net/ice/base: avoid undefined behavior

When writing the driver's struct ice_tlan_ctx structure, do not write
the 8-bit element int_q_state with the associated internal-to-hardware
field which is 122-bits, otherwise the helper function ice_write_byte()
will use undefined behavior when setting the mask used for that write.
This should not cause any functional change and will avoid use of
undefined behavior.  Also, update a comment to highlight this structure
element is not written.

Signed-off-by: Bruce Allan <bruce.w.allan@intel.com>
Signed-off-by: Paul M Stillwell Jr <paul.m.stillwell.jr@intel.com>
Signed-off-by: Qi Zhang <qi.z.zhang@intel.com>
Acked-by: Qiming Yang <qiming.yang@intel.com>

diff --git a/drivers/net/ice/base/ice_common.c b/drivers/net/ice/base/ice_common.c
index 17ffdee..4b4555f 100644 (file)
--- a/drivers/net/ice/base/ice_common.c
+++ b/drivers/net/ice/base/ice_common.c
@@ -996,7 +996,7 @@ ice_write_rxq_ctx(struct ice_hw *hw, struct ice_rlan_ctx *rlan_ctx,
 
        rlan_ctx->prefena = 1;
 
-       ice_set_ctx((u8 *)rlan_ctx, ctx_buf, ice_rlan_ctx_info);
+       ice_set_ctx(hw, (u8 *)rlan_ctx, ctx_buf, ice_rlan_ctx_info);
        return ice_copy_rxq_ctx_to_hw(hw, ctx_buf, rxq_index);
 }
 
@@ -1119,7 +1119,7 @@ ice_write_tx_cmpltnq_ctx(struct ice_hw *hw,
 {
        u8 ctx_buf[ICE_TX_CMPLTNQ_CTX_SIZE_DWORDS * sizeof(u32)] = { 0 };
 
-       ice_set_ctx((u8 *)tx_cmpltnq_ctx, ctx_buf, ice_tx_cmpltnq_ctx_info);
+       ice_set_ctx(hw, (u8 *)tx_cmpltnq_ctx, ctx_buf, ice_tx_cmpltnq_ctx_info);
        return ice_copy_tx_cmpltnq_ctx_to_hw(hw, ctx_buf, tx_cmpltnq_index);
 }
 
@@ -1210,7 +1210,8 @@ ice_write_tx_drbell_q_ctx(struct ice_hw *hw,
 {
        u8 ctx_buf[ICE_TX_DRBELL_Q_CTX_SIZE_DWORDS * sizeof(u32)] = { 0 };
 
-       ice_set_ctx((u8 *)tx_drbell_q_ctx, ctx_buf, ice_tx_drbell_q_ctx_info);
+       ice_set_ctx(hw, (u8 *)tx_drbell_q_ctx, ctx_buf,
+                   ice_tx_drbell_q_ctx_info);
        return ice_copy_tx_drbell_q_ctx_to_hw(hw, ctx_buf, tx_drbell_q_index);
 }
 
@@ -3565,12 +3566,14 @@ ice_write_qword(u8 *src_ctx, u8 *dest_ctx, const struct ice_ctx_ele *ce_info)
 
 /**
  * ice_set_ctx - set context bits in packed structure
+ * @hw: pointer to the hardware structure
  * @src_ctx:  pointer to a generic non-packed context structure
  * @dest_ctx: pointer to memory for the packed structure
  * @ce_info:  a description of the structure to be transformed
  */
 enum ice_status
-ice_set_ctx(u8 *src_ctx, u8 *dest_ctx, const struct ice_ctx_ele *ce_info)
+ice_set_ctx(struct ice_hw *hw, u8 *src_ctx, u8 *dest_ctx,
+           const struct ice_ctx_ele *ce_info)
 {
        int f;
 
