Re: [dpdk-dev] [PATCH] net/ice: fix double free ACL flow entry

Thu, 23 Sep 2021 22:46:32 -0700 


> -----Original Message-----
> From: Su, Simei <simei...@intel.com>
> Sent: Friday, September 24, 2021 1:41 PM
> To: Yu, DapengX <dapengx...@intel.com>; Yang, Qiming
> <qiming.y...@intel.com>; Zhang, Qi Z <qi.z.zh...@intel.com>
> Cc: dev@dpdk.org; sta...@dpdk.org
> Subject: RE: [PATCH] net/ice: fix double free ACL flow entry
> 
> 
> 
> > -----Original Message-----
> > From: Yu, DapengX <dapengx...@intel.com>
> > Sent: Friday, September 3, 2021 6:04 PM
> > To: Yang, Qiming <qiming.y...@intel.com>; Zhang, Qi Z
> > <qi.z.zh...@intel.com>
> > Cc: dev@dpdk.org; Su, Simei <simei...@intel.com>; Yu, DapengX
> > <dapengx...@intel.com>; sta...@dpdk.org
> > Subject: [PATCH] net/ice: fix double free ACL flow entry
> >
> > From: Dapeng Yu <dapengx...@intel.com>
> >
> > If call ice_flow_rem_entry() directly without checking entry_id, may
> > cause an ACL flow entry to be freed more than once.
> >
> > This patch tries to find entry_id first, then call
> > ice_flow_rem_entry() to avoid the defect.
> >
> > Fixes: 40d466fa9f76 ("net/ice: support ACL filter in DCF")
> > Cc: sta...@dpdk.org
> >
> > Signed-off-by: Dapeng Yu <dapengx...@intel.com>
> > ---
> >  drivers/net/ice/ice_acl_filter.c | 33
> > +++++++++++++++++++++-----------
> >  1 file changed, 22 insertions(+), 11 deletions(-)
> >
> > diff --git a/drivers/net/ice/ice_acl_filter.c
> > b/drivers/net/ice/ice_acl_filter.c
> > index 0c15a7036c..f44ce5d77e 100644
> > --- a/drivers/net/ice/ice_acl_filter.c
> > +++ b/drivers/net/ice/ice_acl_filter.c
> > @@ -45,7 +45,7 @@ static struct ice_flow_parser ice_acl_parser;
> >
> >  struct acl_rule {
> >     enum ice_fltr_ptype flow_type;
> > -   uint32_t entry_id[4];
> > +   uint64_t entry_id[4];
> >  };
> >
> >  static struct
> > @@ -440,7 +440,7 @@ ice_acl_hw_set_conf(struct ice_pf *pf, struct
> > ice_fdir_fltr *input,
> >                     PMD_DRV_LOG(ERR, "Fail to add entry.");
> >                     return ret;
> >             }
> > -           rule->entry_id[entry_idx] = slot_id;
> > +           rule->entry_id[entry_idx] = entry_id;
> >             pf->acl.hw_entry_id[slot_id] = hw_entry;
> >     } else {
> >             PMD_DRV_LOG(ERR, "Exceed the maximum entry number(%d)"
> > @@ -451,18 +451,28 @@ ice_acl_hw_set_conf(struct ice_pf *pf, struct
> > ice_fdir_fltr *input,
> >     return 0;
> >  }
> >
> > +static inline void
> > +ice_acl_del_entry(struct ice_hw *hw, uint64_t entry_id) {
> > +   uint64_t hw_entry;
> > +
> > +   hw_entry = ice_flow_find_entry(hw, ICE_BLK_ACL, entry_id);
> > +   ice_flow_rem_entry(hw, ICE_BLK_ACL, hw_entry); }
> > +
> >  static inline void
> >  ice_acl_hw_rem_conf(struct ice_pf *pf, struct acl_rule *rule, int32_t
> > entry_idx) {
> >     uint32_t slot_id;
> >     int32_t i;
> > +   uint64_t entry_id;
> >     struct ice_hw *hw = ICE_PF_TO_HW(pf);
> >
> >     for (i = 0; i < entry_idx; i++) {
> > -           slot_id = rule->entry_id[i];
> > +           entry_id = rule->entry_id[i];
> > +           slot_id = ICE_LO_DWORD(entry_id);
> >             rte_bitmap_set(pf->acl.slots, slot_id);
> > -           ice_flow_rem_entry(hw, ICE_BLK_ACL,
> > -                              pf->acl.hw_entry_id[slot_id]);
> > +           ice_acl_del_entry(hw, entry_id);
> >     }
> >  }
> >
> > @@ -562,6 +572,7 @@ ice_acl_destroy_filter(struct ice_adapter *ad,  {
> >     struct acl_rule *rule = (struct acl_rule *)flow->rule;
> >     uint32_t slot_id, i;
> > +   uint64_t entry_id;
> >     struct ice_pf *pf = &ad->pf;
> >     struct ice_hw *hw = ICE_PF_TO_HW(pf);
> >     int ret = 0;
> > @@ -569,19 +580,19 @@ ice_acl_destroy_filter(struct ice_adapter *ad,
> >     switch (rule->flow_type) {
> >     case ICE_FLTR_PTYPE_NONF_IPV4_OTHER:
> >             for (i = 0; i < 4; i++) {
> > -                   slot_id = rule->entry_id[i];
> > +                   entry_id = rule->entry_id[i];
> > +                   slot_id = ICE_LO_DWORD(entry_id);
> >                     rte_bitmap_set(pf->acl.slots, slot_id);
> > -                   ice_flow_rem_entry(hw, ICE_BLK_ACL,
> > -                                      pf->acl.hw_entry_id[slot_id]);
> > +                   ice_acl_del_entry(hw, entry_id);
> >             }
> >             break;
> >     case ICE_FLTR_PTYPE_NONF_IPV4_UDP:
> >     case ICE_FLTR_PTYPE_NONF_IPV4_TCP:
> >     case ICE_FLTR_PTYPE_NONF_IPV4_SCTP:
> > -           slot_id = rule->entry_id[0];
> > +           entry_id = rule->entry_id[0];
> > +           slot_id = ICE_LO_DWORD(entry_id);
> >             rte_bitmap_set(pf->acl.slots, slot_id);
> > -           ice_flow_rem_entry(hw, ICE_BLK_ACL,
> > -                              pf->acl.hw_entry_id[slot_id]);
> > +           ice_acl_del_entry(hw, entry_id);
> >             break;
> >     default:
> >             rte_flow_error_set(error, EINVAL,
> > --
> > 2.27.0
> 
> Reviewed-by: Simei Su <simei...@intel.com>
> 
Applied to dpdk-next-net-intel.

Thanks
Qi
> 























					Reply via email to