DPDK patches and discussions
 help / color / mirror / Atom feed
From: Stephen Hemminger <stephen@networkplumber.org>
To: "Morten Brørup" <mb@smartsharesystems.com>
Cc: julien_dpdk@jaube.fr, jerinjacobk@gmail.com, dev@dpdk.org,
	rmody@marvell.com, shshaikh@marvell.com, palok@marvell.com
Subject: Re: [PATCH v9] net/bnx2x: fix warnings about rte_memcpy lengths
Date: Mon, 26 Feb 2024 13:45:49 -0800	[thread overview]
Message-ID: <20240226134549.55138a24@hermes.local> (raw)
In-Reply-To: <20240223140056.130844-1-mb@smartsharesystems.com>

On Fri, 23 Feb 2024 15:00:56 +0100
Morten Brørup <mb@smartsharesystems.com> wrote:

> Bugfix: The vlan in the bulletin does not contain a VLAN header, only the
> VLAN ID, so only copy 2 byte, not 4. The target structure has padding
> after the field, so copying 2 byte too many is effectively harmless.
> There is no need to backport this patch.
> 
> Use RTE_PTR_ADD where copying arrays to the offset of a first field in a
> structure holding multiple fields, to avoid compiler warnings with
> decorated rte_memcpy.
> 
> Bugzilla ID: 1146
> 
> Fixes: 540a211084a7695a1c7bc43068934c140d6989be ("bnx2x: driver core")
> Cc: stephen@networkplumber.org
> Cc: rmody@marvell.com
> Cc: shshaikh@marvell.com
> Cc: palok@marvell.com
> 
> Signed-off-by: Morten Brørup <mb@smartsharesystems.com>
> Acked-by: Devendra Singh Rawat <dsinghrawat@marvell.com>
> ---
> v9:
> * Fix checkpatch warning about spaces.
> v8:
> * Use memcpy instead of rte_memcpy in slow path. (Stephen Hemminger)
> v7:
> * No changes.
> v6:
> * Add Fixes to patch description.
> * Fix checkpatch warnings.
> v5:
> * No changes.
> v4:
> * Type casting did not fix the warnings, so use RTE_PTR_ADD instead.
> v3:
> * First patch in series.
> ---
>  drivers/net/bnx2x/bnx2x_stats.c | 14 ++++++++------
>  drivers/net/bnx2x/bnx2x_vfpf.c  | 14 +++++++-------
>  2 files changed, 15 insertions(+), 13 deletions(-)
> 
> diff --git a/drivers/net/bnx2x/bnx2x_stats.c b/drivers/net/bnx2x/bnx2x_stats.c
> index c07b01510a..8105375d44 100644
> --- a/drivers/net/bnx2x/bnx2x_stats.c
> +++ b/drivers/net/bnx2x/bnx2x_stats.c
	}
>  
> @@ -817,10 +817,10 @@ bnx2x_hw_stats_update(struct bnx2x_softc *sc)
>  			  etherstatspktsover1522octets);
>      }
>  
> -    rte_memcpy(old, new, sizeof(struct nig_stats));
> +	memcpy(old, new, sizeof(struct nig_stats));

This could just be structure assignment which is type safe.

	*new = *old;

