[dpdk-dev] [PATCH v2] net/mlx5: fix RSS flow configuration crash

Adrien Mazarguil adrien.mazarguil at 6wind.com
Thu Aug 2 13:18:33 CEST 2018

Previous message: [dpdk-dev] [PATCH v2] net/mlx5: fix RSS flow configuration crash
Next message: [dpdk-dev] [PATCH v2] net/mlx5: fix RSS flow configuration crash
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Aug 02, 2018 at 11:41:07AM +0300, Moti Haimovsky wrote:
> This commit fixes a segmentation fault observed when configuring
> mlx5 with RSS flow rule containing invalid queues indices such as
> negative numbers, queue numbers bigger than the number Rx queues the
> PMD or has no queues at all.
> 
> Fixes: 592f05b29a25 ("net/mlx5: add RSS flow action")
> Cc: nelio.laranjeiro at 6wind.com
> 
> Signed-off-by: Moti Haimovsky <motih at mellanox.com>
> ---
> v2:
> * Modifications according to review by Adrien Mazarguil.
>   in reply to 1533130807-9183-1-git-send-email-motih at mellanox.com

Almost, there is one new occurrence with the same issue, see below.

By the way, like for "types" and "level" fields, a zero value in "queue_num"
could be interpreted as default in order to target all configured queues,
for the convenience of applications that do not care.

This is not explicitly documented so it's just a recommendation though.

> v1:
> * Added check for zero queues.
> ---
>  drivers/net/mlx5/mlx5_flow.c | 11 +++++++++++
>  1 file changed, 11 insertions(+)
> 
> diff --git a/drivers/net/mlx5/mlx5_flow.c b/drivers/net/mlx5/mlx5_flow.c
> index 6c3021a..5576044 100644
> --- a/drivers/net/mlx5/mlx5_flow.c
> +++ b/drivers/net/mlx5/mlx5_flow.c
> @@ -2065,6 +2065,11 @@ struct mlx5_flow_tunnel_info {
>  					  RTE_FLOW_ERROR_TYPE_ACTION_CONF,
>  					  &rss->key_len,
>  					  "RSS hash key too large");
> +	if (!rss->queue_num)
> +		return rte_flow_error_set(error, ENOTSUP,
> +					  RTE_FLOW_ERROR_TYPE_ACTION_CONF,
> +					  &rss->queue_num,

Here ^^

> +					  "no queues were provided for RSS");
>  	if (rss->queue_num > priv->config.ind_table_max_size)
>  		return rte_flow_error_set(error, ENOTSUP,
>  					  RTE_FLOW_ERROR_TYPE_ACTION_CONF,
> @@ -2077,6 +2082,12 @@ struct mlx5_flow_tunnel_info {
>  					  "some RSS protocols are not"
>  					  " supported");
>  	for (i = 0; i != rss->queue_num; ++i) {
> +		if (rss->queue[i] >= priv->rxqs_n)
> +			return rte_flow_error_set
> +				(error, EINVAL,
> +				 RTE_FLOW_ERROR_TYPE_ACTION_CONF,
> +				 rss,
> +				 "queue index out of range");
>  		if (!(*priv->rxqs)[rss->queue[i]])
>  			return rte_flow_error_set
>  				(error, EINVAL,
> -- 
> 1.8.3.1
> 

-- 
Adrien Mazarguil
6WIND

Previous message: [dpdk-dev] [PATCH v2] net/mlx5: fix RSS flow configuration crash
Next message: [dpdk-dev] [PATCH v2] net/mlx5: fix RSS flow configuration crash
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list