From addaf1fb9fa99a66d71d1bfd35b6f3185530e444 Mon Sep 17 00:00:00 2001
From: Dennis Afanasev <32916582+dennisafa@users.noreply.github.com>
Date: Mon, 4 Feb 2019 01:12:15 -0500
Subject: [PATCH] [Bug Fix] Add Out Of Bounds Checks for Service IDs  (#66)

This bug fix adds out of bounds checks for NF service ids. Before we were not handling cases when a new NF service id exceeded the MAX_SERVICES value or when launching a new NF would exceed the NF_SERVICE_COUNT_MAX value for the given service id. This change addresses these issues and prints appropriate error messages.

Commit log:

* Updates

Nonzero service check already in place. Reverting.

* Updates to onvm_nf.c, onvm_common.h, onvm_nflib.c

Adding checks for maximum nf's per service.

* Update onvm_nflib.c

* Update onvm_nf.c

* Update onvm_nf.c

Newline removal

* Updated onvm_common.h, NF_Dev.md

Style clean-up, changes to service description in NF_Dev.md.

* Update NF_Dev.md
---
 docs/NF_Dev.md                |  2 +-
 onvm/onvm_mgr/onvm_nf.c       | 12 ++++++++++++
 onvm/onvm_nflib/onvm_common.h |  2 ++
 onvm/onvm_nflib/onvm_nflib.c  |  6 ++++++
 4 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/docs/NF_Dev.md b/docs/NF_Dev.md
index 00c7f7e09..39e9f9539 100644
--- a/docs/NF_Dev.md
+++ b/docs/NF_Dev.md
@@ -6,7 +6,7 @@ Overview
 
 The openNetVM manager is comprised of two directories: one containing the source code for the [manager][onvm_mgr] and the second containing the source for the [NF_Lib][onvm_nflib].  The manager is responsible for maintaining state bewteen NFs, routing packets between NICs and NFs, and displaying log messages and/or statistics.  The NF_Lib contains useful libraries to initialize and run NFs and libraries to support NF capabilities: [packet helper][pkt_helper], [flow table][flow_table], [flow director][flow_director], [service chains][srvc_chains], and [message passing][msg_passing].
 
-Currently, our platform supports at most 16 NF instances running at once.  This limit is defined in [onvm_common.h][onvm_common.h:L51].
+Currently, our platform supports at most 128 NF instances running at once with a maximum ID value of 32 for each NF. We currently support a maximum of 32 NF instances per service. These limits are defined in [onvm_common.h][onvm_common.h:L51].  These are parameters developed for experimentation of the platform, and are subject to change.
 
 NFs are run with different arguments in three different tiers--DPDK configuration flags, openNetVM configuration flags, and NF configuration flags--which are separated with `--`.
   - DPDK configuration flags:
diff --git a/onvm/onvm_mgr/onvm_nf.c b/onvm/onvm_mgr/onvm_nf.c
index 8120f50c5..493de4566 100644
--- a/onvm/onvm_mgr/onvm_nf.c
+++ b/onvm/onvm_mgr/onvm_nf.c
@@ -188,6 +188,18 @@ onvm_nf_start(struct onvm_nf_info *nf_info) {
                 return 1;
         }
 
+        if (nf_info->service_id >= MAX_SERVICES) {
+                // Service ID must be less than MAX_SERVICES and greater than 0
+                nf_info->status = NF_SERVICE_MAX;
+                return 1;
+        }
+
+        if (nf_per_service_count[nf_info->service_id] >= MAX_NFS_PER_SERVICE) {
+                // Maximum amount of NF's per service spawned
+                nf_info->status = NF_SERVICE_COUNT_MAX;
+                return 1;
+        }
+
         if (onvm_nf_is_valid(&nfs[nf_id])) {
                 // This NF is trying to declare an ID already in use
                 nf_info->status = NF_ID_CONFLICT;
diff --git a/onvm/onvm_nflib/onvm_common.h b/onvm/onvm_nflib/onvm_common.h
index ba37fe93c..d72691f6e 100644
--- a/onvm/onvm_nflib/onvm_common.h
+++ b/onvm/onvm_nflib/onvm_common.h
@@ -271,6 +271,8 @@ struct onvm_service_chain {
 #define NF_STOPPED 4            // NF has stopped and in the shutdown process
 #define NF_ID_CONFLICT 5        // NF is trying to declare an ID already in use
 #define NF_NO_IDS 6             // There are no available IDs for this NF
+#define NF_SERVICE_MAX 7        // Service ID has exceeded the maximum amount
+#define NF_SERVICE_COUNT_MAX 8  // Maximum amount of NF's per service spawned
 
 #define NF_NO_ID -1
 #define ONVM_NF_HANDLE_TX 1     // should be true if NFs primarily pass packets to each other
diff --git a/onvm/onvm_nflib/onvm_nflib.c b/onvm/onvm_nflib/onvm_nflib.c
index e13810bff..5068c9f7c 100644
--- a/onvm/onvm_nflib/onvm_nflib.c
+++ b/onvm/onvm_nflib/onvm_nflib.c
@@ -315,6 +315,12 @@ onvm_nflib_start_nf(struct onvm_nf_info *nf_info) {
         if (nf_info->status == NF_ID_CONFLICT) {
                 rte_mempool_put(nf_info_mp, nf_info);
                 rte_exit(NF_ID_CONFLICT, "Selected ID already in use. Exiting...\n");
+        } else if (nf_info->status == NF_SERVICE_MAX) {
+                rte_mempool_put(nf_info_mp, nf_info);
+                rte_exit(NF_SERVICE_MAX, "Service ID must be less than %d\n", MAX_SERVICES);
+        } else if (nf_info->status == NF_SERVICE_COUNT_MAX) {
+                rte_mempool_put(nf_info_mp, nf_info);
+                rte_exit(NF_SERVICE_COUNT_MAX, "Maximum amount of NF's per service spawned, must be less than %d", MAX_NFS_PER_SERVICE);
         } else if(nf_info->status == NF_NO_IDS) {
                 rte_mempool_put(nf_info_mp, nf_info);
                 rte_exit(NF_NO_IDS, "There are no ids available for this NF\n");