[PATCH v2 1/4] net/e1000: prevent crashes in secondary processes

Mon, 17 Feb 2025 05:54:19 -0800 

Currently, the architecture of e1000 base driver is such that it uses
function pointers internally. These are not guaranteed to be valid in
secondary processes, which can lead to crashes. This patch prevents EM
ethdev driver from calling into these functions.

Fixes: 805803445a02 ("e1000: support EM devices (also known as e1000/e1000e)")
Cc: sta...@dpdk.org

Signed-off-by: Anatoly Burakov <anatoly.bura...@intel.com>
---
 doc/guides/nics/e1000em.rst         |  5 ++
 drivers/net/intel/e1000/em_ethdev.c | 80 +++++++++++++++++++++++++++++
 2 files changed, 85 insertions(+)

diff --git a/doc/guides/nics/e1000em.rst b/doc/guides/nics/e1000em.rst
index 5e752a29e5..ed4f57e9c6 100644
--- a/doc/guides/nics/e1000em.rst
+++ b/doc/guides/nics/e1000em.rst
@@ -153,3 +153,8 @@ The following are known limitations:
 #.  Qemu e1000 only supports one interrupt source, so link and Rx interrupt 
should be exclusive.
 
 #.  Qemu e1000 does not support interrupt auto-clear, application should 
disable interrupt immediately when woken up.
+
+Secondary Process Support
+-------------------------
+
+Control plane operations are currently not supported in secondary processes.
diff --git a/drivers/net/intel/e1000/em_ethdev.c 
b/drivers/net/intel/e1000/em_ethdev.c
index bd3f7e44df..39dddf3384 100644
--- a/drivers/net/intel/e1000/em_ethdev.c
+++ b/drivers/net/intel/e1000/em_ethdev.c
@@ -573,6 +573,14 @@ eth_em_start(struct rte_eth_dev *dev)
 
        PMD_INIT_FUNC_TRACE();
 
+       /*
+        * This function calls into the base driver, which in turn will use
+        * function pointers, which are not guaranteed to be valid in secondary
+        * processes, so avoid using this function in secondary processes.
+        */
+       if (rte_eal_process_type() != RTE_PROC_PRIMARY)
+               return -E_RTE_SECONDARY;
+
        ret = eth_em_stop(dev);
        if (ret != 0)
                return ret;
@@ -757,6 +765,14 @@ eth_em_stop(struct rte_eth_dev *dev)
        struct rte_pci_device *pci_dev = RTE_ETH_DEV_TO_PCI(dev);
        struct rte_intr_handle *intr_handle = pci_dev->intr_handle;
 
+       /*
+        * This function calls into the base driver, which in turn will use
+        * function pointers, which are not guaranteed to be valid in secondary
+        * processes, so avoid using this function in secondary processes.
+        */
+       if (rte_eal_process_type() != RTE_PROC_PRIMARY)
+               return -E_RTE_SECONDARY;
+
        dev->data->dev_started = 0;
 
        eth_em_rxtx_control(dev, false);
@@ -1048,6 +1064,10 @@ eth_em_rx_queue_intr_enable(struct rte_eth_dev *dev, 
__rte_unused uint16_t queue
        struct rte_pci_device *pci_dev = RTE_ETH_DEV_TO_PCI(dev);
        struct rte_intr_handle *intr_handle = pci_dev->intr_handle;
 
+       /* device interrupts are only subscribed to in primary processes */
+       if (rte_eal_process_type() != RTE_PROC_PRIMARY)
+               return -E_RTE_SECONDARY;
+
        em_rxq_intr_enable(hw);
        rte_intr_ack(intr_handle);
 
@@ -1059,6 +1079,10 @@ eth_em_rx_queue_intr_disable(struct rte_eth_dev *dev, 
__rte_unused uint16_t queu
 {
        struct e1000_hw *hw = E1000_DEV_PRIVATE_TO_HW(dev->data->dev_private);
 
+       /* device interrupts are only subscribed to in primary processes */
+       if (rte_eal_process_type() != RTE_PROC_PRIMARY)
+               return -E_RTE_SECONDARY;
+
        em_rxq_intr_disable(hw);
 
        return 0;
@@ -1688,6 +1712,14 @@ eth_em_led_on(struct rte_eth_dev *dev)
 {
        struct e1000_hw *hw;
 
