This patch adds range-checking of the device id passed from the user app code. It prevents out-of-range array accesses which in some situations resulted in an application crash (segfault). Fixes: 72de277dd423 ("cryptodev: fix checks related to device id") Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com> --- lib/librte_cryptodev/rte_cryptodev.c | 31 ++++++++++++++++++++++++---- 1 file changed, 27 insertions(+), 4 deletions(-) diff --git a/lib/librte_cryptodev/rte_cryptodev.c b/lib/librte_cryptodev/rte_cryptodev.c index cdce7824c..150ef9a4a 100644 --- a/lib/librte_cryptodev/rte_cryptodev.c +++ b/lib/librte_cryptodev/rte_cryptodev.c @@ -428,7 +428,8 @@ rte_cryptodev_pmd_get_named_dev(const char *name) static inline uint8_t rte_cryptodev_is_valid_device_data(uint8_t dev_id) { - if (rte_crypto_devices[dev_id].data == NULL) + if (dev_id >= RTE_CRYPTO_MAX_DEVS || + rte_crypto_devices[dev_id].data == NULL) return 0; return 1; @@ -520,8 +521,9 @@ rte_cryptodev_devices_get(const char *driver_name, uint8_t *devices, void * rte_cryptodev_get_sec_ctx(uint8_t dev_id) { - if (rte_crypto_devices[dev_id].feature_flags & - RTE_CRYPTODEV_FF_SECURITY) + if (dev_id < RTE_CRYPTO_MAX_DEVS && + (rte_crypto_devices[dev_id].feature_flags & + RTE_CRYPTODEV_FF_SECURITY)) return rte_crypto_devices[dev_id].security_ctx; return NULL; @@ -660,6 +662,11 @@ rte_cryptodev_queue_pair_count(uint8_t dev_id) { struct rte_cryptodev *dev; + if (!rte_cryptodev_is_valid_device_data(dev_id)) { + CDEV_LOG_ERR("Invalid dev_id=%" PRIu8, dev_id); + return 0; + } + dev = &rte_crypto_devices[dev_id]; return dev->data->nb_queue_pairs; } @@ -1131,6 +1138,11 @@ rte_cryptodev_sym_session_init(uint8_t dev_id, uint8_t index; int ret; + if (!rte_cryptodev_pmd_is_valid_dev(dev_id)) { + CDEV_LOG_ERR("Invalid dev_id=%" PRIu8, dev_id); + return -EINVAL; + } + dev = rte_cryptodev_pmd_get_dev(dev_id); if (sess == NULL || xforms == NULL || dev == NULL) @@ -1228,6 +1240,11 @@ rte_cryptodev_sym_session_clear(uint8_t dev_id, { struct rte_cryptodev *dev; + if (!rte_cryptodev_pmd_is_valid_dev(dev_id)) { + CDEV_LOG_ERR("Invalid dev_id=%" PRIu8, dev_id); + return -EINVAL; + } + dev = rte_cryptodev_pmd_get_dev(dev_id); if (dev == NULL || sess == NULL) @@ -1428,8 +1445,14 @@ rte_cryptodev_driver_id_get(const char *name) const char * rte_cryptodev_name_get(uint8_t dev_id) { - struct rte_cryptodev *dev = rte_cryptodev_pmd_get_dev(dev_id); + struct rte_cryptodev *dev; + if (!rte_cryptodev_is_valid_device_data(dev_id)) { + CDEV_LOG_ERR("Invalid dev_id=%" PRIu8, dev_id); + return NULL; + } + + dev = rte_cryptodev_pmd_get_dev(dev_id); if (dev == NULL) return NULL; -- 2.17.1
On Fri, 2020-02-21 at 16:40 +0100, Adam Dybkowski wrote:
> This patch adds range-checking of the device id passed from
> the user app code. It prevents out-of-range array accesses
> which in some situations resulted in an
> application crash (segfault).
>
> Fixes: 72de277dd423 ("cryptodev: fix checks related to device id")
>
> Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Thanks, applied and pushed.
Yu, would you have time to re-test the head of the 17.11 branch to see
if this fixes the issue with QAT?
Thanks!
--
Kind regards,
Luca Boccassi
> -----Original Message-----
> From: Dybkowski, AdamX <adamx.dybkowski@intel.com>
> Sent: Friday, February 21, 2020 3:40 PM
> To: stable@dpdk.org; Trahe, Fiona <fiona.trahe@intel.com>; bluca@debian.org
> Cc: Dybkowski, AdamX <adamx.dybkowski@intel.com>
> Subject: [PATCH 17.11] cryptodev: fix missing device id range checking
>
> This patch adds range-checking of the device id passed from
> the user app code. It prevents out-of-range array accesses
> which in some situations resulted in an
> application crash (segfault).
>
> Fixes: 72de277dd423 ("cryptodev: fix checks related to device id")
>
> Signed-off-by: Adam Dybkowski <adamx.dybkowski@intel.com>
Acked-by: Fiona Trahe <fiona.trahe@intel.com>
On Fri, 2020-02-21 at 16:12 +0000, Luca Boccassi wrote:
> On Fri, 2020-02-21 at 16:40 +0100, Adam Dybkowski wrote:
> > This patch adds range-checking of the device id passed from
> > the user app code. It prevents out-of-range array accesses
> > which in some situations resulted in an
> > application crash (segfault).
> >
> > Fixes: 72de277dd423 ("cryptodev: fix checks related to device id")
> >
> > Signed-off-by: Adam Dybkowski <
> > adamx.dybkowski@intel.com
> > >
>
> Thanks, applied and pushed.
>
> Yu, would you have time to re-test the head of the 17.11 branch to
> see
> if this fixes the issue with QAT?
>
> Thanks!
Hello Yu,
Any update on this? We are just waiting on re-validating the crypto
devices (no need for a full run) for the release.
Thank you!
--
Kind regards,
Luca Boccassi
Luca, The issue is fixed with patch https://mails.dpdk.org/archives/stable/2020-February/020657.html. You can go ahead now. Regards, Yu Ping > -----Original Message----- > From: Luca Boccassi [mailto:bluca@debian.org] > Sent: Wednesday, February 26, 2020 5:53 PM > To: Yu, PingX <pingx.yu@intel.com> > Cc: Dybkowski, AdamX <adamx.dybkowski@intel.com>; stable@dpdk.org; > Trahe, Fiona <fiona.trahe@intel.com>; Mcnamara, John > <john.mcnamara@intel.com>; Daly, Lee <lee.daly@intel.com>; Xu, Qian Q > <qian.q.xu@intel.com>; Yigit, Ferruh <ferruh.yigit@intel.com>; O'Hare, Cathal > <cathal.ohare@intel.com> > Subject: Re: [dpdk-stable] [PATCH 17.11] cryptodev: fix missing device id range > checking > > On Fri, 2020-02-21 at 16:12 +0000, Luca Boccassi wrote: > > On Fri, 2020-02-21 at 16:40 +0100, Adam Dybkowski wrote: > > > This patch adds range-checking of the device id passed from the user > > > app code. It prevents out-of-range array accesses which in some > > > situations resulted in an application crash (segfault). > > > > > > Fixes: 72de277dd423 ("cryptodev: fix checks related to device id") > > > > > > Signed-off-by: Adam Dybkowski < > > > adamx.dybkowski@intel.com > > > > > > > > Thanks, applied and pushed. > > > > Yu, would you have time to re-test the head of the 17.11 branch to see > > if this fixes the issue with QAT? > > > > Thanks! > > Hello Yu, > > Any update on this? We are just waiting on re-validating the crypto devices (no > need for a full run) for the release. > > Thank you! > > -- > Kind regards, > Luca Boccassi
Great, thank you very much for confirming!
On Thu, 2020-02-27 at 01:48 +0000, Yu, PingX wrote:
> Luca,
> The issue is fixed with patch
> https://mails.dpdk.org/archives/stable/2020-February/020657.html
> .
> You can go ahead now.
>
> Regards,
> Yu Ping
>
>
> > -----Original Message-----
> > From: Luca Boccassi [mailto:
> > bluca@debian.org
> > ]
> > Sent: Wednesday, February 26, 2020 5:53 PM
> > To: Yu, PingX <
> > pingx.yu@intel.com
> > >
> > Cc: Dybkowski, AdamX <
> > adamx.dybkowski@intel.com
> > >;
> > stable@dpdk.org
> > ;
> > Trahe, Fiona <
> > fiona.trahe@intel.com
> > >; Mcnamara, John
> > <
> > john.mcnamara@intel.com
> > >; Daly, Lee <
> > lee.daly@intel.com
> > >; Xu, Qian Q
> > <
> > qian.q.xu@intel.com
> > >; Yigit, Ferruh <
> > ferruh.yigit@intel.com
> > >; O'Hare, Cathal
> > <
> > cathal.ohare@intel.com
> > >
> > Subject: Re: [dpdk-stable] [PATCH 17.11] cryptodev: fix missing
> > device id range
> > checking
> >
> > On Fri, 2020-02-21 at 16:12 +0000, Luca Boccassi wrote:
> > > On Fri, 2020-02-21 at 16:40 +0100, Adam Dybkowski wrote:
> > > > This patch adds range-checking of the device id passed from the
> > > > user
> > > > app code. It prevents out-of-range array accesses which in some
> > > > situations resulted in an application crash (segfault).
> > > >
> > > > Fixes: 72de277dd423 ("cryptodev: fix checks related to device
> > > > id")
> > > >
> > > > Signed-off-by: Adam Dybkowski <
> > > > adamx.dybkowski@intel.com
> > > >
> > >
> > > Thanks, applied and pushed.
> > >
> > > Yu, would you have time to re-test the head of the 17.11 branch
> > > to see
> > > if this fixes the issue with QAT?
> > >
> > > Thanks!
> >
> > Hello Yu,
> >
> > Any update on this? We are just waiting on re-validating the crypto
> > devices (no
> > need for a full run) for the release.
> >
> > Thank you!
> >
> > --
> > Kind regards,
> > Luca Boccassi
--
Kind regards,
Luca Boccassi