* [PATCH 10/17] net/ionic: replace strncpy with strlcpy
From: Bruce Richardson @ 2026-06-23 16:51 UTC (permalink / raw)
To: dev
Cc: Bruce Richardson, stable, Andrew Boyer, Shannon Nelson,
Alfredo Cardigliano
In-Reply-To: <20260623165150.765443-1-bruce.richardson@intel.com>
Replace strncpy() with safer strlcpy() which always null-terminates.
Fixes: 5ef518098ec6 ("net/ionic: register and initialize adapter")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
---
drivers/net/ionic/ionic_main.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/net/ionic/ionic_main.c b/drivers/net/ionic/ionic_main.c
index 814bb3b8f4..d5545b1ecb 100644
--- a/drivers/net/ionic/ionic_main.c
+++ b/drivers/net/ionic/ionic_main.c
@@ -393,8 +393,8 @@ ionic_identify(struct ionic_adapter *adapter)
ident->drv.kernel_ver = 0;
snprintf(ident->drv.kernel_ver_str,
sizeof(ident->drv.kernel_ver_str), "DPDK");
- strncpy(ident->drv.driver_ver_str, IONIC_DRV_VERSION,
- sizeof(ident->drv.driver_ver_str) - 1);
+ strlcpy(ident->drv.driver_ver_str, IONIC_DRV_VERSION,
+ sizeof(ident->drv.driver_ver_str));
nwords = RTE_MIN(drv_size, cmd_size);
for (i = 0; i < nwords; i++)
--
2.53.0
^ permalink raw reply related
* [PATCH 09/17] net/dpaa: replace strncpy with strlcpy
From: Bruce Richardson @ 2026-06-23 16:51 UTC (permalink / raw)
To: dev
Cc: Bruce Richardson, stable, Hemant Agrawal, Sachin Saxena,
Rohit Raj, Vanshika Shukla
In-Reply-To: <20260623165150.765443-1-bruce.richardson@intel.com>
Replace strncpy() with safer strlcpy() which always null-terminates.
Fixes: ee0fa7552a0a ("net/dpaa: forbid MTU configuration for shared interface")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
---
drivers/net/dpaa/dpaa_ethdev.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/dpaa/dpaa_ethdev.c b/drivers/net/dpaa/dpaa_ethdev.c
index 9f976d179b..8b1072f9b9 100644
--- a/drivers/net/dpaa/dpaa_ethdev.c
+++ b/drivers/net/dpaa/dpaa_ethdev.c
@@ -247,7 +247,7 @@ dpaa_eth_dev_configure(struct rte_eth_dev *dev)
DPAA_PMD_ERR("Cannot open IF socket");
return -errno;
}
- strncpy(ifr.ifr_name, dpaa_intf->name, IFNAMSIZ - 1);
+ strlcpy(ifr.ifr_name, dpaa_intf->name, IFNAMSIZ);
if (ioctl(socket_fd, SIOCGIFMTU, &ifr) < 0) {
DPAA_PMD_ERR("Cannot get interface mtu");
--
2.53.0
^ permalink raw reply related
* [PATCH 08/17] net/cnxk: replace strncpy with strlcpy
From: Bruce Richardson @ 2026-06-23 16:51 UTC (permalink / raw)
To: dev
Cc: Bruce Richardson, stable, Nithin Dabilpuram, Kiran Kumar K,
Sunil Kumar Kori, Satha Rao, Harman Kalra
In-Reply-To: <20260623165150.765443-1-bruce.richardson@intel.com>
Replace strncpy() with safer strlcpy() which always null-terminates.
Fixes: 804c585658ea ("net/cnxk: add representor control plane")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
---
drivers/net/cnxk/cnxk_eswitch.c | 4 ++--
drivers/net/cnxk/cnxk_rep_msg.c | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/drivers/net/cnxk/cnxk_eswitch.c b/drivers/net/cnxk/cnxk_eswitch.c
index e45c7dfd07..50c3e54109 100644
--- a/drivers/net/cnxk/cnxk_eswitch.c
+++ b/drivers/net/cnxk/cnxk_eswitch.c
@@ -124,8 +124,8 @@ cnxk_eswitch_dev_remove(struct rte_pci_device *pci_dev)
}
sun.sun_family = AF_UNIX;
sunlen = sizeof(struct sockaddr_un);
- strncpy(sun.sun_path, CNXK_ESWITCH_CTRL_MSG_SOCK_PATH,
- sizeof(sun.sun_path) - 1);
+ strlcpy(sun.sun_path, CNXK_ESWITCH_CTRL_MSG_SOCK_PATH,
+ sizeof(sun.sun_path));
if (connect(sock_fd, (struct sockaddr *)&sun, sunlen) < 0) {
plt_err("Failed to connect socket: %s, err %d",
diff --git a/drivers/net/cnxk/cnxk_rep_msg.c b/drivers/net/cnxk/cnxk_rep_msg.c
index a222e2b5cd..7b92e7a5f7 100644
--- a/drivers/net/cnxk/cnxk_rep_msg.c
+++ b/drivers/net/cnxk/cnxk_rep_msg.c
@@ -138,7 +138,7 @@ open_socket_ctrl_channel(void)
memset(&un, 0, sizeof(struct sockaddr_un));
un.sun_family = AF_UNIX;
- strncpy(un.sun_path, CNXK_ESWITCH_CTRL_MSG_SOCK_PATH, sizeof(un.sun_path) - 1);
+ strlcpy(un.sun_path, CNXK_ESWITCH_CTRL_MSG_SOCK_PATH, sizeof(un.sun_path));
if (bind(sock_fd, (struct sockaddr *)&un, sizeof(un)) < 0) {
plt_err("Failed to bind %s: %s", un.sun_path, strerror(errno));
--
2.53.0
^ permalink raw reply related
* [PATCH 07/17] net/bnx2x: replace strncpy with strlcpy
From: Bruce Richardson @ 2026-06-23 16:51 UTC (permalink / raw)
To: dev; +Cc: Bruce Richardson, stable, Julien Aube, Stephen Hemminger,
Harish Patil
In-Reply-To: <20260623165150.765443-1-bruce.richardson@intel.com>
Replace strncpy() with safer strlcpy() which always null-terminates.
Fixes: 540a211084a7 ("bnx2x: driver core")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
---
drivers/net/bnx2x/bnx2x.c | 2 +-
drivers/net/bnx2x/bnx2x_vfpf.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/net/bnx2x/bnx2x.c b/drivers/net/bnx2x/bnx2x.c
index 8790c858d5..1a3956b224 100644
--- a/drivers/net/bnx2x/bnx2x.c
+++ b/drivers/net/bnx2x/bnx2x.c
@@ -3596,7 +3596,7 @@ static void bnx2x_drv_info_ether_stat(struct bnx2x_softc *sc)
{
struct eth_stats_info *ether_stat = &sc->sp->drv_info_to_mcp.ether_stat;
- strncpy(ether_stat->version, BNX2X_DRIVER_VERSION,
+ strlcpy(ether_stat->version, BNX2X_DRIVER_VERSION,
ETH_STAT_INFO_VERSION_LEN);
sc->sp_objs[0].mac_obj.get_n_elements(sc, &sc->sp_objs[0].mac_obj,
diff --git a/drivers/net/bnx2x/bnx2x_vfpf.c b/drivers/net/bnx2x/bnx2x_vfpf.c
index 5411df3a38..23f576877f 100644
--- a/drivers/net/bnx2x/bnx2x_vfpf.c
+++ b/drivers/net/bnx2x/bnx2x_vfpf.c
@@ -303,7 +303,7 @@ int bnx2x_vf_get_resources(struct bnx2x_softc *sc, uint8_t tx_count, uint8_t rx_
PMD_DRV_LOG(DEBUG, sc, "status block count = %d, base status block = %x",
sc->igu_sb_cnt, sc->igu_base_sb);
- strncpy(sc->fw_ver, sc_resp.fw_ver, sizeof(sc->fw_ver));
+ strlcpy(sc->fw_ver, sc_resp.fw_ver, sizeof(sc->fw_ver));
if (rte_is_valid_assigned_ether_addr(&sc_resp.resc.current_mac_addr))
rte_ether_addr_copy(&sc_resp.resc.current_mac_addr,
--
2.53.0
^ permalink raw reply related
* [PATCH 06/17] net/ark: replace strncpy with strlcpy
From: Bruce Richardson @ 2026-06-23 16:51 UTC (permalink / raw)
To: dev; +Cc: Bruce Richardson, stable, Shepard Siegel, Ed Czeck, John Miller
In-Reply-To: <20260623165150.765443-1-bruce.richardson@intel.com>
Replace strncpy() with safer strlcpy() which always null-terminates.