+       /*
+        * This function calls into the base driver, which in turn will use
+        * function pointers, which are not guaranteed to be valid in secondary
+        * processes, so avoid using this function in secondary processes.
+        */
+       if (rte_eal_process_type() != RTE_PROC_PRIMARY)
+               return -E_RTE_SECONDARY;
+
        hw = E1000_DEV_PRIVATE_TO_HW(dev->data->dev_private);
        return e1000_led_on(hw) == E1000_SUCCESS ? 0 : -ENOTSUP;
 }
@@ -1697,6 +1729,14 @@ eth_em_led_off(struct rte_eth_dev *dev)
 {
        struct e1000_hw *hw;
 
+       /*
+        * This function calls into the base driver, which in turn will use
+        * function pointers, which are not guaranteed to be valid in secondary
+        * processes, so avoid using this function in secondary processes.
+        */
+       if (rte_eal_process_type() != RTE_PROC_PRIMARY)
+               return -E_RTE_SECONDARY;
+
        hw = E1000_DEV_PRIVATE_TO_HW(dev->data->dev_private);
        return e1000_led_off(hw) == E1000_SUCCESS ? 0 : -ENOTSUP;
 }
@@ -1758,6 +1798,14 @@ eth_em_flow_ctrl_set(struct rte_eth_dev *dev, struct 
rte_eth_fc_conf *fc_conf)
        uint32_t max_high_water;
        uint32_t rctl;
 
+       /*
+        * This function calls into the base driver, which in turn will use
+        * function pointers, which are not guaranteed to be valid in secondary
+        * processes, so avoid using this function in secondary processes.
+        */
+       if (rte_eal_process_type() != RTE_PROC_PRIMARY)
+               return -E_RTE_SECONDARY;
+
        hw = E1000_DEV_PRIVATE_TO_HW(dev->data->dev_private);
        if (fc_conf->autoneg != hw->mac.autoneg)
                return -ENOTSUP;
@@ -1809,6 +1857,14 @@ eth_em_rar_set(struct rte_eth_dev *dev, struct 
rte_ether_addr *mac_addr,
 {
        struct e1000_hw *hw = E1000_DEV_PRIVATE_TO_HW(dev->data->dev_private);
 
+       /*
+        * This function calls into the base driver, which in turn will use
+        * function pointers, which are not guaranteed to be valid in secondary
+        * processes, so avoid using this function in secondary processes.
+        */
+       if (rte_eal_process_type() != RTE_PROC_PRIMARY)
+               return -E_RTE_SECONDARY;
+
        return e1000_rar_set(hw, mac_addr->addr_bytes, index);
 }
 
@@ -1818,6 +1874,14 @@ eth_em_rar_clear(struct rte_eth_dev *dev, uint32_t index)
        uint8_t addr[RTE_ETHER_ADDR_LEN];
        struct e1000_hw *hw = E1000_DEV_PRIVATE_TO_HW(dev->data->dev_private);
 
+       /*
+        * This function calls into the base driver, which in turn will use
+        * function pointers, which are not guaranteed to be valid in secondary
+        * processes, so avoid using this function in secondary processes.
+        */
+       if (rte_eal_process_type() != RTE_PROC_PRIMARY)
+               return;
+
        memset(addr, 0, sizeof(addr));
 
        e1000_rar_set(hw, addr, index);
@@ -1827,6 +1891,14 @@ static int
 eth_em_default_mac_addr_set(struct rte_eth_dev *dev,
                            struct rte_ether_addr *addr)
 {
+       /*
+        * This function calls into the base driver, which in turn will use
+        * function pointers, which are not guaranteed to be valid in secondary
+        * processes, so avoid using this function in secondary processes.
+        */
+       if (rte_eal_process_type() != RTE_PROC_PRIMARY)
+               return -E_RTE_SECONDARY;
+
        eth_em_rar_clear(dev, 0);
 
        return eth_em_rar_set(dev, (void *)addr, 0, 0);
@@ -1871,6 +1943,14 @@ eth_em_set_mc_addr_list(struct rte_eth_dev *dev,
 {
        struct e1000_hw *hw;
 
+       /*
+        * This function calls into the base driver, which in turn will use
+        * function pointers, which are not guaranteed to be valid in secondary
+        * processes, so avoid using this function in secondary processes.
+        */
+       if (rte_eal_process_type() != RTE_PROC_PRIMARY)
+               return -E_RTE_SECONDARY;
+
        hw = E1000_DEV_PRIVATE_TO_HW(dev->data->dev_private);
        e1000_update_mc_addr_list(hw, (u8 *)mc_addr_set, nb_mc_addr);
        return 0;
-- 
2.43.5

Reply via email to