| Message ID | 20231010062304.205933-3-chaoyong.he@corigine.com (mailing list archive) |
|---|---|
| State | Changes Requested, archived |
| Delegated to: | Ferruh Yigit |
| Headers |
Return-Path: <dev-bounces@dpdk.org> X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id A19B142348; Tue, 10 Oct 2023 08:23:39 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 8214140689; Tue, 10 Oct 2023 08:23:31 +0200 (CEST) Received: from NAM10-BN7-obe.outbound.protection.outlook.com (mail-bn7nam10on2100.outbound.protection.outlook.com [40.107.92.100]) by mails.dpdk.org (Postfix) with ESMTP id 0FAF1402EF; Tue, 10 Oct 2023 08:23:30 +0200 (CEST) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=hvGviTrLM3tcaXTd30bTsY1KWMwvg2RlWC6PE4N7GLRNuCgeSxb8PyjUeR1cWPAbdZ0rEpiniPQOPD3/PNkIa51d6abT/hXS6MDbQGARPi71NbRJeg38hwkNfXroJ+QIYHXUHgpAA6w+LRl+CeFK/1ci0ktRFiGwn3qqwqHJssQGBVYAlW0xOm+OWCUQph+/y/qgkU39sxRflWx6m9fVY3ZIcIXwYLGgN1MpbcdFQ+x+h4sPywsdzt7VHemWyIMM/pei9MWY/PmxbJTn1cQ6AdHtPm4gu3k9jCFdbR5KhCZ3aXHOPTfub/dlwTXII6d4+m7p7AxrL1lwmWk2KpxMIQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=PZcMTBjOBUXnZ77cnxSIRhO9rU/je8w4p6q/F+HU+KU=; b=iFANgZ2zqWvtw3gRUwI+XiE0hhapxa6C/Tjty3CpiyUq5pPEP50Dou/aZP+SJRrHklE2tLuOz2ZQoWTOFLs3GA+LD2gTHqf1NKrSILHl03T5vK/Fs272RMZm8/yFAzsbzUpDq3n59W5U83+Un0EgWxRrFngqKSWkXb5DOGTTtHqL/PCL0p5Fd5myxRTxfQJeyG/ekN4nLnxpLnXUOIHYYvr+LDekQIpRH4sakWWoTFwG3hz2rj3ZUxU37OIem9NyXqDTsZGGwFi2YPPe4f986zzB0xjP+uF4mKPbVmjUaXF5zn+A2p5QDyEh1qEw+Fcbehd3ylGQQSbxustv+elV9g== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=corigine.com; dmarc=pass action=none header.from=corigine.com; dkim=pass header.d=corigine.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=corigine.onmicrosoft.com; s=selector2-corigine-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=PZcMTBjOBUXnZ77cnxSIRhO9rU/je8w4p6q/F+HU+KU=; b=QNG+pltIyH4z8s1Fkbg8YpH3VtvMob3j5lzaQMj2nu3e7vs/iJnHhVCpdz2EAT+IKphUSL4RIPLcjcWzHRfjqiAV6GqI8iI7VVh23BeeyqCp0d8/2xrFcTivpvR/7L+3x0qBPf2fXsIL9CpGLvZlGnjVANvmffxPUZVEf7SMCsc= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=corigine.com; Received: from SJ0PR13MB5545.namprd13.prod.outlook.com (2603:10b6:a03:424::5) by DM6PR13MB3802.namprd13.prod.outlook.com (2603:10b6:5:24e::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6838.43; Tue, 10 Oct 2023 06:23:28 +0000 Received: from SJ0PR13MB5545.namprd13.prod.outlook.com ([fe80::2d5:f7d6:ecde:c93a]) by SJ0PR13MB5545.namprd13.prod.outlook.com ([fe80::2d5:f7d6:ecde:c93a%4]) with mapi id 15.20.6863.032; Tue, 10 Oct 2023 06:23:28 +0000 From: Chaoyong He <chaoyong.he@corigine.com> To: dev@dpdk.org Cc: oss-drivers@corigine.com, Long Wu <long.wu@corigine.com>, danielx.t.mrzyglod@intel.com, stable@dpdk.org, Chaoyong He <chaoyong.he@corigine.com>, Peng Zhang <peng.zhang@corigine.com> Subject: [PATCH 2/3] net/bonding: fix illegal memory accesses Date: Tue, 10 Oct 2023 14:23:03 +0800 Message-Id: <20231010062304.205933-3-chaoyong.he@corigine.com> X-Mailer: git-send-email 2.39.1 In-Reply-To: <20231010062304.205933-1-chaoyong.he@corigine.com> References: <20231010062304.205933-1-chaoyong.he@corigine.com> Content-Transfer-Encoding: 8bit Content-Type: text/plain X-ClientProxiedBy: BYAPR07CA0057.namprd07.prod.outlook.com (2603:10b6:a03:60::34) To SJ0PR13MB5545.namprd13.prod.outlook.com (2603:10b6:a03:424::5) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: SJ0PR13MB5545:EE_|DM6PR13MB3802:EE_ X-MS-Office365-Filtering-Correlation-Id: 5e93b226-24e5-4377-2645-08dbc9596ad7 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: NBAflRnDqlx7W0S1kMzxBhq2qRGuRKuAUMvTGigoUZCchM+/1nACmEZSn8B2Ca9GJu2nz+00Y93BBVljq6BebQ7XjfQKmM0tsY7+ibEPBGra332siRvrn4HmaWdabQmy2bAQ4YOmqeYs5zL91WSbvMTopYeALthcbL/MPP1xFt2sdupP/xksSyhynX7hwM58BOmlsGGGRTPSWxqGiNPd5KPwO/RxPs7UPhdi7CMzm7J+dAHnjKV2Q+SCxFi7IkCqr6AGlnrZNMksfHOSwvjtD/flKlmyVN+dX4di88gt4S5K/adn8nR7t37AgxGrpdrIMXOLjNjx9bNWs+AxcqIJx6ZlMDeCYRRCuqAx+AymfqtaNwvgySdVPJXtjB7afQqM/qFBoi91DULqla3SaQ0YYuK0cvYVX31vfdkN4K1clFUQ49dZbsraT57E4NqFP+SUukS/qzgH8Bzwe5JQxpSaDkORprzL665SVZ+B4lfEPdI1UyZDbahNbCGpmG94gb8nVPyc7zxyfrAFM5za3+t43Ae2S693NSlgnaI7oWLIB10DnplVwzZp3iL6Wt354fdLnWgr7cRnh9CP3mSy+ydhi+yB95Yvpje5XfFo93TuK1pP7zmBI6GGh8unKs2xCSdqIvWnLVLiMs2zzp9W6f2ctNqT9+7oPZ42m3oaIPDAbUU= X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:SJ0PR13MB5545.namprd13.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(376002)(346002)(366004)(396003)(136003)(39830400003)(230922051799003)(186009)(451199024)(1800799009)(64100799003)(86362001)(36756003)(38350700002)(38100700002)(1076003)(52116002)(2616005)(6512007)(26005)(8936002)(4326008)(44832011)(6486002)(8676002)(5660300002)(6666004)(6506007)(41300700001)(2906002)(66946007)(107886003)(54906003)(66556008)(6916009)(316002)(66476007)(478600001); DIR:OUT; SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: i+J/k+xj7/sHz4OsYg7HntIF8W3gHNdkUk6zPCCN1eKoMBY0uPfxe+mleVaJ6sD6rtiZ2RhZAYaTt/Nj86q2FylWjAC1MI632km4FABLsfFUNzyLb+scNp79ExL2CuIURrI/1vcoq0MjrHzMRcsyPQ/u9bfDm1azBniH4bNUEt/xhDPW7W9+fCmlXX1SARcNFgiMYmDYOgy2QqzB+VXiNy/aD3tTFOJxdUYt6bTAr+sJcFyNy7GwfQV5jzI/D4jbeBFW2FkjUxNVT+dS+78q0GnYnsl/49PIJ/tzg1ZNOMnmPlrWQwtBbM2ynnUleNamks2mTXoLbpto5hLZ0l72yoKj49toMBrr6p5DLwbUeMH7qLimw9WNcXfcohBNwB/yMRla92dsas4USZHeoNAj3F0M9awojyqWjIZn1N9xu93OOQLuB2XOugtrwjZ1ixH1yf/UVHMnQVapycHjYUaviCxw6/EYqFpgxVTQgkn+kr1XmVY6zLP+geqYmn/CmfVkYl/4QGzEN5dJPP1wrYPt0RpwsODue3G0OKRInqQTZRX2RnNORH9b1wImV43SSEm6DG8ZbmlX0pscMqN9TGA04/DfZEjinvR7dHa/R88/3+41rriz6SnwDAG8EvVaAHKWC+sEnxlK+OQtvjESimOuK6Elm6t7sSHje4E9VcZN+YhUd3ckvfekmWlUa43oKIABff4QEfgy5L0yNVcvYp3lAp3zMQYijd8PmAFhxN2TzkrNNEEZBxI/0uPDcua5faT3c7uXqagNkmTjRgE7tXFJXDTP7ca+sHXbifVcq1rHbxoGpi6zcHS2Xn4s+k+jyPlkqjoN+Yu0IEWulVDKxkRcGZQ3BsHd9DnydF3f9sB8IMV47kIvKAe3IUU7euX78Vu03IOtAvKqLcOkinKwmR+MmZf3M6DnxWbt+oSbQ/LR3O0R1aF3JCmJpzbfzIQr1JcgozrqPMg0o13cr3q7C3R4rJZBB3T04VuySdS0OmyPyHnufvdPTnJuy9eX3kUaCbB93ELgPCZ2vlY1pVUbzYP3rKUY2vbeu/GwUWpzIubkTSPVLX5Hnmt2ZGO7q+7X2ckvxAOotLLzgsgF++uI45ERQqK44Mx1iPYHHNqb3DEkJQicm+Zg2PTjv8vnV/imJN2T+oZlyPau1j1DvFtOFr2ST5zF8ZzCbPczL6a6yF3ow/ZGuZE+Oj5dkawhCU6Y9x/ab4TXdij6k5sZZ4fHTHqHfBKRyy4Cij4yu8yMgOrYp1gJjqfrUgWRajQrRpXOeg3nSoJfB1/hgKTUvT40GhCmk9ii8AFs15iKZ5pxWrwqvyyvuZ+p08BSGZajOT8S/HqbuAVpm+BMnxfbyBSrj8X+2EMDRGA+wRIf9xbbRQFKqFJXpx+gL12Zr+AKa8fqtDLUPJ7zSsC9eTCgPmCSStuZdc7zrdoTXiIyciwS5jyCDnslOuxlzdPnQda6mtCQjk6Wu9FtBt9/jZu+PzMmjLmBYppm4ptgh0g4EcXDc26UUT/oK2xVkISiLh2bEUa9TYkVImvSiNRWfIFWz8FBxpluak+StxdfCx3VGh+D+oEx1Fl01BeGngU8lH4odcMcELSx8N6irx0GxgCtp5UhKVM01g== X-OriginatorOrg: corigine.com X-MS-Exchange-CrossTenant-Network-Message-Id: 5e93b226-24e5-4377-2645-08dbc9596ad7 X-MS-Exchange-CrossTenant-AuthSource: SJ0PR13MB5545.namprd13.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 10 Oct 2023 06:23:28.7569 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: fe128f2c-073b-4c20-818e-7246a585940c X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: tkyx39c92RYy836GAqs6MO+DqzOEx0D5JjxfZ13AzHcJS3/4mBHk6/xMCJ85snsakHZiKk4V3IZavrqgl4J6i2zq36Zv3NzqWLa9UWLxUA8= X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR13MB3802 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions <dev.dpdk.org> List-Unsubscribe: <https://mails.dpdk.org/options/dev>, <mailto:dev-request@dpdk.org?subject=unsubscribe> List-Archive: <http://mails.dpdk.org/archives/dev/> List-Post: <mailto:dev@dpdk.org> List-Help: <mailto:dev-request@dpdk.org?subject=help> List-Subscribe: <https://mails.dpdk.org/listinfo/dev>, <mailto:dev-request@dpdk.org?subject=subscribe> Errors-To: dev-bounces@dpdk.org |
| Series |
Fix three coverity issues of bond PMD
|
|
Checks
| Context | Check | Description |
|---|---|---|
| ci/checkpatch | success | coding style OK |
Commit Message
Chaoyong He
Oct. 10, 2023, 6:23 a.m. UTC
From: Long Wu <long.wu@corigine.com> CI found that overrunning array of 32 2-byte elements at element index 65535 (byte offset 131071) by dereferencing pointer "members + agg_new_idx". Coverity issue: 403099 Fixes: 6d72657ce379 ("net/bonding: add other aggregator modes") Cc: danielx.t.mrzyglod@intel.com Cc: stable@dpdk.org Signed-off-by: Long Wu <long.wu@corigine.com> Reviewed-by: Chaoyong He <chaoyong.he@corigine.com> Reviewed-by: Peng Zhang <peng.zhang@corigine.com> --- drivers/net/bonding/rte_eth_bond_8023ad.c | 4 ++++ 1 file changed, 4 insertions(+)