Fixes: 1131cbf0fb2b ("net/ark: stub PMD for Atomic Rules Arkville")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
---
drivers/net/ark/ark_ethdev.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/net/ark/ark_ethdev.c b/drivers/net/ark/ark_ethdev.c
index 9272e271e6..d6b1abf383 100644
--- a/drivers/net/ark/ark_ethdev.c
+++ b/drivers/net/ark/ark_ethdev.c
@@ -929,7 +929,7 @@ process_file_args(const char *key, const char *value, void *extra_args)
return -1;
}
if (first) {
- strncpy(args, line, ARK_MAX_ARG_LEN);
+ strlcpy(args, line, ARK_MAX_ARG_LEN);
first = 0;
} else {
strncat(args, line, ARK_MAX_ARG_LEN);
--
2.53.0
^ permalink raw reply related
* [PATCH 05/17] event/cnxk: replace strncpy with strlcpy
From: Bruce Richardson @ 2026-06-23 16:51 UTC (permalink / raw)
To: dev; +Cc: Bruce Richardson, stable, Pavan Nikhilesh, Shijith Thotton
In-Reply-To: <20260623165150.765443-1-bruce.richardson@intel.com>
Replace strncpy() with safer strlcpy() which always null-terminates.
Fixes: b5a52c9d97e2 ("event/cnxk: add event port and queue xstats")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
---
drivers/event/cnxk/cnxk_eventdev_stats.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/event/cnxk/cnxk_eventdev_stats.c b/drivers/event/cnxk/cnxk_eventdev_stats.c
index 6dea91aedf..288d34bd7e 100644
--- a/drivers/event/cnxk/cnxk_eventdev_stats.c
+++ b/drivers/event/cnxk/cnxk_eventdev_stats.c
@@ -283,7 +283,7 @@ cnxk_sso_xstats_get_names(const struct rte_eventdev *event_dev,
for (i = 0; i < xstats_mode_count; i++) {
xidx = i + start_offset;
- strncpy(xstats_names[i].name, xstats_names_copy[xidx].name,
+ strlcpy(xstats_names[i].name, xstats_names_copy[xidx].name,
sizeof(xstats_names[i].name));
ids[i] = xidx;
}
--
2.53.0
^ permalink raw reply related
* [PATCH 04/17] crypto/scheduler: replace strncpy with strlcpy
From: Bruce Richardson @ 2026-06-23 16:51 UTC (permalink / raw)
To: dev
Cc: Bruce Richardson, stable, Kai Ji, Akhil Goyal, Fan Zhang,
Adam Dybkowski, Ruifeng Wang
In-Reply-To: <20260623165150.765443-1-bruce.richardson@intel.com>
Replace strncpy() with safer strlcpy() which always null-terminates.
Fixes: 85b00824aeef ("crypto/scheduler: rename slave to worker")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
---
drivers/crypto/scheduler/scheduler_pmd.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/crypto/scheduler/scheduler_pmd.c b/drivers/crypto/scheduler/scheduler_pmd.c
index 95ce893f05..ceaefa329b 100644
--- a/drivers/crypto/scheduler/scheduler_pmd.c
+++ b/drivers/crypto/scheduler/scheduler_pmd.c
@@ -229,10 +229,10 @@ cryptodev_scheduler_create(const char *name,
return -ENOMEM;
}
- strncpy(sched_ctx->init_worker_names[
+ strlcpy(sched_ctx->init_worker_names[
sched_ctx->nb_init_workers],
init_params->worker_names[i],
- RTE_CRYPTODEV_SCHEDULER_NAME_MAX_LEN - 1);
+ RTE_CRYPTODEV_SCHEDULER_NAME_MAX_LEN);
sched_ctx->nb_init_workers++;
}
@@ -443,8 +443,8 @@ parse_worker_arg(const char *key __rte_unused,
return -ENOMEM;
}
- strncpy(param->worker_names[param->nb_workers++], value,
- RTE_CRYPTODEV_SCHEDULER_NAME_MAX_LEN - 1);
+ strlcpy(param->worker_names[param->nb_workers++], value,
+ RTE_CRYPTODEV_SCHEDULER_NAME_MAX_LEN);
return 0;
}
--
2.53.0
^ permalink raw reply related
* [PATCH 03/17] crypto/mvsam: replace strncpy with strlcpy
From: Bruce Richardson @ 2026-06-23 16:51 UTC (permalink / raw)
To: dev
Cc: Bruce Richardson, stable, Michael Shamis, Liron Himi,
Pablo de Lara, Tomasz Duszynski
In-Reply-To: <20260623165150.765443-1-bruce.richardson@intel.com>
Replace strncpy() with safer strlcpy() which always null-terminates.
Fixes: 25b05a1c806b ("crypto/mvsam: parse max number of sessions")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
---
drivers/crypto/mvsam/rte_mrvl_pmd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/crypto/mvsam/rte_mrvl_pmd.c b/drivers/crypto/mvsam/rte_mrvl_pmd.c
index a824719fb0..65a63c9d62 100644
--- a/drivers/crypto/mvsam/rte_mrvl_pmd.c
+++ b/drivers/crypto/mvsam/rte_mrvl_pmd.c
@@ -1146,7 +1146,7 @@ parse_name_arg(const char *key __rte_unused,
return -EINVAL;
}
- strncpy(params->name, value, RTE_CRYPTODEV_NAME_MAX_LEN);
+ strlcpy(params->name, value, RTE_CRYPTODEV_NAME_MAX_LEN);
return 0;
}
--
2.53.0
^ permalink raw reply related
* [PATCH 02/17] common/mlx5: replace strncpy with strlcpy
From: Bruce Richardson @ 2026-06-23 16:51 UTC (permalink / raw)
To: dev
Cc: Bruce Richardson, stable, Dariusz Sosnowski, Viacheslav Ovsiienko,
Bing Zhao, Ori Kam, Suanming Mou, Matan Azrad, Maxime Coquelin
In-Reply-To: <20260623165150.765443-1-bruce.richardson@intel.com>
Replace strncpy() with safer strlcpy() which always null-terminates.
Fixes: aec086c9f1c8 ("common/mlx5: share kernel interface name getter")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
---
drivers/common/mlx5/linux/mlx5_common_os.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/drivers/common/mlx5/linux/mlx5_common_os.c b/drivers/common/mlx5/linux/mlx5_common_os.c
index e3db6c4124..53bcc9b844 100644
--- a/drivers/common/mlx5/linux/mlx5_common_os.c
+++ b/drivers/common/mlx5/linux/mlx5_common_os.c
@@ -231,7 +231,7 @@ mlx5_get_ifname_sysfs(const char *ibdev_path, char *ifname)
rte_errno = ENOENT;
return -rte_errno;
}
- strncpy(ifname, match, IF_NAMESIZE);
+ strlcpy(ifname, match, IF_NAMESIZE);
return 0;
}
--
2.53.0
^ permalink raw reply related
* [PATCH 01/17] common/cnxk: replace strncpy with strlcpy
From: Bruce Richardson @ 2026-06-23 16:51 UTC (permalink / raw)
To: dev
Cc: Bruce Richardson, stable, Nithin Dabilpuram, Kiran Kumar K,
Sunil Kumar Kori, Satha Rao, Harman Kalra, Jerin Jacob,
Srikanth Yalavarthi, Rakesh Kudurumalla
In-Reply-To: <20260623165150.765443-1-bruce.richardson@intel.com>
Replace strncpy() with safer strlcpy() which always null-terminates.
Fixes: 014a9e222bac ("common/cnxk: add model init and IO handling API")
Fixes: b315581c66dc ("common/cnxk: skip probing SoC environment for CN9K")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
---
drivers/common/cnxk/roc_model.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/drivers/common/cnxk/roc_model.c b/drivers/common/cnxk/roc_model.c
index f0312a5400..ddd7ee8634 100644
--- a/drivers/common/cnxk/roc_model.c
+++ b/drivers/common/cnxk/roc_model.c
@@ -211,15 +211,15 @@ populate_model(struct roc_model *model, uint32_t midr)
if (model_db[i].impl == impl && model_db[i].part == part &&
model_db[i].major == major && model_db[i].minor == minor) {
model->flag = model_db[i].flag;
- strncpy(model->name, model_db[i].name,
- ROC_MODEL_STR_LEN_MAX - 1);
+ strlcpy(model->name, model_db[i].name,
+ ROC_MODEL_STR_LEN_MAX);
found = true;
break;
}
not_found:
if (!found) {
model->flag = 0;
- strncpy(model->name, "unknown", ROC_MODEL_STR_LEN_MAX - 1);
+ strlcpy(model->name, "unknown", ROC_MODEL_STR_LEN_MAX);
plt_err("Invalid RoC model (impl=0x%x, part=0x%x, major=0x%x, minor=0x%x)",
impl, part, major, minor);
}
@@ -297,7 +297,7 @@ of_env_get(struct roc_model *model)
FILE *fp;
if (access(path, F_OK) != 0) {
- strncpy(model->env, "HW_PLATFORM", ROC_MODEL_STR_LEN_MAX - 1);
+ strlcpy(model->env, "HW_PLATFORM", ROC_MODEL_STR_LEN_MAX);
model->flag |= ROC_ENV_HW;
return;
}
--
2.53.0
^ permalink raw reply related
* [PATCH 00/17] drivers: replace strncpy with strlcpy
From: Bruce Richardson @ 2026-06-23 16:51 UTC (permalink / raw)
To: dev; +Cc: Bruce Richardson
Many uses of strncpy in DPDK drivers can be directly replaced by
a call to strlcpy instead, which is safer in that it always null-
terminates the string. This AI assisted patchset makes those
simple replacements, adjusting lengths as appropriate.
