cops = RTE_DIM(trf->ipsec.pkts);
struct rte_crypto_op *cop[RTE_DIM(trf->ipsec.pkts)];
struct rte_ipsec_group grp[RTE_DIM(trf->ipsec.pkts)];
@@ -345,7 +346,7 @@ ipsec_cqp_process(struct ipsec_ctx *ctx, struct ipsec_traffic *trf)
out = &trf->ipsec;
/* dequeue completed crypto-ops */
- n = ctx_dequeue(ctx, cop, RTE_DIM(cop));
+ n = ctx_dequeue(ctx, cop, RTE_MIN(MAX_PKT_BURST, nb_cops));
if (n == 0)
return;
--
2.45.2
---
Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- - 2024-10-23 22:16:40.822219046 +0100
+++ 0007-examples-ipsec-secgw-fix-dequeue-count-from-cryptode.patch 2024-10-23 22:16:40.439940407 +0100
@@ -1 +1 @@
-From 88948ff31f57618a74c8985c59e332676995b438 Mon Sep 17 00:00:00 2001
+From 4152dbbb8e267f67a90e5f49524ada3e4af34d6b Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit 88948ff31f57618a74c8985c59e332676995b438 ]
+
@@ -16 +17,0 @@
-Cc: stable@dpdk.org
@@ -26 +27 @@
-index e98ad2572e..063cc8768e 100644
+index 9620d73fc8..849efbe755 100644
@@ -60 +61 @@
-index ddbe30745b..5080e810e0 100644
+index b0cece3ad1..1a64a4b49f 100644
next prev parent reply other threads:[~2024-10-23 21:17 UTC|newest]
Thread overview: 79+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-23 21:15 patch 'devtools: fix forbidden token check with multiple files' " luca.boccassi
2024-10-23 21:15 ` patch 'eal/x86: fix 32-bit write combining store' " luca.boccassi
2024-10-23 21:15 ` patch 'examples/eventdev: fix queue crash with generic pipeline' " luca.boccassi
2024-10-23 21:15 ` patch 'crypto/dpaa2_sec: fix memory leak' " luca.boccassi
2024-10-23 21:15 ` patch 'common/dpaax/caamflib: fix PDCP SNOW-ZUC watchdog' " luca.boccassi
2024-10-23 21:15 ` patch 'dev: fix callback lookup when unregistering device' " luca.boccassi
2024-10-23 21:15 ` luca.boccassi [this message]
2024-10-23 21:15 ` patch 'bpf: fix free function mismatch if convert fails' " luca.boccassi
2024-10-23 21:15 ` patch 'baseband/la12xx: fix use after free in modem config' " luca.boccassi
2024-10-23 21:15 ` patch 'crypto/bcmfs: fix free function mismatch' " luca.boccassi
2024-10-23 21:15 ` patch 'dma/idxd: fix free function mismatch in device probe' " luca.boccassi
2024-10-23 21:15 ` patch 'event/cnxk: fix free function mismatch in port config' " luca.boccassi
2024-10-23 21:15 ` patch 'net/e1000: fix use after free in filter flush' " luca.boccassi
2024-10-23 21:15 ` patch 'net/nfp: fix double free in flow destroy' " luca.boccassi
2024-10-23 21:15 ` patch 'net/sfc: fix use after free in debug logs' " luca.boccassi
2024-10-23 21:15 ` patch 'raw/ifpga/base: fix use after free' " luca.boccassi
2024-10-23 21:15 ` patch 'raw/ifpga: fix free function mismatch in interrupt config' " luca.boccassi
2024-10-23 21:15 ` patch 'examples/vhost: fix free function mismatch' " luca.boccassi
2024-10-23 21:15 ` patch 'net/nfb: fix use after free' " luca.boccassi
2024-10-23 21:16 ` patch 'power: enable CPPC' " luca.boccassi
2024-10-23 21:16 ` patch 'fib6: add runtime checks in AVX512 lookup' " luca.boccassi
2024-10-23 21:16 ` patch 'app/dumpcap: fix handling of jumbo frames' " luca.boccassi
2024-10-23 21:16 ` patch 'net/cnxk: fix Rx timestamp handling for VF' " luca.boccassi
2024-10-23 21:16 ` patch 'net/cnxk: fix Rx offloads to handle timestamp' " luca.boccassi
2024-10-23 21:16 ` patch 'event/cnxk: fix Rx timestamp handling' " luca.boccassi
2024-10-23 21:16 ` patch 'common/cnxk: fix CPT HW word size for outbound SA' " luca.boccassi
2024-10-23 21:16 ` patch 'common/cnxk: fix base log level' " luca.boccassi
2024-10-23 21:16 ` patch 'baseband/acc: fix access to deallocated mem' " luca.boccassi
2024-10-23 21:16 ` patch 'vhost: fix offset while mapping log base address' " luca.boccassi
2024-10-23 21:16 ` patch 'vdpa: update used flags in used ring relay' " luca.boccassi
2024-10-23 21:16 ` patch 'net/virtio-user: reset used index counter' " luca.boccassi
2024-10-23 21:16 ` patch 'fib: fix AVX512 lookup' " luca.boccassi
2024-10-23 21:16 ` patch 'net/e1000: fix link status crash in secondary process' " luca.boccassi
2024-10-23 21:16 ` patch 'net/iavf: fix crash when link is unstable' " luca.boccassi
2024-10-23 21:16 ` patch 'net/ice/base: fix link speed for 200G' " luca.boccassi
2024-10-23 21:16 ` patch 'net/ice/base: fix iteration of TLVs in Preserved Fields Area' " luca.boccassi
2024-10-23 21:16 ` patch 'net/ixgbe/base: fix unchecked return value' " luca.boccassi
2024-10-23 21:16 ` patch 'net/i40e/base: fix setting flags in init function' " luca.boccassi
2024-10-23 21:16 ` patch 'net/i40e/base: fix misleading debug logs and comments' " luca.boccassi
2024-10-23 21:16 ` patch 'net/i40e/base: fix blinking X722 with X557 PHY' " luca.boccassi
2024-10-23 21:16 ` patch 'net/i40e/base: fix DDP loading with reserved track ID' " luca.boccassi
2024-10-23 21:16 ` patch 'net/i40e/base: fix repeated register dumps' " luca.boccassi
2024-10-23 21:16 ` patch 'net/i40e/base: fix unchecked return value' " luca.boccassi
2024-10-23 21:16 ` patch 'net/i40e/base: fix loop bounds' " luca.boccassi
2024-10-23 21:16 ` patch 'net/i40e: fix AVX-512 pointer copy on 32-bit' " luca.boccassi
2024-10-23 21:16 ` patch 'net/ice: " luca.boccassi
2024-10-23 21:16 ` patch 'net/iavf: " luca.boccassi
2024-10-23 21:16 ` patch 'net/tap: avoid memcpy with null argument' " luca.boccassi
2024-10-23 21:16 ` patch 'app/testpmd: remove unnecessary cast' " luca.boccassi
2024-10-23 21:16 ` patch 'net/pcap: set live interface as non-blocking' " luca.boccassi
2024-10-23 21:16 ` patch 'net/mana: support rdma-core via pkg-config' " luca.boccassi
2024-10-23 21:16 ` patch 'net/ena: revert redefining memcpy' " luca.boccassi
2024-10-23 21:16 ` patch 'net/hns3: remove some basic address dump' " luca.boccassi
2024-10-23 21:16 ` patch 'net/hns3: fix dump counter of registers' " luca.boccassi
2024-10-23 21:16 ` patch 'ethdev: fix overflow in descriptor count' " luca.boccassi
2024-10-23 21:16 ` patch 'bus/dpaa: fix PFDRs leaks due to FQRNIs' " luca.boccassi
2024-10-23 21:16 ` patch 'net/dpaa: fix typecasting channel ID' " luca.boccassi
2024-10-23 21:16 ` patch 'bus/dpaa: fix VSP for 1G fm1-mac9 and 10' " luca.boccassi
2024-10-23 21:16 ` patch 'bus/dpaa: fix the fman details status' " luca.boccassi
2024-10-23 21:16 ` patch 'net/dpaa: fix reallocate mbuf handling' " luca.boccassi
2024-10-23 21:16 ` patch 'net/memif: fix buffer overflow in zero copy Rx' " luca.boccassi
2024-10-23 21:16 ` patch 'net/tap: restrict maximum number of MP FDs' " luca.boccassi
2024-10-23 21:16 ` patch 'ethdev: verify queue ID in Tx done cleanup' " luca.boccassi
2024-10-23 21:16 ` patch 'net/hns3: verify reset type from firmware' " luca.boccassi
2024-10-23 21:16 ` patch 'net/nfp: fix link change return value' " luca.boccassi
2024-10-23 21:16 ` patch 'net/pcap: fix blocking Rx' " luca.boccassi
2024-10-23 21:16 ` patch 'net/ice/base: add bounds check' " luca.boccassi
2024-10-23 21:16 ` patch 'net/ice/base: fix VLAN replay after reset' " luca.boccassi
2024-10-23 21:16 ` patch 'net/iavf: preserve MAC address with i40e PF Linux driver' " luca.boccassi
2024-10-23 21:16 ` patch 'net/mlx5: workaround list management of Rx queue control' " luca.boccassi
2024-10-23 21:16 ` patch 'net/mlx5: fix number of supported flex parsers' " luca.boccassi
2024-10-23 21:16 ` patch 'app/testpmd: remove flex item init command leftover' " luca.boccassi
2024-10-23 21:16 ` patch 'net/mlx5: fix next protocol validation after flex item' " luca.boccassi
2024-10-23 21:16 ` patch 'build: remove version check on compiler links function' " luca.boccassi
2024-10-23 21:16 ` patch 'hash: fix thash LFSR initialization' " luca.boccassi
2024-10-23 21:16 ` patch 'dmadev: fix potential null pointer access' " luca.boccassi
2024-10-23 21:16 ` patch 'net/gve/base: fix build with Fedora Rawhide' " luca.boccassi
2024-10-23 21:16 ` patch 'power: fix mapped lcore ID' " luca.boccassi
2024-10-23 21:16 ` patch 'net/ionic: fix build on Fedora Rawhide' " luca.boccassi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241023211704.1216956-7-luca.boccassi@gmail.com \
--to=luca.boccassi@gmail.com \
--cc=gakhil@marvell.com \
--cc=ktejasree@marvell.com \
--cc=stable@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).