The function strerror() is insecure in a multi-thread environment.
This patch uses strerror_r() to replace it.
Signed-off-by: Dengdui Huang <huangdeng...@huawei.com>
Acked-by: Chengwen Feng <fengcheng...@huawei.com>
Acked-by: Morten Brørup <m...@smartsharesystems.com>
Acked-by: Huisong Li <lihuis...@huawei.com>
---
drivers/net/tap/rte_eth_tap.c | 51 ++++++++++++++++++++++++++---------
drivers/net/tap/tap_flow.c | 33 ++++++++++++++++++-----
drivers/net/tap/tap_netlink.c | 12 +++++++--
drivers/net/tap/tap_tcmsgs.c | 12 +++++++--
4 files changed, 85 insertions(+), 23 deletions(-)
diff --git a/drivers/net/tap/rte_eth_tap.c b/drivers/net/tap/rte_eth_tap.c
index 650ddbd706..159d2e9c75 100644
--- a/drivers/net/tap/rte_eth_tap.c
+++ b/drivers/net/tap/rte_eth_tap.c
@@ -153,6 +153,7 @@ static int tap_intr_handle_set(struct rte_eth_dev *dev, int
set);
static int
tun_alloc(struct pmd_internals *pmd, int is_keepalive, int persistent)
{
+ char errmsg[RTE_STRERR_BUFSIZE];
struct ifreq ifr;
#ifdef IFF_MULTI_QUEUE
unsigned int features;
@@ -196,16 +197,20 @@ tun_alloc(struct pmd_internals *pmd, int is_keepalive,
int persistent)
/* Set the TUN/TAP configuration and set the name if needed */
if (ioctl(fd, TUNSETIFF, (void *)&ifr) < 0) {
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error %d",
errno);
TAP_LOG(WARNING, "Unable to set TUNSETIFF for %s: %s",
- ifr.ifr_name, strerror(errno));
+ ifr.ifr_name, errmsg);
goto error;
}
/* Keep the device after application exit */
if (persistent && ioctl(fd, TUNSETPERSIST, 1) < 0) {
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error %d",
errno);
TAP_LOG(WARNING,
"Unable to set persist %s: %s",
- ifr.ifr_name, strerror(errno));
+ ifr.ifr_name, errmsg);
goto error;
}
@@ -223,26 +228,32 @@ tun_alloc(struct pmd_internals *pmd, int is_keepalive,
int persistent)
*/
ifr.ifr_flags = IFF_DETACH_QUEUE;
if (ioctl(fd, TUNSETQUEUE, (void *)&ifr) < 0) {
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error
%d", errno);
TAP_LOG(WARNING,
"Unable to detach keep-alive queue for %s: %s",
- ifr.ifr_name, strerror(errno));
+ ifr.ifr_name, errmsg);
goto error;
}
}
flags = fcntl(fd, F_GETFL);
if (flags == -1) {
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error %d",
errno);
TAP_LOG(WARNING, "Unable to get %s current flags: %s",
- ifr.ifr_name, strerror(errno));
+ ifr.ifr_name, errmsg);
goto error;
}
/* Always set the file descriptor to non-blocking */
flags |= O_NONBLOCK;
if (fcntl(fd, F_SETFL, flags) < 0) {
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error %d",
errno);
TAP_LOG(WARNING,
"Unable to set %s to nonblocking: %s",
- ifr.ifr_name, strerror(errno));
+ ifr.ifr_name, errmsg);
goto error;
}
@@ -294,19 +305,25 @@ tun_alloc(struct pmd_internals *pmd, int is_keepalive,
int persistent)
} else {
/* Enable signal on file descriptor */
if (fcntl(fd, F_SETSIG, signo) < 0) {
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error
%d", errno);
TAP_LOG(WARNING, "Unable to set signo %d for fd %d: %s",
- signo, fd, strerror(errno));
+ signo, fd, errmsg);
goto error;
}
if (fcntl(fd, F_SETFL, flags | O_ASYNC) < 0) {
