From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) by dpdk.org (Postfix) with ESMTP id AC1211B148 for ; Thu, 31 Jan 2019 16:51:28 +0100 (CET) Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 0A7DC83F3F; Thu, 31 Jan 2019 15:51:28 +0000 (UTC) Received: from ktraynor.remote.csb (ovpn-117-200.ams2.redhat.com [10.36.117.200]) by smtp.corp.redhat.com (Postfix) with ESMTP id C6E6A5C26C; Thu, 31 Jan 2019 15:51:26 +0000 (UTC) From: Kevin Traynor To: Haiyue Wang Cc: Qi Zhang , dpdk stable Date: Thu, 31 Jan 2019 15:49:01 +0000 Message-Id: <20190131154901.5383-53-ktraynor@redhat.com> In-Reply-To: <20190131154901.5383-1-ktraynor@redhat.com> References: <20190131154901.5383-1-ktraynor@redhat.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Scanned-By: MIMEDefang 2.79 on 10.5.11.16 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.27]); Thu, 31 Jan 2019 15:51:28 +0000 (UTC) Subject: [dpdk-stable] patch 'net/i40e: perform basic validation on VF messages' has been queued to LTS release 18.11.1 X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Jan 2019 15:51:29 -0000 Hi, FYI, your patch has been queued to LTS release 18.11.1 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 02/07/19. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. This will indicate if there was any rebasing needed to apply to the stable branch. If there were code changes for rebasing (ie: not only metadata diffs), please double check that the rebase was correctly done. Thanks. Kevin Traynor --- >>From dcbe9adfa9da50a0dbbaead6afcde112399fbc85 Mon Sep 17 00:00:00 2001 From: Haiyue Wang Date: Thu, 10 Jan 2019 20:07:31 +0800 Subject: [PATCH] net/i40e: perform basic validation on VF messages [ upstream commit cc0ed2f849e7ec14e0da69f716ce6ad784a1725a ] Do the VF message basic validation such as OPCODE message length check, some special OPCODE message format check, to protect the i40e PMD from malicious VF message attack. Fixes: 4861cde46116 ("i40e: new poll mode driver") Signed-off-by: Haiyue Wang Acked-by: Qi Zhang --- drivers/net/i40e/i40e_pf.c | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) diff --git a/drivers/net/i40e/i40e_pf.c b/drivers/net/i40e/i40e_pf.c index dd3962d38..1e2d1746f 100644 --- a/drivers/net/i40e/i40e_pf.c +++ b/drivers/net/i40e/i40e_pf.c @@ -1233,4 +1233,5 @@ i40e_pf_host_handle_vf_msg(struct rte_eth_dev *dev, struct rte_pmd_i40e_mb_event_param ret_param; bool b_op = TRUE; + int ret; if (vf_id > pf->vf_num - 1 || !pf->vfs) { @@ -1247,4 +1248,28 @@ i40e_pf_host_handle_vf_msg(struct rte_eth_dev *dev, } + /* perform basic checks on the msg */ + ret = virtchnl_vc_validate_vf_msg(&vf->version, opcode, msg, msglen); + + /* perform additional checks specific to this driver */ + if (opcode == VIRTCHNL_OP_CONFIG_RSS_KEY) { + struct virtchnl_rss_key *vrk = (struct virtchnl_rss_key *)msg; + + if (vrk->key_len != ((I40E_PFQF_HKEY_MAX_INDEX + 1) * 4)) + ret = VIRTCHNL_ERR_PARAM; + } else if (opcode == VIRTCHNL_OP_CONFIG_RSS_LUT) { + struct virtchnl_rss_lut *vrl = (struct virtchnl_rss_lut *)msg; + + if (vrl->lut_entries != ((I40E_VFQF_HLUT1_MAX_INDEX + 1) * 4)) + ret = VIRTCHNL_ERR_PARAM; + } + + if (ret) { + PMD_DRV_LOG(ERR, "Invalid message from VF %u, opcode %u, len %u", + vf_id, opcode, msglen); + i40e_pf_host_send_msg_to_vf(vf, opcode, + I40E_ERR_PARAM, NULL, 0); + return; + } + /** * initialise structure to send to user application -- 2.19.0 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2019-01-31 15:44:06.972593595 +0000 +++ 0053-net-i40e-perform-basic-validation-on-VF-messages.patch 2019-01-31 15:44:05.000000000 +0000 @@ -1,14 +1,15 @@ -From cc0ed2f849e7ec14e0da69f716ce6ad784a1725a Mon Sep 17 00:00:00 2001 +From dcbe9adfa9da50a0dbbaead6afcde112399fbc85 Mon Sep 17 00:00:00 2001 From: Haiyue Wang Date: Thu, 10 Jan 2019 20:07:31 +0800 Subject: [PATCH] net/i40e: perform basic validation on VF messages +[ upstream commit cc0ed2f849e7ec14e0da69f716ce6ad784a1725a ] + Do the VF message basic validation such as OPCODE message length check, some special OPCODE message format check, to protect the i40e PMD from malicious VF message attack. Fixes: 4861cde46116 ("i40e: new poll mode driver") -Cc: stable@dpdk.org Signed-off-by: Haiyue Wang Acked-by: Qi Zhang @@ -17,16 +18,16 @@ 1 file changed, 25 insertions(+) diff --git a/drivers/net/i40e/i40e_pf.c b/drivers/net/i40e/i40e_pf.c -index 092e0d3e9..d6e83e340 100644 +index dd3962d38..1e2d1746f 100644 --- a/drivers/net/i40e/i40e_pf.c +++ b/drivers/net/i40e/i40e_pf.c -@@ -1296,4 +1296,5 @@ i40e_pf_host_handle_vf_msg(struct rte_eth_dev *dev, +@@ -1233,4 +1233,5 @@ i40e_pf_host_handle_vf_msg(struct rte_eth_dev *dev, struct rte_pmd_i40e_mb_event_param ret_param; bool b_op = TRUE; + int ret; if (vf_id > pf->vf_num - 1 || !pf->vfs) { -@@ -1310,4 +1311,28 @@ i40e_pf_host_handle_vf_msg(struct rte_eth_dev *dev, +@@ -1247,4 +1248,28 @@ i40e_pf_host_handle_vf_msg(struct rte_eth_dev *dev, } + /* perform basic checks on the msg */