Re: [dpdk-dev] [dpdk-stable] [PATCH 2/2] net/bonding: avoid the next active slave going out of bound

DPDK patches and discussions
 help / color / mirror / Atom feed

From: Ferruh Yigit <ferruh.yigit@intel.com>
To: "Parthasarathy, JananeeX M" <jananeex.m.parthasarathy@intel.com>,
	Chas Williams <3chas3@gmail.com>,
	Hyong Youb Kim <hyonkim@cisco.com>,
	"Doherty, Declan" <declan.doherty@intel.com>,
	Chas Williams <chas3@att.com>
Cc: "dev@dpdk.org" <dev@dpdk.org>,
	"stable@dpdk.org" <stable@dpdk.org>,
	"Vemula, Hari KumarX" <hari.kumarx.vemula@intel.com>,
	"Pattan, Reshma" <reshma.pattan@intel.com>
Subject: Re: [dpdk-dev] [dpdk-stable] [PATCH 2/2] net/bonding: avoid the next active slave going out of bound
Date: Wed, 20 Feb 2019 16:28:59 +0000	[thread overview]
Message-ID: <f50ed185-ebbf-84ad-967c-57ae429744ad@intel.com> (raw)
In-Reply-To: <81ccbfb1-44a1-2a7a-4ff0-08382557f66e@intel.com>

On 2/18/2019 3:25 PM, Ferruh Yigit wrote:
> On 2/11/2019 10:25 AM, Parthasarathy, JananeeX M wrote:
>> Hi
>>
>>> -----Original Message-----
>>> From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Chas Williams
>>> Sent: Saturday, February 09, 2019 6:47 PM
>>> To: Hyong Youb Kim <hyonkim@cisco.com>; Yigit, Ferruh
>>> <ferruh.yigit@intel.com>; Doherty, Declan <declan.doherty@intel.com>; Chas
>>> Williams <chas3@att.com>
>>> Cc: dev@dpdk.org; stable@dpdk.org
>>> Subject: Re: [dpdk-dev] [PATCH 2/2] net/bonding: avoid the next active slave
>>> going out of bound
>>>
>>>
>>>
>>> On 1/10/19 5:22 AM, Hyong Youb Kim wrote:
>>>> For bonding modes like broadcast that use bond_ethdev_rx_burst(), it
>>>> is fairly easy to produce a crash simply by bringing a slave port's
>>>> link down. When slave links go down, the driver on one thread reduces
>>>> active_slave_count via the LSC callback and deactivate_slave(). At the
>>>> same time, bond_ethdev_rx_burst() running on a forwarding thread may
>>>> increment active_slave (next active slave) beyond active_slave_count.
>>>> Here is a typical sequence of events.
>>>>
>>>> At time 0:
>>>> active_slave_count = 3
>>>> active_slave = 2
>>>>
>>>> At time 1:
>>>> A slave link goes down.
>>>> Thread 0 (main) reduces active_slave_count to 2.
>>>>
>>>> At time 2:
>>>> Thread 1 (forwarding) executes bond_ethdev_rx_burst().
>>>> - Reads active_slave_count = 2.
>>>> - Increments active_slave at the end to 3.
>>>>
>>>>  From this point on, everytime bond_ethdev_rx_burst() runs,
>>>> active_slave increments by one, eventually going well out of bound of
>>>> the active_slaves array and causing a crash.
>>>>
>>>> Make the rx burst function to first check that active_slave is within
>>>> bound. If not, reset it to 0 to avoid out-of-range array access.
>>>>
>>>> Fixes: e1110e977648 ("net/bonding: fix Rx slave fairness")
>>>> Cc: stable@dpdk.org
>>>>
>>>> Signed-off-by: Hyong Youb Kim <hyonkim@cisco.com>
>>>
>>> Acked-by: Chas Williams <chas3@att.com>
>>>
>>>> ---
>>>>   drivers/net/bonding/rte_eth_bond_pmd.c | 14 ++++++++++++++
>>>>   1 file changed, 14 insertions(+)
>>>>
>>>> diff --git a/drivers/net/bonding/rte_eth_bond_pmd.c
>>>> b/drivers/net/bonding/rte_eth_bond_pmd.c
>>>> index daf2440cd..bc2405e54 100644
>>>> --- a/drivers/net/bonding/rte_eth_bond_pmd.c
>>>> +++ b/drivers/net/bonding/rte_eth_bond_pmd.c
>>>> @@ -68,6 +68,15 @@ bond_ethdev_rx_burst(void *queue, struct rte_mbuf
>>> **bufs, uint16_t nb_pkts)
>>>>   	internals = bd_rx_q->dev_private;
>>>>   	slave_count = internals->active_slave_count;
>>>>   	active_slave = internals->active_slave;
>>>> +	/*
>>>> +	 * Reset the active slave index, in case active_slave goes out
>>>> +	 * of bound.  It can hapen when slave links go down, and
>>>> +	 * another thread (LSC callback) shrinks the slave count.
>>>> +	 */
>>>> +	if (active_slave >= slave_count) {
>>>> +		internals->active_slave = 0;
>>>> +		active_slave = 0;
>>>> +	}
>>
>> Instead of introducing new conditions again at the top of functions, it would be better to check greater than, equal to >= instead of the equal to  in below condition.
>> if (++internals->active_slave == slave_count)
>>                 internals->active_slave = 0;
>>
>> Thereby we can reduce the multiple if conditions and still ensure internals->active_slave points to correct index always.
>>
>>>>
>>>>   	for (i = 0; i < slave_count && nb_pkts; i++) {
>>>>   		uint16_t num_rx_slave;
>>>> @@ -273,6 +282,11 @@ bond_ethdev_rx_burst_8023ad_fast_queue(void
>>> *queue, struct rte_mbuf **bufs,
>>>>   	active_slave = internals->active_slave;
>>>>   	memcpy(slaves, internals->active_slaves,
>>>>   			sizeof(internals->active_slaves[0]) * slave_count);
>>>> +	/* active_slave may go out of bound. See bond_ethdev_rx_burst() */
>>>> +	if (active_slave >= slave_count) {
>>>> +		internals->active_slave = 0;
>>>> +		active_slave = 0;
>>>> +	}
>>
>> Same as above comment would be better.
>>>>
>>>>   	for (i = 0; i < slave_count && nb_pkts; i++) {
>>>>   		uint16_t num_rx_slave;
>>>>
>>
>> It would be better to check the internals->active_slave during deactivate_slave() as well in rte_eth_bond_api.c.
>> Since slave counts would be decremented during de-activation and resetting here appropriately would be better.
>>
>> Regards
>> M.P.Jananee
> 
> 
> I don't see this comment on the patchwork, can you double check if your comment
> hit the mailing list?