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error
%d", errno);
TAP_LOG(WARNING, "Unable to set fcntl flags: %s",
- strerror(errno));
+ errmsg);
goto error;
}
if (fcntl(fd, F_SETOWN, getpid()) < 0) {
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error
%d", errno);
TAP_LOG(WARNING, "Unable to set fcntl owner: %s",
- strerror(errno));
+ errmsg);
goto error;
}
}
@@ -781,6 +798,7 @@ tap_ioctl(struct pmd_internals *pmd, unsigned long request,
short req_flags = ifr->ifr_flags;
int remote = pmd->remote_if_index &&
(mode == REMOTE_ONLY || mode == LOCAL_AND_REMOTE);
+ char errmsg[RTE_STRERR_BUFSIZE];
if (!pmd->remote_if_index && mode == REMOTE_ONLY)
return 0;
@@ -820,8 +838,10 @@ tap_ioctl(struct pmd_internals *pmd, unsigned long request,
return 0;
error:
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error %d", errno);
TAP_LOG(DEBUG, "%s(%s) failed: %s(%d)", ifr->ifr_name,
- tap_ioctl_req2str(request), strerror(errno), errno);
+ tap_ioctl_req2str(request), errmsg, errno);
return -errno;
}
@@ -1913,6 +1933,7 @@ eth_dev_tap_create(struct rte_vdev_device *vdev, const
char *tap_name,
struct pmd_internals *pmd;
struct pmd_process_private *process_private;
const char *tuntap_name = tuntap_types[type];
+ char errmsg[RTE_STRERR_BUFSIZE];
struct rte_eth_dev_data *data;
struct ifreq ifr;
int i;
@@ -1947,9 +1968,11 @@ eth_dev_tap_create(struct rte_vdev_device *vdev, const
char *tap_name,
pmd->ioctl_sock = socket(AF_INET, SOCK_DGRAM, 0);
if (pmd->ioctl_sock == -1) {
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error %d",
errno);
TAP_LOG(ERR,
"%s Unable to get a socket for management: %s",
- tuntap_name, strerror(errno));
+ tuntap_name, errmsg);
goto error_exit;
}
@@ -2110,8 +2133,10 @@ eth_dev_tap_create(struct rte_vdev_device *vdev, const
char *tap_name,
return 0;
disable_rte_flow:
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error %d", errno);
TAP_LOG(ERR, " Disabling rte flow support: %s(%d)",
- strerror(errno), errno);
+ errmsg, errno);
if (strlen(remote_iface)) {
TAP_LOG(ERR, "Remote feature requires flow support.");
goto error_exit;
@@ -2121,8 +2146,10 @@ eth_dev_tap_create(struct rte_vdev_device *vdev, const
char *tap_name,
#ifdef HAVE_TCA_FLOWER
error_remote:
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error %d", errno);
TAP_LOG(ERR, " Can't set up remote feature: %s(%d)",
- strerror(errno), errno);
+ errmsg, errno);
tap_flow_implicit_flush(pmd, NULL);
#endif
diff --git a/drivers/net/tap/tap_flow.c b/drivers/net/tap/tap_flow.c
index c0e44bb1a7..01a9852bfd 100644
--- a/drivers/net/tap/tap_flow.c
+++ b/drivers/net/tap/tap_flow.c
@@ -1258,6 +1258,7 @@ tap_flow_create(struct rte_eth_dev *dev,
{
struct pmd_internals *pmd = dev->data->dev_private;
struct rte_flow *remote_flow = NULL;
+ char errmsg[RTE_STRERR_BUFSIZE];
struct rte_flow *flow = NULL;
struct tap_nlmsg *msg = NULL;
int err;
@@ -1300,9 +1301,11 @@ tap_flow_create(struct rte_eth_dev *dev,
}
err = tap_nl_recv_ack(pmd->nlsk_fd);
if (err < 0) {
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error %d",
errno);
TAP_LOG(ERR,
"Kernel refused TC filter rule creation (%d): %s",
