From: Bruce Richardson <bruce.richardson@intel.com>
To: ZY Qiu <quzeyao@gmail.com>
Cc: Thomas Monjalon <thomas@monjalon.net>,
Ferruh Yigit <ferruh.yigit@intel.com>,
Andrew Rybchenko <arybchenko@solarflare.com>,
dev@dpdk.org, ZY Qiu <tgw_team@tencent.com>
Subject: Re: [dpdk-dev] [PATCH v2] rte_ethdev: safer memory access by calling Rx callback
Date: Thu, 5 Mar 2020 09:19:52 +0000 [thread overview]
Message-ID: <20200305091952.GA289@bricha3-MOBL.ger.corp.intel.com> (raw)
In-Reply-To: <20200304173349.26459-1-tgw_team@tencent.com>
On Thu, Mar 05, 2020 at 01:33:49AM +0800, ZY Qiu wrote:
> When compiling with -O0,
> the compiler does not optimize two memory accesses into one.
> Leads to accessing a null pointer when queue post Rx burst callback
> removal while traffic is running.
> See rte_eth_tx_burst function.
>
> Signed-off-by: ZY Qiu <tgw_team@tencent.com>
> ---
> lib/librte_ethdev/rte_ethdev.h | 6 ++----
> 1 file changed, 2 insertions(+), 4 deletions(-)
>
> diff --git a/lib/librte_ethdev/rte_ethdev.h b/lib/librte_ethdev/rte_ethdev.h
> index d1a593ad1..35eb580ff 100644
> --- a/lib/librte_ethdev/rte_ethdev.h
> +++ b/lib/librte_ethdev/rte_ethdev.h
> @@ -4388,10 +4388,8 @@ rte_eth_rx_burst(uint16_t port_id, uint16_t queue_id,
> rx_pkts, nb_pkts);
>
> #ifdef RTE_ETHDEV_RXTX_CALLBACKS
> - if (unlikely(dev->post_rx_burst_cbs[queue_id] != NULL)) {
> - struct rte_eth_rxtx_callback *cb =
> - dev->post_rx_burst_cbs[queue_id];
> -
> + struct rte_eth_rxtx_callback *cb = dev->post_rx_burst_cbs[queue_id];
> + if (unlikely(cb != NULL)) {
> do {
> nb_rx = cb->fn.rx(port_id, queue_id, rx_pkts, nb_rx,
> nb_pkts, cb->param);
> --
> 2.17.1
While I don't have an issue with this fix, can you explain as to why this is a
problem that needs to be fixed? Normally TOCTOU issues are flagged and
fixed for external resources e.g. files, that can be modified between check
and use, but this is just referencing internal data in the program itself,
so I'm wondering what the risk is? From a security viewpoint if an attacker
can modify the function pointers in our code, is it not already "game over"
for keeping the running program safe?
/Bruce
next prev parent reply other threads:[~2020-03-05 9:20 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-04 14:05 [dpdk-dev] [PATCH] rte_ethdev: fix unsafe memory access by calling RX callback Tencent TGW team
2020-03-04 14:16 ` Andrew Rybchenko
[not found] ` <61a6b7d5533643d692c40dc0ab1a2cdc@tencent.com>
2020-03-04 16:26 ` tgw_team
2020-03-04 16:15 ` Stephen Hemminger
2020-03-04 16:38 ` [dpdk-dev] [PATCH] rte_ethdev: fix unsafe memory access by calling RX callback.(Internet mail) tgw_team
2020-03-04 17:37 ` Stephen Hemminger
2020-03-04 17:44 ` [dpdk-dev] [PATCH] rte_ethdev: fix unsafe memory access by calling RX callback tgw_team
2020-03-04 17:33 ` [dpdk-dev] [PATCH v2] rte_ethdev: safer memory access by calling Rx callback ZY Qiu
2020-03-04 17:56 ` Stephen Hemminger
2020-03-04 18:31 ` tgw_team
2020-03-05 9:19 ` Bruce Richardson [this message]
2020-03-05 11:27 ` Ananyev, Konstantin
2020-03-05 14:23 ` tgw_team
2020-03-05 14:47 ` Liang, Ma
2020-03-05 15:19 ` Ananyev, Konstantin
2020-03-05 15:42 ` Liang, Ma
2020-03-05 16:47 ` [dpdk-dev] [PATCH v3] rte_ethdev: safer memory access by calling Rx/Tx callback ZY Qiu
2020-03-05 17:23 ` Jerin Jacob
2020-03-11 12:22 ` Ananyev, Konstantin
2020-03-11 12:26 ` Jerin Jacob
2020-10-01 15:14 ` Ferruh Yigit
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200305091952.GA289@bricha3-MOBL.ger.corp.intel.com \
--to=bruce.richardson@intel.com \
--cc=arybchenko@solarflare.com \
--cc=dev@dpdk.org \
--cc=ferruh.yigit@intel.com \
--cc=quzeyao@gmail.com \
--cc=tgw_team@tencent.com \
--cc=thomas@monjalon.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).