From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mellanox.co.il (mail-il-dmz.mellanox.com [193.47.165.129]) by dpdk.org (Postfix) with ESMTP id 202F72B87 for ; Fri, 8 Mar 2019 18:48:53 +0100 (CET) Received: from Internal Mail-Server by MTLPINE1 (envelope-from yskoh@mellanox.com) with ESMTPS (AES256-SHA encrypted); 8 Mar 2019 19:48:49 +0200 Received: from scfae-sc-2.mti.labs.mlnx (scfae-sc-2.mti.labs.mlnx [10.101.0.96]) by labmailer.mlnx (8.13.8/8.13.8) with ESMTP id x28HloAo002625; Fri, 8 Mar 2019 19:48:48 +0200 From: Yongseok Koh To: Tiwei Bie Cc: Maxime Coquelin , dpdk stable Date: Fri, 8 Mar 2019 09:47:12 -0800 Message-Id: <20190308174749.30771-34-yskoh@mellanox.com> X-Mailer: git-send-email 2.11.0 In-Reply-To: <20190308174749.30771-1-yskoh@mellanox.com> References: <20190308174749.30771-1-yskoh@mellanox.com> Subject: [dpdk-stable] patch 'vhost: fix possible out of bound access in vector filling' has been queued to LTS release 17.11.6 X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 08 Mar 2019 17:48:53 -0000 Hi, FYI, your patch has been queued to LTS release 17.11.6 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objection by 03/13/19. So please shout if anyone has objection. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. If the code is different (ie: not only metadata diffs), due for example to a change in context or macro names, please double check it. Thanks. Yongseok --- >>From 7ea44ec66464de70eb339b39d521aa58bd35ad74 Mon Sep 17 00:00:00 2001 From: Tiwei Bie Date: Fri, 4 Jan 2019 12:06:40 +0800 Subject: [PATCH] vhost: fix possible out of bound access in vector filling [ upstream commit 06fc8545fd6302f70de9ef5008a204e467d8cedb ] Fixes: 7f74b95c444f ("vhost: pre update used ring for Tx and Rx") Signed-off-by: Tiwei Bie Reviewed-by: Maxime Coquelin --- lib/librte_vhost/virtio_net.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/lib/librte_vhost/virtio_net.c b/lib/librte_vhost/virtio_net.c index 8c0c1b4bb..3e2935992 100644 --- a/lib/librte_vhost/virtio_net.c +++ b/lib/librte_vhost/virtio_net.c @@ -569,6 +569,9 @@ fill_vec_buf(struct virtio_net *dev, struct vhost_virtqueue *vq, struct vring_desc *descs = vq->desc; struct vring_desc *idesc = NULL; + if (unlikely(idx >= vq->size)) + return -1; + *desc_chain_head = idx; if (vq->desc[idx].flags & VRING_DESC_F_INDIRECT) { -- 2.11.0 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2019-03-08 09:46:41.979464471 -0800 +++ 0034-vhost-fix-possible-out-of-bound-access-in-vector-fil.patch 2019-03-08 09:46:40.153400000 -0800 @@ -1,10 +1,11 @@ -From 06fc8545fd6302f70de9ef5008a204e467d8cedb Mon Sep 17 00:00:00 2001 +From 7ea44ec66464de70eb339b39d521aa58bd35ad74 Mon Sep 17 00:00:00 2001 From: Tiwei Bie Date: Fri, 4 Jan 2019 12:06:40 +0800 Subject: [PATCH] vhost: fix possible out of bound access in vector filling +[ upstream commit 06fc8545fd6302f70de9ef5008a204e467d8cedb ] + Fixes: 7f74b95c444f ("vhost: pre update used ring for Tx and Rx") -Cc: stable@dpdk.org Signed-off-by: Tiwei Bie Reviewed-by: Maxime Coquelin @@ -13,10 +14,10 @@ 1 file changed, 3 insertions(+) diff --git a/lib/librte_vhost/virtio_net.c b/lib/librte_vhost/virtio_net.c -index 474acf64d..d64c355b9 100644 +index 8c0c1b4bb..3e2935992 100644 --- a/lib/librte_vhost/virtio_net.c +++ b/lib/librte_vhost/virtio_net.c -@@ -312,6 +312,9 @@ fill_vec_buf_split(struct virtio_net *dev, struct vhost_virtqueue *vq, +@@ -569,6 +569,9 @@ fill_vec_buf(struct virtio_net *dev, struct vhost_virtqueue *vq, struct vring_desc *descs = vq->desc; struct vring_desc *idesc = NULL;