After this set, there are still a number of drivers with strncpy calls
in them, but those are not simple strncpy->strlcpy replacements, so
left for later rework.
Bruce Richardson (17):
common/cnxk: replace strncpy with strlcpy
common/mlx5: replace strncpy with strlcpy
crypto/mvsam: replace strncpy with strlcpy
crypto/scheduler: replace strncpy with strlcpy
event/cnxk: replace strncpy with strlcpy
net/ark: replace strncpy with strlcpy
net/bnx2x: replace strncpy with strlcpy
net/cnxk: replace strncpy with strlcpy
net/dpaa: replace strncpy with strlcpy
net/ionic: replace strncpy with strlcpy
net/mlx4: replace strncpy with strlcpy
net/mlx5: replace strncpy with strlcpy
net/nfp: replace strncpy with strlcpy
net/qede: replace strncpy with strlcpy
net/softnic: replace strncpy with strlcpy
net/vhost: replace strncpy with strlcpy
net/virtio: replace strncpy with strlcpy
drivers/common/cnxk/roc_model.c | 8 ++++----
drivers/common/mlx5/linux/mlx5_common_os.c | 2 +-
drivers/crypto/mvsam/rte_mrvl_pmd.c | 2 +-
drivers/crypto/scheduler/scheduler_pmd.c | 8 ++++----
drivers/event/cnxk/cnxk_eventdev_stats.c | 2 +-
drivers/net/ark/ark_ethdev.c | 2 +-
drivers/net/bnx2x/bnx2x.c | 2 +-
drivers/net/bnx2x/bnx2x_vfpf.c | 2 +-
drivers/net/cnxk/cnxk_eswitch.c | 4 ++--
drivers/net/cnxk/cnxk_rep_msg.c | 2 +-
drivers/net/dpaa/dpaa_ethdev.c | 2 +-
drivers/net/ionic/ionic_main.c | 4 ++--
drivers/net/mlx4/mlx4_ethdev.c | 2 +-
drivers/net/mlx5/mlx5.c | 8 ++++----
drivers/net/mlx5/windows/mlx5_ethdev_os.c | 2 +-
drivers/net/nfp/nfpcore/nfp_resource.c | 2 +-
drivers/net/qede/qede_ethdev.c | 2 +-
drivers/net/softnic/conn.c | 4 ++--
drivers/net/vhost/rte_eth_vhost.c | 2 +-
drivers/net/virtio/virtio_user/vhost_kernel_tap.c | 2 +-
20 files changed, 32 insertions(+), 32 deletions(-)
--
2.53.0
^ permalink raw reply
* Re: [PATCH v9 07/21] net/txgbe: fix Tx desc free logic
From: Stephen Hemminger @ 2026-06-23 16:50 UTC (permalink / raw)
To: Zaiyu Wang; +Cc: dev, stable, Jiawen Wu
In-Reply-To: <20260622111111.21024-8-zaiyuwang@trustnetic.com>
On Mon, 22 Jun 2026 19:10:55 +0800
Zaiyu Wang <zaiyuwang@trustnetic.com> wrote:
> diff --git a/drivers/net/txgbe/txgbe_rxtx.c b/drivers/net/txgbe/txgbe_rxtx.c
> index e2cd9b8841..d6efb3b8cc 100644
> --- a/drivers/net/txgbe/txgbe_rxtx.c
> +++ b/drivers/net/txgbe/txgbe_rxtx.c
> @@ -98,12 +98,11 @@ txgbe_tx_free_bufs(struct txgbe_tx_queue *txq)
> if (tx_last_dd >= txq->nb_tx_desc)
> tx_last_dd -= txq->nb_tx_desc;
>
> - volatile uint16_t head = (uint16_t)*txq->headwb_mem;
> + uint32_t h = rte_atomic_load_explicit(txq->headwb_mem,
> + rte_memory_order_acquire);
This will fail build on clang since txq->headwb_mem is declared as volatile
not _Atomic type.
Please fix, and resubmit both patch series.
$ CC=clang-21 meson setup build -Denable_stdatomic=true
$ ninja -C build
../drivers/net/txgbe/txgbe_rxtx.c:101:16: error: address argument to atomic operation must be a pointer to _Atomic type ('volatile uint32_t *' (aka 'volatile unsigned int *') invalid)
101 | uint32_t h = rte_atomic_load_explicit(txq->headwb_mem,
| ^ ~~~~~~~~~~~~~~~
../lib/eal/include/rte_stdatomic.h:69:2: note: expanded from macro 'rte_atomic_load_explicit'
69 | atomic_load_explicit(ptr, memorder)
| ^ ~~~
/usr/lib/llvm-21/lib/clang/21/include/stdatomic.h:145:30: note: expanded from macro 'atomic_load_explicit'
145 | #define atomic_load_explicit __c11_atomic_load
| ^
../drivers/net/txgbe/txgbe_rxtx.c:647:16: error: address argument to atomic operation must be a pointer to _Atomic type ('volatile uint32_t *' (aka 'volatile unsigned int *') invalid)
647 | uint32_t h = rte_atomic_load_explicit(txq->headwb_mem,
| ^ ~~~~~~~~~~~~~~~
../lib/eal/include/rte_stdatomic.h:69:2: note: expanded from macro 'rte_atomic_load_explicit'
69 | atomic_load_explicit(ptr, memorder)
| ^ ~~~
/usr/lib/llvm-21/lib/clang/21/include/stdatomic.h:145:30: note: expanded from macro 'atomic_load_explicit'
145 | #define atomic_load_explicit __c11_atomic_load
| ^
2 errors generated.
^ permalink raw reply
* Re: [PATCH v9 07/21] net/txgbe: fix Tx desc free logic
From: Stephen Hemminger @ 2026-06-23 16:30 UTC (permalink / raw)
To: Zaiyu Wang; +Cc: dev, stable, Jiawen Wu
In-Reply-To: <20260622111111.21024-8-zaiyuwang@trustnetic.com>
On Mon, 22 Jun 2026 19:10:55 +0800
Zaiyu Wang <zaiyuwang@trustnetic.com> wrote:
> diff --git a/drivers/net/txgbe/txgbe_rxtx.c b/drivers/net/txgbe/txgbe_rxtx.c
> index e2cd9b8841..d6efb3b8cc 100644
> --- a/drivers/net/txgbe/txgbe_rxtx.c
> +++ b/drivers/net/txgbe/txgbe_rxtx.c
> @@ -98,12 +98,11 @@ txgbe_tx_free_bufs(struct txgbe_tx_queue *txq)
> if (tx_last_dd >= txq->nb_tx_desc)
> tx_last_dd -= txq->nb_tx_desc;
>
> - volatile uint16_t head = (uint16_t)*txq->headwb_mem;
> + uint32_t h = rte_atomic_load_explicit(txq->headwb_mem,
> + rte_memory_order_acquire);
This will fail build on clang since txq->headwb_mem is declared as volatile
not _Atomic type.
Please fix, and resubmit both patch series.
^ permalink raw reply
* RE: [PATCH v3 05/25] bpf/validate: introduce debugging interface
From: Marat Khalili @ 2026-06-23 16:14 UTC (permalink / raw)
To: Thomas Monjalon; +Cc: Konstantin Ananyev, dev@dpdk.org
In-Reply-To: <DGHVaJ2SRzSz_1-YcgGmxA@monjalon.net>
> Yes would be nice so we will have a full CI run on it
> now that the dependency is merged in main.
Submitted v4, indeed one of the builds failed due to theoretically insufficient
snprintf buffer. Will wait for the dust to settle and resubmit with a fix.
