From: Kevin Traynor <ktraynor@redhat.com>
To: Anatoly Burakov <anatoly.burakov@intel.com>
Cc: dpdk stable <stable@dpdk.org>
Subject: [dpdk-stable] patch 'ipc: harden message receive' has been queued to LTS release 18.11.2
Date: Wed, 8 May 2019 17:02:09 +0100 [thread overview]
Message-ID: <20190508160233.2648-12-ktraynor@redhat.com> (raw)
In-Reply-To: <20190508160233.2648-1-ktraynor@redhat.com>
Hi,
FYI, your patch has been queued to LTS release 18.11.2
Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 05/14/19. So please
shout if anyone has objections.
Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.
Queued patches are on a temporary branch at:
https://github.com/kevintraynor/dpdk-stable-queue
This queued commit can be viewed at:
https://github.com/kevintraynor/dpdk-stable-queue/commit/fdadfbdec8696c4fb632f0b3427c1c71a41b62fa
Thanks.
Kevin Traynor
---
From fdadfbdec8696c4fb632f0b3427c1c71a41b62fa Mon Sep 17 00:00:00 2001
From: Anatoly Burakov <anatoly.burakov@intel.com>
Date: Mon, 29 Apr 2019 15:22:50 +0100
Subject: [PATCH] ipc: harden message receive
[ upstream commit 7b51d1b162914e37bcc511a11efcfbabb44b2eb3 ]
Currently, IPC does not check received messages for invalid data
and passes them to user code unchanged. This may result in buffer
overruns on reading message data. Fix this by checking the message
length and fd number on receive, and discard any messages that
are not valid.
Fixes: bacaa2754017 ("eal: add channel for multi-process communication")
Signed-off-by: Anatoly Burakov <anatoly.burakov@intel.com>
---
lib/librte_eal/common/eal_common_proc.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/lib/librte_eal/common/eal_common_proc.c b/lib/librte_eal/common/eal_common_proc.c
index 8586474a2..6ffd47686 100644
--- a/lib/librte_eal/common/eal_common_proc.c
+++ b/lib/librte_eal/common/eal_common_proc.c
@@ -286,5 +286,13 @@ read_msg(struct mp_msg_internal *m, struct sockaddr_un *s)
}
}
-
+ /* sanity-check the response */
+ if (m->msg.num_fds < 0 || m->msg.num_fds > RTE_MP_MAX_FD_NUM) {
+ RTE_LOG(ERR, EAL, "invalid number of fd's received\n");
+ return -1;
+ }
+ if (m->msg.len_param < 0 || m->msg.len_param > RTE_MP_MAX_PARAM_LEN) {
+ RTE_LOG(ERR, EAL, "invalid received data length\n");
+ return -1;
+ }
return 0;
}
--
2.20.1
---
Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- - 2019-05-08 16:33:58.092526158 +0100
+++ 0012-ipc-harden-message-receive.patch 2019-05-08 16:33:57.366579622 +0100
@@ -1 +1 @@
-From 7b51d1b162914e37bcc511a11efcfbabb44b2eb3 Mon Sep 17 00:00:00 2001
+From fdadfbdec8696c4fb632f0b3427c1c71a41b62fa Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit 7b51d1b162914e37bcc511a11efcfbabb44b2eb3 ]
+
@@ -13 +14,0 @@
-Cc: stable@dpdk.org
next prev parent reply other threads:[~2019-05-08 16:02 UTC|newest]
Thread overview: 36+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-05-08 16:01 [dpdk-stable] patch 'raw/dpaa2_qdma: fix spin lock release' " Kevin Traynor
2019-05-08 16:01 ` [dpdk-stable] patch 'raw/ifpga: fix file descriptor leak in error path' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'doc: fix spelling reported by aspell in guides' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'doc: fix spelling reported by aspell in comments' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'examples/multi_process: fix buffer underrun' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'examples/power: fix buffer overrun' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'examples/power: fix json null termination' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'eal: fix formatting of hotplug error message' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'ipc: fix memory leak on request failure' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'net/tap: fix memory leak on IPC request' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'ipc: fix send error handling' " Kevin Traynor
2019-05-08 16:02 ` Kevin Traynor [this message]
2019-05-08 16:02 ` [dpdk-stable] patch 'ipc: handle more invalid parameter cases' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'event/dsw: fix capability flags' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'net/mlx5: fix comments mixing Rx and Tx' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'doc: fix interactive commands in testpmd guide' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'app/testpmd: fix help info for interactive commands' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'net/ring: fix coding style' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'net/ring: avoid hard-coded length' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'net/ring: use calloc style where appropriate' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'net/ring: check length of ring name' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'net/ring: fix return value check' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'net/kni: " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'app/testpmd: fix unintentional integer overflow' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'net/i40e: fix queue number check' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'test/bonding: fix MAC assignment for re-run' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'net/i40e: fix link speed for X722' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'net/mlx5: check Tx queue size overflow' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'net/mlx5: fix max number of queues for NEON Tx' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'net/tap: fix potential IPC buffer overrun' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'net/vmxnet3: add VLAN filter capability' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'net/netvsc: reset mbuf port on VF Rx' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'test: clean remaining trace of devargs autotest' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'eventdev: update references to removed function' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'hash: fix doc about thread/process safety' " Kevin Traynor
2019-05-08 16:02 ` [dpdk-stable] patch 'doc: fix broken link in LPM guide' " Kevin Traynor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190508160233.2648-12-ktraynor@redhat.com \
--to=ktraynor@redhat.com \
--cc=anatoly.burakov@intel.com \
--cc=stable@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).