- errno, strerror(errno));
+ errno, errmsg);
rte_flow_error_set(error, EEXIST, RTE_FLOW_ERROR_TYPE_HANDLE,
NULL,
"overlapping rules or Kernel too old for
flower support");
@@ -1345,9 +1348,11 @@ tap_flow_create(struct rte_eth_dev *dev,
}
err = tap_nl_recv_ack(pmd->nlsk_fd);
if (err < 0) {
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error
%d", errno);
TAP_LOG(ERR,
"Kernel refused TC filter rule creation (%d):
%s",
- errno, strerror(errno));
+ errno, errmsg);
rte_flow_error_set(
error, ENOMEM, RTE_FLOW_ERROR_TYPE_HANDLE,
NULL,
@@ -1382,6 +1387,7 @@ tap_flow_destroy_pmd(struct pmd_internals *pmd,
struct rte_flow_error *error)
{
struct rte_flow *remote_flow = flow->remote_flow;
+ char errmsg[RTE_STRERR_BUFSIZE];
int ret = 0;
LIST_REMOVE(flow, next);
@@ -1399,9 +1405,11 @@ tap_flow_destroy_pmd(struct pmd_internals *pmd,
if (ret < 0 && errno == ENOENT)
ret = 0;
if (ret < 0) {
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error %d",
errno);
TAP_LOG(ERR,
"Kernel refused TC filter rule deletion (%d): %s",
- errno, strerror(errno));
+ errno, errmsg);
rte_flow_error_set(
error, ENOTSUP, RTE_FLOW_ERROR_TYPE_HANDLE, NULL,
"couldn't receive kernel ack to our request");
@@ -1423,9 +1431,11 @@ tap_flow_destroy_pmd(struct pmd_internals *pmd,
if (ret < 0 && errno == ENOENT)
ret = 0;
if (ret < 0) {
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error
%d", errno);
TAP_LOG(ERR,
"Kernel refused TC filter rule deletion (%d):
%s",
- errno, strerror(errno));
+ errno, errmsg);
rte_flow_error_set(
error, ENOMEM, RTE_FLOW_ERROR_TYPE_HANDLE,
NULL, "Failure trying to receive nl ack");
@@ -1578,6 +1588,7 @@ int tap_flow_implicit_create(struct pmd_internals *pmd,
struct rte_flow_item_eth eth_local = { .hdr.ether_type = 0 };
unsigned int if_index = pmd->remote_if_index;
struct rte_flow *remote_flow = NULL;
+ char errmsg[RTE_STRERR_BUFSIZE];
struct tap_nlmsg *msg = NULL;
int err = 0;
struct rte_flow_item items_local[2] = {
@@ -1647,9 +1658,11 @@ int tap_flow_implicit_create(struct pmd_internals *pmd,
/* Silently ignore re-entering existing rule */
if (errno == EEXIST)
goto success;
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error %d",
errno);
TAP_LOG(ERR,
"Kernel refused TC filter rule creation (%d): %s",
- errno, strerror(errno));
+ errno, errmsg);
goto fail;
}
LIST_INSERT_HEAD(&pmd->implicit_flows, remote_flow, next);
@@ -1734,12 +1747,15 @@ void tap_flow_bpf_destroy(struct pmd_internals *pmd
__rte_unused)
*/
static int rss_enable(struct pmd_internals *pmd, struct rte_flow_error *error)
{
+ char errmsg[RTE_STRERR_BUFSIZE];
int err;
/* Load the BPF program (defined in tap_bpf.h from skeleton) */
pmd->rss = tap_rss__open_and_load();
if (pmd->rss == NULL) {
- TAP_LOG(ERR, "Failed to load BPF object: %s", strerror(errno));
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error %d",
errno);
+ TAP_LOG(ERR, "Failed to load BPF object: %s", errmsg);
rte_flow_error_set(error, errno, RTE_FLOW_ERROR_TYPE_HANDLE,
NULL,
"BPF object could not be loaded");
return -errno;
@@ -1795,6 +1811,7 @@ static int rss_add_actions(struct rte_flow *flow, struct
pmd_internals *pmd,
const uint8_t *key_in;
