Re: [dpdk-dev] [PATCH] security: fix crash at accessing non-implemented ops

Ananyev, Konstantin Thu, 23 Apr 2020 01:12:15 -0700

> -----Original Message-----
> From: Lukasz Wojciechowski <l.wojciec...@partner.samsung.com>
> Sent: Thursday, April 23, 2020 9:06 AM
> To: Ananyev, Konstantin <konstantin.anan...@intel.com>; Anoob Joseph 
> <ano...@marvell.com>; dev@dpdk.org
> Cc: akhil.go...@nxp.com; Doherty, Declan <declan.dohe...@intel.com>; 
> techbo...@dpdk.org
> Subject: Re: [dpdk-dev] [PATCH] security: fix crash at accessing 
> non-implemented ops
> 
> 
> W dniu 23.04.2020 o 09:54, Ananyev, Konstantin pisze:
> >> Hi Konstantin,
> >>
> >> These are data path ops and so it will be better if we can avoid such 
> >> checks in the datapath. The same is done in ethdev also.
> > AFAIK,  get_userdata is an *optional* dev-ops function that can be used by 
> > data-path.
> > So far there was no strict requirement for the rte_security PMDs to 
> > *always* implement it.
> > So what you guys did is a silent change of public API behaviour.
> > As result ixgbe, (and probably some others rte_security PMDs) stopped 
> > working properly.
> > I don't see any point in these changes, but if you'd like to do that, at
> > least our usual procedure has to be followed:
> > 1. Send and RFC to get an agreement with rte_security PMDs maintainers (one 
> > release ahead)
> > 2. send a deprecation note (one release ahead)
> > 3. change the behaviour of the public API
> > 4. update release notes
> >
> > AFAIK 1), 2), 4) wasn't done.
> > So I think right now we need to revert original behaviour.
> The current changes were made in patch: b6ee9854784 security: fix
> verification of parameters
> 
> <snip>
> @@ -91,7 +119,9 @@ rte_security_get_userdata(struct rte_security_ctx
> *instance, uint64_t md)
>   {
>          void *userdata = NULL;
> 
> - RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->get_userdata, NULL);
> +#ifdef RTE_DEBUG
> +       RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, get_userdata, NULL, NULL);
> +#endif
>          if (instance->ops->get_userdata(instance->device, md, &userdata))
>                  return NULL;
>   <snip>
> 
> 
> So as you can see, the checks were already there. They've just been
> wrapped up with RTE_DEBUG macro for disabling them in non-debug
> compilation mode and the validation of paramter was change to avoid
> possible segmentation fault if instance lub ops would be NULL
> 
> >> https://protect2.fireeye.com/url?k=e0478418-bdd92a82-e0460f57-0cc47a336fae-
> 55cc35a7b94c97c0&q=1&u=http%3A%2F%2Fcode.dpdk.org%2Fdpdk%2Fv20.02%2Fsource%2Flib%2Flibrte_ethdev%2Frte_ethdev.h%23L43
> 72
> >>
> >> Datapath functions in cryptodev (enqueue/dequeue) doesn't even have such 
> >> checks.
> >> https://protect2.fireeye.com/url?k=79d7974a-244939d0-79d61c05-0cc47a336fae-
> 19f540008a9467cf&q=1&u=http%3A%2F%2Fcode.dpdk.org%2Fdpdk%2Fv20.02%2Fsource%2Flib%2Flibrte_cryptodev%2Frte_cryptodev.h%
> 23L962
> > That's a different story:
> > rx_burst/tx_burst, enqueue/dequeue are mandatory dev-ops functions that
> > have to be implemented by each  ethdev/cryptodev API.
> >
> >>
> >> Thanks,
> >> Anoob
> >>
> >>> -----Original Message-----
> >>> From: dev <dev-boun...@dpdk.org> On Behalf Of Konstantin Ananyev
> >>> Sent: Thursday, April 23, 2020 5:22 AM
> >>> To: dev@dpdk.org
> >>> Cc: akhil.go...@nxp.com; declan.dohe...@intel.com; Konstantin Ananyev
> >>> <konstantin.anan...@intel.com>
> >>> Subject: [dpdk-dev] [PATCH] security: fix crash at accessing 
> >>> non-implemented
> >>> ops
> >>>
> >>> Valid checks for optional function pointers inside dev-ops were disabled 
> >>> by
> >>> undefined macro.
> >>>
> >>> Fixes: b6ee98547847 ("security: fix verification of parameters")
> >>>
> >>> Signed-off-by: Konstantin Ananyev <konstantin.anan...@intel.com>
> >>> ---
> >>>   lib/librte_security/rte_security.c | 4 ----
> >>>   1 file changed, 4 deletions(-)
> >>>
> >>> diff --git a/lib/librte_security/rte_security.c 
> >>> b/lib/librte_security/rte_security.c
> >>> index d475b0977..b65430ce2 100644
> >>> --- a/lib/librte_security/rte_security.c
> >>> +++ b/lib/librte_security/rte_security.c
> >>> @@ -107,11 +107,9 @@ rte_security_set_pkt_metadata(struct rte_security_ctx
> >>> *instance,
> >>>                                 struct rte_security_session *sess,
> >>>                                 struct rte_mbuf *m, void *params)  { 
> >>> -#ifdef
> >>> RTE_DEBUG
> >>>           RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, set_pkt_metadata, -
> >>> EINVAL,
> >>>                           -ENOTSUP);
> >>>           RTE_PTR_OR_ERR_RET(sess, -EINVAL);
> >>> -#endif
> >>>           return instance->ops->set_pkt_metadata(instance->device,
> >>>                                                  sess, m, params);
> >>>   }
> >>> @@ -121,9 +119,7 @@ rte_security_get_userdata(struct rte_security_ctx
> >>> *instance, uint64_t md)  {
> >>>           void *userdata = NULL;
> >>>
> >>> -#ifdef RTE_DEBUG
> >>>           RTE_PTR_CHAIN3_OR_ERR_RET(instance, ops, get_userdata, NULL,
> >>> NULL); -#endif
> >>>           if (instance->ops->get_userdata(instance->device, md, 
> >>> &userdata))
> >>>                   return NULL;
> >>>
> >>> --
> >>> 2.17.1
> >
> --
> 
> Lukasz Wojciechowski
> Principal Software Engineer
> 
> Samsung R&D Institute Poland
> Samsung Electronics
> Office +48 22 377 88 25
> l.wojciec...@partner.samsung.com
Re: [dpdk-dev] [PATCH] security: fix crash at accessing non-implemented ops

Reply via email to
