[v2,1/2] net/iavf: check illegal packets
Checks
Commit Message
If the length of data_len in mbuf is less than 17 or
greater than the maximum frame size, it is illegal.
These illegal packets will lead to TX/RX hang and
can't recover automatically.
This patch check those illegal packets and protect
TX/RX from hanging.
Fixes: a2b29a7733ef ("net/avf: enable basic Rx Tx")
Signed-off-by: Kevin Liu <kevinx.liu@intel.com>
---
drivers/net/iavf/iavf_rxtx.c | 9 +++++++++
drivers/net/iavf/iavf_rxtx.h | 2 ++
2 files changed, 11 insertions(+)
@@ -2865,6 +2865,7 @@ iavf_prep_pkts(__rte_unused void *tx_queue, struct rte_mbuf **tx_pkts,
struct rte_mbuf *m;
struct iavf_tx_queue *txq = tx_queue;
struct rte_eth_dev *dev = &rte_eth_devices[txq->port_id];
+ uint16_t max_frame_size = dev->data->mtu + IAVF_ETH_OVERHEAD;
struct iavf_info *vf = IAVF_DEV_PRIVATE_TO_VF(dev->data->dev_private);
struct iavf_adapter *adapter = IAVF_DEV_PRIVATE_TO_ADAPTER(dev->data->dev_private);
@@ -2893,6 +2894,14 @@ iavf_prep_pkts(__rte_unused void *tx_queue, struct rte_mbuf **tx_pkts,
return i;
}
+ /* check the data_len in mbuf */
+ if (m->data_len < IAVF_TX_MIN_PKT_LEN ||
+ m->data_len > max_frame_size) {
+ rte_errno = EINVAL;
+ PMD_DRV_LOG(ERR, "INVALID mbuf: bad data_len=[%hu]", m->data_len);
+ return i;
+ }
+
#ifdef RTE_ETHDEV_DEBUG_TX
ret = rte_validate_tx_offload(m);
if (ret != 0) {
@@ -53,6 +53,8 @@
#define IAVF_TSO_MAX_SEG UINT8_MAX
#define IAVF_TX_MAX_MTU_SEG 8
+#define IAVF_TX_MIN_PKT_LEN 17
+
#define IAVF_TX_CKSUM_OFFLOAD_MASK ( \
RTE_MBUF_F_TX_IP_CKSUM | \
RTE_MBUF_F_TX_L4_MASK | \