From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 6282745BB6 for ; Wed, 23 Oct 2024 23:18:05 +0200 (CEST) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 5D22340261; Wed, 23 Oct 2024 23:18:05 +0200 (CEST) Received: from mail-wm1-f41.google.com (mail-wm1-f41.google.com [209.85.128.41]) by mails.dpdk.org (Postfix) with ESMTP id 69D2040261 for ; Wed, 23 Oct 2024 23:18:04 +0200 (CEST) Received: by mail-wm1-f41.google.com with SMTP id 5b1f17b1804b1-42f6bec84b5so2209215e9.1 for ; Wed, 23 Oct 2024 14:18:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1729718284; x=1730323084; darn=dpdk.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=VDfxqVJbuDtlF+TzjtKz48CmFDfUy/YkK8xMCUyjkhc=; b=ad/BYcgVmwuvAkU3k4tsWpVAdZINyEhWgQ696SAEE07nH1ifmfPgkcoTU50Dyn4WNU CoaPulx0xQNE+bQ56oR5fKufpnrf6nsLDW7uEeABU/m/d7Vv9PuS4P3Y4K8FWbtre99e MvnKxcfYXuo25eDKvlOKTc9d8YbyN+8NmWrlB6FMJNmr2a13WZbe6p+Z7Oq0jyfwpkKs /DB8gDWpCeogFJRTeuliZ8C7QtTXlMeoCe4YRL1+mzYsK4tEk5GSWBCucUtapepFV27z 0V+z5UMf2Jsa9oy6elmXVRbjvhKMQLmQ+Yi/InAydNnu2efvEgou/B+ZW05DfZFLXd7P QCQg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1729718284; x=1730323084; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=VDfxqVJbuDtlF+TzjtKz48CmFDfUy/YkK8xMCUyjkhc=; b=HBaAeh5HqN5apg7Y+5RRd7Y7LVErZYRBjQSaQdfY/sgNOn5ykHKqHvzn2sV9Joqqni pX8BhOzIHYUlOkxYBKxaZtH7U5UnKYxBHvDNOhL80VKBigV/FZjC3QzLerx38vuB0+hb cJFmM16nP9hVtBvs/EiRhDIGDkFdtpAeIxnm3qPqiEKgHb6yhCR6qX/qTMHMDchHHwrw kUHRTJPs4+2K/xw2KJ7GAoVbO6jNHVqL7I2ZLRShP1XOi23am82+pBkFQrklEvYYZnq3 KKZI1SUW+XH1klgmyEWz8VLYDCtV4ils6aiYGGZwlYWXbKL1zPI3+v3gmkOV0bM4ub6L oQNQ== X-Forwarded-Encrypted: i=1; AJvYcCWvDW8NLDChCaQW3QxTCNyuf7dmp0V0HS6oJFA+Oq6RgeXMA5hf84Sos5zNM0ghyblvXWgzWh8=@dpdk.org X-Gm-Message-State: AOJu0YyZSwYORC9gwN6p5V0FrBr7Gflxo714nhpb3wr48CzuRNJhT2uu mlTqloSmIagmR+iiMRxVzZ//HBxpmuabV5UCOwcCkKkm6Hy6b3Aa X-Google-Smtp-Source: AGHT+IFWroRgAMRGa7jU1dBtrj81T6rbHMIL2VfLRD25R0ex3SNuifXWFbaxed7h2BtVJ5JTK2pXcg== X-Received: by 2002:a05:600c:4f86:b0:42c:b905:2bf9 with SMTP id 5b1f17b1804b1-4318415eba6mr36804115e9.16.1729718283831; Wed, 23 Oct 2024 14:18:03 -0700 (PDT) Received: from localhost ([2a01:4b00:d036:ae00:21cd:def0:a01d:d2aa]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-43186c508e8sm26973955e9.43.2024.10.23.14.18.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 23 Oct 2024 14:18:03 -0700 (PDT) From: luca.boccassi@gmail.com To: Stephen Hemminger Cc: =?UTF-8?q?Morten=20Br=C3=B8rup?= , Konstantin Ananyev , Wathsala Vithanage , dpdk stable Subject: patch 'raw/ifpga/base: fix use after free' has been queued to stable release 22.11.7 Date: Wed, 23 Oct 2024 22:15:56 +0100 Message-ID: <20241023211704.1216956-16-luca.boccassi@gmail.com> X-Mailer: git-send-email 2.45.2 In-Reply-To: <20241023211704.1216956-1-luca.boccassi@gmail.com> References: <20241023211704.1216956-1-luca.boccassi@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Hi, FYI, your patch has been