diff mbox series

[58/69] net/i40e/base: add limits for nested structures

Message ID	20191202074935.97629-59-xiaolong.ye@intel.com (mailing list archive)
State	Changes Requested, archived
Delegated to:	xiaolong ye
Headers	From: Xiaolong Ye <xiaolong.ye@intel.com> To: Beilei Xing <beilei.xing@intel.com>, Qi Zhang <qi.z.zhang@intel.com> Cc: dev@dpdk.org, Xiaolong Ye <xiaolong.ye@intel.com>, Sergey Nemov <sergey.nemov@intel.com> Date: Mon, 2 Dec 2019 15:49:24 +0800 Message-Id: <20191202074935.97629-59-xiaolong.ye@intel.com> In-Reply-To: <20191202074935.97629-1-xiaolong.ye@intel.com> References: <20191202074935.97629-1-xiaolong.ye@intel.com> Subject: [dpdk-dev] [PATCH 58/69] net/i40e/base: add limits for nested structures Precedence: list Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org>
Series	update for i40e base code \| [00/69] update for i40e base code [01/69] net/i40e/base: add support for feature flags [02/69] net/i40e/base: add ESXi support to transition to flat NVM [03/69] net/i40e/base: increase max VSI count for VFs [04/69] net/i40e/base: change buffer address [05/69] net/i40e/base: change for X722 10G-T ports LED [06/69] net/i40e/base: decouple cfg_lldp_mib_change from init_dcb [07/69] net/i40e/base: changed FW API version to 1.8 [08/69] net/i40e/base: change misleading error message [09/69] net/i40e/base: shadowRAM checksum calculation change [10/69] net/i40e/base: update Fort Park FW API to 1.8 [11/69] net/i40e/base: further implementation of LLDP [12/69] net/i40e/base: add new device ids for Carlsville [13/69] net/i40e/base: add check for MAC type [14/69] net/i40e/base: adding flags for PHY types [15/69] net/i40e/base: revert ShadowRAM checksum calculation change [16/69] net/i40e/base: improve AQ log granularity [17/69] net/i40e/base: change condition checks [18/69] net/i40e/base: add getter for FW LLDP agent status [19/69] net/i40e/base: add support for Energy Efficient Ethernet [20/69] net/i40e/base: read LPI status from external PHY [21/69] net/i40e/base: change reading LPI state [22/69] net/i40e/base: change for missing "link modes" [23/69] net/i40e/base: add reading LPI counters [24/69] net/i40e/base: update virtchnl.h [25/69] net/i40e/base: add opcodes reserved comments [26/69] net/i40e/base: revert Fix missing "fall through" comments [27/69] net/i40e/base: backport style changes from upstream Linux [28/69] net/i40e/base: update status codes [29/69] net/i40e/base: use TX_LPI_EN bit to fully turn off EEE [30/69] net/i40e/base: change of the incorrect Tx descriptors number [31/69] net/i40e/base: extend PHY access AQ command [32/69] net/i40e/base: add drop mode parameter to set MAC config [33/69] net/i40e/base: check_recovery_mode had wrong if statement [34/69] net/i40e/base: update FVL FW API version to 1.9 [35/69] net/i40e/base: update FPK FW API version to 1.9 [36/69] net/i40e/base: add persistent lldp support [37/69] net/i40e/base: make i40e_set_mac_type() public [38/69] net/i40e/base: change retrying [39/69] net/i40e/base: revert fix for X722 10G-T ports LED [40/69] net/i40e/base: change link flapping on 25g cards [41/69] net/i40e/base: changeed code wrapping for CARLSVILLE_HW [42/69] net/i40e/base: change long redundant define names [43/69] net/i40e/base: mark additional missing bits as reserved [44/69] net/i40e/base: change for persistent lldp support [45/69] net/i40e/base: change wrong 'Advertised FEC modes' [46/69] net/i40e/base: implement lpi statistics read from registers [47/69] net/i40e/base: add Flow Director defines [48/69] net/i40e/base: removed unreachable code [49/69] net/i40e/base: set PHY Access flag on X722 [50/69] net/i40e/base: implement reading lpi statistics [51/69] net/i40e/base: add MRR field defines [52/69] net/i40e/base: exposing missing LED functionality [53/69] net/i40e/base: introduce firmware EMP reset register offsets [54/69] net/i40e/base: change for reading lpi statistics [55/69] net/i40e/base: update FVL FW API version to 1.10 [56/69] net/i40e/base: add CRC stripping capability [57/69] net/i40e/base: update virtchnl header with advanced features [58/69] net/i40e/base: add limits for nested structures [59/69] net/i40e/base: put the check for zero nested elements higher [60/69] net/i40e/base: clarify requirements [61/69] net/i40e/base: change 'Unknown bps' [62/69] net/i40e/base: add USO offload flag for AVF [63/69] net/i40e/base: update the interrupt mapping and negotiation [64/69] net/i40e/base: add inline ipsec data struct and commands [65/69] net/i40e/base: change all zero-sized arrays [66/69] net/i40e/base: support for additional flow type [67/69] net/i40e/base: change GET/SET_RSS_LUT valid_len check [68/69] net/i40e/base: add missing 0 length checks [69/69] net/i40e/base: update version