@@ -3579,6 +3582,12 @@ ice_set_ctx(u8 *src_ctx, u8 *dest_ctx, const struct ice_ctx_ele *ce_info)
                 * using the correct size so that we are correct regardless
                 * of the endianness of the machine.
                 */
+               if (ce_info[f].width > (ce_info[f].size_of * BITS_PER_BYTE)) {
+                       ice_debug(hw, ICE_DBG_QCTX,
+                                 "Field %d width of %d bits larger than size of %d byte(s) ... skipping write\n",
+                                 f, ce_info[f].width, ce_info[f].size_of);
+                       continue;
+               }
                switch (ce_info[f].size_of) {
                case sizeof(u8):
                        ice_write_byte(src_ctx, dest_ctx, &ce_info[f]);

diff --git a/drivers/net/ice/base/ice_common.h b/drivers/net/ice/base/ice_common.h
index 2a1077b..6d971a6 100644 (file)
--- a/drivers/net/ice/base/ice_common.h
+++ b/drivers/net/ice/base/ice_common.h
@@ -114,7 +114,9 @@ enum ice_status ice_aq_q_shutdown(struct ice_hw *hw, bool unloading);
 void ice_fill_dflt_direct_cmd_desc(struct ice_aq_desc *desc, u16 opcode);
 extern const struct ice_ctx_ele ice_tlan_ctx_info[];
 enum ice_status
-ice_set_ctx(u8 *src_ctx, u8 *dest_ctx, const struct ice_ctx_ele *ce_info);
+ice_set_ctx(struct ice_hw *hw, u8 *src_ctx, u8 *dest_ctx,
+           const struct ice_ctx_ele *ce_info);
+
 enum ice_status
 ice_aq_send_cmd(struct ice_hw *hw, struct ice_aq_desc *desc,
                void *buf, u16 buf_size, struct ice_sq_cd *cd);

diff --git a/drivers/net/ice/base/ice_lan_tx_rx.h b/drivers/net/ice/base/ice_lan_tx_rx.h
index 99edcc8..012d129 100644 (file)
--- a/drivers/net/ice/base/ice_lan_tx_rx.h
+++ b/drivers/net/ice/base/ice_lan_tx_rx.h
@@ -1135,7 +1135,7 @@ struct ice_tlan_ctx {
        u8 drop_ena;
        u8 cache_prof_idx;
        u8 pkt_shaper_prof_idx;
-       u8 int_q_state; /* width not needed - internal do not write */
+       u8 int_q_state; /* width not needed - internal - DO NOT WRITE!!! */
 };
 
 /* LAN Tx Completion Queue data */

diff --git a/drivers/net/ice/ice_rxtx.c b/drivers/net/ice/ice_rxtx.c
index 1c9f31e..5d6f693 100644 (file)
--- a/drivers/net/ice/ice_rxtx.c
+++ b/drivers/net/ice/ice_rxtx.c
@@ -481,7 +481,7 @@ ice_tx_queue_start(struct rte_eth_dev *dev, uint16_t tx_queue_id)
        tx_ctx.tso_qnum = txq->reg_idx; /* index for tso state structure */
        tx_ctx.legacy_int = 1; /* Legacy or Advanced Host Interface */
 
-       ice_set_ctx((uint8_t *)&tx_ctx, txq_elem.txqs[0].txq_ctx,
+       ice_set_ctx(hw, (uint8_t *)&tx_ctx, txq_elem.txqs[0].txq_ctx,
                    ice_tlan_ctx_info);
 
        txq->qtx_tail = hw->hw_addr + QTX_COMM_DBELL(txq->reg_idx);
@@ -653,7 +653,7 @@ ice_fdir_tx_queue_start(struct rte_eth_dev *dev, uint16_t tx_queue_id)
        tx_ctx.tso_qnum = txq->reg_idx; /* index for tso state structure */
        tx_ctx.legacy_int = 1; /* Legacy or Advanced Host Interface */
 
-       ice_set_ctx((uint8_t *)&tx_ctx, txq_elem.txqs[0].txq_ctx,
+       ice_set_ctx(hw, (uint8_t *)&tx_ctx, txq_elem.txqs[0].txq_ctx,
                    ice_tlan_ctx_info);
 
        txq->qtx_tail = hw->hw_addr + QTX_COMM_DBELL(txq->reg_idx);