lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20231121194504.GB16629@kernel.org>
Date:   Tue, 21 Nov 2023 19:45:04 +0000
From:   Simon Horman <horms@...nel.org>
To:     Ivan Vecera <ivecera@...hat.com>
Cc:     intel-wired-lan@...ts.osuosl.org,
        Jesse Brandeburg <jesse.brandeburg@...el.com>,
        Tony Nguyen <anthony.l.nguyen@...el.com>,
        "David S. Miller" <davem@...emloft.net>,
        Eric Dumazet <edumazet@...gle.com>,
        Jakub Kicinski <kuba@...nel.org>,
        Paolo Abeni <pabeni@...hat.com>, linux-kernel@...r.kernel.org,
        Jacob Keller <jacob.e.keller@...el.com>,
        Wojciech Drewek <wojciech.drewek@...el.com>,
        mschmidt@...hat.com, netdev@...r.kernel.org
Subject: Re: [PATCH iwl-next v3 3/5] i40e: Add helpers to find VSI and VEB by
 SEID and use them

On Mon, Nov 20, 2023 at 06:55:42PM +0100, Ivan Vecera wrote:
> 
> On 20. 11. 23 12:42, Simon Horman wrote:
> > On Thu, Nov 16, 2023 at 04:21:12PM +0100, Ivan Vecera wrote:
> > > Add two helpers i40e_(veb|vsi)_get_by_seid() to find corresponding
> > > VEB or VSI by their SEID value and use these helpers to replace
> > > existing open-coded loops.
> > > 
> > > Reviewed-by: Wojciech Drewek <wojciech.drewek@...el.com>
> > > Signed-off-by: Ivan Vecera <ivecera@...hat.com>
> > 
> > Hi Ivan,
> > 
> > some minor feedback from my side.
> > 
> > ...
> > 
> > > diff --git a/drivers/net/ethernet/intel/i40e/i40e.h b/drivers/net/ethernet/intel/i40e/i40e.h
> > > index 1e9266de270b..ca8997d29c02 100644
> > > --- a/drivers/net/ethernet/intel/i40e/i40e.h
> > > +++ b/drivers/net/ethernet/intel/i40e/i40e.h
> > > @@ -1360,4 +1360,38 @@ static inline struct i40e_pf *i40e_hw_to_pf(struct i40e_hw *hw)
> > >   struct device *i40e_hw_to_dev(struct i40e_hw *hw);
> > > +/**
> > > + * i40e_pf_get_vsi_by_seid - find VSI by SEID
> > > + * @pf: pointer to a PF
> > 
> > nit: @seid is missing here
> > 
> > > + **/
> > > +static inline struct i40e_vsi *
> > > +i40e_pf_get_vsi_by_seid(struct i40e_pf *pf, u16 seid)
> > > +{
> > > +	struct i40e_vsi *vsi;
> > > +	int i;
> > > +
> > > +	i40e_pf_for_each_vsi(pf, i, vsi)
> > > +		if (vsi->seid == seid)
> > > +			return vsi;
> > > +
> > > +	return NULL;
> > > +}
> > > +
> > > +/**
> > > + * i40e_pf_get_veb_by_seid - find VEB by SEID
> > > + * @pf: pointer to a PF
> > 
> > Ditto
> > 
> > ...
> > 
> > > diff --git a/drivers/net/ethernet/intel/i40e/i40e_main.c b/drivers/net/ethernet/intel/i40e/i40e_main.c
> > 
> > ...
> > 
> > > @@ -14848,23 +14831,16 @@ struct i40e_veb *i40e_veb_setup(struct i40e_pf *pf, u16 flags,
> > >   	}
> > >   	/* make sure there is such a vsi and uplink */
> > > -	i40e_pf_for_each_vsi(pf, vsi_idx, vsi)
> > > -		if (vsi->seid == vsi_seid)
> > > -			break;
> > > -
> > > -	if (vsi_idx == pf->num_alloc_vsi && vsi_seid != 0) {
> > > -		dev_info(&pf->pdev->dev, "vsi seid %d not found\n",
> > > -			 vsi_seid);
> > > -		return NULL;
> > > +	if (vsi_seid) {
> > > +		vsi = i40e_pf_get_vsi_by_seid(pf, vsi_seid);
> > > +		if (!vsi) {
> > > +			dev_err(&pf->pdev->dev, "vsi seid %d not found\n",
> > > +				vsi_seid);
> > > +			return NULL;
> > > +		}
> > >   	}
> > > -
> > >   	if (uplink_seid && uplink_seid != pf->mac_seid) {
> > > -		i40e_pf_for_each_veb(pf, veb_idx, veb) {
> > > -			if (veb->seid == uplink_seid) {
> > > -				uplink_veb = veb;
> > > -				break;
> > > -			}
> > > -		}
> > > +		uplink_veb = i40e_pf_get_veb_by_seid(pf, uplink_seid);
> > >   		if (!uplink_veb) {
> > >   			dev_info(&pf->pdev->dev,
> > >   				 "uplink seid %d not found\n", uplink_seid);
> > 
> > The next part of this function looks like this:
> > 
> > 		if (!uplink_veb) {
> > 			dev_info(&pf->pdev->dev,
> > 				 "uplink seid %d not found\n", uplink_seid);
> > 			return NULL;
> > 		}
> > 	}
> > 	/* get veb sw struct */
> > 	veb_idx = i40e_veb_mem_alloc(pf);
> > 	if (veb_idx < 0)
> > 		goto err_alloc;
> > 	veb = pf->veb[veb_idx];
> > 	veb->flags = flags;
> > 	veb->uplink_seid = uplink_seid;
> > 	veb->veb_idx = (uplink_veb ? uplink_veb->idx : I40E_NO_VEB);
> > 	veb->enabled_tc = (enabled_tc ? enabled_tc : 0x1);
> > 
> > 	/* create the VEB in the switch */
> > 	ret = i40e_add_veb(veb, vsi);
> > 
> > Smatch complains that vsi may be used uninitialised here.
> > Which does seem possible to me if vsi_seid is 0.
> 
> Yes, the support for floating VEBs is and WAS broken prior this patch and it
> is fixed by the following patch.
> 
> Prior this patch... Let's vsi_seid == 0:
> 
> 	/* make sure there is such a vsi and uplink */
> 	i40e_pf_for_each_vsi(pf, vsi_idx, vsi)
> 		if (vsi->seid == vsi_seid)
> 			break;
> -> here vsi_idx == pf->num_alloc_vsi because there cannot be VSI with SEID
> == 0... and VSI points after the pf->vsi[] array.
> 
> 	if (vsi_idx == pf->num_alloc_vsi && vsi_seid != 0) {
> 		dev_info(&pf->pdev->dev, "vsi seid %d not found\n",
> 			 vsi_seid);
> 		return NULL;
> 	}
> 
> This condition is not met, although vsi_idx == pf->num_alloc_vsi but
> vsi_seid == 0 so the rest of code ended by:
> 
> 	ret = i40e_add_veb(veb, vsi);
> 
> and vsi pointer points to invalid area (item after the last one from
> pf->vsi).
> 
> As I mentioned the broken floating VEB functionality (where vsi_seid == 0
> and uplink_seid == 0) is fixed by the following patch.

Thanks Ivan,

I see that I flagged a false positive, sorry about that.
I understand things quite a bit better after reading your explanation
above.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