DPDK patches and discussions
 help / color / mirror / Atom feed
* [dpdk-dev] [PATCH] net/memif: fix invalid unix domain address length
@ 2019-10-22 16:08 Jakub Grajciar
  2019-10-22 16:32 ` Ferruh Yigit
                   ` (2 more replies)
  0 siblings, 3 replies; 8+ messages in thread
From: Jakub Grajciar @ 2019-10-22 16:08 UTC (permalink / raw)
  To: dev; +Cc: Jakub Grajciar, stephen

Define MEMIF_SOCKET_UN_SIZE to size of unix domain socket address.
Report error in case of longer path.

Fixes: b923866c6974 ("net/memif: allow for full key size in socket name")
Cc: stephen@networkplumber.org

Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
---
 doc/guides/nics/memif.rst         |  2 +-
 drivers/net/memif/memif_socket.c  | 27 +++++++++++----------------
 drivers/net/memif/memif_socket.h  |  6 ++++--
 drivers/net/memif/rte_eth_memif.c |  5 +++++
 4 files changed, 21 insertions(+), 19 deletions(-)

diff --git a/doc/guides/nics/memif.rst b/doc/guides/nics/memif.rst
index de2d481eb..9a568455e 100644
--- a/doc/guides/nics/memif.rst
+++ b/doc/guides/nics/memif.rst
@@ -42,7 +42,7 @@ client.
    "role=master", "Set memif role", "slave", "master|slave"
    "bsize=1024", "Size of single packet buffer", "2048", "uint16_t"
    "rsize=11", "Log2 of ring size. If rsize is 10, actual ring size is 1024", "10", "1-14"
-   "socket=/tmp/memif.sock", "Socket filename", "/tmp/memif.sock", "string len 256"
+   "socket=/tmp/memif.sock", "Socket filename", "/tmp/memif.sock", "string len 108"
    "mac=01:23:45:ab:cd:ef", "Mac address", "01:ab:23:cd:45:ef", ""
    "secret=abc123", "Secret is an optional security option, which if specified, must be matched by peer", "", "string len 24"
    "zero-copy=yes", "Enable/disable zero-copy slave mode", "no", "yes|no"
diff --git a/drivers/net/memif/memif_socket.c b/drivers/net/memif/memif_socket.c
index 0c71f6c45..4efa68e1a 100644
--- a/drivers/net/memif/memif_socket.c
+++ b/drivers/net/memif/memif_socket.c
@@ -7,7 +7,6 @@
 #include <unistd.h>
 #include <sys/types.h>
 #include <sys/socket.h>
-#include <sys/un.h>
 #include <sys/ioctl.h>
 #include <errno.h>
 
@@ -860,16 +859,12 @@ memif_listener_handler(void *arg)
 		rte_free(cc);
 }
 
-#define MEMIF_SOCKET_UN_SIZE	\
-	(offsetof(struct sockaddr_un, sun_path) + MEMIF_SOCKET_KEY_LEN)
-
 static struct memif_socket *
 memif_socket_create(struct pmd_internals *pmd,
 		    const char *key, uint8_t listener)
 {
 	struct memif_socket *sock;
-	struct sockaddr_un *un;
-	char un_buf[MEMIF_SOCKET_UN_SIZE];
+	struct sockaddr_un un;
 	int sockfd;
 	int ret;
 	int on = 1;
@@ -881,7 +876,7 @@ memif_socket_create(struct pmd_internals *pmd,
 	}
 
 	sock->listener = listener;
-	strlcpy(sock->filename, key, MEMIF_SOCKET_KEY_LEN);
+	strlcpy(sock->filename, key, MEMIF_SOCKET_UN_SIZE);
 	TAILQ_INIT(&sock->dev_queue);
 
 	if (listener != 0) {
@@ -889,18 +884,18 @@ memif_socket_create(struct pmd_internals *pmd,
 		if (sockfd < 0)
 			goto error;
 