Comments
On 10/10/2023 7:23 AM, Chaoyong He wrote: > From: Long Wu <long.wu@corigine.com> > > CI found that overrunning array of 32 2-byte elements at > element index 65535 (byte offset 131071) by dereferencing > pointer "members + agg_new_idx". > > Coverity issue: 403099 > Fixes: 6d72657ce379 ("net/bonding: add other aggregator modes") > Cc: danielx.t.mrzyglod@intel.com > Cc: stable@dpdk.org > > Signed-off-by: Long Wu <long.wu@corigine.com> > Reviewed-by: Chaoyong He <chaoyong.he@corigine.com> > Reviewed-by: Peng Zhang <peng.zhang@corigine.com> > --- > drivers/net/bonding/rte_eth_bond_8023ad.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/drivers/net/bonding/rte_eth_bond_8023ad.c b/drivers/net/bonding/rte_eth_bond_8023ad.c > index 677067870f..0be33f61e3 100644 > --- a/drivers/net/bonding/rte_eth_bond_8023ad.c > +++ b/drivers/net/bonding/rte_eth_bond_8023ad.c > @@ -732,10 +732,14 @@ selection_logic(struct bond_dev_private *internals, uint16_t member_id) > switch (internals->mode4.agg_selection) { > case AGG_COUNT: > agg_new_idx = max_index(agg_count, members_count); > + if (agg_new_idx >= members_count) > + agg_new_idx = default_member; > new_agg_id = members[agg_new_idx]; > Overrun may happen when 'max_index()' returns error, '-1', which becomes 'UINT16_MAX' as function returns 'uint16_t'. And 'max_index()' returns error only if "members_count <= 0", but as far as I can see 'members_count' can't be "<= 0" anyway. What do you think to remove check in the 'max_index()', or add a check in 'selection_logic()' for 'members_count == 0', but not sure what to do 'max_index()'in this case, so updating 'max_index()' is simpler.
diff --git a/drivers/net/bonding/rte_eth_bond_8023ad.c b/drivers/net/bonding/rte_eth_bond_8023ad.c index 677067870f..0be33f61e3 100644 --- a/drivers/net/bonding/rte_eth_bond_8023ad.c +++ b/drivers/net/bonding/rte_eth_bond_8023ad.c @@ -732,10 +732,14 @@ selection_logic(struct bond_dev_private *internals, uint16_t member_id) switch (internals->mode4.agg_selection) { case AGG_COUNT: agg_new_idx = max_index(agg_count, members_count); + if (agg_new_idx >= members_count) + agg_new_idx = default_member; new_agg_id = members[agg_new_idx]; break; case AGG_BANDWIDTH: agg_new_idx = max_index(agg_bandwidth, members_count); + if (agg_new_idx >= members_count) + agg_new_idx = default_member; new_agg_id = members[agg_new_idx]; break; case AGG_STABLE: