From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id C0758A0548; Wed, 21 Apr 2021 08:08:58 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 865F741932; Wed, 21 Apr 2021 08:08:58 +0200 (CEST) Received: from szxga06-in.huawei.com (szxga06-in.huawei.com [45.249.212.32]) by mails.dpdk.org (Postfix) with ESMTP id 3CF9D418AA for ; Wed, 21 Apr 2021 08:08:57 +0200 (CEST) Received: from DGGEMS412-HUB.china.huawei.com (unknown [172.30.72.59]) by szxga06-in.huawei.com (SkyGuard) with ESMTP id 4FQ976311tzkkhb for ; Wed, 21 Apr 2021 14:06:58 +0800 (CST) Received: from [10.67.103.128] (10.67.103.128) by DGGEMS412-HUB.china.huawei.com (10.3.19.212) with Microsoft SMTP Server id 14.3.498.0; Wed, 21 Apr 2021 14:08:49 +0800 To: "Li, Xiaoyun" , "dev@dpdk.org" CC: "Yigit, Ferruh" , "Wu, Jingjing" References: <1618970896-37852-1-git-send-email-humin29@huawei.com> <1618970896-37852-2-git-send-email-humin29@huawei.com> From: "Min Hu (Connor)" Message-ID: <8aa81106-2d1e-8c72-4568-a6b5783277a2@huawei.com> Date: Wed, 21 Apr 2021 14:08:49 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.3.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="iso-2022-jp"; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit X-Originating-IP: [10.67.103.128] X-CFilter-Loop: Reflected Subject: Re: [dpdk-dev] [PATCH 1/2] raw/ntb: check spad user index X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" 在 2021/4/21 12:54, Li, Xiaoyun 写道: > > >> -----Original Message----- >> From: Min Hu (Connor) >> Sent: Wednesday, April 21, 2021 12:37 >> To: Li, Xiaoyun ; dev@dpdk.org >> Cc: Yigit, Ferruh ; Wu, Jingjing >> Subject: Re: [PATCH 1/2] raw/ntb: check spad user index >> >> Hi, xiaoyun, >> >> 在 2021/4/21 11:31, Li, Xiaoyun 写道: >>> Hi >>> >>>> -----Original Message----- >>>> From: Min Hu (Connor) >>>> Sent: Wednesday, April 21, 2021 10:08 >>>> To: dev@dpdk.org >>>> Cc: Yigit, Ferruh ; Li, Xiaoyun >>>> ; Wu, Jingjing >>>> Subject: [PATCH 1/2] raw/ntb: check spad user index >>>> >>>> From: Chengwen Feng >>>> >>>> This patch adds checking spad user index validity when set or get attr. >>>> >>>> Fixes: 277310027965 ("raw/ntb: introduce NTB raw device driver") >>>> Cc: stable@dpdk.org >>>> >>>> Signed-off-by: Chengwen Feng >>>> Signed-off-by: Min Hu (Connor) >>>> --- >>>> drivers/raw/ntb/ntb.c | 8 ++++++++ >>>> 1 file changed, 8 insertions(+) >>>> >>>> diff --git a/drivers/raw/ntb/ntb.c b/drivers/raw/ntb/ntb.c index >>>> 6dd213e..0f0e3f2 100644 >>>> --- a/drivers/raw/ntb/ntb.c >>>> +++ b/drivers/raw/ntb/ntb.c >>>> @@ -1080,6 +1080,10 @@ ntb_attr_set(struct rte_rawdev *dev, const >>>> char *attr_name, >>>> if (hw->ntb_ops->spad_write == NULL) >>>> return -ENOTSUP; >>>> index = atoi(&attr_name[NTB_SPAD_USER_LEN]); >>>> + if (index < 0 || index >= NTB_SPAD_USER_MAX_NUM) { >>>> + NTB_LOG(ERR, "Invalid attribute (%s)", attr_name); >>>> + return -EINVAL; >>>> + } >>> >>> It's unnecessary. The value will be checked in intel_ntb_spad_write(). There >> will be error remind in that. >>> >> Nothing to do with intel_ntb_spad_write. If index is no checked, >> hw->spad_user_list[index] may be be out of memory and result in >> segmentation default. > > Are you using this driver externally? Or you just check everything in DPDK. > This is actually only used for ntb example in file trans mode. And only 0 and 1 are used for index. > Well, I just reviewed codes and found this bug. >> >> >>>> (*hw->ntb_ops->spad_write)(dev, hw->spad_user_list[index], >>>> 1, attr_value); >>>> NTB_LOG(DEBUG, "Set attribute (%s) Value (%" PRIu64 ")", @@ >>>> -1174,6 +1178,10 @@ ntb_attr_get(struct rte_rawdev *dev, const char >>>> *attr_name, >>>> if (hw->ntb_ops->spad_read == NULL) >>>> return -ENOTSUP; >>>> index = atoi(&attr_name[NTB_SPAD_USER_LEN]); >>>> + if (index < 0 || index >= NTB_SPAD_USER_MAX_NUM) { >>>> + NTB_LOG(ERR, "Attribute (%s) out of range", >>>> attr_name); >>>> + return -EINVAL; >>>> + } >>> >>> Same as above. >>> >>>> *attr_value = (*hw->ntb_ops->spad_read)(dev, >>>> hw->spad_user_list[index], 0); >>>> NTB_LOG(DEBUG, "Attribute (%s) Value (%" PRIu64 ")", >>>> -- >>>> 2.7.4 >>> >>> . >>> > . >