From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <tomaszx.kulasek@intel.com>
Received: from mga03.intel.com (mga03.intel.com [134.134.136.65])
 by dpdk.org (Postfix) with ESMTP id 9BAD811D4
 for <dev@dpdk.org>; Thu, 21 Apr 2016 16:44:07 +0200 (CEST)
Received: from orsmga002.jf.intel.com ([10.7.209.21])
 by orsmga103.jf.intel.com with ESMTP; 21 Apr 2016 07:44:06 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.24,513,1455004800"; d="scan'208";a="959859659"
Received: from irsmsx110.ger.corp.intel.com ([163.33.3.25])
 by orsmga002.jf.intel.com with ESMTP; 21 Apr 2016 07:44:05 -0700
Received: from irsmsx102.ger.corp.intel.com ([169.254.2.72]) by
 irsmsx110.ger.corp.intel.com ([169.254.15.10]) with mapi id 14.03.0248.002;
 Thu, 21 Apr 2016 15:44:03 +0100
From: "Kulasek, TomaszX" <tomaszx.kulasek@intel.com>
To: "Richardson, Bruce" <bruce.richardson@intel.com>
CC: "dev@dpdk.org" <dev@dpdk.org>, "Zhang, Helin" <helin.zhang@intel.com>,
 "Ananyev, Konstantin" <konstantin.ananyev@intel.com>
Thread-Topic: [dpdk-dev] [PATCH] ixgbe: fix bad shift operation in
 ixgbe_set_pool_rx
Thread-Index: AQHRm9TyweL1Banu9U+iDc6ZbVe6JJ+UdkRA
Date: Thu, 21 Apr 2016 14:44:03 +0000
Message-ID: <3042915272161B4EB253DA4D77EB373A14E992E8@IRSMSX102.ger.corp.intel.com>
References: <1460727549-4380-1-git-send-email-tomaszx.kulasek@intel.com>
 <20160421135134.GA15304@bricha3-MOBL3>
In-Reply-To: <20160421135134.GA15304@bricha3-MOBL3>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [163.33.239.182]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [dpdk-dev] [PATCH] ixgbe: fix bad shift operation in
 ixgbe_set_pool_rx
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: patches and discussions about DPDK <dev.dpdk.org>
List-Unsubscribe: <http://dpdk.org/ml/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://dpdk.org/ml/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <http://dpdk.org/ml/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Apr 2016 14:44:08 -0000



> -----Original Message-----
> From: Richardson, Bruce
> Sent: Thursday, April 21, 2016 15:52
> To: Kulasek, TomaszX <tomaszx.kulasek@intel.com>
> Cc: dev@dpdk.org; Zhang, Helin <helin.zhang@intel.com>; Ananyev,
> Konstantin <konstantin.ananyev@intel.com>
> Subject: Re: [dpdk-dev] [PATCH] ixgbe: fix bad shift operation in
> ixgbe_set_pool_rx
>=20
> On Fri, Apr 15, 2016 at 03:39:09PM +0200, Tomasz Kulasek wrote:
> > CID 13193 (#1 of 1): Bad bit shift operation (BAD_SHIFT)
> > large_shift: In expression 1 << pool, left shifting by more than 31
> > bits has undefined behavior. The shift amount, pool, is at least 32.
> >
> > This patch limits mask shift to be in range of 32 bit PFVFRE[1]
> > register, for pool > 31.
> >
> > Fixes: fe3a45fd4104 ("ixgbe: add VMDq support")
> >
> > Signed-off-by: Tomasz Kulasek <tomaszx.kulasek@intel.com>
> > ---
> >  drivers/net/ixgbe/ixgbe_ethdev.c |    2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/drivers/net/ixgbe/ixgbe_ethdev.c
> > b/drivers/net/ixgbe/ixgbe_ethdev.c
> > index 3f1ebc1..f676a64 100644
> > --- a/drivers/net/ixgbe/ixgbe_ethdev.c
> > +++ b/drivers/net/ixgbe/ixgbe_ethdev.c
> > @@ -4401,7 +4401,7 @@ ixgbe_set_pool_rx(struct rte_eth_dev *dev,
> > uint16_t pool, uint8_t on)
> >
> >  	addr =3D IXGBE_VFRE(pool >=3D ETH_64_POOLS/2);

For pool in 0..31 PFVFRE[0] is used, for pool in 32..63, PFVFRE[1], but for=
 second case, we set/unset (pool-32) bit in the register. Invalid value if =
pool > 63, but catching it doesn't solve a problem of possible overflow for=
 pool > 31.

> >  	reg =3D IXGBE_READ_REG(hw, addr);
> > -	val =3D bit1 << pool;

Previous implementation expects that for shift operation will be used rol o=
n 32 bit value, and the bits that slide off the end of the register are fed=
 back into the spaces, eg. (bit1 << 33) =3D=3D (bit1 << 1).
Pool value can be bigger than 31, and this is not an error while pool is sm=
aller than 64.

Truncating pool value is clearer for me, than relay on obscure shift operat=
ion.

> > +	val =3D bit1 << (pool & 0x01F);
> >
> Are we sure this is the correct way to fix this. Rather than silently
> truncating the pool value, are we not better to check our input parameter=
s
> and return EINVAL to the caller if pool overflows?
>=20
> /Bruce

Tomasz