>  
> -    rte_memcpy(&(estats->rx_stat_ifhcinbadoctets_hi), &(pstats->mac_stx[1]),
> -	   sizeof(struct mac_stx));
> +	memcpy(RTE_PTR_ADD(estats, offsetof(struct bnx2x_eth_stats, rx_stat_ifhcinbadoctets_hi)),
> +			&pstats->mac_stx[1], sizeof(struct mac_stx));
>      estats->brb_drop_hi = pstats->brb_drop_hi;
>      estats->brb_drop_lo = pstats->brb_drop_lo;
>  
> @@ -1492,9 +1492,11 @@ bnx2x_stats_init(struct bnx2x_softc *sc)
>  		REG_RD(sc, NIG_REG_STAT0_BRB_TRUNCATE + port*0x38);
>  	if (!CHIP_IS_E3(sc)) {
>  		REG_RD_DMAE(sc, NIG_REG_STAT0_EGRESS_MAC_PKT0 + port*0x50,
> -				&(sc->port.old_nig_stats.egress_mac_pkt0_lo), 2);
> +				RTE_PTR_ADD(&sc->port.old_nig_stats,
> +				offsetof(struct nig_stats, egress_mac_pkt0_lo)), 2);
>  		REG_RD_DMAE(sc, NIG_REG_STAT0_EGRESS_MAC_PKT1 + port*0x50,
> -				&(sc->port.old_nig_stats.egress_mac_pkt1_lo), 2);
> +				RTE_PTR_ADD(&sc->port.old_nig_stats,
> +				offsetof(struct nig_stats, egress_mac_pkt1_lo)), 2);
>  	}
>  
>  	/* function stats */
> diff --git a/drivers/net/bnx2x/bnx2x_vfpf.c b/drivers/net/bnx2x/bnx2x_vfpf.c
> index 63953c2979..5411df3a38 100644
> --- a/drivers/net/bnx2x/bnx2x_vfpf.c
> +++ b/drivers/net/bnx2x/bnx2x_vfpf.c
> @@ -52,9 +52,9 @@ bnx2x_check_bull(struct bnx2x_softc *sc)
>  
>  	/* check the mac address and VLAN and allocate memory if valid */
>  	if (valid_bitmap & (1 << MAC_ADDR_VALID) && memcmp(bull->mac, sc->old_bulletin.mac, ETH_ALEN))
> -		rte_memcpy(&sc->link_params.mac_addr, bull->mac, ETH_ALEN);
> +		memcpy(&sc->link_params.mac_addr, bull->mac, ETH_ALEN);
>  	if (valid_bitmap & (1 << VLAN_VALID))
> -		rte_memcpy(&bull->vlan, &sc->old_bulletin.vlan, RTE_VLAN_HLEN);
> +		memcpy(&bull->vlan, &sc->old_bulletin.vlan, sizeof(bull->vlan));
>  
>  	sc->old_bulletin = *bull;
>  
> @@ -569,7 +569,7 @@ bnx2x_vf_set_mac(struct bnx2x_softc *sc, int set)
>  
>  	bnx2x_check_bull(sc);
>  
> -	rte_memcpy(query->filters[0].mac, sc->link_params.mac_addr, ETH_ALEN);
> +	memcpy(query->filters[0].mac, sc->link_params.mac_addr, ETH_ALEN);
>  
>  	bnx2x_add_tlv(sc, query, query->first_tlv.tl.length,
>  		      BNX2X_VF_TLV_LIST_END,
> @@ -583,9 +583,9 @@ bnx2x_vf_set_mac(struct bnx2x_softc *sc, int set)
>  	while (BNX2X_VF_STATUS_FAILURE == reply->status &&
>  			bnx2x_check_bull(sc)) {
>  		/* A new mac was configured by PF for us */
> -		rte_memcpy(sc->link_params.mac_addr, sc->pf2vf_bulletin->mac,
> +		memcpy(sc->link_params.mac_addr, sc->pf2vf_bulletin->mac,
>  				ETH_ALEN);
> -		rte_memcpy(query->filters[0].mac, sc->pf2vf_bulletin->mac,
> +		memcpy(query->filters[0].mac, sc->pf2vf_bulletin->mac,
>  				ETH_ALEN);
>  
>  		rc = bnx2x_do_req4pf(sc, sc->vf2pf_mbox_mapping.paddr);
> @@ -622,10 +622,10 @@ bnx2x_vf_config_rss(struct bnx2x_softc *sc,
>  		      BNX2X_VF_TLV_LIST_END,
>  		      sizeof(struct channel_list_end_tlv));
>  
> -	rte_memcpy(query->rss_key, params->rss_key, sizeof(params->rss_key));
> +	memcpy(query->rss_key, params->rss_key, sizeof(params->rss_key));
>  	query->rss_key_size = T_ETH_RSS_KEY;
>  
> -	rte_memcpy(query->ind_table, params->ind_table, T_ETH_INDIRECTION_TABLE_SIZE);
> +	memcpy(query->ind_table, params->ind_table, T_ETH_INDIRECTION_TABLE_SIZE);
>  	query->ind_table_size = T_ETH_INDIRECTION_TABLE_SIZE;
>  
>  	query->rss_result_mask = params->rss_result_mask;