-		memset(un_buf, 0, sizeof(un_buf));
-		un = (struct sockaddr_un *)un_buf;
-		un->sun_family = AF_UNIX;
-		strlcpy(un->sun_path, sock->filename, MEMIF_SOCKET_KEY_LEN);
+		un.sun_family = AF_UNIX;
+		strlcpy(un.sun_path, sock->filename, MEMIF_SOCKET_UN_SIZE);
 
 		ret = setsockopt(sockfd, SOL_SOCKET, SO_PASSCRED, &on,
 				 sizeof(on));
 		if (ret < 0)
 			goto error;
-		ret = bind(sockfd, (struct sockaddr *)un, MEMIF_SOCKET_UN_SIZE);
+
+		ret = bind(sockfd, (struct sockaddr *)&un, sizeof(un));
 		if (ret < 0)
 			goto error;
+
 		ret = listen(sockfd, 1);
 		if (ret < 0)
 			goto error;
@@ -940,7 +935,7 @@ memif_create_socket_hash(void)
 
 	params.name = MEMIF_SOCKET_HASH_NAME;
 	params.entries = 256;
-	params.key_len = MEMIF_SOCKET_KEY_LEN;
+	params.key_len = MEMIF_SOCKET_UN_SIZE;
 	params.hash_func = rte_jhash;
 	params.hash_func_init_val = 0;
 	return rte_hash_create(&params);
@@ -955,7 +950,7 @@ memif_socket_init(struct rte_eth_dev *dev, const char *socket_filename)
 	struct pmd_internals *tmp_pmd;
 	struct rte_hash *hash;
 	int ret;
-	char key[MEMIF_SOCKET_KEY_LEN];
+	char key[MEMIF_SOCKET_UN_SIZE];
 
 	hash = rte_hash_find_existing(MEMIF_SOCKET_HASH_NAME);
 	if (hash == NULL) {
@@ -966,8 +961,8 @@ memif_socket_init(struct rte_eth_dev *dev, const char *socket_filename)
 		}
 	}
 
-	memset(key, 0, MEMIF_SOCKET_KEY_LEN);
-	strlcpy(key, socket_filename, MEMIF_SOCKET_KEY_LEN);
+	memset(key, 0, MEMIF_SOCKET_UN_SIZE);
+	strlcpy(key, socket_filename, MEMIF_SOCKET_UN_SIZE);
 	ret = rte_hash_lookup_data(hash, key, (void **)&socket);
 	if (ret < 0) {
 		socket = memif_socket_create(pmd, key,
diff --git a/drivers/net/memif/memif_socket.h b/drivers/net/memif/memif_socket.h
index 9f40f8d13..5c49ec24e 100644
--- a/drivers/net/memif/memif_socket.h
+++ b/drivers/net/memif/memif_socket.h
@@ -6,6 +6,7 @@
 #define _MEMIF_SOCKET_H_
 
 #include <sys/queue.h>
+#include <sys/un.h>
 
 /**
  * Remove device from socket device list. If no device is left on the socket,
@@ -79,11 +80,12 @@ struct memif_socket_dev_list_elt {
 };
 
 #define MEMIF_SOCKET_HASH_NAME			"memif-sh"
-#define MEMIF_SOCKET_KEY_LEN		256
+#define MEMIF_SOCKET_UN_SIZE	\
+	(sizeof(struct sockaddr_un) - offsetof(struct sockaddr_un, sun_path))
 
 struct memif_socket {
 	struct rte_intr_handle intr_handle;	/**< interrupt handle */
-	char filename[MEMIF_SOCKET_KEY_LEN];	/**< socket filename */
+	char filename[MEMIF_SOCKET_UN_SIZE];	/**< socket filename */
 
 	TAILQ_HEAD(, memif_socket_dev_list_elt) dev_queue;
 	/**< Queue of devices using this socket */
diff --git a/drivers/net/memif/rte_eth_memif.c b/drivers/net/memif/rte_eth_memif.c
index a347e27bd..995c11dfe 100644
--- a/drivers/net/memif/rte_eth_memif.c
+++ b/drivers/net/memif/rte_eth_memif.c
@@ -1192,6 +1192,11 @@ memif_check_socket_filename(const char *filename)
 	uint32_t idx;
 	int ret = 0;
 
+  if (strlen(filename) != MEMIF_SOCKET_UN_SIZE) {
+		MIF_LOG(ERR, "Unix socket address too long (max 108).");
+		return -1;
+	}
+
 	tmp = strrchr(filename, '/');
 	if (tmp != NULL) {
 		idx = tmp - filename;
-- 
2.17.1