^ permalink raw reply
* Re: [PATCH 1/5] eal: fix macro for versioned experimental symbol
From: Stephen Hemminger @ 2026-06-23 16:05 UTC (permalink / raw)
To: Dariusz Sosnowski; +Cc: David Marchand, dev, Bruce Richardson
In-Reply-To: <rg475uc6ktrpsqfu32jmcfhluqlopy43kiwsonogud2z4aul7r@qwibo7j5yfk6>
On Tue, 23 Jun 2026 17:26:22 +0200
Dariusz Sosnowski <dsosnowski@nvidia.com> wrote:
> On Tue, Jun 23, 2026 at 06:50:00AM -0700, Stephen Hemminger wrote:
> > On Tue, 23 Jun 2026 13:37:47 +0200
> > Dariusz Sosnowski <dsosnowski@nvidia.com> wrote:
> >
> > > Add a missing semicolon after __asm__ block in
> > > RTE_VERSION_EXPERIMENTAL_SYMBOL macro.
> > > It's lack triggers the following compilation error with clang:
> > >
> > > ../lib/ethdev/rte_flow.c:320:1: error: expected ';' after top-level asm block
> > > 320 | RTE_VERSION_EXPERIMENTAL_SYMBOL(int, rte_flow_dynf_metadata_register, (void))
> > > | ^
> > > ../lib/eal/common/eal_export.h:75:74: note: expanded from macro 'RTE_VERSION_EXPERIMENTAL_SYMBOL'
> > > 75 | __asm__(".symver " RTE_STR(name) "_exp, " RTE_STR(name) "@EXPERIMENTAL") \
> > > | ^
> > > ../lib/eal/include/rte_common.h:237:20: note: expanded from macro '\
> > > __rte_used'
> > > 237 | #define __rte_used __attribute__((used))
> > > | ^
> > >
> > > Fixes: e30e194c4d06 ("eal: rework function versioning macros")
> > > Cc: david.marchand@redhat.com
> > >
> > > Signed-
> >
> > I didn't see this because clang doesn't have symver support.
> > Which version of clang is this?
>
> clang 19 available on Debian 13:
>
> $ clang --version
> Debian clang version 19.1.7 (3+b1)
> Target: x86_64-pc-linux-gnu
> Thread model: posix
> InstalledDir: /usr/lib/llvm-19/bin
Ok, that was the asm block not the symver attribute.
^ permalink raw reply
* Re: [PATCH v7 0/4] net/zxdh: optimize Rx/Tx path performance
From: Stephen Hemminger @ 2026-06-23 15:54 UTC (permalink / raw)
To: Junlong Wang; +Cc: dev
In-Reply-To: <20260623060909.97023-1-wang.junlong1@zte.com.cn>
On Tue, 23 Jun 2026 14:09:04 +0800
Junlong Wang <wang.junlong1@zte.com.cn> wrote:
> v7:
> - Add a new xmit prepare func for xmit_pkts_simple, which will checked the size of
> ZXDH_DL_NET_HDR_SIZE and RTE_PKTMBUF_HEADROOM.
>
> v6:
> - Remove unnecessary error checking code in submit_to_backend_simple() and
> pkt_padding(). Since as the max dl_net_hdr_len is always less than
> RTE_PKTMBUF_HEADROOM, rte_pktmbuf_prepend() cannot fail in the
> simple path (single-segment mbufs).
> v5:
> - Reorganize patch series, placing interrupt fix as the first patch
> and fix condition check to properly enable interrupts.
> - Fix zxdh_recv_single_pkts() not compacting rcv_pkts[] on failure,
> which could cause use-after-free and mbuf leak.
> - Fix tx_bunch() and tx1() missing store barrier before setting AVAIL flag,
> preventing data race on weakly-ordered architectures.
> - Fix submit_to_backend_simple() writing descriptors for packets that
> failed pkt_padding(), causing mbuf leak.
> v4:
> - fix some AI review issues.
> - fix queue enable intr bug.
> v3:
> - remove unnecessary NULL check in zxdh_init_queue.
> - Split Ring: Bit[31] is unused and reserved, zxdh_queue_notify(): removing the
> zxdh_pci_with_feature(hw, ZXDH_F_RING_PACKED) check;
> - remove unnecessary double-free in in zxdh_recv_single_pkts();
> - used rte_pktmbuf_mtod();
> - remove rxq_get_vq(q) macro, use q->vq and apply it consistently;
> - Refactoring scatter and mtu check logic in zxdh_dev_mtu_set();
> - set txdp->id = avail_idx + i in tx_bunch/tx1.
> - add comment documenting zxdh_xmit_enqueue_append() now sets dxp->cookie = NULL for
> the head slot and stores cookies per descriptor via dep[idx].cookie.
> - add one-line comment noting tx_bunch() is the simple path handles single-segment.
> - remove unnecessary Extra initialization and the uint32_t cast.
> v2:
> - zxdh_rxtx.c, pkt_padding(): modifyed the return value of pkt_padding();
> - zxdh_rxtx.c, zxdh_recv_single_pkts(): modifyed When zxdh_init_mbuf() fails
> the loop does "continue" and free mbufs;
> - zxdh_rxtx.c, refill_desc_unwrap(): Add rte_io_wmb() before writing flags
> in the refill_que_descs();
> - zxdh_queue.h, zxdh_queue_enable_intr(): Remove unnecessary function of zxdh_queue_enable_intr;
> - zxdh_ethdev.c, zxdh_init_queue(): changed the hdr_mz NULL check logic;
> - zxdh_rxtx.c, zxdh_xmit_pkts_simple()、zxdh_recv_single_pkts(): add stats.bytes count;
> - zxdh_rxtx.c, zxdh_init_mbuf():remove rte_pktmbuf_dump(stdout, rxm, 40);
> - zxdh_ethdev.c, zxdh_dev_free_mbufs(): using rte_pktmbuf_free() to free mbufs;
> - Splitting into separate patches, structure reorganization and sw_ring removal、
> RX recv optimize、Tx xmit optimize、Tx;
> v1:
> This patch optimizes the ZXDH PMD's receive and transmit path for better
> performance through several improvements:
> - Add simple TX/RX burst functions (zxdh_xmit_pkts_simple and
> zxdh_recv_single_pkts) for single-segment packet scenarios.
> - Remove RX software ring (sw_ring) to reduce memory allocation and
> copy.
> - Optimize descriptor management with prefetching and simplified
> cleanup.
> - Reorganize structure fields for better cache locality.
> These changes reduce CPU cycles and memory bandwidth consumption,
> resulting in improved packet processing throughput.
>
> Junlong Wang (4):
> net/zxdh: fix queue enable intr issues
> net/zxdh: optimize queue structure to improve performance
> net/zxdh: optimize Rx recv pkts performance
> net/zxdh: optimize Tx xmit pkts performance
>
> drivers/net/zxdh/zxdh_ethdev.c | 83 +++--
> drivers/net/zxdh/zxdh_ethdev_ops.c | 23 +-
> drivers/net/zxdh/zxdh_ethdev_ops.h | 4 +
> drivers/net/zxdh/zxdh_pci.c | 2 +-
> drivers/net/zxdh/zxdh_queue.c | 11 +-
> drivers/net/zxdh/zxdh_queue.h | 122 +++---
> drivers/net/zxdh/zxdh_rxtx.c | 571 ++++++++++++++++++++++-------
> drivers/net/zxdh/zxdh_rxtx.h | 29 +-
> 8 files changed, 584 insertions(+), 261 deletions(-)
>
Better but AI review still found some issues.
Series review: net/zxdh Rx/Tx optimization (v7)
Patches 1-3 are unchanged from v6 except for the Tx prepare split
below; patch 4 still carries the unguarded in-place prepend. The v6
out-of-bounds write is narrowed but not closed.
The improvement: tx_pkt_prepare is now split, and the simple-path
variant zxdh_xmit_pkts_simple_prepare() rejects a packet whose
headroom is too small (data_off < ZXDH_DL_NET_HDR_SIZE) with a clean
error and an invalid_hdr_len_err counter. For applications that call
rte_eth_tx_prepare() this turns the corruption into a reported error.
[PATCH v7 4/4] net/zxdh: optimize Tx xmit pkts performance
Error: the headroom check lives only in tx_pkt_prepare, which is
optional, so the simple Tx burst can still reach the unchecked prepend
in pkt_padding() and write out of bounds.
rte_eth_tx_burst() does not call rte_eth_tx_prepare(); the application
invokes prepare itself, and is allowed to skip it. When MULTI_SEGS is
disabled the burst is zxdh_xmit_pkts_simple() -> submit_to_backend_simple()
-> pkt_padding(), and pkt_padding() still does:
hdr = rte_pktmbuf_mtod_offset(cookie, struct zxdh_net_hdr_dl *, -hdr_len);
rte_memcpy(hdr, net_hdr_dl, hdr_len);
cookie->data_off -= hdr_len;
with no data_off >= hdr_len guard. An application that disables
MULTI_SEGS, consumes most of the mbuf headroom before Tx (tunnel/MPLS
encap, etc.), and calls tx_burst without tx_prepare will underflow
data_off and scribble in front of buf_addr. That is a supported calling
sequence, so the memory-safety precondition cannot rest on the optional
prepare step.