The driver is also using rte_memcpy for 2 byte values in bnx2x.c.

Another issue is the driver is using one element array as a flexible array.
A good static checker should catch this and report out of bounds access.

union bnx2x_stats_show_data {
    uint32_t op; /* ioctl sub-command */

    struct {
	uint32_t num; /* return number of stats */
	uint32_t len; /* length of each string item */
    } desc;

    /* variable length... */
    char str[1]; /* holds names of desc.num stats, each desc.len in length */

    /* variable length... */
    uint64_t stats[1]; /* holds all stats */
};



  parent reply	other threads:[~2024-02-26 21:45 UTC|newest]

Thread overview: 77+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-12-02 15:34 [PATCH] eal: add nonnull and access function attributes Morten Brørup
2022-12-02 20:02 ` Tyler Retzlaff
2022-12-03 14:22 ` [PATCH v2] " Morten Brørup
2022-12-05 10:17   ` Ruifeng Wang
2022-12-12  7:40   ` Morten Brørup
2022-12-28 10:27 ` [PATCH v3 1/2] " Morten Brørup
2022-12-28 10:27   ` [PATCH v3 2/2] net/bnx2x: fix warnings about rte_memcopy lengths Morten Brørup
2022-12-28 11:40 ` [PATCH v4 1/2] eal: add nonnull and access function attributes Morten Brørup
2022-12-28 11:40   ` [PATCH v4 2/2] net/bnx2x: fix warnings about rte_memcpy lengths Morten Brørup
2022-12-28 15:10 ` [PATCH v5 1/4] eal: add nonnull and access function attributes Morten Brørup
2022-12-28 15:10   ` [PATCH v5 2/4] net/bnx2x: fix warnings about rte_memcpy lengths Morten Brørup
2022-12-28 16:13     ` Stanisław Kardach
2022-12-28 16:38       ` Morten Brørup
2022-12-28 17:03         ` Stephen Hemminger
2022-12-28 17:37           ` Morten Brørup
2023-01-09 10:36             ` David Marchand
2022-12-28 15:10   ` [PATCH v5 3/4] event/dlb2: remove superfluous rte_memcpy Morten Brørup
2022-12-28 17:01     ` Stephen Hemminger
2022-12-28 15:10   ` [PATCH v5 4/4] net/mlx5: fix warning about rte_memcpy length Morten Brørup
2023-01-09 11:08   ` [PATCH v5 1/4] eal: add nonnull and access function attributes Thomas Monjalon
2023-01-09 12:16     ` Morten Brørup
2023-01-09 11:22   ` David Marchand
2023-01-09 12:28     ` Morten Brørup
2023-01-16 12:49     ` Morten Brørup
2023-01-16 12:44 ` [PATCH v6 1/4] net/bnx2x: fix warnings about rte_memcpy lengths Morten Brørup
2023-01-16 12:44   ` [PATCH v6 2/4] event/dlb2: remove superfluous rte_memcpy Morten Brørup
2023-01-16 12:44   ` [PATCH v6 3/4] net/mlx5: fix warning about rte_memcpy length Morten Brørup
2023-01-16 12:44   ` [PATCH v6 4/4] eal: add nonnull and access function attributes Morten Brørup
2023-01-16 13:07 ` [PATCH v7 1/4] net/bnx2x: fix warnings about rte_memcpy lengths Morten Brørup
2023-01-16 13:07   ` [PATCH v7 2/4] event/dlb2: remove superfluous rte_memcpy Morten Brørup
2023-02-09 16:51     ` Morten Brørup
2023-02-09 18:50       ` Sevincer, Abdullah
2023-02-10  7:43         ` Morten Brørup
2024-02-23 13:19           ` Jerin Jacob
