From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 42D36A0C45 for ; Thu, 10 Jun 2021 14:08:34 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 3CEF64069B; Thu, 10 Jun 2021 14:08:34 +0200 (CEST) Received: from youngberry.canonical.com (youngberry.canonical.com [91.189.89.112]) by mails.dpdk.org (Postfix) with ESMTP id 87BB84069B for ; Thu, 10 Jun 2021 14:08:33 +0200 (CEST) Received: from 2.general.paelzer.uk.vpn ([10.172.196.173] helo=localhost.localdomain) by youngberry.canonical.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.93) (envelope-from ) id 1lrJU8-0000DX-0K; Thu, 10 Jun 2021 12:08:32 +0000 From: Christian Ehrhardt To: Andy Moreton Cc: Ivan Malov , Andrew Rybchenko , dpdk stable Date: Thu, 10 Jun 2021 14:06:38 +0200 Message-Id: <20210610120641.885862-50-christian.ehrhardt@canonical.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20210610120641.885862-1-christian.ehrhardt@canonical.com> References: <20210610120641.885862-1-christian.ehrhardt@canonical.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-stable] patch 'common/sfc_efx/base: limit reported MCDI response length' has been queued to stable release 19.11.9 X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Sender: "stable" Hi, FYI, your patch has been queued to stable release 19.11.9 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 06/12/21. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. This will indicate if there was any rebasing needed to apply to the stable branch. If there were code changes for rebasing (ie: not only metadata diffs), please double check that the rebase was correctly done. Queued patches are on a temporary branch at: https://github.com/cpaelzer/dpdk-stable-queue This queued commit can be viewed at: https://github.com/cpaelzer/dpdk-stable-queue/commit/86711365045ebac0a4db403e17cb46b653ef1db9 Thanks. Christian Ehrhardt --- >From 86711365045ebac0a4db403e17cb46b653ef1db9 Mon Sep 17 00:00:00 2001 From: Andy Moreton Date: Tue, 18 May 2021 18:10:11 +0300 Subject: [PATCH] common/sfc_efx/base: limit reported MCDI response length [ upstream commit e1c9fcab3f17b050793d1e771d33448027a15ae1 ] MCDI helper routines in libefx include length checks for response messages, to ensure that short replies and optional fields are handled correctly. If the MCDI response message from the firmware is larger than the caller's buffer then the response length reported to the caller should be limited to the buffer size. Otherwise length checks in the caller may allow reading past the end of the buffer. Fixes: 6f619653b9b1 ("net/sfc/base: import MCDI implementation") Signed-off-by: Andy Moreton Signed-off-by: Ivan Malov Reviewed-by: Andrew Rybchenko --- drivers/net/sfc/base/efx_mcdi.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/net/sfc/base/efx_mcdi.c b/drivers/net/sfc/base/efx_mcdi.c index 477b128686..db143294d9 100644 --- a/drivers/net/sfc/base/efx_mcdi.c +++ b/drivers/net/sfc/base/efx_mcdi.c @@ -495,6 +495,9 @@ efx_mcdi_finish_response( bytes = MIN(emrp->emr_out_length_used, emrp->emr_out_length); efx_mcdi_read_response(enp, emrp->emr_out_buf, resp_off, bytes); + /* Report bytes copied to caller (response message may be larger) */ + emrp->emr_out_length_used = bytes; + #if EFSYS_OPT_MCDI_LOGGING if (emtp->emt_logger != NULL) { emtp->emt_logger(emtp->emt_context, -- 2.31.1 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2021-06-10 14:05:00.416644900 +0200 +++ 0050-common-sfc_efx-base-limit-reported-MCDI-response-len.patch 2021-06-10 14:04:58.106024940 +0200 @@ -1 +1 @@ -From e1c9fcab3f17b050793d1e771d33448027a15ae1 Mon Sep 17 00:00:00 2001 +From 86711365045ebac0a4db403e17cb46b653ef1db9 Mon Sep 17 00:00:00 2001 @@ -5,0 +6,2 @@ +[ upstream commit e1c9fcab3f17b050793d1e771d33448027a15ae1 ] + @@ -16 +17,0 @@ -Cc: stable@dpdk.org @@ -22 +23 @@ - drivers/common/sfc_efx/base/efx_mcdi.c | 3 +++ + drivers/net/sfc/base/efx_mcdi.c | 3 +++ @@ -25,5 +26,5 @@ -diff --git a/drivers/common/sfc_efx/base/efx_mcdi.c b/drivers/common/sfc_efx/base/efx_mcdi.c -index ff676f8a01..f4e1384d09 100644 ---- a/drivers/common/sfc_efx/base/efx_mcdi.c -+++ b/drivers/common/sfc_efx/base/efx_mcdi.c -@@ -516,6 +516,9 @@ efx_mcdi_finish_response( +diff --git a/drivers/net/sfc/base/efx_mcdi.c b/drivers/net/sfc/base/efx_mcdi.c +index 477b128686..db143294d9 100644 +--- a/drivers/net/sfc/base/efx_mcdi.c ++++ b/drivers/net/sfc/base/efx_mcdi.c +@@ -495,6 +495,9 @@ efx_mcdi_finish_response(