The driver's own packed burst does not depend on prepare for this: in
zxdh_xmit_pkts_packed() the can_push test gates the in-place prepend on
txm->data_off >= ZXDH_DL_NET_HDR_SIZE
inline, and falls back to zxdh_xmit_enqueue_append() (header copied into
the reserved txr region) otherwise. The simple burst should be equally
self-contained.
Make the simple burst safe on its own: check data_off in the datapath
and stop at the first packet that does not fit, returning the count
already enqueued (the same break-and-return the prepare function uses),
so the caller retains ownership of the rejected packet. The
zxdh_xmit_pkts_simple_prepare() check can stay as an early, friendlier
diagnostic, but it cannot be the only guard.
Also still missing: the build-time backstop discussed earlier,
static_assert(RTE_PKTMBUF_HEADROOM >= ZXDH_DL_NET_HDR_SIZE,
"RTE_PKTMBUF_HEADROOM too small for zxdh Tx downlink header");
It does not replace the runtime check (per-packet headroom can be short
on a correctly configured build) but it cheaply rejects a build whose
default headroom cannot hold the header.
^ permalink raw reply
* Re: [PATCH v3 6/6] test/bpf: check that bpf_convert can be JIT'd
From: Stephen Hemminger @ 2026-06-23 15:51 UTC (permalink / raw)
To: Marat Khalili; +Cc: dev@dpdk.org, Konstantin Ananyev
In-Reply-To: <c510bf24a3cd492693fc54f0b558656f@huawei.com>
On Tue, 23 Jun 2026 13:57:35 +0000
Marat Khalili <marat.khalili@huawei.com> wrote:
> Thank you for working on this, please see some comments inline.
I think it is still worth keeping the tests split into two.
One test just make sure that some basic filters work as expected (match vs not match).
The other one is just doing its job by causing pcap_compile() to generate more complex
and different code. Since the packet we are feeding it is just a dummy packet, I suspect
all of the filters will be false. Let me recheck, if so then can look at return value.
^ permalink raw reply
* Re: [PATCH v3 0/9] ENETC driver related changes series
From: Stephen Hemminger @ 2026-06-23 15:46 UTC (permalink / raw)
To: Gagandeep Singh; +Cc: dev, hemant.agrawal
In-Reply-To: <20260623060004.2187716-1-g.singh@nxp.com>
On Tue, 23 Jun 2026 11:29:55 +0530
Gagandeep Singh <g.singh@nxp.com> wrote:
> V3 changes:
> - Added documentation for all devargs in enetc4.rst.
> - Fixed kvlist memory leak issue.
>
> V2 changes:
> - Fixed an un-used variable compilation issue reported on fedora:43-gcc-minsize
> - Fixed various AI reported issues:
> - Release notes updated for all new devargs
> - enect4.ini features doc updated for scattered RX.
> - removed Not required RTE_PTYPE_UNKNOWN.
> - Fixed mid-frame mbuf leak in SG case.
> - Enabled SG for enetc4 PF also.
> - move to calloc from rte_zmalloc in parse_txq_prior().
> - added vaidation checks on strdup, strtoul.
> - added NC devargs to use cacheable ops conditionally.
> - removed dead code like bd_base_p etc.
> - Fixed rte_cpu_to_le_16() conversion on flags and combined
> all flags related patches in one patch.
> - Fixed memory leak issue due to TXQ priority patch.
> - There were some false positives, I have ignored them:
> Race condition on flags field:
> clean_tx_ring only touches HW-completed BDs (next_to_clean→hwci),
> never newly-submitted BDs; doorbell hasn't fired yet.
> Missing dcbf in clean_tx_ring:
> DPDK is single-threaded per queue; TX path always overwrites
> flags completely before dcbf.
> TX dcbf granularity with wrap:
> Safe (AI admits it).
> RX refill flush at wrap:
> In-loop dcbf at i & mask == 0 already flushes aligned groups;
> trailing flush only needed for partial groups.
> RX reading before invalidate:
> dccivac precedes the read for every group in the loop
>
> Gagandeep Singh (7):
> net/enetc: fix TX BD structure
> net/enetc: fix queue initialization
> net/enetc: support ESP packet type in packet parsing
> net/enetc: update random MAC generation code
> net/enetc: add option to disable VSI messaging
> net/enetc: add devargs to control VSI-PSI timeout and delay
> net/enetc4: add cacheable BD ring support with SW cache maintenance
>
> Vanshika Shukla (2):
> net/enetc: support scatter-gather
> net/enetc: set user configurable priority to TX rings
>
> doc/guides/nics/enetc4.rst | 62 +++-
> doc/guides/nics/features/enetc4.ini | 1 +
> doc/guides/rel_notes/release_26_07.rst | 10 +
> drivers/net/enetc/base/enetc_hw.h | 13 +-
> drivers/net/enetc/enetc.h | 31 +-
> drivers/net/enetc/enetc4_ethdev.c | 172 ++++++++--
> drivers/net/enetc/enetc4_vf.c | 206 ++++++++++--
> drivers/net/enetc/enetc_ethdev.c | 25 +-
> drivers/net/enetc/enetc_rxtx.c | 430 ++++++++++++++++++++++---
> 9 files changed, 831 insertions(+), 119 deletions(-)
>
Did followup AI review and it had some more things that need fixing:
Error
=====
[PATCH v2 7/9] net/enetc: add devargs to control VSI-PSI timeout and delay
drivers/net/enetc/enetc4_vf.c, enetc4_vf_dev_init()
kvlist is leaked on the two invalid-value error paths. It is
allocated by rte_kvargs_parse() (line 1347) and only freed at
line 1385, but both
return -1; /* invalid VSI Timeout, line 1367 */
return -1; /* invalid VSI Delay, line 1380 */
return before that free. A malformed enetc4_vsi_timeout= or
enetc4_vsi_delay= leaks the kvargs structure on every probe.
Free before returning, e.g.:
if (errno != 0 || hw->vsi_timeout == 0) {
ENETC_PMD_ERR("Invalid VSI Timeout value = %u",
hw->vsi_timeout);
rte_kvargs_free(kvlist);
return -1;
}
(same for the delay path), or restructure with a goto.
Warning
=======
Series (patches 6-9)
The new runtime devargs - enetc4_vsi_disable, enetc4_vsi_timeout,
enetc4_vsi_delay, enetc4_txq_prior, and nc - are registered via
RTE_PMD_REGISTER_PARAM_STRING and noted in the release notes, but
doc/guides/nics/enetc4.rst has no Runtime Configuration section
describing them. Convention is to document devargs in the NIC guide
so users can find the syntax (e.g. the nc=1 / 'a|b|c' priority list
formats are non-obvious).
Info
====
[PATCH v2 5/9] and [PATCH v2 9/9] - RX multi-segment reassembly
In enetc_clean_rx_ring_nc() and enetc_clean_rx_ring_cacheable(),
on the frame-last BD:
first_seg->pkt_len -= rx_ring->crc_len;
reduces pkt_len but leaves the final segment's data_len unchanged,
so pkt_len != sum(data_len) when crc_len is non-zero. The old
single-segment path kept them equal (pkt_len = data_len = buf_len
- crc_len).
This is currently unreachable: enetc4 does not advertise
RTE_ETH_RX_OFFLOAD_KEEP_CRC, so crc_len is always 0 and the
subtraction is a no-op. Flagging only so the asymmetry is on record
if KEEP_CRC is ever added - at that point the last segment's
data_len would need the same adjustment (and the CRC may straddle
the last two segments).
^ permalink raw reply
* Re: [PATCH 0/5] add versioned symbols for recently stabilized APIs
From: Dariusz Sosnowski @ 2026-06-23 15:43 UTC (permalink / raw)
To: David Marchand
Cc: Thomas Monjalon, dpdk-techboard, Bruce Richardson,
Andrew Rybchenko, Viacheslav Ovsiienko, Bing Zhao, Ori Kam,
Suanming Mou, Matan Azrad, dev
In-Reply-To: <CAJFAV8yS6dLM2EUDgdG13U1Zdt208nmk2T3F8DYwT97U1coF3Q@mail.gmail.com>
On Tue, Jun 23, 2026 at 03:50:52PM +0200, David Marchand wrote:
> Hello Dariusz,
>
> On Tue, 23 Jun 2026 at 13:38, Dariusz Sosnowski <dsosnowski@nvidia.com> wrote:
> >
> > Main goal of this patchset is to address https://bugs.dpdk.org/show_bug.cgi?id=1957
>
> It is expected that experimental symbols may disappear overnight, and
> this bug could also be closed as NOTABUG.
>
> On the other hand, we do state in the doc that compatibility could be
> provided when stabilising an experimental API, so ok.. let's try.
>
> > but it also handles other recently stabilized symbols and has some minor fixes:
> >
> > - Patch 1 - Fix RTE_VERSION_EXPERIMENTAL_SYMBOL macro on clang.
