[dpdk-stable] patch 'net/enic: check for unsupported flow item types' has been queued to LTS release 18.11.2

Kevin Traynor ktraynor at redhat.com
Wed Apr 10 18:44:04 CEST 2019

Previous message: [dpdk-stable] patch 'net/enic: allow flow mark ID 0' has been queued to LTS release 18.11.2
Next message: [dpdk-stable] patch 'net/enic: reset VXLAN port regardless of overlay offload' has been queued to LTS release 18.11.2
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

FYI, your patch has been queued to LTS release 18.11.2

Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet.
It will be pushed if I get no objections before 04/16/19. So please
shout if anyone has objections.

Also note that after the patch there's a diff of the upstream commit vs the
patch applied to the branch. This will indicate if there was any rebasing
needed to apply to the stable branch. If there were code changes for rebasing
(ie: not only metadata diffs), please double check that the rebase was
correctly done.

Thanks.

Kevin Traynor

---
>From 946cb3b1ca679b2e964cf1a3ceebc7e8d8764629 Mon Sep 17 00:00:00 2001
From: Hyong Youb Kim <hyonkim at cisco.com>
Date: Sat, 2 Mar 2019 02:42:43 -0800
Subject: [PATCH] net/enic: check for unsupported flow item types

[ upstream commit 4d8e9aa48328edb58f8a843a8e6bee327e12d181 ]

Currently a pattern with an unsupported item type causes segfault,
because the flow handler is using the type as an array index without
checking bounds. Add an explicit check for unsupported item types and
avoid out-of-bound accesses.

Fixes: 6ced137607d0 ("net/enic: flow API for NICs with advanced filters enabled")

Signed-off-by: Hyong Youb Kim <hyonkim at cisco.com>
Reviewed-by: John Daley <johndale at cisco.com>
---
 drivers/net/enic/enic_flow.c | 18 +++++++++++++++---
 1 file changed, 15 insertions(+), 3 deletions(-)

diff --git a/drivers/net/enic/enic_flow.c b/drivers/net/enic/enic_flow.c
index e12a6ec73..c60476c8c 100644
--- a/drivers/net/enic/enic_flow.c
+++ b/drivers/net/enic/enic_flow.c
@@ -41,4 +41,6 @@ struct enic_filter_cap {
 	/** list of valid items and their handlers and attributes. */
 	const struct enic_items *item_info;
+	/* Max type in the above list, used to detect unsupported types */
+	enum rte_flow_item_type max_item_type;
 };
 
@@ -258,10 +260,13 @@ static const struct enic_filter_cap enic_filter_cap[] = {
 	[FILTER_IPV4_5TUPLE] = {
 		.item_info = enic_items_v1,
+		.max_item_type = RTE_FLOW_ITEM_TYPE_TCP,
 	},
 	[FILTER_USNIC_IP] = {
 		.item_info = enic_items_v2,
+		.max_item_type = RTE_FLOW_ITEM_TYPE_VXLAN,
 	},
 	[FILTER_DPDK_1] = {
 		.item_info = enic_items_v3,
+		.max_item_type = RTE_FLOW_ITEM_TYPE_VXLAN,
 	},
 };
@@ -947,5 +952,5 @@ item_stacking_valid(enum rte_flow_item_type prev_item,
 static int
 enic_copy_filter(const struct rte_flow_item pattern[],
-		 const struct enic_items *items_info,
+		 const struct enic_filter_cap *cap,
 		 struct filter_v2 *enic_filter,
 		 struct rte_flow_error *error)
@@ -970,5 +975,12 @@ enic_copy_filter(const struct rte_flow_item pattern[],
 			continue;
 
-		item_info = &items_info[item->type];
+		item_info = &cap->item_info[item->type];
+		if (item->type > cap->max_item_type ||
+		    item_info->copy_item == NULL) {
+			rte_flow_error_set(error, ENOTSUP,
+				RTE_FLOW_ERROR_TYPE_ITEM,
+				NULL, "Unsupported item.");
+			return -rte_errno;
+		}
 
 		/* check to see if item stacking is valid */
@@ -1424,5 +1436,5 @@ enic_flow_parse(struct rte_eth_dev *dev,
 	}
 	enic_filter->type = enic->flow_filter_mode;
-	ret = enic_copy_filter(pattern, enic_filter_cap->item_info,
+	ret = enic_copy_filter(pattern, enic_filter_cap,
 				       enic_filter, error);
 	return ret;
-- 
2.20.1

---
  Diff of the applied patch vs upstream commit (please double-check if non-empty:
---
--- -	2019-04-10 14:06:12.160587523 +0100
+++ 0056-net-enic-check-for-unsupported-flow-item-types.patch	2019-04-10 14:06:08.010290901 +0100
@@ -1,15 +1,16 @@
-From 4d8e9aa48328edb58f8a843a8e6bee327e12d181 Mon Sep 17 00:00:00 2001
+From 946cb3b1ca679b2e964cf1a3ceebc7e8d8764629 Mon Sep 17 00:00:00 2001
 From: Hyong Youb Kim <hyonkim at cisco.com>
 Date: Sat, 2 Mar 2019 02:42:43 -0800
 Subject: [PATCH] net/enic: check for unsupported flow item types
 
+[ upstream commit 4d8e9aa48328edb58f8a843a8e6bee327e12d181 ]
+
 Currently a pattern with an unsupported item type causes segfault,
 because the flow handler is using the type as an array index without
 checking bounds. Add an explicit check for unsupported item types and
 avoid out-of-bound accesses.
 
 Fixes: 6ced137607d0 ("net/enic: flow API for NICs with advanced filters enabled")
-Cc: stable at dpdk.org
 
 Signed-off-by: Hyong Youb Kim <hyonkim at cisco.com>
 Reviewed-by: John Daley <johndale at cisco.com>

Previous message: [dpdk-stable] patch 'net/enic: allow flow mark ID 0' has been queued to LTS release 18.11.2
Next message: [dpdk-stable] patch 'net/enic: reset VXLAN port regardless of overlay offload' has been queued to LTS release 18.11.2
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the stable mailing list