^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [dpdk-dev] [PATCH] net/memif: fix invalid unix domain address length
  2019-10-22 16:08 [dpdk-dev] [PATCH] net/memif: fix invalid unix domain address length Jakub Grajciar
@ 2019-10-22 16:32 ` Ferruh Yigit
  2019-10-22 16:35   ` Jakub Grajciar -X (jgrajcia - PANTHEON TECHNOLOGIES at Cisco)
  2019-10-22 16:37 ` Stephen Hemminger
  2019-10-23  8:07 ` [dpdk-dev] [PATCH v2] " Jakub Grajciar
  2 siblings, 1 reply; 8+ messages in thread
From: Ferruh Yigit @ 2019-10-22 16:32 UTC (permalink / raw)
  To: Jakub Grajciar, dev; +Cc: stephen

On 10/22/2019 5:08 PM, Jakub Grajciar wrote:
> Define MEMIF_SOCKET_UN_SIZE to size of unix domain socket address.
> Report error in case of longer path.
> 
> Fixes: b923866c6974 ("net/memif: allow for full key size in socket name")
> Cc: stephen@networkplumber.org
> 
> Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>

<...>

> +  if (strlen(filename) != MEMIF_SOCKET_UN_SIZE) {
> +		MIF_LOG(ERR, "Unix socket address too long (max 108).");
> +		return -1;
> +	}

Are you sure about this check, I didn't test it but intention looks like ">=".

btw, it is possible to print 'MEMIF_SOCKET_UN_SIZE' as max value, instead of
hardcoded '108'.

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [dpdk-dev] [PATCH] net/memif: fix invalid unix domain address length
  2019-10-22 16:32 ` Ferruh Yigit
@ 2019-10-22 16:35   ` Jakub Grajciar -X (jgrajcia - PANTHEON TECHNOLOGIES at Cisco)
  0 siblings, 0 replies; 8+ messages in thread
From: Jakub Grajciar -X (jgrajcia - PANTHEON TECHNOLOGIES at Cisco) @ 2019-10-22 16:35 UTC (permalink / raw)
  To: Ferruh Yigit, dev; +Cc: stephen



> -----Original Message-----
> From: Ferruh Yigit <ferruh.yigit@intel.com>
> Sent: Tuesday, October 22, 2019 6:33 PM
> To: Jakub Grajciar -X (jgrajcia - PANTHEON TECHNOLOGIES at Cisco)
> <jgrajcia@cisco.com>; dev@dpdk.org
> Cc: stephen@networkplumber.org
> Subject: Re: [dpdk-dev] [PATCH] net/memif: fix invalid unix domain address
> length
> 
> On 10/22/2019 5:08 PM, Jakub Grajciar wrote:
> > Define MEMIF_SOCKET_UN_SIZE to size of unix domain socket address.
> > Report error in case of longer path.
> >
> > Fixes: b923866c6974 ("net/memif: allow for full key size in socket
> > name")
> > Cc: stephen@networkplumber.org
> >
> > Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
> 
> <...>
> 
> > +  if (strlen(filename) != MEMIF_SOCKET_UN_SIZE) {
> > +		MIF_LOG(ERR, "Unix socket address too long (max 108).");
> > +		return -1;
> > +	}
> 
> Are you sure about this check, I didn't test it but intention looks like ">=".

Thanks, I'll fix that in next version.

> 
> btw, it is possible to print 'MEMIF_SOCKET_UN_SIZE' as max value, instead of
> hardcoded '108'.

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [dpdk-dev] [PATCH] net/memif: fix invalid unix domain address length
  2019-10-22 16:08 [dpdk-dev] [PATCH] net/memif: fix invalid unix domain address length Jakub Grajciar
  2019-10-22 16:32 ` Ferruh Yigit
@ 2019-10-22 16:37 ` Stephen Hemminger
  2019-10-22 16:50   ` Jakub Grajciar -X (jgrajcia - PANTHEON TECHNOLOGIES at Cisco)
  2019-10-23  8:07 ` [dpdk-dev] [PATCH v2] " Jakub Grajciar
  2 siblings, 1 reply; 8+ messages in thread
From: Stephen Hemminger @ 2019-10-22 16:37 UTC (permalink / raw)
  To: Jakub Grajciar; +Cc: dev

