public inbox for dev@dpdk.org
 help / color / mirror / Atom feed
From: Bruce Richardson <bruce.richardson@intel.com>
To: Andrew Rybchenko <andrew.rybchenko@oktetlabs.ru>
Cc: Stephen Hemminger <stephen@networkplumber.org>, <dev@dpdk.org>,
	"Reshma Pattan" <reshma.pattan@intel.com>,
	Aman Singh <aman.deep.singh@intel.com>,
	Naga Harish K S V <s.v.naga.harish.k@intel.com>,
	Kishore Padmanabha <kishore.padmanabha@broadcom.com>,
	Ajit Khaparde <ajit.khaparde@broadcom.com>,
	Nithin Dabilpuram <ndabilpuram@marvell.com>,
	Kiran Kumar K <kirankumark@marvell.com>,
	Sunil Kumar Kori <skori@marvell.com>,
	Satha Rao <skoteshwar@marvell.com>,
	Harman Kalra <hkalra@marvell.com>,
	Anatoly Burakov <anatoly.burakov@intel.com>,
	"Cristian Dumitrescu" <cristian.dumitrescu@intel.com>,
	Thomas Monjalon <thomas@monjalon.net>
Subject: Re: [RFC] ethdev: add buffer size parameter to rte_eth_dev_get_name_by_port()
Date: Thu, 9 Apr 2026 08:58:35 +0100	[thread overview]
Message-ID: <addcKzXuZYV19F3P@bricha3-mobl1.ger.corp.intel.com> (raw)
In-Reply-To: <c04d3145-d6e9-4583-b49c-82341ea9b0aa@oktetlabs.ru>

On Thu, Apr 09, 2026 at 09:59:04AM +0300, Andrew Rybchenko wrote:
> On 4/9/26 4:36 AM, Stephen Hemminger wrote:
> > rte_eth_dev_get_name_by_port() uses strcpy() into a caller-provided
> > buffer with no bounds checking. A mistaken caller that supplies a
> > buffer smaller than RTE_ETH_NAME_MAX_LEN can overflow the buffer.
> > 
> > Add a size parameter and replace strcpy() with strlcpy(), returning
> > -ERANGE if the name is truncated. The copy is now performed under
> > the ethdev shared data lock so that the name cannot be mutated by
> > another process between reading and copying.
> > 
> > The previous ABI is preserved via symbol versioning (DPDK_26) with a
> > thin wrapper that delegates to the new implementation with
> > RTE_ETH_NAME_MAX_LEN. The versioned symbol will be removed in 26.11.
> > 
> > Update all in-tree callers to pass sizeof(name) as the new parameter.
> > 
> > Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
> 
> with notes below fixed
> 
> Reviewed-by: Andrew Rybchenko <andrew.rybchenko@oktetlabs.ru>
> 
> > diff --git a/lib/ethdev/rte_ethdev.c b/lib/ethdev/rte_ethdev.c
> > index 2edc7a362e..586a56bd46 100644
> > --- a/lib/ethdev/rte_ethdev.c
> > +++ b/lib/ethdev/rte_ethdev.c
> > @@ -721,12 +721,9 @@ rte_eth_dev_count_total(void)
> >   	return count;
> >   }
> > -RTE_EXPORT_SYMBOL(rte_eth_dev_get_name_by_port)
> > -int
> > -rte_eth_dev_get_name_by_port(uint16_t port_id, char *name)
> > +static int
> > +eth_dev_get_name_by_port(uint16_t port_id, char *name, size_t size)
> >   {
> > -	char *tmp;
> > -
> >   	RTE_ETH_VALID_PORTID_OR_ERR_RET(port_id, -ENODEV);
> >   	if (name == NULL) {
> > @@ -735,19 +732,46 @@ rte_eth_dev_get_name_by_port(uint16_t port_id, char *name)
> >   		return -EINVAL;
> >   	}
> > +	if (size == 0) {
> > +		RTE_ETHDEV_LOG_LINE(ERR,
> > +			"Cannot get ethdev port %u name with zero-size buffer", port_id);
> > +		return -EINVAL;
> > +	}
> > +
> >   	rte_spinlock_lock(rte_mcfg_ethdev_get_lock());
> > -	/* shouldn't check 'rte_eth_devices[i].data',
> > -	 * because it might be overwritten by VDEV PMD */
> > -	tmp = eth_dev_shared_data->data[port_id].name;
> > +	/*
> > +	 * Use the shared data name rather than rte_eth_devices[].data->name
> > +	 * because VDEV PMDs may overwrite the per-process data pointer.
> > +	 */
> > +	size_t n = strlcpy(name, eth_dev_shared_data->data[port_id].name, size);
> 
> As far as I know typically variable declaration and code are not mixed
> in DPDK.
> 

AFAIK That used to be the case because early versions of DPDK targetting a
very early C standard. More recently, we've started allowing this sort of
use, which makes the code more readable IMHO and easier to work with too as
commenting out blocks when debugging leads to fewer unused variable warnings.

/Bruce

  reply	other threads:[~2026-04-09  7:59 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-04-09  1:36 [RFC] ethdev: add buffer size parameter to rte_eth_dev_get_name_by_port() Stephen Hemminger
2026-04-09  6:59 ` Andrew Rybchenko
2026-04-09  7:58   ` Bruce Richardson [this message]
2026-04-09  9:05     ` Andrew Rybchenko
2026-04-09 15:23       ` Stephen Hemminger

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=addcKzXuZYV19F3P@bricha3-mobl1.ger.corp.intel.com \
    --to=bruce.richardson@intel.com \
    --cc=ajit.khaparde@broadcom.com \
    --cc=aman.deep.singh@intel.com \
    --cc=anatoly.burakov@intel.com \
    --cc=andrew.rybchenko@oktetlabs.ru \
    --cc=cristian.dumitrescu@intel.com \
    --cc=dev@dpdk.org \
    --cc=hkalra@marvell.com \
    --cc=kirankumark@marvell.com \
    --cc=kishore.padmanabha@broadcom.com \
    --cc=ndabilpuram@marvell.com \
    --cc=reshma.pattan@intel.com \
    --cc=s.v.naga.harish.k@intel.com \
    --cc=skori@marvell.com \
    --cc=skoteshwar@marvell.com \
    --cc=stephen@networkplumber.org \
    --cc=thomas@monjalon.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox