From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 25A9248A44 for ; Fri, 31 Oct 2025 15:35:48 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 1F74C40661; Fri, 31 Oct 2025 15:35:48 +0100 (CET) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by mails.dpdk.org (Postfix) with ESMTP id 72AE940665 for ; Fri, 31 Oct 2025 15:35:46 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1761921346; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=YyWA/3PcJvBz36S89HDM40Xefp7fgdwzR4VIz1RiCUQ=; b=X6OHJFDK2kaVqMberyO0UldfPhkBD/4o6j5j9N7lE65EA7ATmR2UqRKt3TyyIzByNPyldO bHyprrh07oB0S6kjZT8D3WrkQhToE9FkIHapQ7CbmSiiUIxeAopdLmzeP0bFV/p/WHjWtf PEVIhH6Lin4cVCTg5Y+XZEbUYeXxww4= Received: from mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-245-2gkcFlYPP0iLGxszsRTR5g-1; Fri, 31 Oct 2025 10:35:42 -0400 X-MC-Unique: 2gkcFlYPP0iLGxszsRTR5g-1 X-Mimecast-MFC-AGG-ID: 2gkcFlYPP0iLGxszsRTR5g_1761921342 Received: from mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.111]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id D6978195607A; Fri, 31 Oct 2025 14:35:41 +0000 (UTC) Received: from rh.redhat.com (unknown [10.44.32.50]) by mx-prod-int-08.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 4D3F918004D4; Fri, 31 Oct 2025 14:35:40 +0000 (UTC) From: Kevin Traynor To: Joshua Washington Cc: Ankit Garg , dpdk stable Subject: patch 'net/gve: validate Tx packet before sending' has been queued to stable release 24.11.4 Date: Fri, 31 Oct 2025 14:32:14 +0000 Message-ID: <20251031143421.324432-12-ktraynor@redhat.com> In-Reply-To: <20251031143421.324432-1-ktraynor@redhat.com> References: <20251031143421.324432-1-ktraynor@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.111 X-Mimecast-Spam-Score: 0 X-Mimecast-MFC-PROC-ID: d9xl4X181eidRXDNzyN-zP0ggY0yAn1eUGW4lHxRdBA_1761921342 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: 8bit content-type: text/plain; charset="US-ASCII"; x-default=true X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Hi, FYI, your patch has been queued to stable release 24.11.4 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 11/05/25. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. This will indicate if there was any rebasing needed to apply to the stable branch. If there were code changes for rebasing (ie: not only metadata diffs), please double check that the rebase was correctly done. Queued patches are on a temporary branch at: https://github.com/kevintraynor/dpdk-stable This queued commit can be viewed at: https://github.com/kevintraynor/dpdk-stable/commit/055812afeb5c0efb6bd234104518652f958ab856 Thanks. Kevin --- >From 055812afeb5c0efb6bd234104518652f958ab856 Mon Sep 17 00:00:00 2001 From: Joshua Washington Date: Mon, 7 Jul 2025 16:18:08 -0700 Subject: [PATCH] net/gve: validate Tx packet before sending [ upstream commit f33ce4445ee6bc8f6d2ea4d894511f5446e9e3a2 ] The hardware assumes that a mismatch between the reported packet length and the total amount of data in the descriptors is caused by a malicious driver, leading the hardware to disable transmission altogether. To avoid such a scenario, use rte_mbuf_check to validate that the mbuf is correctly formed before processing. Fixes: 4022f9999f56 ("net/gve: support basic Tx data path for DQO") Signed-off-by: Joshua Washington Reviewed-by: Ankit Garg --- drivers/net/gve/gve_tx_dqo.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/drivers/net/gve/gve_tx_dqo.c b/drivers/net/gve/gve_tx_dqo.c index b2e5aae634..7e03e75b20 100644 --- a/drivers/net/gve/gve_tx_dqo.c +++ b/drivers/net/gve/gve_tx_dqo.c @@ -114,4 +114,6 @@ gve_tx_burst_dqo(void *tx_queue, struct rte_mbuf **tx_pkts, uint16_t nb_pkts) struct rte_mbuf *tx_pkt; uint16_t mask, sw_mask; + uint16_t first_sw_id; + const char *reason; uint16_t nb_tx = 0; uint64_t ol_flags; @@ -120,5 +122,4 @@ gve_tx_burst_dqo(void *tx_queue, struct rte_mbuf **tx_pkts, uint16_t nb_pkts) uint16_t sw_id; uint64_t bytes; - uint16_t first_sw_id; uint8_t tso; uint8_t csum; @@ -140,4 +141,10 @@ gve_tx_burst_dqo(void *tx_queue, struct rte_mbuf **tx_pkts, uint16_t nb_pkts) txq->rs_thresh); + + if (rte_mbuf_check(tx_pkt, true, &reason)) { + PMD_DRV_LOG(DEBUG, "Invalid mbuf: %s", reason); + break; + } + ol_flags = tx_pkt->ol_flags; first_sw_id = sw_id; -- 2.51.0 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2025-10-31 13:53:52.658914418 +0000 +++ 0012-net-gve-validate-Tx-packet-before-sending.patch 2025-10-31 13:53:52.017523309 +0000 @@ -1 +1 @@ -From f33ce4445ee6bc8f6d2ea4d894511f5446e9e3a2 Mon Sep 17 00:00:00 2001 +From 055812afeb5c0efb6bd234104518652f958ab856 Mon Sep 17 00:00:00 2001 @@ -5,0 +6,2 @@ +[ upstream commit f33ce4445ee6bc8f6d2ea4d894511f5446e9e3a2 ] + @@ -13 +14,0 @@ -Cc: stable@dpdk.org