Hi,
Thanks Kevin for redirecting to the maintainer. Appreciate the help.
Thanks Qi Z Zhang for the update. But the reason for request is because I did
not find the update in patches for 'release notes, faq or i40e' documentation.
Hence, I was forced to assume this is known bug.
Will wait to see an update on either release notes, faq or i40e documentation.
Thanks
Vipin Varghese
> -----Original Message-----
> From: Zhang, Qi Z
> Sent: Friday, January 11, 2019 6:59 PM
> To: Varghese, Vipin <vipin.vargh...@intel.com>; Kevin Traynor
> <ktray...@redhat.com>; Wang, Haiyue <haiyue.w...@intel.com>;
> dev@dpdk.org
> Subject: RE: [dpdk-dev] [PATCH v1] net/i40e: perform basic validation on the
> VF messages
>
> Hi Vipin:
>
> > -----Original Message-----
> > From: Varghese, Vipin
> > Sent: Friday, January 11, 2019 10:54 AM
> > To: Kevin Traynor <ktray...@redhat.com>; Wang, Haiyue
> > <haiyue.w...@intel.com>; dev@dpdk.org; Zhang, Qi Z
> > <qi.z.zh...@intel.com>
> > Subject: RE: [dpdk-dev] [PATCH v1] net/i40e: perform basic validation
> > on the VF messages
> >
> > Hi Kevin,
> >
> > A question, since the patch is fixing issue for 'i40e vf' should not
> > the sections for 'known limitations' or 'i40e PMD' be updated too?
>
> The patch is going to fix some issue not be recorded as knowing limitation
> previously, so I didn’t see the necessary to update the doc.
> But please let me know if I missed your point.
>
> >
> > Thanks
> > Vipin Varghese
> >
> > > -----Original Message-----
> > > From: dev <dev-boun...@dpdk.org> On Behalf Of Kevin Traynor
> > > Sent: Thursday, January 10, 2019 11:18 PM
> > > To: Wang, Haiyue <haiyue.w...@intel.com>; dev@dpdk.org; Zhang, Qi Z
> > > <qi.z.zh...@intel.com>
> > > Subject: Re: [dpdk-dev] [PATCH v1] net/i40e: perform basic
> > > validation on the VF messages
> > >
> > > On 01/10/2019 12:07 PM, Haiyue Wang wrote:
> > > > Do the VF message basic validation such as OPCODE message length
> > > > check, some special OPCODE message format check, to protect the
> > > > i40e PMD from malicious VF message attack.
> > > >
> > > > Fixes: 4861cde46116 ("i40e: new poll mode driver")
> > > >
> > >
> > > Missing Cc: sta...@dpdk.org ? or there is some reason not to backport?
> > >
> > > > Signed-off-by: Haiyue Wang <haiyue.w...@intel.com>
> > > > ---
> > > > drivers/net/i40e/i40e_pf.c | 25 +++++++++++++++++++++++++
> > > > 1 file changed, 25 insertions(+)
> > > >
> > > > diff --git a/drivers/net/i40e/i40e_pf.c
> > > > b/drivers/net/i40e/i40e_pf.c index 092e0d3..d6e83e3 100644
> > > > --- a/drivers/net/i40e/i40e_pf.c
> > > > +++ b/drivers/net/i40e/i40e_pf.c
> > > > @@ -1295,6 +1295,7 @@
> > > > uint16_t vf_id = abs_vf_id - hw->func_caps.vf_base_id;
> > > > struct rte_pmd_i40e_mb_event_param ret_param;
> > > > bool b_op = TRUE;
> > > > + int ret;
> > > >
> > > > if (vf_id > pf->vf_num - 1 || !pf->vfs) {
> > > > PMD_DRV_LOG(ERR, "invalid argument"); @@ -1309,6
> > > +1310,30 @@
> > > > return;
> > > > }
> > > >
> > > > + /* perform basic checks on the msg */
> > > > + ret = virtchnl_vc_validate_vf_msg(&vf->version, opcode, msg,
> > > > +msglen);
> > > > +
> > > > + /* perform additional checks specific to this driver */
> > > > + if (opcode == VIRTCHNL_OP_CONFIG_RSS_KEY) {
> > > > + struct virtchnl_rss_key *vrk = (struct virtchnl_rss_key
> > > > *)msg;
> > > > +
> > > > + if (vrk->key_len != ((I40E_PFQF_HKEY_MAX_INDEX + 1) *
> > > > 4))
> > > > + ret = VIRTCHNL_ERR_PARAM;
> > > > + } else if (opcode == VIRTCHNL_OP_CONFIG_RSS_LUT) {
> > > > + struct virtchnl_rss_lut *vrl = (struct virtchnl_rss_lut
> > > > *)msg;
> > > > +
> > > > + if (vrl->lut_entries != ((I40E_VFQF_HLUT1_MAX_INDEX +
> > > > 1) *
> > > 4))
> > > > + ret = VIRTCHNL_ERR_PARAM;
> > > > + }
> > > > +
> > > > + if (ret) {
> > > > + PMD_DRV_LOG(ERR, "Invalid message from VF %u, opcode
> > > %u, len %u",
> > > > + vf_id, opcode, msglen);
> > > > + i40e_pf_host_send_msg_to_vf(vf, opcode,
> > > > + I40E_ERR_PARAM, NULL, 0);
> > > > + return;
> > > > + }
> > > > +
> > > > /**
> > > > * initialise structure to send to user application
> > > > * will return response from user in retval field
> > > >