>
> Ouch... /me hides.
>
>
> > - Patch 2 - Allow function versioning inside drivers.
> > - Patch 3 - Version the function symbols stabilized in
> > https://git.dpdk.org/dpdk/commit/?id=e8cab133645f5466ef75e511629add43b68a5027
> > - Patch 4 - Introduce versioning macros for global variable symbols.
> > - Patch 5 - Version the function and variable symbols stabilized in
> > https://git.dpdk.org/dpdk/commit/?id=4ee2f5c1cedf9ee7f39afa667f71b07f4004ba5c
> >
> > Issue is still not fully fixed for stabilized global variables:
> > rte_flow_dynf_metadata_offs and rte_flow_dynf_metadata_mask.
>
> Well, symbol versioning is not something for variables.
> Exposing global variables was a mistake from the start...
After fighting with this issue for some time,
I am coming to the similar conclusion :)
> Those were exported for "performance" reasons as those are accessed
> via inline helpers (but I am not sure there were benchmarks showing
> the benefits).
>
> I am for forbidding exports of global variables from now, unless some
> really good performance benchmark is provided (@techboard for info).
Sounds like a good proposal IMO.
Especially since, from a quick glance, almost all existing variables
expose values not expected to change frequently at runtime.
For example, like here, mbuf dynamic field offset.
These could be retrieved once and stored somewhere locally
(Rx/Tx queue context for example).
>
>
> Now, in practice for your issue, rather than reintroducing symbol
> aliases (technical solution that I dropped when refactoring the
> macros), I think we can do with some middle ground approach:
> - leaving the inline helpers as "stable" (not __rte_experimental),
> - restoring the EXPERIMENTAL version on the global variables, this
> will restore the location of those symbols from the previous ABI pov,
> and the checks won't catch this discrepancy anyway,
> - during 26.11, drop the EXPERIMENTAL version on those variables,
>
>
> In other words, stopping at your patch 3 of the series, then adding:
>
> $ git diff
> diff --git a/lib/ethdev/rte_flow.c b/lib/ethdev/rte_flow.c
> index ec0fe08355..8bd21ccd31 100644
> --- a/lib/ethdev/rte_flow.c
> +++ b/lib/ethdev/rte_flow.c
> @@ -23,11 +23,11 @@
> #define FLOW_LOG RTE_ETHDEV_LOG_LINE
>
> /* Mbuf dynamic field name for metadata. */
> -RTE_EXPORT_SYMBOL(rte_flow_dynf_metadata_offs)
> +RTE_EXPORT_EXPERIMENTAL_SYMBOL(rte_flow_dynf_metadata_offs, 19.11)
> int32_t rte_flow_dynf_metadata_offs = -1;
>
> /* Mbuf dynamic field flag bit number for metadata. */
> -RTE_EXPORT_SYMBOL(rte_flow_dynf_metadata_mask)
> +RTE_EXPORT_EXPERIMENTAL_SYMBOL(rte_flow_dynf_metadata_mask, 19.11)
> uint64_t rte_flow_dynf_metadata_mask;
>
> /**
Thank you for the suggestion.
That looks good to me.
I'll prepare a v2.
>
> > Patch 4 and 5 address the bug for these global variables,
> > by providing a single storage for both EXPERIMENTAL and
> > DPDK_26 variable symbol versions.
> > This is achieved through symbol aliasing.
> > But this solution is limited only to executables compiled with clang.
> >
> > clang and gcc have a different default behavior regarding relocations
> > of global variables exposed by shared libraries.
> >
>
> Yeah... not even thinking about adding MSVC in the list...
>
>
> --
> David Marchand
>
^ permalink raw reply
* [PATCH] examples: use strlcpy and strlcat
From: Bruce Richardson @ 2026-06-23 15:41 UTC (permalink / raw)
To: dev
Cc: Bruce Richardson, stable, Cristian Dumitrescu, Radu Nicolau,
Akhil Goyal, Fan Zhang, Anatoly Burakov, Sivaprasad Tummala,
Jasvinder Singh, Sergio Gonzalez Monroy, Ferruh Yigit,
Pablo de Lara, Declan Doherty, Alan Carew
Replace strncpy and other unbounded string functions, e.g. strcpy,
strcat, with the safer alternatives strlcpy and strlcat, so that we can
guarantee null termination of strings.
Fixes: 4bbf8e30aa5e ("examples/ip_pipeline: add CLI interface")
Fixes: 5f657a7fbe86 ("examples/pipeline: add message passing mechanism")
Fixes: 83f58a7b7b0a ("examples/pipeline: add commands for direct registers")
Fixes: 0d547ed03717 ("examples/ipsec-secgw: support configuration file")
Fixes: 63e8c07c7245 ("examples/ipsec-secgw: fix configuration parsing")
Fixes: 41e97c2ea9e6 ("examples/l2fwd-crypto: extend crypto information")
Fixes: e8ae9b662506 ("examples/vm_power: channel manager and monitor in host")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
---
examples/ip_pipeline/conn.c | 4 ++--
examples/ipsec-secgw/sa.c | 4 ++--
examples/l2fwd-crypto/main.c | 12 ++++++------
examples/pipeline/cli.c | 4 ++--
examples/pipeline/conn.c | 4 ++--
examples/vm_power_manager/channel_manager.c | 3 +--
6 files changed, 15 insertions(+), 16 deletions(-)
diff --git a/examples/ip_pipeline/conn.c b/examples/ip_pipeline/conn.c
index 30fca80c14..9f347fd1c2 100644
--- a/examples/ip_pipeline/conn.c
+++ b/examples/ip_pipeline/conn.c
@@ -115,8 +115,8 @@ conn_init(struct conn_params *p)
}
/* Fill in */
- strncpy(conn->welcome, p->welcome, CONN_WELCOME_LEN_MAX);
- strncpy(conn->prompt, p->prompt, CONN_PROMPT_LEN_MAX);
+ strlcpy(conn->welcome, p->welcome, CONN_WELCOME_LEN_MAX + 1);
+ strlcpy(conn->prompt, p->prompt, CONN_PROMPT_LEN_MAX + 1);
conn->buf_size = p->buf_size;
conn->msg_in_len_max = p->msg_in_len_max;
conn->msg_out_len_max = p->msg_out_len_max;
diff --git a/examples/ipsec-secgw/sa.c b/examples/ipsec-secgw/sa.c
index 866ba04b86..b5068765b6 100644
--- a/examples/ipsec-secgw/sa.c
+++ b/examples/ipsec-secgw/sa.c
@@ -338,12 +338,12 @@ parse_key_string(const char *key_str, uint8_t *key)
if (pt_end == NULL) {
if (strlen(pt_start) > 2)
return 0;
- strncpy(sub_str, pt_start, 2);
+ memcpy(sub_str, pt_start, 2);
} else {
if (pt_end - pt_start > 2)
return 0;
- strncpy(sub_str, pt_start, pt_end - pt_start);
+ memcpy(sub_str, pt_start, pt_end - pt_start);
pt_start = pt_end + 1;
}
diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c
index ff189b5fab..22ad825c91 100644
--- a/examples/l2fwd-crypto/main.c
+++ b/examples/l2fwd-crypto/main.c
@@ -1576,19 +1576,19 @@ l2fwd_crypto_options_print(struct l2fwd_crypto_options *options)
char string_aead_op[MAX_STR_LEN];
if (options->cipher_xform.cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)
- strcpy(string_cipher_op, "Encrypt");
+ strlcpy(string_cipher_op, "Encrypt", sizeof(string_cipher_op));
else
- strcpy(string_cipher_op, "Decrypt");
+ strlcpy(string_cipher_op, "Decrypt", sizeof(string_cipher_op));
if (options->auth_xform.auth.op == RTE_CRYPTO_AUTH_OP_GENERATE)
- strcpy(string_auth_op, "Auth generate");
+ strlcpy(string_auth_op, "Auth generate", sizeof(string_auth_op));
else
- strcpy(string_auth_op, "Auth verify");
+ strlcpy(string_auth_op, "Auth verify", sizeof(string_auth_op));
if (options->aead_xform.aead.op == RTE_CRYPTO_AEAD_OP_ENCRYPT)
- strcpy(string_aead_op, "Authenticated encryption");
+ strlcpy(string_aead_op, "Authenticated encryption", sizeof(string_aead_op));
else
- strcpy(string_aead_op, "Authenticated decryption");
+ strlcpy(string_aead_op, "Authenticated decryption", sizeof(string_aead_op));
printf("Options:-\nn");
diff --git a/examples/pipeline/cli.c b/examples/pipeline/cli.c
index 215b4061d5..901706fab9 100644
--- a/examples/pipeline/cli.c
+++ b/examples/pipeline/cli.c
@@ -172,9 +172,9 @@ parse_table_entry(struct rte_swx_ctl_pipeline *p,
line[0] = 0;
for (i = 0; i < n_tokens; i++) {
if (i)
- strcat(line, " ");
+ strlcat(line, " ", MAX_LINE_SIZE);
- strcat(line, tokens[i]);
+ strlcat(line, tokens[i], MAX_LINE_SIZE);
}
/* Read the table entry from the input buffer. */
diff --git a/examples/pipeline/conn.c b/examples/pipeline/conn.c
index e168c4ddaa..257f3c9f78 100644
--- a/examples/pipeline/conn.c