On Tue, 22 Oct 2019 18:08:29 +0200
Jakub Grajciar <jgrajcia@cisco.com> wrote:

> Cc: stephen@networkplumber.org
> 
> Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
> ---
>  doc/guides/nics/memif.rst         |  2 +-
>  drivers/net/memif/memif_socket.c  | 27 +++++++++++----------------
>  drivers/net/memif/memif_socket.h  |  6 ++++--
>  drivers/net/memif/rte_eth_memif.c |  5 +++++
>  4 files changed, 21 insertions(+), 19 deletions(-)
> 
> diff --git a/doc/guides/nics/memif.rst b/doc/guides/nics/memif.rst
> index de2d481eb..9a568455e 100644
> --- a/doc/guides/nics/memif.rst
> +++ b/doc/guides/nics/memif.rst
> @@ -42,7 +42,7 @@ client.
>     "role=master", "Set memif role", "slave", "master|slave"
>     "bsize=1024", "Size of single packet buffer", "2048", "uint16_t"
>     "rsize=11", "Log2 of ring size. If rsize is 10, actual ring size is 1024", "10", "1-14"
> -   "socket=/tmp/memif.sock", "Socket filename", "/tmp/memif.sock", "string len 256"
> +   "socket=/tmp/memif.sock", "Socket filename", "/tmp/memif.sock", "string len 108"
>     "mac=01:23:45:ab:cd:ef", "Mac address", "01:ab:23:cd:45:ef", ""
>     "secret=abc123", "Secret is an optional security option, which if specified, must be matched by peer", "", "string len 24"
>     "zero-copy=yes", "Enable/disable zero-copy slave mode", "no", "yes|no"
> diff --git a/drivers/net/memif/memif_socket.c b/drivers/net/memif/memif_socket.c
> index 0c71f6c45..4efa68e1a 100644
> --- a/drivers/net/memif/memif_socket.c
> +++ b/drivers/net/memif/memif_socket.c
> @@ -7,7 +7,6 @@
>  #include <unistd.h>
>  #include <sys/types.h>
>  #include <sys/socket.h>
> -#include <sys/un.h>
>  #include <sys/ioctl.h>
>  #include <errno.h>
>  
> @@ -860,16 +859,12 @@ memif_listener_handler(void *arg)
>  		rte_free(cc);
>  }
>  
> -#define MEMIF_SOCKET_UN_SIZE	\
> -	(offsetof(struct sockaddr_un, sun_path) + MEMIF_SOCKET_KEY_LEN)
> -
>  static struct memif_socket *
>  memif_socket_create(struct pmd_internals *pmd,
>  		    const char *key, uint8_t listener)
>  {
>  	struct memif_socket *sock;
> -	struct sockaddr_un *un;
> -	char un_buf[MEMIF_SOCKET_UN_SIZE];
> +	struct sockaddr_un un;
>  	int sockfd;
>  	int ret;
>  	int on = 1;
> @@ -881,7 +876,7 @@ memif_socket_create(struct pmd_internals *pmd,
>  	}
>  
>  	sock->listener = listener;
> -	strlcpy(sock->filename, key, MEMIF_SOCKET_KEY_LEN);
> +	strlcpy(sock->filename, key, MEMIF_SOCKET_UN_SIZE);
>  	TAILQ_INIT(&sock->dev_queue);
>  
>  	if (listener != 0) {
> @@ -889,18 +884,18 @@ memif_socket_create(struct pmd_internals *pmd,
>  		if (sockfd < 0)
>  			goto error;
>  
> -		memset(un_buf, 0, sizeof(un_buf));
> -		un = (struct sockaddr_un *)un_buf;
> -		un->sun_family = AF_UNIX;
> -		strlcpy(un->sun_path, sock->filename, MEMIF_SOCKET_KEY_LEN);
> +		un.sun_family = AF_UNIX;
> +		strlcpy(un.sun_path, sock->filename, MEMIF_SOCKET_UN_SIZE);


Why does this not use abstract unix domain socket naming?
That would be much less error prone, because then the socket would disappear
when all applications using it are closed.


