[PATCH 4/7] net/gve: validate Tx packet before sending

[Joshua Washington]

The hardware assumes that a mismatch between the reported packet length
and the total amount of data in the descriptors is caused by a malicious
driver, leading the hardware to disable transmission altogether. To
avoid such a scenario, use rte_mbuf_check to validate that the mbuf is
correctly formed before processing.

Fixes: 4022f9999f56 ("net/gve: support basic Tx data path for DQO")
Cc: junfeng.guo at intel.com
Cc: stable at dpdk.org

Signed-off-by: Joshua Washington <joshwash at google.com>
Reviewed-by: Ankit Garg <nktgrg at google.com>
---
 drivers/net/gve/gve_tx_dqo.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/drivers/net/gve/gve_tx_dqo.c b/drivers/net/gve/gve_tx_dqo.c
index b2e5aae634..7e03e75b20 100644
--- a/drivers/net/gve/gve_tx_dqo.c
+++ b/drivers/net/gve/gve_tx_dqo.c
@@ -113,13 +113,14 @@ gve_tx_burst_dqo(void *tx_queue, struct rte_mbuf **tx_pkts, uint16_t nb_pkts)
 	struct rte_mbuf **sw_ring;
 	struct rte_mbuf *tx_pkt;
 	uint16_t mask, sw_mask;
+	uint16_t first_sw_id;
+	const char *reason;
 	uint16_t nb_tx = 0;
 	uint64_t ol_flags;
 	uint16_t nb_descs;
 	uint16_t tx_id;
 	uint16_t sw_id;
 	uint64_t bytes;
-	uint16_t first_sw_id;
 	uint8_t tso;
 	uint8_t csum;
 
@@ -139,6 +140,12 @@ gve_tx_burst_dqo(void *tx_queue, struct rte_mbuf **tx_pkts, uint16_t nb_pkts)
 			gve_tx_clean_descs_dqo(txq, DQO_TX_MULTIPLIER *
 					       txq->rs_thresh);
 
+
+		if (rte_mbuf_check(tx_pkt, true, &reason)) {
+			PMD_DRV_LOG(DEBUG, "Invalid mbuf: %s", reason);
+			break;
+		}
+
 		ol_flags = tx_pkt->ol_flags;
 		first_sw_id = sw_id;
 
-- 
2.50.0.727.gbf7dc18ff4-goog