From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <stable-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id CE816A0C47
	for <public@inbox.dpdk.org>; Tue, 10 Aug 2021 17:40:34 +0200 (CEST)
Received: from [217.70.189.124] (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id A7AA540686;
	Tue, 10 Aug 2021 17:40:34 +0200 (CEST)
Received: from smtp-relay-canonical-0.canonical.com
 (smtp-relay-canonical-0.canonical.com [185.125.188.120])
 by mails.dpdk.org (Postfix) with ESMTP id 623694014F
 for <stable@dpdk.org>; Tue, 10 Aug 2021 17:40:33 +0200 (CEST)
Received: from mail-ej1-f69.google.com (mail-ej1-f69.google.com
 [209.85.218.69])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (No client certificate requested)
 by smtp-relay-canonical-0.canonical.com (Postfix) with ESMTPS id 76F5E3F0A1
 for <stable@dpdk.org>; Tue, 10 Aug 2021 15:40:31 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com;
 s=20210705; t=1628610031;
 bh=Bs0vf6r0T2aQd3oDWBQznM5rk9buQG6mSghA4ZHsgSk=;
 h=From:To:Cc:Subject:Date:Message-Id:MIME-Version;
 b=Hx0gr/5loyUyx+3nioJ0l3MojBFPlfJJs+up579IALr0rj+z2uAIwMvnNakQGx7Zz
 OjSMdyqIhTmzgaCNqLRZiEpQMqaNUK9V+BMY5Cvyu4zI/A/LLfkBMS2F37Iol3qXgB
 qHOyWxvP62ttASvXV1z4WGCqEFnipVnyzSy6z51wuV/W5r4hoZY1qRtSx+NbA1FaXD
 FUOWaZPKrI1woWoPc8K38Zk8hDA1MM7qifQv00A4U0hE+4CxJ/OpzvSdj+ZriluP87
 88JOEomQh2QzNaLoP16dQIFyMJ564QPVeJ3MVnxBmLXU2nrh8whMEM3bHiptPyGS97
 VmVqDKPTVY2OQ==
Received: by mail-ej1-f69.google.com with SMTP id
 q19-20020a170906b293b029058a1e75c819so5711813ejz.16
 for <stable@dpdk.org>; Tue, 10 Aug 2021 08:40:31 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=Bs0vf6r0T2aQd3oDWBQznM5rk9buQG6mSghA4ZHsgSk=;
 b=nmagYgWLtouR4+MDyenLm1deS4jZAtdEzjdfJZOgEcjQk0shqC3k28AUzSiqx8d6HS
 cRvzXALS5kTHIb+rLa5y2/SwsGnz8g76xoEDlmnREdx9U6rPXJYKJsRbaNr9sDMAHuCx
 nmuxC+J2DS8I72qsQ24c/aEmT28LxrSy2I38Tf+8m0mCYhmyeB3qNe0y0ZMxTFWJJUDh
 sPcTFVOxchUAzweKJk84ZH6ah8tk7dGWmMR49taLw5sfimZkwjJKRq0yqOjNsbb+5nzK
 e8+4VBS+FSvVHUMMF/htD+hsKSzhGDgl5xUa1Y1VOtdAkBMsDLLp2lfl5uTOx7m/yQQ+
 ZMIg==
X-Gm-Message-State: AOAM532dWqDlrYLm73DtBmjiDrdFRKbLfis/f2GOabKFqZOHtUhqPktS
 gtRBSXNijpmguvRDtbmC5NS3okjWCTpiXCOmWrGQRZFgIjLbBaj1xpuoyEpDznlsc/YDKNzz8hQ
 I2w77Mus+r9igiJ8NHWpvL/xY
X-Received: by 2002:a17:907:9604:: with SMTP id
 gb4mr28697284ejc.142.1628610031211; 
 Tue, 10 Aug 2021 08:40:31 -0700 (PDT)
X-Google-Smtp-Source: ABdhPJz9bKL4U/DADfv81lkiIGoLk3kPgdRltUGLqMoU3Yjd7FSzlPAIda3bFzFcCN8O4petYTJyDw==
X-Received: by 2002:a17:907:9604:: with SMTP id
 gb4mr28697270ejc.142.1628610031038; 
 Tue, 10 Aug 2021 08:40:31 -0700 (PDT)
Received: from Keschdeichel.fritz.box ([2001:67c:1560:8007::aac:c4ad])
 by smtp.gmail.com with ESMTPSA id b25sm9837155edv.9.2021.08.10.08.40.30
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 10 Aug 2021 08:40:30 -0700 (PDT)
From: christian.ehrhardt@canonical.com
To: Ivan Ilchenko <ivan.ilchenko@oktetlabs.ru>
Cc: Andy Moreton <amoreton@xilinx.com>,
 Andrew Rybchenko <andrew.rybchenko@oktetlabs.ru>,
 Cristian Dumitrescu <cristian.dumitrescu@intel.com>,
 dpdk stable <stable@dpdk.org>
Date: Tue, 10 Aug 2021 17:38:41 +0200
Message-Id: <20210810154022.749358-1-christian.ehrhardt@canonical.com>
X-Mailer: git-send-email 2.32.0
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Subject: [dpdk-stable] patch 'bitmap: fix buffer overrun in bitmap init' has
 been queued to stable release 19.11.10
X-BeenThere: stable@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: patches for DPDK stable branches <stable.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/stable>,
 <mailto:stable-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/stable/>
List-Post: <mailto:stable@dpdk.org>
List-Help: <mailto:stable-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/stable>,
 <mailto:stable-request@dpdk.org?subject=subscribe>
Errors-To: stable-bounces@dpdk.org
Sender: "stable" <stable-bounces@dpdk.org>