^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [dpdk-dev] [PATCH] net/memif: fix invalid unix domain address length
  2019-10-22 16:37 ` Stephen Hemminger
@ 2019-10-22 16:50   ` Jakub Grajciar -X (jgrajcia - PANTHEON TECHNOLOGIES at Cisco)
  2019-10-22 17:37     ` Stephen Hemminger
  0 siblings, 1 reply; 8+ messages in thread
From: Jakub Grajciar -X (jgrajcia - PANTHEON TECHNOLOGIES at Cisco) @ 2019-10-22 16:50 UTC (permalink / raw)
  To: Stephen Hemminger; +Cc: dev

> Why does this not use abstract unix domain socket naming?
> That would be much less error prone, because then the socket would
> disappear when all applications using it are closed.

How would that work with containers? I'll consider that for a new patch, maybe it could be optional?


^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [dpdk-dev] [PATCH] net/memif: fix invalid unix domain address length
  2019-10-22 16:50   ` Jakub Grajciar -X (jgrajcia - PANTHEON TECHNOLOGIES at Cisco)
@ 2019-10-22 17:37     ` Stephen Hemminger
  0 siblings, 0 replies; 8+ messages in thread
From: Stephen Hemminger @ 2019-10-22 17:37 UTC (permalink / raw)
  To: Jakub Grajciar -X (jgrajcia - PANTHEON TECHNOLOGIES at Cisco); +Cc: dev

On Tue, 22 Oct 2019 16:50:40 +0000
"Jakub Grajciar -X (jgrajcia - PANTHEON TECHNOLOGIES at Cisco)" <jgrajcia@cisco.com> wrote:

> > Why does this not use abstract unix domain socket naming?
> > That would be much less error prone, because then the socket would
> > disappear when all applications using it are closed.  
> 
> How would that work with containers? I'll consider that for a new patch, maybe it could be optional?
> 

Not sure, if they interact with fs namespaces (remember there really is no such
thing as containers). From unix(7)

   Abstract sockets
       Socket permissions have no meaning for abstract  sockets:  the  process
       umask(2)  has  no  effect when binding an abstract socket, and changing
       the ownership and permissions of the object  (via  fchown(2)  and  fch‐
       mod(2)) has no effect on the accessibility of the socket.

       Abstract  sockets  automatically  disappear when all open references to
       the socket are closed.

       The abstract socket namespace is a nonportable Linux extension.

Also pathname length restrictions are only because of the sizeof default sockaddr_un struct.
Kernel will accept bigger lengths if passed a bigger sockaddr.

^ permalink raw reply	[flat|nested] 8+ messages in thread

* [dpdk-dev] [PATCH v2] net/memif: fix invalid unix domain address length
  2019-10-22 16:08 [dpdk-dev] [PATCH] net/memif: fix invalid unix domain address length Jakub Grajciar
  2019-10-22 16:32 ` Ferruh Yigit
  2019-10-22 16:37 ` Stephen Hemminger
@ 2019-10-23  8:07 ` Jakub Grajciar
  2019-10-23 17:42   ` Ferruh Yigit
  2 siblings, 1 reply; 8+ messages in thread
From: Jakub Grajciar @ 2019-10-23  8:07 UTC (permalink / raw)
  To: dev; +Cc: Jakub Grajciar, stephen

Define MEMIF_SOCKET_UN_SIZE to size of unix domain socket address.
Report error in case of longer path.

Fixes: b923866c6974 ("net/memif: allow for full key size in socket name")
Cc: stephen@networkplumber.org

Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>
---
 doc/guides/nics/memif.rst         |  2 +-
 drivers/net/memif/memif_socket.c  | 27 +++++++++++----------------
 drivers/net/memif/memif_socket.h  |  6 ++++--
 drivers/net/memif/rte_eth_memif.c |  5 +++++
 4 files changed, 21 insertions(+), 19 deletions(-)