2024-02-23 13:49             ` [PATCH v8] net/bnx2x: fix warnings about rte_memcpy lengths Morten Brørup
2024-02-23 14:00             ` [PATCH v9] " Morten Brørup
2024-02-26  8:34               ` Jerin Jacob
2024-02-26 14:47                 ` Morten Brørup
2024-02-27 11:00                   ` Jerin Jacob
2024-02-27 11:27                     ` Morten Brørup
2024-02-27 19:06                       ` Stephen Hemminger
2024-02-28  9:02                         ` Bruce Richardson
2024-02-28  8:27                       ` Raslan Darawsheh
2024-02-26 21:45               ` Stephen Hemminger [this message]
2023-01-16 13:07   ` [PATCH v7 3/4] net/mlx5: fix warning about rte_memcpy length Morten Brørup
2023-02-09 16:54     ` Morten Brørup
2023-02-10  9:13       ` Slava Ovsiienko
2024-03-13 10:00     ` Raslan Darawsheh
2023-01-16 13:07   ` [PATCH v7 4/4] eal: add nonnull and access function attributes Morten Brørup
2023-01-16 17:02     ` Ferruh Yigit
2023-01-17  8:19       ` Morten Brørup
2023-01-17 21:16         ` Tyler Retzlaff
2023-01-18  8:31           ` Morten Brørup
2023-01-18 17:23             ` Stephen Hemminger
2023-01-31 11:14             ` David Marchand
2023-01-31 12:23               ` Morten Brørup
2023-01-31 18:26                 ` Tyler Retzlaff
2023-01-31 22:52                   ` Thomas Monjalon
2023-02-01 12:50                     ` Morten Brørup
2023-02-01 13:15                       ` Thomas Monjalon
2023-02-06 16:11                         ` David Marchand
2023-02-06 16:49                           ` Morten Brørup
2023-02-06 17:28                             ` Tyler Retzlaff
2023-05-08 12:32                               ` Morten Brørup
2023-10-13 23:31                                 ` Morten Brørup
2023-04-04 13:41     ` Morten Brørup
2023-04-04 13:51       ` David Marchand
2023-04-04 14:01         ` Morten Brørup
2023-04-04 14:19           ` David Marchand
2023-02-09 16:49   ` [PATCH v7 1/4] net/bnx2x: fix warnings about rte_memcpy lengths Morten Brørup
2023-02-26  9:21     ` Marvell QLogic bnx2x PMD support status Morten Brørup
2023-03-09 10:25     ` [PATCH v7 1/4] net/bnx2x: fix warnings about rte_memcpy lengths David Marchand
2023-03-09 10:33       ` Thomas Monjalon
2023-03-09 16:11         ` [EXT] " Akhil Goyal
     [not found]           ` <SJ0PR18MB390039A8C34E485F8D2D518EA1B59@SJ0PR18MB3900.namprd18.prod.outlook.com>
2023-03-09 16:19             ` Devendra Singh Rawat
2023-03-09 16:23     ` Stephen Hemminger
2024-02-23 12:39       ` Jerin Jacob

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20240226134549.55138a24@hermes.local \
    --to=stephen@networkplumber.org \
    --cc=dev@dpdk.org \
    --cc=jerinjacobk@gmail.com \
    --cc=julien_dpdk@jaube.fr \
    --cc=mb@smartsharesystems.com \
    --cc=palok@marvell.com \
    --cc=rmody@marvell.com \
    --cc=shshaikh@marvell.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).