From: Kevin Traynor <ktraynor@redhat.com>
To: Haiyue Wang <haiyue.wang@intel.com>
Cc: Qi Zhang <qi.z.zhang@intel.com>, dpdk stable <stable@dpdk.org>
Subject: [dpdk-stable] patch 'net/i40e: perform basic validation on VF messages' has been queued to LTS release 18.11.1
Date: Thu, 31 Jan 2019 15:49:01 +0000 [thread overview]
Message-ID: <20190131154901.5383-53-ktraynor@redhat.com> (raw)
In-Reply-To: <20190131154901.5383-1-ktraynor@redhat.com>
Hi,
FYI, your patch has been queued to LTS release 18.11.1
Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 02/07/19. So please
shout if anyone has objections.
Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.
Thanks.
Kevin Traynor
---
>From dcbe9adfa9da50a0dbbaead6afcde112399fbc85 Mon Sep 17 00:00:00 2001
From: Haiyue Wang <haiyue.wang@intel.com>
Date: Thu, 10 Jan 2019 20:07:31 +0800
Subject: [PATCH] net/i40e: perform basic validation on VF messages
[ upstream commit cc0ed2f849e7ec14e0da69f716ce6ad784a1725a ]
Do the VF message basic validation such as OPCODE message length check,
some special OPCODE message format check, to protect the i40e PMD from
malicious VF message attack.
Fixes: 4861cde46116 ("i40e: new poll mode driver")
Signed-off-by: Haiyue Wang <haiyue.wang@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
---
drivers/net/i40e/i40e_pf.c | 25 +++++++++++++++++++++++++
1 file changed, 25 insertions(+)
diff --git a/drivers/net/i40e/i40e_pf.c b/drivers/net/i40e/i40e_pf.c
index dd3962d38..1e2d1746f 100644
--- a/drivers/net/i40e/i40e_pf.c
+++ b/drivers/net/i40e/i40e_pf.c
@@ -1233,4 +1233,5 @@ i40e_pf_host_handle_vf_msg(struct rte_eth_dev *dev,
struct rte_pmd_i40e_mb_event_param ret_param;
bool b_op = TRUE;
+ int ret;
if (vf_id > pf->vf_num - 1 || !pf->vfs) {
@@ -1247,4 +1248,28 @@ i40e_pf_host_handle_vf_msg(struct rte_eth_dev *dev,
}
+ /* perform basic checks on the msg */
+ ret = virtchnl_vc_validate_vf_msg(&vf->version, opcode, msg, msglen);
+
+ /* perform additional checks specific to this driver */
+ if (opcode == VIRTCHNL_OP_CONFIG_RSS_KEY) {
+ struct virtchnl_rss_key *vrk = (struct virtchnl_rss_key *)msg;
+
+ if (vrk->key_len != ((I40E_PFQF_HKEY_MAX_INDEX + 1) * 4))
+ ret = VIRTCHNL_ERR_PARAM;
+ } else if (opcode == VIRTCHNL_OP_CONFIG_RSS_LUT) {
+ struct virtchnl_rss_lut *vrl = (struct virtchnl_rss_lut *)msg;
+
+ if (vrl->lut_entries != ((I40E_VFQF_HLUT1_MAX_INDEX + 1) * 4))
+ ret = VIRTCHNL_ERR_PARAM;
+ }
+
+ if (ret) {
+ PMD_DRV_LOG(ERR, "Invalid message from VF %u, opcode %u, len %u",
+ vf_id, opcode, msglen);
+ i40e_pf_host_send_msg_to_vf(vf, opcode,
+ I40E_ERR_PARAM, NULL, 0);
+ return;
+ }
+
/**
* initialise structure to send to user application
--
2.19.0
---
Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- - 2019-01-31 15:44:06.972593595 +0000
+++ 0053-net-i40e-perform-basic-validation-on-VF-messages.patch 2019-01-31 15:44:05.000000000 +0000
@@ -1,14 +1,15 @@
-From cc0ed2f849e7ec14e0da69f716ce6ad784a1725a Mon Sep 17 00:00:00 2001
+From dcbe9adfa9da50a0dbbaead6afcde112399fbc85 Mon Sep 17 00:00:00 2001
From: Haiyue Wang <haiyue.wang@intel.com>
Date: Thu, 10 Jan 2019 20:07:31 +0800
Subject: [PATCH] net/i40e: perform basic validation on VF messages
+[ upstream commit cc0ed2f849e7ec14e0da69f716ce6ad784a1725a ]
+
Do the VF message basic validation such as OPCODE message length check,
some special OPCODE message format check, to protect the i40e PMD from
malicious VF message attack.