v2:
- fix coding style
- fix socket path length check

diff --git a/doc/guides/nics/memif.rst b/doc/guides/nics/memif.rst
index de2d481eb..9a568455e 100644
--- a/doc/guides/nics/memif.rst
+++ b/doc/guides/nics/memif.rst
@@ -42,7 +42,7 @@ client.
    "role=master", "Set memif role", "slave", "master|slave"
    "bsize=1024", "Size of single packet buffer", "2048", "uint16_t"
    "rsize=11", "Log2 of ring size. If rsize is 10, actual ring size is 1024", "10", "1-14"
-   "socket=/tmp/memif.sock", "Socket filename", "/tmp/memif.sock", "string len 256"
+   "socket=/tmp/memif.sock", "Socket filename", "/tmp/memif.sock", "string len 108"
    "mac=01:23:45:ab:cd:ef", "Mac address", "01:ab:23:cd:45:ef", ""
    "secret=abc123", "Secret is an optional security option, which if specified, must be matched by peer", "", "string len 24"
    "zero-copy=yes", "Enable/disable zero-copy slave mode", "no", "yes|no"
diff --git a/drivers/net/memif/memif_socket.c b/drivers/net/memif/memif_socket.c
index 0c71f6c45..4efa68e1a 100644
--- a/drivers/net/memif/memif_socket.c
+++ b/drivers/net/memif/memif_socket.c
@@ -7,7 +7,6 @@
 #include <unistd.h>
 #include <sys/types.h>
 #include <sys/socket.h>
-#include <sys/un.h>
 #include <sys/ioctl.h>
 #include <errno.h>

@@ -860,16 +859,12 @@ memif_listener_handler(void *arg)
 		rte_free(cc);
 }

-#define MEMIF_SOCKET_UN_SIZE	\
-	(offsetof(struct sockaddr_un, sun_path) + MEMIF_SOCKET_KEY_LEN)
-
 static struct memif_socket *
 memif_socket_create(struct pmd_internals *pmd,
 		    const char *key, uint8_t listener)
 {
 	struct memif_socket *sock;
-	struct sockaddr_un *un;
-	char un_buf[MEMIF_SOCKET_UN_SIZE];
+	struct sockaddr_un un;
 	int sockfd;
 	int ret;
 	int on = 1;
@@ -881,7 +876,7 @@ memif_socket_create(struct pmd_internals *pmd,
 	}

 	sock->listener = listener;
-	strlcpy(sock->filename, key, MEMIF_SOCKET_KEY_LEN);
+	strlcpy(sock->filename, key, MEMIF_SOCKET_UN_SIZE);
 	TAILQ_INIT(&sock->dev_queue);

 	if (listener != 0) {
@@ -889,18 +884,18 @@ memif_socket_create(struct pmd_internals *pmd,
 		if (sockfd < 0)
 			goto error;

-		memset(un_buf, 0, sizeof(un_buf));
-		un = (struct sockaddr_un *)un_buf;
-		un->sun_family = AF_UNIX;
-		strlcpy(un->sun_path, sock->filename, MEMIF_SOCKET_KEY_LEN);
+		un.sun_family = AF_UNIX;
+		strlcpy(un.sun_path, sock->filename, MEMIF_SOCKET_UN_SIZE);

 		ret = setsockopt(sockfd, SOL_SOCKET, SO_PASSCRED, &on,
 				 sizeof(on));
 		if (ret < 0)
 			goto error;
-		ret = bind(sockfd, (struct sockaddr *)un, MEMIF_SOCKET_UN_SIZE);
+
+		ret = bind(sockfd, (struct sockaddr *)&un, sizeof(un));
 		if (ret < 0)
 			goto error;
+
 		ret = listen(sockfd, 1);
 		if (ret < 0)
 			goto error;
@@ -940,7 +935,7 @@ memif_create_socket_hash(void)

 	params.name = MEMIF_SOCKET_HASH_NAME;
 	params.entries = 256;
-	params.key_len = MEMIF_SOCKET_KEY_LEN;
+	params.key_len = MEMIF_SOCKET_UN_SIZE;
 	params.hash_func = rte_jhash;
 	params.hash_func_init_val = 0;
 	return rte_hash_create(&params);
@@ -955,7 +950,7 @@ memif_socket_init(struct rte_eth_dev *dev, const char *socket_filename)
 	struct pmd_internals *tmp_pmd;
 	struct rte_hash *hash;
 	int ret;
-	char key[MEMIF_SOCKET_KEY_LEN];
+	char key[MEMIF_SOCKET_UN_SIZE];

 	hash = rte_hash_find_existing(MEMIF_SOCKET_HASH_NAME);
 	if (hash == NULL) {
@@ -966,8 +961,8 @@ memif_socket_init(struct rte_eth_dev *dev, const char *socket_filename)
 		}
 	}

