DPDK patches and discussions
 help / color / mirror / Atom feed
From: Bruce Richardson <bruce.richardson@intel.com>
To: ZY Qiu <quzeyao@gmail.com>
Cc: Thomas Monjalon <thomas@monjalon.net>,
	Ferruh Yigit <ferruh.yigit@intel.com>,
	Andrew Rybchenko <arybchenko@solarflare.com>,
	dev@dpdk.org, ZY Qiu <tgw_team@tencent.com>
Subject: Re: [dpdk-dev] [PATCH v2] rte_ethdev: safer memory access by calling Rx callback
Date: Thu, 5 Mar 2020 09:19:52 +0000
Message-ID: <20200305091952.GA289@bricha3-MOBL.ger.corp.intel.com> (raw)
In-Reply-To: <20200304173349.26459-1-tgw_team@tencent.com>

On Thu, Mar 05, 2020 at 01:33:49AM +0800, ZY Qiu wrote:
> When compiling with -O0,
> the compiler does not optimize two memory accesses into one.
> Leads to accessing a null pointer when queue post Rx burst callback
> removal while traffic is running.
> See rte_eth_tx_burst function.
> 
> Signed-off-by: ZY Qiu <tgw_team@tencent.com>
> ---
>  lib/librte_ethdev/rte_ethdev.h | 6 ++----
>  1 file changed, 2 insertions(+), 4 deletions(-)
> 
> diff --git a/lib/librte_ethdev/rte_ethdev.h b/lib/librte_ethdev/rte_ethdev.h
> index d1a593ad1..35eb580ff 100644
> --- a/lib/librte_ethdev/rte_ethdev.h
> +++ b/lib/librte_ethdev/rte_ethdev.h
> @@ -4388,10 +4388,8 @@ rte_eth_rx_burst(uint16_t port_id, uint16_t queue_id,
>  				     rx_pkts, nb_pkts);
>  
>  #ifdef RTE_ETHDEV_RXTX_CALLBACKS
> -	if (unlikely(dev->post_rx_burst_cbs[queue_id] != NULL)) {
> -		struct rte_eth_rxtx_callback *cb =
> -				dev->post_rx_burst_cbs[queue_id];
> -
> +	struct rte_eth_rxtx_callback *cb = dev->post_rx_burst_cbs[queue_id];
> +	if (unlikely(cb != NULL)) {
>  		do {
>  			nb_rx = cb->fn.rx(port_id, queue_id, rx_pkts, nb_rx,
>  						nb_pkts, cb->param);
> -- 
> 2.17.1
While I don't have an issue with this fix, can you explain as to why this is a
problem that needs to be fixed? Normally TOCTOU issues are flagged and
fixed for external resources e.g. files, that can be modified between check
and use, but this is just referencing internal data in the program itself,
so I'm wondering what the risk is? From a security viewpoint if an attacker
can modify the function pointers in our code, is it not already "game over"
for keeping the running program safe?

/Bruce

  parent reply	other threads:[~2020-03-05  9:20 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-03-04 14:05 [dpdk-dev] [PATCH] rte_ethdev: fix unsafe memory access by calling RX callback Tencent TGW team
2020-03-04 14:16 ` Andrew Rybchenko
     [not found]   ` <61a6b7d5533643d692c40dc0ab1a2cdc@tencent.com>
2020-03-04 16:26     ` tgw_team(腾讯网关团队)
2020-03-04 16:15 ` Stephen Hemminger
2020-03-04 16:38   ` [dpdk-dev] [PATCH] rte_ethdev: fix unsafe memory access by calling RX callback.(Internet mail) tgw_team(腾讯网关团队)
2020-03-04 17:37     ` Stephen Hemminger
2020-03-04 17:44       ` [dpdk-dev] [PATCH] rte_ethdev: fix unsafe memory access by calling RX callback tgw_team(腾讯网关团队)
2020-03-04 17:33 ` [dpdk-dev] [PATCH v2] rte_ethdev: safer memory access by calling Rx callback ZY Qiu
2020-03-04 17:56   ` Stephen Hemminger
2020-03-04 18:31     ` tgw_team(腾讯网关团队)
2020-03-05  9:19   ` Bruce Richardson [this message]
2020-03-05 11:27     ` Ananyev, Konstantin
2020-03-05 14:23       ` tgw_team(腾讯网关团队)
2020-03-05 14:47       ` Liang, Ma
2020-03-05 15:19         ` Ananyev, Konstantin
2020-03-05 15:42           ` Liang, Ma
2020-03-05 16:47   ` [dpdk-dev] [PATCH v3] rte_ethdev: safer memory access by calling Rx/Tx callback ZY Qiu
2020-03-05 17:23     ` Jerin Jacob
2020-03-11 12:22     ` Ananyev, Konstantin
2020-03-11 12:26       ` Jerin Jacob
2020-10-01 15:14         ` Ferruh Yigit

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200305091952.GA289@bricha3-MOBL.ger.corp.intel.com \
    --to=bruce.richardson@intel.com \
    --cc=arybchenko@solarflare.com \
    --cc=dev@dpdk.org \
    --cc=ferruh.yigit@intel.com \
    --cc=quzeyao@gmail.com \
    --cc=tgw_team@tencent.com \
    --cc=thomas@monjalon.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

DPDK patches and discussions

This inbox may be cloned and mirrored by anyone:

	git clone --mirror https://inbox.dpdk.org/dev/0 dev/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 dev dev/ https://inbox.dpdk.org/dev \
		dev@dpdk.org
	public-inbox-index dev

Example config snippet for mirrors.
Newsgroup available over NNTP:
	nntp://inbox.dpdk.org/inbox.dpdk.dev


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git