[PATCH 0/2] net/cnxk: harden telemetry parameter parsing

Stephen Hemminger stephen at networkplumber.org
Sat Jun 6 00:44:38 CEST 2026

Previous message (by thread): [PATCH v3 6/6] net/gve: reconstruct HW timestamps from DQO
Next message (by thread): [PATCH 1/2] net/cnxk: fix telemetry SA info parameter parsing
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The cnxk telemetry handlers parse their command parameters with strtok(),
which keeps non-reentrant internal state and races when telemetry callbacks
run on per-connection threads. Both handlers also trust the parsed integers
more than they should: values are narrowed to the destination width or
aliased to a valid index before any range check, so an out-of-range port or
queue id can slip through and read past the backing array.

These two patches replace the strtok() walks with strtoul()/endptr parsing,
range-check each value before it is used, and drop the strdup()/free() that
the old SA-info path needed. The NIX handler additionally copies the full
parameter string rather than capping it at PCI_PRI_STR_SIZE + 1, which had
been truncating the queue id for longer device addresses.

Stephen Hemminger (2):
  net/cnxk: fix telemetry SA info parameter parsing
  common/cnxk: fix thread-unsafe NIX telemetry parsing

 drivers/common/cnxk/cnxk_telemetry_nix.c     | 80 ++++++++------------
 drivers/net/cnxk/cnxk_ethdev_sec_telemetry.c | 50 ++++++------
 2 files changed, 54 insertions(+), 76 deletions(-)

-- 
2.53.0

Previous message (by thread): [PATCH v3 6/6] net/gve: reconstruct HW timestamps from DQO
Next message (by thread): [PATCH 1/2] net/cnxk: fix telemetry SA info parameter parsing
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list