-	memset(key, 0, MEMIF_SOCKET_KEY_LEN);
-	strlcpy(key, socket_filename, MEMIF_SOCKET_KEY_LEN);
+	memset(key, 0, MEMIF_SOCKET_UN_SIZE);
+	strlcpy(key, socket_filename, MEMIF_SOCKET_UN_SIZE);
 	ret = rte_hash_lookup_data(hash, key, (void **)&socket);
 	if (ret < 0) {
 		socket = memif_socket_create(pmd, key,
diff --git a/drivers/net/memif/memif_socket.h b/drivers/net/memif/memif_socket.h
index 9f40f8d13..5c49ec24e 100644
--- a/drivers/net/memif/memif_socket.h
+++ b/drivers/net/memif/memif_socket.h
@@ -6,6 +6,7 @@
 #define _MEMIF_SOCKET_H_

 #include <sys/queue.h>
+#include <sys/un.h>

 /**
  * Remove device from socket device list. If no device is left on the socket,
@@ -79,11 +80,12 @@ struct memif_socket_dev_list_elt {
 };

 #define MEMIF_SOCKET_HASH_NAME			"memif-sh"
-#define MEMIF_SOCKET_KEY_LEN		256
+#define MEMIF_SOCKET_UN_SIZE	\
+	(sizeof(struct sockaddr_un) - offsetof(struct sockaddr_un, sun_path))

 struct memif_socket {
 	struct rte_intr_handle intr_handle;	/**< interrupt handle */
-	char filename[MEMIF_SOCKET_KEY_LEN];	/**< socket filename */
+	char filename[MEMIF_SOCKET_UN_SIZE];	/**< socket filename */

 	TAILQ_HEAD(, memif_socket_dev_list_elt) dev_queue;
 	/**< Queue of devices using this socket */
diff --git a/drivers/net/memif/rte_eth_memif.c b/drivers/net/memif/rte_eth_memif.c
index a347e27bd..d52db91ed 100644
--- a/drivers/net/memif/rte_eth_memif.c
+++ b/drivers/net/memif/rte_eth_memif.c
@@ -1192,6 +1192,11 @@ memif_check_socket_filename(const char *filename)
 	uint32_t idx;
 	int ret = 0;

+	if (strlen(filename) >= MEMIF_SOCKET_UN_SIZE) {
+		MIF_LOG(ERR, "Unix socket address too long (max 108).");
+		return -1;
+	}
+
 	tmp = strrchr(filename, '/');
 	if (tmp != NULL) {
 		idx = tmp - filename;
--
2.17.1

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: [dpdk-dev] [PATCH v2] net/memif: fix invalid unix domain address length
  2019-10-23  8:07 ` [dpdk-dev] [PATCH v2] " Jakub Grajciar
@ 2019-10-23 17:42   ` Ferruh Yigit
  0 siblings, 0 replies; 8+ messages in thread
From: Ferruh Yigit @ 2019-10-23 17:42 UTC (permalink / raw)
  To: Jakub Grajciar, dev; +Cc: stephen

On 10/23/2019 9:07 AM, Jakub Grajciar wrote:
> Define MEMIF_SOCKET_UN_SIZE to size of unix domain socket address.
> Report error in case of longer path.
> 
> Fixes: b923866c6974 ("net/memif: allow for full key size in socket name")
> Cc: stephen@networkplumber.org
> 
> Signed-off-by: Jakub Grajciar <jgrajcia@cisco.com>

Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>

Applied to dpdk-next-net/master, thanks.

^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, other threads:[~2019-10-23 17:42 UTC | newest]

Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-10-22 16:08 [dpdk-dev] [PATCH] net/memif: fix invalid unix domain address length Jakub Grajciar
2019-10-22 16:32 ` Ferruh Yigit
2019-10-22 16:35   ` Jakub Grajciar -X (jgrajcia - PANTHEON TECHNOLOGIES at Cisco)
2019-10-22 16:37 ` Stephen Hemminger
2019-10-22 16:50   ` Jakub Grajciar -X (jgrajcia - PANTHEON TECHNOLOGIES at Cisco)
2019-10-22 17:37     ` Stephen Hemminger
2019-10-23  8:07 ` [dpdk-dev] [PATCH v2] " Jakub Grajciar
2019-10-23 17:42   ` Ferruh Yigit

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).