[dpdk-dev] [PATCH] ethdev: avoid undefined behaviour on configuration copying

Andrew Rybchenko arybchenko at solarflare.com
Tue Nov 19 14:25:38 CET 2019


On 11/19/19 4:19 PM, Ferruh Yigit wrote:
> On 11/19/2019 12:36 PM, Andrew Rybchenko wrote:
>> On 11/19/19 3:24 PM, Ferruh Yigit wrote:
>>> On 11/19/2019 8:22 AM, Andrew Rybchenko wrote:
>>>> memcpy() source and destination areas must not overlap and equal
>>>> pointers is the case which is really met, so handle it.
>>> Agree providing same config as input can cause problem with current
>>> implementation, but it is the limitation of the memcpy, the API doesn't request
>>> this.
>>>
>>> We can fix as you suggested, in this case we should document this in API
>>> documentation I think,
>>
>> Basically the patch solves it and there is nothing to document.
>> If pointers are equal there is nothing to do, no copying required.
> 
> You are right, scratch my comment. I overlooked as just overlapping memory issue.
> 
>>
>>> we can also solve this by updating the implementation to let this, using an
>>> interim buffer in the simplest measure, not sure which one is better.
>>
>> I don't think that interim buffer is required, 'if' perfectly does the job.
>>
>>> Any practical reason to prevent this other than 'memcpy' limitation?
>>
>> Nothing except application should not play with dev->data,
> 
> +1.
> Bonding PMD though not exactly an application, not sure to let or not it to
> update 'dev->data'

I think it is an application for its slaves, so it is better to have
no exceptions.

>> but I'm not sure if it is the right place to forbid it.
>>
>> Alternative solution is to fix bonding and return error if dev_conf is
>> equal to &dev->data->dev_conf since usecase is unclear and callers
>> should not use dev->data.
>>
>>>> Fixes: 68b931bff287 ("ethdev: eliminate interim variable")
>>>> Cc: stable at dpdk.org
>>>>
>>>> Signed-off-by: Andrew Rybchenko <arybchenko at solarflare.com>
>>>> ---
>>>> slave_configure() in drivers/net/bonding calls rte_eth_dev_configure()
>>>> with &slave_eth_dev->data->dev_conf.
>>>>
>>>> Alternative solution is to fix bonding and return error if dev_conf is
>>>> equal to &dev->data->dev_conf since usecase is unclear and callers
>>>> should not use dev->data.
>>>>
>>>>  lib/librte_ethdev/rte_ethdev.c | 4 +++-
>>>>  1 file changed, 3 insertions(+), 1 deletion(-)
>>>>
>>>> diff --git a/lib/librte_ethdev/rte_ethdev.c b/lib/librte_ethdev/rte_ethdev.c
>>>> index 8f48e8d659..8d2ce31a81 100644
>>>> --- a/lib/librte_ethdev/rte_ethdev.c
>>>> +++ b/lib/librte_ethdev/rte_ethdev.c
>>>> @@ -1245,7 +1245,9 @@ rte_eth_dev_configure(uint16_t port_id, uint16_t nb_rx_q, uint16_t nb_tx_q,
>>>>  	 * Copy the dev_conf parameter into the dev structure.
>>>>  	 * rte_eth_dev_info_get() requires dev_conf, copy it before dev_info get
>>>>  	 */
>>>> -	memcpy(&dev->data->dev_conf, dev_conf, sizeof(dev->data->dev_conf));
>>>> +	if (dev_conf != &dev->data->dev_conf)
>>>> +		memcpy(&dev->data->dev_conf, dev_conf,
>>>> +		       sizeof(dev->data->dev_conf));
>>>>  
>>>>  	ret = rte_eth_dev_info_get(port_id, &dev_info);
>>>>  	if (ret != 0)
>>>>
>>
> 



More information about the dev mailing list