uint32_t hash_type = 0;
uint32_t handle = flow->msg.t.tcm_handle;
+ char errmsg[RTE_STRERR_BUFSIZE];
unsigned int i;
int err;
@@ -1868,9 +1885,11 @@ static int rss_add_actions(struct rte_flow *flow, struct
pmd_internals *pmd,
&handle, sizeof(handle),
&rss_entry, sizeof(rss_entry), 0);
if (err) {
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error %d",
errno);
TAP_LOG(ERR,
"Failed to update BPF map entry %#x (%d): %s",
- handle, errno, strerror(errno));
+ handle, errno, errmsg);
rte_flow_error_set(
error, ENOTSUP, RTE_FLOW_ERROR_TYPE_HANDLE, NULL,
"Kernel too old or not configured "
diff --git a/drivers/net/tap/tap_netlink.c b/drivers/net/tap/tap_netlink.c
index 8a57c9242c..bd75ca8576 100644
--- a/drivers/net/tap/tap_netlink.c
+++ b/drivers/net/tap/tap_netlink.c
@@ -14,6 +14,7 @@
#include <rte_malloc.h>
#include <tap_netlink.h>
#include <rte_random.h>
+#include <rte_errno.h>
#include "tap_log.h"
@@ -96,9 +97,13 @@ tap_nl_init(uint32_t nl_groups)
int
tap_nl_final(int nlsk_fd)
{
+ char errmsg[RTE_STRERR_BUFSIZE];
+
if (close(nlsk_fd)) {
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error %d",
errno);
TAP_LOG(ERR, "Failed to close netlink socket: %s (%d)",
- strerror(errno), errno);
+ errmsg, errno);
return -1;
}
return 0;
@@ -122,6 +127,7 @@ tap_nl_send(int nlsk_fd, struct nlmsghdr *nh)
nh->nlmsg_pid = 0; /* communication with the kernel uses pid 0 */
nh->nlmsg_seq = (uint32_t)rte_rand();
+ char errmsg[RTE_STRERR_BUFSIZE];
retry:
send_bytes = send(nlsk_fd, nh, nh->nlmsg_len, 0);
@@ -129,8 +135,10 @@ tap_nl_send(int nlsk_fd, struct nlmsghdr *nh)
if (errno == EINTR)
goto retry;
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error %d",
errno);
TAP_LOG(ERR, "Failed to send netlink message: %s (%d)",
- strerror(errno), errno);
+ errmsg, errno);
return -1;
}
return send_bytes;
diff --git a/drivers/net/tap/tap_tcmsgs.c b/drivers/net/tap/tap_tcmsgs.c
index 1755b57519..5b45c3c296 100644
--- a/drivers/net/tap/tap_tcmsgs.c
+++ b/drivers/net/tap/tap_tcmsgs.c
@@ -8,6 +8,8 @@
#include <net/if.h>
#include <string.h>
+#include <rte_errno.h>
+
#include <rte_log.h>
#include <tap_tcmsgs.h>
#include "tap_log.h"
@@ -258,12 +260,15 @@ qdisc_flush(int nlsk_fd, unsigned int ifindex)
int
qdisc_create_multiq(int nlsk_fd, unsigned int ifindex)
{
+ char errmsg[RTE_STRERR_BUFSIZE];
int err = 0;
err = qdisc_add_multiq(nlsk_fd, ifindex);
if (err < 0 && errno != -EEXIST) {
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error %d",
errno);
TAP_LOG(ERR, "Could not add multiq qdisc (%d): %s",
- errno, strerror(errno));
+ errno, errmsg);
return -1;
}
return 0;
@@ -284,12 +289,15 @@ qdisc_create_multiq(int nlsk_fd, unsigned int ifindex)
int
qdisc_create_ingress(int nlsk_fd, unsigned int ifindex)
{
+ char errmsg[RTE_STRERR_BUFSIZE];
int err = 0;
err = qdisc_add_ingress(nlsk_fd, ifindex);
if (err < 0 && errno != -EEXIST) {
+ if (strerror_r(errno, errmsg, sizeof(errmsg)) != 0)
+ snprintf(errmsg, sizeof(errmsg), "Unknown error %d",
errno);
TAP_LOG(ERR, "Could not add ingress qdisc (%d): %s",
- errno, strerror(errno));
+ errno, errmsg);
return -1;
}
return 0;
--
2.33.0
