From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id DCEFEA054A for ; Tue, 25 Oct 2022 17:08:10 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id D9ADA42C34; Tue, 25 Oct 2022 17:08:10 +0200 (CEST) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mails.dpdk.org (Postfix) with ESMTP id 4406F42C1D for ; Tue, 25 Oct 2022 17:08:09 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1666710488; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=PFCHFdxdKW/l5aW87I9PZH64xTktx0jv7j+rvCZa3iM=; b=DdeI3h959hxGZX3O77N+x2vbagJqJB+Wku1MdsQ9iBtUV85+DQNVbU55w/sAeqcpaovVpU ugPeZAlzoSg1KcjRxpkOq2DZ+S4v2E8D5jCGcZ04mWreBW/z/Fw7iLaG+t81AV50TsLDiT idlGNghXb73GIGQGj42GXqoSbQEOnMw= Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-414-Zpi97_LNOtuHj90mBHEOKA-1; Tue, 25 Oct 2022 11:08:06 -0400 X-MC-Unique: Zpi97_LNOtuHj90mBHEOKA-1 Received: from smtp.corp.redhat.com (int-mx09.intmail.prod.int.rdu2.redhat.com [10.11.54.9]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 76AB4185A7AD; Tue, 25 Oct 2022 15:08:05 +0000 (UTC) Received: from rh.redhat.com (unknown [10.39.192.13]) by smtp.corp.redhat.com (Postfix) with ESMTP id 39DFE4A9268; Tue, 25 Oct 2022 15:08:04 +0000 (UTC) From: Kevin Traynor To: Yunjian Wang Cc: Lei Ji , Min Hu , dpdk stable Subject: patch 'net/bonding: fix array overflow in Rx burst' has been queued to stable release 21.11.3 Date: Tue, 25 Oct 2022 16:06:00 +0100 Message-Id: <20221025150734.142189-5-ktraynor@redhat.com> In-Reply-To: <20221025150734.142189-1-ktraynor@redhat.com> References: <20221025150734.142189-1-ktraynor@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.9 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII"; x-default=true X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Hi, FYI, your patch has been queued to stable release 21.11.3 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 11/01/22. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. This will indicate if there was any rebasing needed to apply to the stable branch. If there were code changes for rebasing (ie: not only metadata diffs), please double check that the rebase was correctly done. Queued patches are on a temporary branch at: https://github.com/kevintraynor/dpdk-stable This queued commit can be viewed at: https://github.com/kevintraynor/dpdk-stable/commit/371746d80f4d19f5938d71ab69735103c06ae28b Thanks. Kevin --- >From 371746d80f4d19f5938d71ab69735103c06ae28b Mon Sep 17 00:00:00 2001 From: Yunjian Wang Date: Mon, 18 Jul 2022 21:08:44 +0800 Subject: [PATCH] net/bonding: fix array overflow in Rx burst [ upstream commit 007c5450dfa094f7e07ebee3610bcb3494ef842c ] In bond_ethdev_rx_burst() function, we check the validity of the 'active_slave' as this code: if (++active_slave == slave_count) active_slave = 0; However, the value of 'active_slave' maybe equal to 'slave_count', when a slave is down. This is wrong and it can cause buffer overflow. This patch fixes the issue by using '>=' instead of '=='. Fixes: e1110e977648 ("net/bonding: fix Rx slave fairness") Signed-off-by: Lei Ji Signed-off-by: Yunjian Wang Acked-by: Min Hu (Connor) --- drivers/net/bonding/rte_eth_bond_pmd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/bonding/rte_eth_bond_pmd.c b/drivers/net/bonding/rte_eth_bond_pmd.c index 9b3acde46c..6f739cf247 100644 --- a/drivers/net/bonding/rte_eth_bond_pmd.c +++ b/drivers/net/bonding/rte_eth_bond_pmd.c @@ -83,5 +83,5 @@ bond_ethdev_rx_burst(void *queue, struct rte_mbuf **bufs, uint16_t nb_pkts) num_rx_total += num_rx_slave; nb_pkts -= num_rx_slave; - if (++active_slave == slave_count) + if (++active_slave >= slave_count) active_slave = 0; } -- 2.37.3 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2022-10-25 14:18:58.703320719 +0100 +++ 0005-net-bonding-fix-array-overflow-in-Rx-burst.patch 2022-10-25 14:18:58.355797891 +0100 @@ -1 +1 @@ -From 007c5450dfa094f7e07ebee3610bcb3494ef842c Mon Sep 17 00:00:00 2001 +From 371746d80f4d19f5938d71ab69735103c06ae28b Mon Sep 17 00:00:00 2001 @@ -5,0 +6,2 @@ +[ upstream commit 007c5450dfa094f7e07ebee3610bcb3494ef842c ] + @@ -15 +16,0 @@ -Cc: stable@dpdk.org @@ -25 +26 @@ -index cd80a0af46..02c96f697d 100644 +index 9b3acde46c..6f739cf247 100644