+++ b/examples/pipeline/conn.c
@@ -116,8 +116,8 @@ conn_init(struct conn_params *p)
}
/* Fill in */
- strncpy(conn->welcome, p->welcome, CONN_WELCOME_LEN_MAX);
- strncpy(conn->prompt, p->prompt, CONN_PROMPT_LEN_MAX);
+ strlcpy(conn->welcome, p->welcome, CONN_WELCOME_LEN_MAX + 1);
+ strlcpy(conn->prompt, p->prompt, CONN_PROMPT_LEN_MAX + 1);
conn->buf_size = p->buf_size;
conn->msg_in_len_max = p->msg_in_len_max;
conn->msg_out_len_max = p->msg_out_len_max;
diff --git a/examples/vm_power_manager/channel_manager.c b/examples/vm_power_manager/channel_manager.c
index b69449c61d..339c7fbb93 100644
--- a/examples/vm_power_manager/channel_manager.c
+++ b/examples/vm_power_manager/channel_manager.c
@@ -875,8 +875,7 @@ add_vm(const char *vm_name)
rte_free(new_domain);
return -1;
}
- strncpy(new_domain->name, vm_name, sizeof(new_domain->name));
- new_domain->name[sizeof(new_domain->name) - 1] = '\0';
+ strlcpy(new_domain->name, vm_name, sizeof(new_domain->name));
memset(new_domain->channel_mask, 0, RTE_MAX_LCORE);
new_domain->num_channels = 0;
--
2.53.0
^ permalink raw reply related
* Re: [PATCH 1/5] eal: fix macro for versioned experimental symbol
From: Dariusz Sosnowski @ 2026-06-23 15:26 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: David Marchand, dev, Bruce Richardson
In-Reply-To: <20260623065000.57d775c9@phoenix.local>
On Tue, Jun 23, 2026 at 06:50:00AM -0700, Stephen Hemminger wrote:
> On Tue, 23 Jun 2026 13:37:47 +0200
> Dariusz Sosnowski <dsosnowski@nvidia.com> wrote:
>
> > Add a missing semicolon after __asm__ block in
> > RTE_VERSION_EXPERIMENTAL_SYMBOL macro.
> > It's lack triggers the following compilation error with clang:
> >
> > ../lib/ethdev/rte_flow.c:320:1: error: expected ';' after top-level asm block
> > 320 | RTE_VERSION_EXPERIMENTAL_SYMBOL(int, rte_flow_dynf_metadata_register, (void))
> > | ^
> > ../lib/eal/common/eal_export.h:75:74: note: expanded from macro 'RTE_VERSION_EXPERIMENTAL_SYMBOL'
> > 75 | __asm__(".symver " RTE_STR(name) "_exp, " RTE_STR(name) "@EXPERIMENTAL") \
> > | ^
> > ../lib/eal/include/rte_common.h:237:20: note: expanded from macro '\
> > __rte_used'
> > 237 | #define __rte_used __attribute__((used))
> > | ^
> >
> > Fixes: e30e194c4d06 ("eal: rework function versioning macros")
> > Cc: david.marchand@redhat.com
> >
> > Signed-
>
> I didn't see this because clang doesn't have symver support.
> Which version of clang is this?
clang 19 available on Debian 13:
$ clang --version
Debian clang version 19.1.7 (3+b1)
Target: x86_64-pc-linux-gnu
Thread model: posix
InstalledDir: /usr/lib/llvm-19/bin
^ permalink raw reply
* [PATCH] app: remove use of strncpy
From: Bruce Richardson @ 2026-06-23 14:50 UTC (permalink / raw)
To: dev
Cc: Bruce Richardson, stable, Kai Ji, Cheng Jiang, Chengwen Feng,
Jerin Jacob, Ori Kam, Aman Singh, Michal Kobylinski,
Piotr Azarewicz, Marcin Kerlin, Slawomir Mrozowicz,
Declan Doherty, Aleksander Gajewski, Pablo de Lara,
Guduri Prathyusha, Harry van Haaren, Morten Brørup, Jiayu Hu,
Yuan Wang, Anoob Joseph, Xiaoyu Min, Xueming Li, Yuval Avnery
Use of strncpy is not recommended, so replace it with strlcpy or memcpy
as appropriate.
Fixes: f8be1786b1b8 ("app/crypto-perf: introduce performance test application")
Fixes: 8ecd4048ba5d ("app/crypto-perf: fix string not null terminated")
Fixes: 0add6c27cd7c ("app/testeventdev: define the test options")
Fixes: 623dc9364dc6 ("app/dma-perf: introduce DMA performance test")
Fixes: 1e8a4e97b057 ("app/testpmd: add flow dump command")
Fixes: de06137cb295 ("app/regex: add RegEx test application")
Cc: stable@dpdk.org
Signed-off-by: Bruce Richardson <bruce.richardson@intel.com>
---
app/test-crypto-perf/cperf_options_parsing.c | 5 ++---
app/test-dma-perf/main.c | 2 +-
app/test-eventdev/evt_options.c | 2 +-
app/test-pmd/cmdline_flow.c | 2 +-
app/test-regex/main.c | 9 ++-------
5 files changed, 7 insertions(+), 13 deletions(-)
diff --git a/app/test-crypto-perf/cperf_options_parsing.c b/app/test-crypto-perf/cperf_options_parsing.c
index 14e731586b..0951293adb 100644
--- a/app/test-crypto-perf/cperf_options_parsing.c
+++ b/app/test-crypto-perf/cperf_options_parsing.c
@@ -481,8 +481,7 @@ parse_device_type(struct cperf_options *opts, const char *arg)
if (strlen(arg) > (sizeof(opts->device_type) - 1))
return -1;
- strncpy(opts->device_type, arg, sizeof(opts->device_type) - 1);
- *(opts->device_type + sizeof(opts->device_type) - 1) = '\0';
+ strlcpy(opts->device_type, arg, sizeof(opts->device_type));
return 0;
}
@@ -1125,7 +1124,7 @@ cperf_options_default(struct cperf_options *opts)
opts->segment_sz = 0;
opts->imix_distribution_count = 0;
- strncpy(opts->device_type, "crypto_aesni_mb",
+ strlcpy(opts->device_type, "crypto_aesni_mb",
sizeof(opts->device_type));
opts->nb_qps = 1;
diff --git a/app/test-dma-perf/main.c b/app/test-dma-perf/main.c
index 4249dcfd3d..13bf07a764 100644
--- a/app/test-dma-perf/main.c
+++ b/app/test-dma-perf/main.c
@@ -220,7 +220,7 @@ parse_entry(const char *value, struct test_configure_entry *entry)
int args_nr = -1;
int ret;
- strncpy(input, value, 254);
+ strlcpy(input, value, sizeof(input));
if (*input == '\0')
goto out;
diff --git a/app/test-eventdev/evt_options.c b/app/test-eventdev/evt_options.c
index 0e70c971eb..1da0aba386 100644
--- a/app/test-eventdev/evt_options.c
+++ b/app/test-eventdev/evt_options.c
@@ -23,7 +23,7 @@ evt_options_default(struct evt_options *opt)
memset(opt, 0, sizeof(*opt));
opt->verbose_level = 1; /* Enable minimal prints */
opt->dev_id = 0;
- strncpy(opt->test_name, "order_queue", EVT_TEST_NAME_MAX_LEN);
+ strlcpy(opt->test_name, "order_queue", sizeof(opt->test_name));
opt->nb_flows = 1024;
opt->socket_id = SOCKET_ID_ANY;
opt->pool_sz = 16 * 1024;
diff --git a/app/test-pmd/cmdline_flow.c b/app/test-pmd/cmdline_flow.c
index 67f200f2e3..465396d2e5 100644
--- a/app/test-pmd/cmdline_flow.c
+++ b/app/test-pmd/cmdline_flow.c
@@ -11910,7 +11910,7 @@ parse_string0(struct context *ctx, const struct token *token __rte_unused,
if (!ctx->object)
return len;
buf = (uint8_t *)ctx->object + arg_data->offset;
- strncpy(buf, str, len);
+ memcpy(buf, str, len);
if (ctx->objmask)
memset((uint8_t *)ctx->objmask + arg_data->offset, 0xff, len);
return len;
diff --git a/app/test-regex/main.c b/app/test-regex/main.c
index acb834a8b4..81719f2e04 100644
--- a/app/test-regex/main.c
+++ b/app/test-regex/main.c
@@ -103,7 +103,6 @@ args_parse(int argc, char **argv, char *rules_file, char *data_file,
char **argvopt;
int opt;
int opt_idx;
- size_t len;
static struct option lgopts[] = {
{ "help", 0, 0, ARG_HELP},
/* Rules database file to load. */
@@ -133,20 +132,16 @@ args_parse(int argc, char **argv, char *rules_file, char *data_file,
lgopts, &opt_idx)) != EOF) {
switch (opt) {
case ARG_RULES_FILE_NAME:
- len = strnlen(optarg, MAX_FILE_NAME - 1);
- if (len == MAX_FILE_NAME)
+ if (strlcpy(rules_file, optarg, MAX_FILE_NAME) >= MAX_FILE_NAME)
rte_exit(EXIT_FAILURE,
"Rule file name to long max %d\n",
MAX_FILE_NAME - 1);
- strncpy(rules_file, optarg, MAX_FILE_NAME - 1);
break;
case ARG_DATA_FILE_NAME:
- len = strnlen(optarg, MAX_FILE_NAME - 1);
- if (len == MAX_FILE_NAME)
+ if (strlcpy(data_file, optarg, MAX_FILE_NAME) >= MAX_FILE_NAME)
rte_exit(EXIT_FAILURE,
"Data file name to long max %d\n",
MAX_FILE_NAME - 1);
- strncpy(data_file, optarg, MAX_FILE_NAME - 1);
break;
case ARG_NUM_OF_JOBS:
*nb_jobs = atoi(optarg);
--
2.53.0
^ permalink raw reply related
* [PATCH v4 24/24] doc: add release notes for BPF validation fixes
From: Marat Khalili @ 2026-06-23 14:32 UTC (permalink / raw)
Cc: dev, Konstantin Ananyev
In-Reply-To: <20260623143215.95318-1-marat.khalili@huawei.com>
Document hardening the BPF validator.