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/Intel-compilation	success	Compilation OK

Commit Message

Xiaolong Ye Dec. 2, 2019, 7:49 a.m. UTC

  The following virtchnl opcodes operate with structures with nested
structures in them which can possible lead to overflow if number of
nested structures would be too big.

VIRTCHNL_OP_CONFIG_VSI_QUEUES
VIRTCHNL_OP_CONFIG_IRQ_MAP
VIRTCHNL_OP_ADD_ETH_ADDR
VIRTCHNL_OP_DEL_ETH_ADDR
VIRTCHNL_OP_ADD_VLAN
VIRTCHNL_OP_DEL_VLAN
VIRTCHNL_OP_CONFIG_IWARP_IRQ_MAP
VIRTCHNL_OP_ENABLE_CHANNELS

Since message from VF is limited by u16, precalculate the maximum
numbers of nested structures which can possibly be sent through
virtual channel and exit with error if VF tries to send us more than the
maximum limit.

This is only a sanity check of the VF message length.
Each driver should additionally check these numbers to fit the hardware
capabilities.

Signed-off-by: Sergey Nemov <sergey.nemov@intel.com>
Reviewed-by: Kirsher Jeffrey T <jeffrey.t.kirsher@intel.com>
Signed-off-by: Xiaolong Ye <xiaolong.ye@intel.com>
---
 drivers/net/i40e/base/virtchnl.h | 76 ++++++++++++++++++++++++++++++++
 1 file changed, 76 insertions(+)

diff mbox series

Patch

diff --git a/drivers/net/i40e/base/virtchnl.h b/drivers/net/i40e/base/virtchnl.h
index c3495ab39..6384ded7d 100644
--- a/drivers/net/i40e/base/virtchnl.h
+++ b/drivers/net/i40e/base/virtchnl.h
@@ -719,6 +719,38 @@  VIRTCHNL_CHECK_STRUCT_LEN(16, virtchnl_iwarp_qvlist_info);
 
