lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Tue, 6 Jun 2023 16:31:50 +0000
From: "Ertman, David M" <david.m.ertman@...el.com>
To: Daniel Machon <daniel.machon@...rochip.com>
CC: "intel-wired-lan@...ts.osuosl.org" <intel-wired-lan@...ts.osuosl.org>,
	"netdev@...r.kernel.org" <netdev@...r.kernel.org>, "Keller, Jacob E"
	<jacob.e.keller@...el.com>
Subject: RE: [PATCH net v2 01/10] ice: Correctly initialize queue context
 values

> -----Original Message-----
> From: Daniel Machon <daniel.machon@...rochip.com>
> Sent: Tuesday, June 6, 2023 2:04 AM
> To: Ertman, David M <david.m.ertman@...el.com>
> Cc: intel-wired-lan@...ts.osuosl.org; netdev@...r.kernel.org; Keller, Jacob E
> <jacob.e.keller@...el.com>
> Subject: Re: [PATCH net v2 01/10] ice: Correctly initialize queue context
> values
> 
> > From: Jacob Keller <jacob.e.keller@...el.com>
> >
> > The ice_alloc_lan_q_ctx function allocates the queue context array for a
> > given traffic class. This function uses devm_kcalloc which will
> > zero-allocate the structure. Thus, prior to any queue being setup by
> > ice_ena_vsi_txq, the q_ctx structure will have a q_handle of 0 and a q_teid
> > of 0. These are potentially valid values.
> >
> > Modify the ice_alloc_lan_q_ctx function to initialize every member of the
> > q_ctx array to have invalid values. Modify ice_dis_vsi_txq to ensure that
> > it assigns q_teid to an invalid value when it assigns q_handle to the
> > invalid value as well.
> >
> > This will allow other code to check whether the queue context is currently
> > valid before operating on it.
> >
> > Signed-off-by: Jacob Keller <jacob.e.keller@...el.com>
> > Signed-off-by: Dave Ertman <david.m.ertman@...el.com>
> > ---
> >  drivers/net/ethernet/intel/ice/ice_common.c |  1 +
> >  drivers/net/ethernet/intel/ice/ice_sched.c  | 23 ++++++++++++++++-----
> >  2 files changed, 19 insertions(+), 5 deletions(-)
> >
> > diff --git a/drivers/net/ethernet/intel/ice/ice_common.c
> b/drivers/net/ethernet/intel/ice/ice_common.c
> > index a9f2e6bff806..23a9f169bc71 100644
> > --- a/drivers/net/ethernet/intel/ice/ice_common.c
> > +++ b/drivers/net/ethernet/intel/ice/ice_common.c
> > @@ -4708,6 +4708,7 @@ ice_dis_vsi_txq(struct ice_port_info *pi, u16
> vsi_handle, u8 tc, u8 num_queues,
> >                         break;
> >                 ice_free_sched_node(pi, node);
> >                 q_ctx->q_handle = ICE_INVAL_Q_HANDLE;
> > +               q_ctx->q_teid = ICE_INVAL_TEID;
> >         }
> >         mutex_unlock(&pi->sched_lock);
> >         kfree(qg_list);
> > diff --git a/drivers/net/ethernet/intel/ice/ice_sched.c
> b/drivers/net/ethernet/intel/ice/ice_sched.c
> > index 824bac5ce003..0db9eb8fd402 100644
> > --- a/drivers/net/ethernet/intel/ice/ice_sched.c
> > +++ b/drivers/net/ethernet/intel/ice/ice_sched.c
> > @@ -572,18 +572,24 @@ ice_alloc_lan_q_ctx(struct ice_hw *hw, u16
> vsi_handle, u8 tc, u16 new_numqs)
> >  {
> >         struct ice_vsi_ctx *vsi_ctx;
> >         struct ice_q_ctx *q_ctx;
> > +       u16 idx;
> >
> >         vsi_ctx = ice_get_vsi_ctx(hw, vsi_handle);
> >         if (!vsi_ctx)
> >                 return -EINVAL;
> >         /* allocate LAN queue contexts */
> >         if (!vsi_ctx->lan_q_ctx[tc]) {
> > -               vsi_ctx->lan_q_ctx[tc] = devm_kcalloc(ice_hw_to_dev(hw),
> > -                                                     new_numqs,
> > -                                                     sizeof(*q_ctx),
> > -                                                     GFP_KERNEL);
> > -               if (!vsi_ctx->lan_q_ctx[tc])
> > +               q_ctx = devm_kcalloc(ice_hw_to_dev(hw), new_numqs,
> > +                                    sizeof(*q_ctx), GFP_KERNEL);
> > +               if (!q_ctx)
> >                         return -ENOMEM;
> > +
> > +               for (idx = 0; idx < new_numqs; idx++) {
> > +                       q_ctx[idx].q_handle = ICE_INVAL_Q_HANDLE;
> > +                       q_ctx[idx].q_teid = ICE_INVAL_TEID;
> > +               }
> > +
> > +               vsi_ctx->lan_q_ctx[tc] = q_ctx;
> >                 vsi_ctx->num_lan_q_entries[tc] = new_numqs;
> >                 return 0;
> >         }
> > @@ -595,9 +601,16 @@ ice_alloc_lan_q_ctx(struct ice_hw *hw, u16
> vsi_handle, u8 tc, u16 new_numqs)
> >                                      sizeof(*q_ctx), GFP_KERNEL);
> >                 if (!q_ctx)
> >                         return -ENOMEM;
> > +
> >                 memcpy(q_ctx, vsi_ctx->lan_q_ctx[tc],
> >                        prev_num * sizeof(*q_ctx));
> >                 devm_kfree(ice_hw_to_dev(hw), vsi_ctx->lan_q_ctx[tc]);
> > +
> > +               for (idx = prev_num; idx < new_numqs; idx++) {
> > +                       q_ctx[idx].q_handle = ICE_INVAL_Q_HANDLE;
> > +                       q_ctx[idx].q_teid = ICE_INVAL_TEID;
> > +               }
> > +
> >                 vsi_ctx->lan_q_ctx[tc] = q_ctx;
> >                 vsi_ctx->num_lan_q_entries[tc] = new_numqs;
> >         }
> > --
> > 2.40.1
> >
> >
> 
> Hi Dave,
> 
> This does not apply to my net-next tree, but I guess that falls under
> your 'fat-fingered' comment. I am still going ahead and reviewing this
> version.

Thanks for the review! And yes, it falls under fat-fingered commnet ☹

> 
> As for this patch:
> 
> Reviewed-by: Daniel Machon <daniel.machon@...rochip.com>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