queued to stable release 22.11.7 Note it hasn't been pushed to http://dpdk.org/browse/dpdk-stable yet. It will be pushed if I get no objections before 10/25/24. So please shout if anyone has objections. Also note that after the patch there's a diff of the upstream commit vs the patch applied to the branch. This will indicate if there was any rebasing needed to apply to the stable branch. If there were code changes for rebasing (ie: not only metadata diffs), please double check that the rebase was correctly done. Queued patches are on a temporary branch at: https://github.com/bluca/dpdk-stable This queued commit can be viewed at: https://github.com/bluca/dpdk-stable/commit/f838b3c8b98dc3286e86564cda6427e916238fb0 Thanks. Luca Boccassi --- >From f838b3c8b98dc3286e86564cda6427e916238fb0 Mon Sep 17 00:00:00 2001 From: Stephen Hemminger Date: Tue, 8 Oct 2024 09:47:16 -0700 Subject: [PATCH] raw/ifpga/base: fix use after free MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [ upstream commit 11986223b54d981300e9de2d365c494eb274645c ] The TAILQ_FOREACH() macro would refer to info after it had been freed. Fix by introducing TAILQ_FOREACH_SAFE here. Fixes: 4a19f89104f8 ("raw/ifpga/base: support multiple cards") Signed-off-by: Stephen Hemminger Acked-by: Morten Brørup Acked-by: Konstantin Ananyev Acked-by: Wathsala Vithanage --- drivers/raw/ifpga/base/opae_intel_max10.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/drivers/raw/ifpga/base/opae_intel_max10.c b/drivers/raw/ifpga/base/opae_intel_max10.c index dd97a5f9fd..d5a9ceb6e3 100644 --- a/drivers/raw/ifpga/base/opae_intel_max10.c +++ b/drivers/raw/ifpga/base/opae_intel_max10.c @@ -6,6 +6,13 @@ #include #include "opae_osdep.h" +#ifndef TAILQ_FOREACH_SAFE +#define TAILQ_FOREACH_SAFE(var, head, field, tvar) \ + for ((var) = TAILQ_FIRST((head)); \ + (var) && ((tvar) = TAILQ_NEXT((var), field), 1); \ + (var) = (tvar)) +#endif + int max10_sys_read(struct intel_max10_device *dev, unsigned int offset, unsigned int *val) { @@ -746,9 +753,9 @@ static int fdt_get_named_reg(const void *fdt, int node, const char *name, static void max10_sensor_uinit(struct intel_max10_device *dev) { - struct opae_sensor_info *info; + struct opae_sensor_info *info, *next; - TAILQ_FOREACH(info, &dev->opae_sensor_list, node) { + TAILQ_FOREACH_SAFE(info, &dev->opae_sensor_list, node, next) { TAILQ_REMOVE(&dev->opae_sensor_list, info, node); opae_free(info); } -- 2.45.2 --- Diff of the applied patch vs upstream commit (please double-check if non-empty: --- --- - 2024-10-23 22:16:41.161106863 +0100 +++ 0016-raw-ifpga-base-fix-use-after-free.patch 2024-10-23 22:16:40.451940874 +0100 @@ -1 +1 @@ -From 11986223b54d981300e9de2d365c494eb274645c Mon Sep 17 00:00:00 2001 +From f838b3c8b98dc3286e86564cda6427e916238fb0 Mon Sep 17 00:00:00 2001 @@ -8,0 +9,2 @@ +[ upstream commit 11986223b54d981300e9de2d365c494eb274645c ] + @@ -13 +14,0 @@ -Cc: stable@dpdk.org