patches for DPDK stable branches
 help / color / mirror / Atom feed
From: Alexander Kozyrev <akozyrev@nvidia.com>
To: dev@dpdk.org
Cc: rasland@nvidia.com, viacheslavo@nvidia.com, matan@nvidia.com,
	orika@nvidia.com, stable@dpdk.org
Subject: [dpdk-stable] [PATCH v2 1/6] net/mlx5: check for a field size in modify field action
Date: Wed, 24 Mar 2021 15:04:34 +0000	[thread overview]
Message-ID: <20210324150439.9247-2-akozyrev@nvidia.com> (raw)
In-Reply-To: <20210324150439.9247-1-akozyrev@nvidia.com>

Add a validation check to make sure that the specified width
for MODIFY_FIELD RTE action is not bigger than a field size.

Fixes: 641dbe4fb0 ("net/mlx5: support modify field flow action")
Cc: stable@dpdk.org

Signed-off-by: Alexander Kozyrev <akozyrev@nvidia.com>
---
 drivers/net/mlx5/mlx5_flow_dv.c | 23 ++++++++++++++++-------
 1 file changed, 16 insertions(+), 7 deletions(-)

diff --git a/drivers/net/mlx5/mlx5_flow_dv.c b/drivers/net/mlx5/mlx5_flow_dv.c
index 23e5849783..84e1bb6892 100644
--- a/drivers/net/mlx5/mlx5_flow_dv.c
+++ b/drivers/net/mlx5/mlx5_flow_dv.c
@@ -4608,9 +4608,22 @@ flow_dv_validate_action_modify_field(const uint64_t action_flags,
 	if (ret)
 		return ret;
 
+	if (action_modify_field->width == 0)
+		return rte_flow_error_set(error, EINVAL,
+					RTE_FLOW_ERROR_TYPE_ACTION,
+					NULL,
+					"no bits are requested to be modified");
+	else if (action_modify_field->width > dst_width ||
+		 action_modify_field->width > src_width)
+		return rte_flow_error_set(error, EINVAL,
+					RTE_FLOW_ERROR_TYPE_ACTION,
+					NULL,
+					"cannot modify more bits than"
+					" the width of a field");
 	if (action_modify_field->dst.field != RTE_FLOW_FIELD_VALUE &&
 	    action_modify_field->dst.field != RTE_FLOW_FIELD_POINTER) {
-		if (action_modify_field->dst.offset >= dst_width ||
+		if ((action_modify_field->dst.offset +
+		     action_modify_field->width > dst_width) ||
 		    (action_modify_field->dst.offset % 32))
 			return rte_flow_error_set(error, EINVAL,
 						RTE_FLOW_ERROR_TYPE_ACTION,
@@ -4626,7 +4639,8 @@ flow_dv_validate_action_modify_field(const uint64_t action_flags,
 	}
 	if (action_modify_field->src.field != RTE_FLOW_FIELD_VALUE &&
 	    action_modify_field->src.field != RTE_FLOW_FIELD_POINTER) {
-		if (action_modify_field->src.offset >= src_width ||
+		if ((action_modify_field->src.offset +
+		     action_modify_field->width > src_width) ||
 		    (action_modify_field->src.offset % 32))
 			return rte_flow_error_set(error, EINVAL,
 						RTE_FLOW_ERROR_TYPE_ACTION,
@@ -4640,11 +4654,6 @@ flow_dv_validate_action_modify_field(const uint64_t action_flags,
 						NULL,
 						"cannot copy from inner headers");
 	}
-	if (action_modify_field->width == 0)
-		return rte_flow_error_set(error, EINVAL,
-						RTE_FLOW_ERROR_TYPE_ACTION,
-						NULL,
-						"width is required for modify action");
 	if (action_modify_field->dst.field ==
 	    action_modify_field->src.field)
 		return rte_flow_error_set(error, EINVAL,
-- 
2.24.1


       reply	other threads:[~2021-03-24 15:04 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20210324150439.9247-1-akozyrev@nvidia.com>
2021-03-24 15:04 ` Alexander Kozyrev [this message]
2021-03-30  7:09   ` Slava Ovsiienko
2021-03-24 15:04 ` [dpdk-stable] [PATCH v2 2/6] net/mlx5: adjust modify field action endianess Alexander Kozyrev
2021-03-30  7:09   ` Slava Ovsiienko
2021-03-24 15:04 ` [dpdk-stable] [PATCH v2 3/6] net/mlx5: check extended metadata for mark modififcation Alexander Kozyrev
2021-03-30  7:09   ` Slava Ovsiienko
2021-03-24 15:04 ` [dpdk-stable] [PATCH v2 6/6] net/mlx5: reject VXLAN ID's modifications Alexander Kozyrev
2021-03-30  7:10   ` Slava Ovsiienko

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210324150439.9247-2-akozyrev@nvidia.com \
    --to=akozyrev@nvidia.com \
    --cc=dev@dpdk.org \
    --cc=matan@nvidia.com \
    --cc=orika@nvidia.com \
    --cc=rasland@nvidia.com \
    --cc=stable@dpdk.org \
    --cc=viacheslavo@nvidia.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).