From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 1EAA2A0093; Fri, 10 Dec 2021 15:10:10 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 8D55B40685; Fri, 10 Dec 2021 15:10:09 +0100 (CET) Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by mails.dpdk.org (Postfix) with ESMTP id 702FC40041; Fri, 10 Dec 2021 15:10:08 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1639145408; x=1670681408; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=gH/RFh7s1/F8lKm0UpsOfaKbzr7Js/ZyJufZumg4mVw=; b=Pzsb8ApgCqZfFkdJa2P9wtYEFwa5tMJmJcLZlOZfehZhKhVsGN0iHmDX MNTQZHssNn+4/kXY/zT+hv/M6jq3QlnZx3kFIPdrrelSEOxUFjn3cbXKu uplLD0QknGZlIc8BgtuuZ10XdFeWp0XtoQWwCW20IZbJ1vJl2bXjyPRq3 O6Z8VFNIlBElcT3f8rvH7EIQf18XvGbUpMUElNVTfTSqzpRc02nMTmHMw kEpM0kz8gPO00zr6R4v5C8kqdBk7evuOgf3v/j7A7AzZGek4ZvRwTUTVE UYPDvaFYgj3CbpSkCS0nf30T0TmMmf9QvlmtkJGUQschatdDm8uNo6l8v A==; X-IronPort-AV: E=McAfee;i="6200,9189,10193"; a="324613220" X-IronPort-AV: E=Sophos;i="5.88,195,1635231600"; d="scan'208";a="324613220" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 10 Dec 2021 06:10:06 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.88,195,1635231600"; d="scan'208";a="612936980" Received: from silpixa00400355.ir.intel.com (HELO silpixa00400355.ger.corp.intel.com) ([10.237.222.49]) by orsmga004.jf.intel.com with ESMTP; 10 Dec 2021 06:10:04 -0800 From: Ciara Power To: dev@dpdk.org Cc: stable@dpdk.org, john.mcnamara@intel.com, roy.fan.zhang@intel.com, Ciara Power , Pablo de Lara Subject: [PATCH 1/3] crypto/ipsec_mb: fix qp setup null pointer dereference Date: Fri, 10 Dec 2021 14:09:50 +0000 Message-Id: <20211210140952.2907974-1-ciara.power@intel.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org When setting up a qp in a secondary process, the local qp pointer is set to the stored device qp, configured by the primary process for that device, but only if that device qp is not NULL. If the device qp was not set up correctly by the primary process and has a NULL value, the local qp variable stays at the default initialised value, NULL. This causes a NULL pointer dereference later in the function when using the qp value. This is fixed by always setting the local qp to the value of the device qp stored, and then checking if qp is NULL, returning an error if it is. Coverity issue: 374382 Fixes: 72a169278a56 ("crypto/ipsec_mb: support multi-process") Cc: stable@dpdk.org Signed-off-by: Ciara Power --- drivers/crypto/ipsec_mb/ipsec_mb_ops.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/drivers/crypto/ipsec_mb/ipsec_mb_ops.c b/drivers/crypto/ipsec_mb/ipsec_mb_ops.c index 189262c4ad..6efa417d67 100644 --- a/drivers/crypto/ipsec_mb/ipsec_mb_ops.c +++ b/drivers/crypto/ipsec_mb/ipsec_mb_ops.c @@ -221,8 +221,11 @@ ipsec_mb_qp_setup(struct rte_cryptodev *dev, uint16_t qp_id, IMB_VERSION_STR, IMB_MP_REQ_VER_STR); return -EINVAL; #endif - if (dev->data->queue_pairs[qp_id] != NULL) - qp = dev->data->queue_pairs[qp_id]; + qp = dev->data->queue_pairs[qp_id]; + if (qp == NULL) { + IPSEC_MB_LOG(ERR, "Primary process hasn't configured device qp."); + return -EINVAL; + } } else { /* Free memory prior to re-allocation if needed. */ if (dev->data->queue_pairs[qp_id] != NULL) -- 2.25.1