For record, this patch superseded by:
https://patches.dpdk.org/patch/50346/

     prev parent reply	other threads:[~2019-02-20 16:29 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-01-10 10:22 [dpdk-dev] [PATCH 0/2] net/bonding: a couple minor fixes Hyong Youb Kim
2019-01-10 10:22 ` [dpdk-dev] [PATCH 1/2] net/bonding: do not set promisc on non-existent primary port Hyong Youb Kim
2019-02-09 13:16   ` Chas Williams
2019-02-21 14:38     ` Ferruh Yigit
2019-01-10 10:22 ` [dpdk-dev] [PATCH 2/2] net/bonding: avoid the next active slave going out of bound Hyong Youb Kim
2019-02-09 13:17   ` Chas Williams
     [not found]     ` <7AE31235A30B41498D1C31348DC858BD5B5329AB@IRSMSX103.ger.corp.intel.com>
2019-02-18 15:25       ` Ferruh Yigit
2019-02-20 16:28         ` Ferruh Yigit [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=f50ed185-ebbf-84ad-967c-57ae429744ad@intel.com \
    --to=ferruh.yigit@intel.com \
    --cc=3chas3@gmail.com \
    --cc=chas3@att.com \
    --cc=declan.doherty@intel.com \
    --cc=dev@dpdk.org \
    --cc=hari.kumarx.vemula@intel.com \
    --cc=hyonkim@cisco.com \
    --cc=jananeex.m.parthasarathy@intel.com \
    --cc=reshma.pattan@intel.com \
    --cc=stable@dpdk.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).