Signed-off-by: Marat Khalili <marat.khalili@huawei.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@huawei.com>
---
doc/guides/rel_notes/release_26_07.rst | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/doc/guides/rel_notes/release_26_07.rst b/doc/guides/rel_notes/release_26_07.rst
index 8471966a4992..9376e7acad24 100644
--- a/doc/guides/rel_notes/release_26_07.rst
+++ b/doc/guides/rel_notes/release_26_07.rst
@@ -164,7 +164,7 @@ New Features
for installing already loaded BPF programs as port callbacks
(as opposed to loading them directly from ELF files).
-* **Added BPF validation debugging API.**
+* **Added BPF validation debugging API and hardened BPF validator.**
* Introduced a new set of APIs (prefixed with ``rte_bpf_validate_debug_``) to
introspect the BPF validator. This provides a mechanism to set breakpoints
@@ -172,6 +172,10 @@ New Features
(such as tracked register bounds). This API is crucial primarily for writing
comprehensive tests for the validator, but also serves as a foundation for a
future interactive eBPF validation debugger.
+ * Fixed numerous bugs in the BPF validator's abstract interpretation logic,
+ including incorrect bounds tracking for jumps and arithmetic operations, as
+ well as fixing several instances of undefined behavior (UB) when verifying
+ malicious or corrupt programs.
* **Added AI review helpers.**
--
2.43.0
^ permalink raw reply related
* [PATCH v4 23/24] bpf/validate: prevent overflow when building graph
From: Marat Khalili @ 2026-06-23 14:32 UTC (permalink / raw)
To: Konstantin Ananyev; +Cc: dev, stable, Claudia Cauli
In-Reply-To: <20260623143215.95318-1-marat.khalili@huawei.com>
Function `evst_pool_init` for malicious or corrupt BPF program with
number of conditional jumps exceeding a third of UINT32_MAX could cause
arithmetic and buffer overflows when working with the program graph.
Fix the issue by limiting maximum number of conditional jumps supported
by UINT32_MAX / 4, or more than 1 billion.
Fixes: 8021917293d0 ("bpf: add extra validation for input BPF program")
Cc: stable@dpdk.org
Reported-by: Claudia Cauli <claudiacauli@gmail.com>
Signed-off-by: Marat Khalili <marat.khalili@huawei.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@huawei.com>
---
lib/bpf/bpf_validate.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/lib/bpf/bpf_validate.c b/lib/bpf/bpf_validate.c
index 03c590c75377..f9960088a285 100644
--- a/lib/bpf/bpf_validate.c
+++ b/lib/bpf/bpf_validate.c
@@ -2662,6 +2662,10 @@ evst_pool_init(struct bpf_verifier *bvf)
{
uint32_t k, n;
+ if (bvf->nb_jcc_nodes > UINT32_MAX / 4)
+ /* Calculations that follow may overflow. */
+ return -E2BIG;
+
/*
* We need nb_jcc_nodes + 1 for save_cur/restore_cur
* remaining ones will be used for state tracking/pruning.
--
2.43.0
^ permalink raw reply related
* [PATCH v4 22/24] bpf/validate: fix BPF_XOR signed min calculation
From: Marat Khalili @ 2026-06-23 14:32 UTC (permalink / raw)
To: Konstantin Ananyev; +Cc: dev, stable, Claudia Cauli
In-Reply-To: <20260623143215.95318-1-marat.khalili@huawei.com>
Function `eval_xor` calculated signed minimum using essentially unsigned
algorithm as long as any of the operands have non-negative range, which
is incorrect since it ignores any negative numbers that may have the
sign or any other bits set.
E.g. consider the following program with the current validation code:
Tested program:
0: mov r0, #0x0
1: ldxdw r2, [r1 + 0]
2: jsgt r2, #0x0, L5
3: xor r2, #0x0 ; tested instruction
4: mov r0, #0x1
5: exit
Pre-state:
r2: INT64_MIN..0
Post-state:
r2: 0
After the tested instruction validator considers r2 to equal 0, however
if -1 was loaded on step 1 it is possible for it to be -1.
Set signed range to full if any of the operands can be negative,
otherwise (if both operands are non-negative) use same algorithm as for
unsigned numbers. Add test.
Fixes: 8021917293d0 ("bpf: add extra validation for input BPF program")
Cc: stable@dpdk.org
Reported-by: Claudia Cauli <claudiacauli@gmail.com>
Signed-off-by: Marat Khalili <marat.khalili@huawei.com>
Acked-by: Konstantin Ananyev <konstantin.ananyev@huawei.com>
---
app/test/test_bpf_validate.c | 17 +++++++++++++++++
lib/bpf/bpf_validate.c | 2 +-
2 files changed, 18 insertions(+), 1 deletion(-)
diff --git a/app/test/test_bpf_validate.c b/app/test/test_bpf_validate.c
index 205373a4f86b..a06d3254d6ba 100644
--- a/app/test/test_bpf_validate.c
+++ b/app/test/test_bpf_validate.c
@@ -1764,6 +1764,23 @@ test_alu64_sub_x_src_signed_max_zero(void)
REGISTER_FAST_TEST(bpf_validate_alu64_sub_x_src_signed_max_zero_autotest, NOHUGE_OK, ASAN_OK,
test_alu64_sub_x_src_signed_max_zero);
+/* 64-bit bitwise XOR between a negative scalar range and zero immediate. */
+static int
+test_alu64_xor_k_negative(void)
+{
+ return verify_instruction((struct verify_instruction_param){
+ .tested_instruction = {
+ .code = (EBPF_ALU64 | BPF_XOR | BPF_K),
+ .imm = 0,
+ },
+ .pre.dst = make_signed_domain(INT64_MIN, 0),
+ .post.dst = unknown,
+ });
+}
+
+REGISTER_FAST_TEST(bpf_validate_alu64_xor_k_negative_autotest, NOHUGE_OK, ASAN_OK,
+ test_alu64_xor_k_negative);
+
/* Jump if greater than immediate. */
static int
test_jmp64_jeq_k(void)
diff --git a/lib/bpf/bpf_validate.c b/lib/bpf/bpf_validate.c
index 131a5468dbc4..03c590c75377 100644
--- a/lib/bpf/bpf_validate.c
+++ b/lib/bpf/bpf_validate.c
@@ -910,7 +910,7 @@ eval_xor(struct bpf_reg_val *rd, const struct bpf_reg_val *rs, size_t opsz,
rd->s.max ^= rs->s.max;
/* both operands are non-negative */
- } else if (rd->s.min >= 0 || rs->s.min >= 0) {
+ } else if (rd->s.min >= 0 && rs->s.min >= 0) {
rd->s.max = eval_uor_max(rd->s.max, rs->s.max, opsz);
rd->s.min = 0;
} else
--
2.43.0
^ permalink raw reply related
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox