[dpdk-stable] [PATCH v9] ethdev: add sanity checks in control APIs

[Andrew Rybchenko]

On 4/21/21 4:19 PM, Ferruh Yigit wrote:
> On 4/21/2021 12:28 PM, Andrew Rybchenko wrote:
>> On 4/21/21 5:36 AM, Ferruh Yigit wrote:
>>> From: "Min Hu (Connor)" <humin29 at huawei.com>
>>>
>>> This patch adds more sanity checks in control path APIs.
>>>
>>> Fixes: 214ed1acd125 ("ethdev: add iterator to match devargs input")
>>> Fixes: 3d98f921fbe9 ("ethdev: unify prefix for static functions and
>>> variables")
>>> Fixes: 0366137722a0 ("ethdev: check for invalid device name")
>>> Fixes: d948f596fee2 ("ethdev: fix port data mismatched in multiple
>>> process model")
>>> Fixes: 5b7ba31148a8 ("ethdev: add port ownership")
>>> Fixes: f8244c6399d9 ("ethdev: increase port id range")
>>> Cc: stable at dpdk.org
>>>
>>> Signed-off-by: Min Hu (Connor) <humin29 at huawei.com>
>>> Signed-off-by: Ferruh Yigit <ferruh.yigit at intel.com>
>>> Reviewed-by: Andrew Rybchenko <andrew.rybchenko at oktetlabs.ru>
>>> Acked-by: Kevin Traynor <ktraynor at redhat.com>
>>
>> Few nits below.
>> Other than that I confirm my "Reviewed-by".
>>
>> The patch is really long. It would be better to split it into
>> few:
>>   - relocate dev assignment
>>   - empty lines mangling (when it is unrelated to previous item)
>>   - ops check before usage (combined with related style checks)
>>   - error logs refinement
>>
>> However, since the patch is already reviewed this way, may
>> be it is better to push as is after review notes processing.
>>
>>> @@ -817,7 +859,12 @@ rte_eth_dev_get_port_by_name(const char *name,
>>> uint16_t *port_id)
>>>       uint16_t pid;
>>>         if (name == NULL) {
>>> -        RTE_ETHDEV_LOG(ERR, "Null pointer is specified\n");
>>> +        RTE_ETHDEV_LOG(ERR, "Cannot get port ID from NULL name");
>>> +        return -EINVAL;
>>> +    }
>>> +
>>> +    if (port_id == NULL) {
>>> +        RTE_ETHDEV_LOG(ERR, "Cannot get port ID to NULL\n");
>>
>> Since name is already checked above, I think it would be useful
>> to log 'name' here to provide context.
>>
>>>           return -EINVAL;
>>>       }
>>>   
>>
>> [snip]
>>
>>> @@ -3256,6 +3370,20 @@ rte_eth_dev_fw_version_get(uint16_t port_id,
>>> char *fw_version, size_t fw_size)
>>>       RTE_ETH_VALID_PORTID_OR_ERR_RET(port_id, -ENODEV);
>>>       dev = &rte_eth_devices[port_id];
>>>   +    if (fw_version == NULL) {
>>> +        RTE_ETHDEV_LOG(ERR,
>>> +            "Cannot get ethdev port %u FW version to NULL\n",
>>> +            port_id);
>>> +        return -EINVAL;
>>> +    }
>>> +
>>> +    if (fw_size == 0) {
>>> +        RTE_ETHDEV_LOG(ERR,
>>> +            "Cannot get ethdev port %u FW version to buffer with
>>> zero size\n",
>>> +            port_id);
>>> +        return -EINVAL;
>>> +    }
>>> +
>>
>> The only error condition is NULL fw_version with positive
>> fw_size. Othwerwise, it could be just a call to get required
>> size of buffer for FW version.
>>
>
> Right, above is wrong.
>
> Agree that "fw_version == NULL && fw_size > 0" is error condition,
> but is it clear if how this API should behave on
> "fw_version == NULL && fw_size == 0"?
>
> Like sfc has following,
> if ((fw_version == NULL) || (fw_size == 0))
>     return -EINVAL;

It looks like net/sfc is buggy here. My review notes are based on
rte_eth_dev_fw_version_get() return values description.