 #endif
 
+/* Since VF messages are limited by u16 size, precalculate the maximum possible
+ * values of nested elements in virtchnl structures that virtual channel can
+ * possibly handle in a single message.
+ */
+enum virtchnl_vector_limits {
+	VIRTCHNL_OP_CONFIG_VSI_QUEUES_MAX	=
+		((u16)(~0) - sizeof(struct virtchnl_vsi_queue_config_info)) /
+		sizeof(struct virtchnl_queue_pair_info),
+
+	VIRTCHNL_OP_CONFIG_IRQ_MAP_MAX		=
+		((u16)(~0) - sizeof(struct virtchnl_irq_map_info)) /
+		sizeof(struct virtchnl_vector_map),
+
+	VIRTCHNL_OP_ADD_DEL_ETH_ADDR_MAX	=
+		((u16)(~0) - sizeof(struct virtchnl_ether_addr_list)) /
+		sizeof(struct virtchnl_ether_addr),
+
+	VIRTCHNL_OP_ADD_DEL_VLAN_MAX		=
+		((u16)(~0) - sizeof(struct virtchnl_vlan_filter_list)) /
+		sizeof(u16),
+
+#ifdef VIRTCHNL_IWARP
+	VIRTCHNL_OP_CONFIG_IWARP_IRQ_MAP_MAX	=
+		((u16)(~0) - sizeof(struct virtchnl_iwarp_qvlist_info)) /
+		sizeof(struct virtchnl_iwarp_qv_info),
+#endif
+
+	VIRTCHNL_OP_ENABLE_CHANNELS_MAX		=
+		((u16)(~0) - sizeof(struct virtchnl_tc_info)) /
+		sizeof(struct virtchnl_channel_info),
+};
+
 /* VF reset states - these are written into the RSTAT register:
  * VFGEN_RSTAT on the VF
  * When the PF initiates a reset, it writes 0
@@ -1130,6 +1162,13 @@  virtchnl_vc_validate_vf_msg(struct virtchnl_version_info *ver, u32 v_opcode,
 		if (msglen >= valid_len) {
 			struct virtchnl_vsi_queue_config_info *vqc =
 			    (struct virtchnl_vsi_queue_config_info *)msg;
+
+			if (vqc->num_queue_pairs >
+			    VIRTCHNL_OP_CONFIG_VSI_QUEUES_MAX) {
+				err_msg_format = true;
+				break;
+			}
+
 			valid_len += (vqc->num_queue_pairs *
 				      sizeof(struct
 					     virtchnl_queue_pair_info));
@@ -1142,8 +1181,16 @@  virtchnl_vc_validate_vf_msg(struct virtchnl_version_info *ver, u32 v_opcode,
 		if (msglen >= valid_len) {
 			struct virtchnl_irq_map_info *vimi =
 			    (struct virtchnl_irq_map_info *)msg;
+
+			if (vimi->num_vectors >
+			    VIRTCHNL_OP_CONFIG_IRQ_MAP_MAX) {
+				err_msg_format = true;
+				break;
+			}
+
 			valid_len += (vimi->num_vectors *
 				      sizeof(struct virtchnl_vector_map));
+
 			if (vimi->num_vectors == 0)
 				err_msg_format = true;
 		}
@@ -1158,6 +1205,13 @@  virtchnl_vc_validate_vf_msg(struct virtchnl_version_info *ver, u32 v_opcode,
 		if (msglen >= valid_len) {
 			struct virtchnl_ether_addr_list *veal =
 			    (struct virtchnl_ether_addr_list *)msg;
+
+			if (veal->num_elements >
+			    VIRTCHNL_OP_ADD_DEL_ETH_ADDR_MAX) {
+				err_msg_format = true;
+				break;
+			}
+
 			valid_len += veal->num_elements *
 			    sizeof(struct virtchnl_ether_addr);
 			if (veal->num_elements == 0)
@@ -1170,7 +1224,15 @@  virtchnl_vc_validate_vf_msg(struct virtchnl_version_info *ver, u32 v_opcode,
 		if (msglen >= valid_len) {
 			struct virtchnl_vlan_filter_list *vfl =
 			    (struct virtchnl_vlan_filter_list *)msg;
+
+			if (vfl->num_elements >
+			    VIRTCHNL_OP_ADD_DEL_VLAN_MAX) {
+				err_msg_format = true;
+				break;
+			}
+
 			valid_len += vfl->num_elements * sizeof(u16);
+
 			if (vfl->num_elements == 0)
 				err_msg_format = true;
 		}
@@ -1199,6 +1261,13 @@  virtchnl_vc_validate_vf_msg(struct virtchnl_version_info *ver, u32 v_opcode,
 		if (msglen >= valid_len) {
 			struct virtchnl_iwarp_qvlist_info *qv =
 				(struct virtchnl_iwarp_qvlist_info *)msg;
+
+			if (qv->num_vectors >
+			    VIRTCHNL_OP_CONFIG_IWARP_IRQ_MAP_MAX) {
+				err_msg_format = true;
+				break;
+			}
+
 			if (qv->num_vectors == 0) {
 				err_msg_format = true;
 				break;
@@ -1240,6 +1309,13 @@  virtchnl_vc_validate_vf_msg(struct virtchnl_version_info *ver, u32 v_opcode,
 		if (msglen >= valid_len) {
 			struct virtchnl_tc_info *vti =
 				(struct virtchnl_tc_info *)msg;
+
+			if (vti->num_tc >
+			    VIRTCHNL_OP_ENABLE_CHANNELS_MAX) {
+				err_msg_format = true;
+				break;
+			}
+
 			valid_len += (vti->num_tc - 1) *
 				     sizeof(struct virtchnl_channel_info);
 			if (vti->num_tc == 0)