Hi,

FYI, your patch has been queued to stable release 19.11.10

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 08/12/21. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Queued patches are on a temporary branch at:
https://github.com/cpaelzer/dpdk-stable-queue

This queued commit can be viewed at:
https://github.com/cpaelzer/dpdk-stable-queue/commit/c7fc0792f6b55255d2ee1c1fecad4d0a73cab28f

Thanks.

Christian Ehrhardt <christian.ehrhardt@canonical.com>

---
>From c7fc0792f6b55255d2ee1c1fecad4d0a73cab28f Mon Sep 17 00:00:00 2001
From: Ivan Ilchenko <ivan.ilchenko@oktetlabs.ru>
Date: Wed, 2 Jun 2021 12:49:22 +0300
Subject: [PATCH] bitmap: fix buffer overrun in bitmap init

[ upstream commit 1ffd3bc1252ee871398dad227cd651658dc76939 ]

Bitmap initialization function is allowed to memset()
caller-provided buffer with number of bytes exceeded
this buffer size. This happens due to wrong comparison
sign between buffer size and number of bytes required
to initialize bitmap.

Fixes: 602c9ca33a4 ("sched: bitmap is now dynamically allocated")

Reported-by: Andy Moreton <amoreton@xilinx.com>
Signed-off-by: Ivan Ilchenko <ivan.ilchenko@oktetlabs.ru>
Reviewed-by: Andy Moreton <amoreton@xilinx.com>
Signed-off-by: Andrew Rybchenko <andrew.rybchenko@oktetlabs.ru>
Acked-by: Cristian Dumitrescu <cristian.dumitrescu@intel.com>
---
 lib/librte_eal/common/include/rte_bitmap.h | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/lib/librte_eal/common/include/rte_bitmap.h b/lib/librte_eal/common/include/rte_bitmap.h
index 6b846f251b..9f9465ab12 100644
--- a/lib/librte_eal/common/include/rte_bitmap.h
+++ b/lib/librte_eal/common/include/rte_bitmap.h
@@ -185,9 +185,8 @@ rte_bitmap_init(uint32_t n_bits, uint8_t *mem, uint32_t mem_size)
 	size = __rte_bitmap_get_memory_footprint(n_bits,
 		&array1_byte_offset, &array1_slabs,
 		&array2_byte_offset, &array2_slabs);
-	if (size < mem_size) {
+	if (size > mem_size)
 		return NULL;
-	}
 
 	/* Setup bitmap */
 	memset(mem, 0, size);
-- 
2.32.0

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2021-08-10 15:11:13.158582860 +0200
+++ 0001-bitmap-fix-buffer-overrun-in-bitmap-init.patch	2021-08-10 15:11:12.886637147 +0200
@@ -1 +1 @@
-From 1ffd3bc1252ee871398dad227cd651658dc76939 Mon Sep 17 00:00:00 2001
+From c7fc0792f6b55255d2ee1c1fecad4d0a73cab28f Mon Sep 17 00:00:00 2001
@@ -5,0 +6,2 @@
+[ upstream commit 1ffd3bc1252ee871398dad227cd651658dc76939 ]
+
@@ -13 +14,0 @@
-Cc: stable@dpdk.org
@@ -21 +22 @@
- lib/eal/include/rte_bitmap.h | 3 +--
+ lib/librte_eal/common/include/rte_bitmap.h | 3 +--
@@ -24,4 +25,4 @@
-diff --git a/lib/eal/include/rte_bitmap.h b/lib/eal/include/rte_bitmap.h
-index 9e2b8f2cbf..e4623bb176 100644
---- a/lib/eal/include/rte_bitmap.h
-+++ b/lib/eal/include/rte_bitmap.h
+diff --git a/lib/librte_eal/common/include/rte_bitmap.h b/lib/librte_eal/common/include/rte_bitmap.h
+index 6b846f251b..9f9465ab12 100644
+--- a/lib/librte_eal/common/include/rte_bitmap.h
++++ b/lib/librte_eal/common/include/rte_bitmap.h