From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 76429A0C4C for ; Mon, 12 Jul 2021 15:11:35 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 708044069E; Mon, 12 Jul 2021 15:11:35 +0200 (CEST) Received: from mail-wr1-f41.google.com (mail-wr1-f41.google.com [209.85.221.41]) by mails.dpdk.org (Postfix) with ESMTP id 2276341177 for ; Mon, 12 Jul 2021 15:11:35 +0200 (CEST) Received: by mail-wr1-f41.google.com with SMTP id f9so19883169wrq.11 for ; Mon, 12 Jul 2021 06:11:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=zpfo58E4jmSW5QX7XX2qqd+YFoU7GUjmUbywcFspbNU=; b=pBeuGpSPa0Nt5+8uMcAh2vTzU9087RA8mC5v8mqCLnM5sD9HsJ9ilOwJ25ANo7aI0S Fn+MBkdwectC7iM9cRt6+zAsgQQ9YN99ju8ayzv5LSox/G8NS9OaE616bVuYnMPSgRnK so3JgbSzOkacNCn07/wkYdPSCfD1gO0eQaKahKtAYY42PMPb3loiluatZ03k04u+G+KN t5H6vI5izIZaCwHWg4Qz2UPfdgsCydzIqcBH95JNhDRhYLXubmH/ASq69SLkHWsXcuOr 3LqkJ9974exokNL/ERpe3uQv8Q9E5+38GYKCaPLCBoocR+hLvzwx3RRlWw3EdYUCyG6u AIog== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=zpfo58E4jmSW5QX7XX2qqd+YFoU7GUjmUbywcFspbNU=; b=e5E654YSdAQa29kbR888gzT+NVl+5rEL1TcjwqQDPJ61ZYynhk14mpyFaLptVwErIA dCLQrEFDOpE3YwziLFmL8YjryA/299y+dGuSIGMc3GtD4NQwDKKBdwMBd+eRNs422MKm qAPe0WSDwH0nvKhNK0dpTpXf4aPprNG9ZBd6nFKJqHK+E3TsKwcj0uat7F3p+aMYIjmw AFDAQ4Ru9TAX5X6nGpSdofXGuNazDeKNTbclZw4WQa5/6TVqBGg6zpoRxZY4pHD+iTX0 WRop71Xpasa94pI5xX6Lv47tuXFeejj1as6RzW6QdZ4d9MEdvfOBEZ3PvjxrHm4hXDJh wJ+g== X-Gm-Message-State: AOAM530DBHl/CjpxHuQ5fHUWNsXxA2bajFBfaJ5L65rU9nvxiAmg9zHF vdMlRTkfWMuY1vyFffu8rOk= X-Google-Smtp-Source: ABdhPJxVJpURIVYTwWxhknfkZ/RDij3LhO8csYsM0+pnFuPQ2OPcDqWwg+EEhEou9BFNxlIKe/06vg== X-Received: by 2002:adf:e4c3:: with SMTP id v3mr33775668wrm.362.1626095494965; Mon, 12 Jul 2021 06:11:34 -0700 (PDT) Received: from localhost ([137.220.125.106]) by smtp.gmail.com with ESMTPSA id g3sm14676053wrv.64.2021.07.12.06.11.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Jul 2021 06:11:33 -0700 (PDT) From: luca.boccassi@gmail.com To: Thierry Herbelot Cc: Maxime Coquelin , dpdk stable Date: Mon, 12 Jul 2021 14:04:25 +0100 Message-Id: <20210712130551.2462159-30-luca.boccassi@gmail.com> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20210712130551.2462159-1-luca.boccassi@gmail.com> References: <20210712130551.2462159-1-luca.boccassi@gmail.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-stable] patch 'vhost/crypto: check request pointer before dereference' has been queued to stable release 20.11.3 X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Sender: "stable" Hi, FYI, your patch has been queued to stable release 20.11.3 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 07/14/21. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. This will indicate if there was any rebasing needed to apply to the stable branch. If there were code changes for rebasing (ie: not only metadata diffs), please double check that the rebase was correctly done. Queued patches are on a temporary branch at: https://github.com/bluca/dpdk-stable This queued commit can be viewed at: https://github.com/bluca/dpdk-stable/commit/619944d20bfcded9f10779c9ee2e2008cc3da525 Thanks. Luca Boccassi --- >From 619944d20bfcded9f10779c9ee2e2008cc3da525 Mon Sep 17 00:00:00 2001 From: Thierry Herbelot Date: Mon, 24 May 2021 11:08:21 +0200 Subject: [PATCH] vhost/crypto: check request pointer before dereference [ upstream commit 9cfbe67691f02e3f66f6a6804a5ce266830e1f3f ] Use vc_req only after it was checked not to be NULL. Fixes: 2d962bb736521 ("vhost/crypto: fix possible TOCTOU attack") Signed-off-by: Thierry Herbelot Reviewed-by: Maxime Coquelin --- lib/librte_vhost/vhost_crypto.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/lib/librte_vhost/vhost_crypto.c b/lib/librte_vhost/vhost_crypto.c index 6689c52df2..926b5c0bd9 100644 --- a/lib/librte_vhost/vhost_crypto.c +++ b/lib/librte_vhost/vhost_crypto.c @@ -1337,13 +1337,15 @@ vhost_crypto_finalize_one_request(struct rte_crypto_op *op, struct rte_mbuf *m_src = op->sym->m_src; struct rte_mbuf *m_dst = op->sym->m_dst; struct vhost_crypto_data_req *vc_req = rte_mbuf_to_priv(m_src); - struct vhost_virtqueue *vq = vc_req->vq; - uint16_t used_idx = vc_req->desc_idx, desc_idx; + struct vhost_virtqueue *vq; + uint16_t used_idx, desc_idx; if (unlikely(!vc_req)) { VC_LOG_ERR("Failed to retrieve vc_req"); return NULL; } + vq = vc_req->vq; + used_idx = vc_req->desc_idx; if (old_vq && (vq != old_vq)) return vq; -- 2.30.2 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2021-07-12 13:41:38.309412367 +0100 +++ 0030-vhost-crypto-check-request-pointer-before-dereferenc.patch 2021-07-12 13:41:36.290118444 +0100 @@ -1 +1 @@ -From 9cfbe67691f02e3f66f6a6804a5ce266830e1f3f Mon Sep 17 00:00:00 2001 +From 619944d20bfcded9f10779c9ee2e2008cc3da525 Mon Sep 17 00:00:00 2001 @@ -5,0 +6,2 @@ +[ upstream commit 9cfbe67691f02e3f66f6a6804a5ce266830e1f3f ] + @@ -9 +10,0 @@ -Cc: stable@dpdk.org @@ -14 +15 @@ - lib/vhost/vhost_crypto.c | 6 ++++-- + lib/librte_vhost/vhost_crypto.c | 6 ++++-- @@ -17 +18 @@ -diff --git a/lib/vhost/vhost_crypto.c b/lib/vhost/vhost_crypto.c +diff --git a/lib/librte_vhost/vhost_crypto.c b/lib/librte_vhost/vhost_crypto.c @@ -19,2 +20,2 @@ ---- a/lib/vhost/vhost_crypto.c -+++ b/lib/vhost/vhost_crypto.c +--- a/lib/librte_vhost/vhost_crypto.c ++++ b/lib/librte_vhost/vhost_crypto.c