Fixes: 4861cde46116 ("i40e: new poll mode driver")
-Cc: stable@dpdk.org
Signed-off-by: Haiyue Wang <haiyue.wang@intel.com>
Acked-by: Qi Zhang <qi.z.zhang@intel.com>
@@ -17,16 +18,16 @@
1 file changed, 25 insertions(+)
diff --git a/drivers/net/i40e/i40e_pf.c b/drivers/net/i40e/i40e_pf.c
-index 092e0d3e9..d6e83e340 100644
+index dd3962d38..1e2d1746f 100644
--- a/drivers/net/i40e/i40e_pf.c
+++ b/drivers/net/i40e/i40e_pf.c
-@@ -1296,4 +1296,5 @@ i40e_pf_host_handle_vf_msg(struct rte_eth_dev *dev,
+@@ -1233,4 +1233,5 @@ i40e_pf_host_handle_vf_msg(struct rte_eth_dev *dev,
struct rte_pmd_i40e_mb_event_param ret_param;
bool b_op = TRUE;
+ int ret;
if (vf_id > pf->vf_num - 1 || !pf->vfs) {
-@@ -1310,4 +1311,28 @@ i40e_pf_host_handle_vf_msg(struct rte_eth_dev *dev,
+@@ -1247,4 +1248,28 @@ i40e_pf_host_handle_vf_msg(struct rte_eth_dev *dev,
}
+ /* perform basic checks on the msg */
prev parent reply other threads:[~2019-01-31 15:51 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-31 15:48 [dpdk-stable] patch 'net/i40e: fix get RSS conf' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'devtools: fix wrong headline lowercase for arm' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'drivers/crypto: fix PMDs memory leak' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'doc: fix AESNI_MB guide' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'compress/qat: fix returned status on overflow' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'test/crypto: fix misleading trace message' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'examples/ipsec-secgw: fix crypto-op might never get dequeued' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'examples/ipsec-secgw: fix outbound codepath for single SA' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'examples/ipsec-secgw: make local variables static' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'examples/ipsec-secgw: fix inbound SA checking' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'app/bbdev: fix return value check' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'crypto/dpaa2_sec: fix FLC address for physical mode' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'build: use static deps for pkg-config libs.private' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'build: fix variable name in dependency error message' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'devtools: fix build check for whether meson has run' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'kni: fix build on RHEL 8' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'eal: fix strdup usages in internal config' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'vfio: do not unregister callback in secondary process' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'mem: fix variable shadowing' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'mem: fix storing old policy' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'mk: fix scope of disabling AVX512F support' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'eal: fix build of external app with clang on armv8' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'net/mlx5: fix shared counter allocation logic' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'net/ixgbe: fix over using multicast table for VF' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'vhost: fix possible out of bound access in vector filling' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'vhost: fix possible dead loop " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'vhost: ensure event idx is mapped when negotiated' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'vhost/crypto: fix possible dead loop' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'vhost/crypto: fix possible out of bound access' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'net/fm10k: fix internal switch initial status' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'bus/dpaa: fix logical to physical core affine logic' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'net/dpaa: fix secondary process' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'examples/flow_filtering: fix example documentation' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'doc: fix a typo in testpmd guide' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'doc: fix a parameter name " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'app/testpmd: fix quit to stop all ports before close' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'net/bonding: fix possible null pointer reference' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'net/sfc: add missing header guard to TSO header file' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'net/sfc: discard last seen VLAN TCI if Tx packet is dropped' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'net/sfc/base: fix Tx descriptor max number check' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'net/virtio: add barrier before reading the flags' " Kevin Traynor
2019-01-31 16:02 ` Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'bus/fslmc: fix to reset portal memory before use' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'bus/fslmc: fix ring mode to use correct cache settings' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'bus/fslmc: fix to use correct physical core for logical core' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'net/dpaa2: fix bad check for not-null' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'bus/fslmc: fix to convert error msg to warning' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'bus/fslmc: fix parse method for bus devices' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'net/dpaa2: fix device init for secondary process' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'doc: fix MAC address rewrite actions in prog guide' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'net/sfc: fix typo in preprocessor check' " Kevin Traynor
2019-01-31 15:48 ` [dpdk-stable] patch 'net/tap: allow full length names' " Kevin Traynor
2019-01-31 15:49 ` [dpdk-stable] patch 'net/tap: let kernel choose tun device name' " Kevin Traynor
2019-01-31 15:49 ` Kevin Traynor [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190131154901.5383-53-ktraynor@redhat.com \
--to=ktraynor@redhat.com \
--cc=haiyue.wang@intel.com \
--cc=qi.z.zhang@intel.com \
--cc=stable@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).