From: "Chaitanya Babu, TalluriX" <tallurix.chaitanya.babu@intel.com>
To: "Gujjar, Abhinandan S" <abhinandan.gujjar@intel.com>,
"dev@dpdk.org" <dev@dpdk.org>
Cc: "Pattan, Reshma" <reshma.pattan@intel.com>,
"Parthasarathy, JananeeX M" <jananeex.m.parthasarathy@intel.com>,
"stable@dpdk.org" <stable@dpdk.org>
Subject: Re: [dpdk-stable] [PATCH] lib/eventdev: fix null pointer dereferences coverity issue
Date: Thu, 26 Sep 2019 09:32:40 +0000 [thread overview]
Message-ID: <761FB0F2AB727F4FA9CE98D18810B01560F169CA@BGSMSX103.gar.corp.intel.com> (raw)
In-Reply-To: <5612CB344B05EE4F95FC5B729939F78079549005@PGSMSX102.gar.corp.intel.com>
Hi Abhinandan,
>-----Original Message-----
>From: Gujjar, Abhinandan S
>Sent: Wednesday, September 25, 2019 11:17 AM
>To: Chaitanya Babu, TalluriX <tallurix.chaitanya.babu@intel.com>;
>dev@dpdk.org
>Cc: Pattan, Reshma <reshma.pattan@intel.com>; Parthasarathy, JananeeX M
><jananeex.m.parthasarathy@intel.com>; stable@dpdk.org
>Subject: RE: [PATCH] lib/eventdev: fix null pointer dereferences coverity issue
>
>Please find the comments inline
>
>> -----Original Message-----
>> From: Chaitanya Babu, TalluriX
>> Sent: Friday, September 20, 2019 12:39 PM
>> To: dev@dpdk.org
>> Cc: Pattan, Reshma <reshma.pattan@intel.com>; Parthasarathy, JananeeX
>> M <jananeex.m.parthasarathy@intel.com>; Gujjar, Abhinandan S
>> <abhinandan.gujjar@intel.com>; Chaitanya Babu, TalluriX
>> <tallurix.chaitanya.babu@intel.com>; stable@dpdk.org
>> Subject: [PATCH] lib/eventdev: fix null pointer dereferences coverity
>> issue
>>
>> One issue caught by Coverity 340075
>> *deref_ptr: Directly dereferencing pointer qp_info.
>>
>> In eca_enq_to_cryptodev() qp_info dereferenced without null check in
>> both session and sessionless crypto ops.
>>
>> The fix is to access qp_info after null check.
>>
>> Coverity issue: 340075
>> Fixes: 7901eac340 ("eventdev: add crypto adapter implementation")
>> Cc: stable@dpdk.org
>>
>> Signed-off-by: Chaitanya Babu Talluri
>> <tallurix.chaitanya.babu@intel.com>
>> ---
>> lib/librte_eventdev/rte_event_crypto_adapter.c | 4 ++--
>> 1 file changed, 2 insertions(+), 2 deletions(-)
>>
>> diff --git a/lib/librte_eventdev/rte_event_crypto_adapter.c
>> b/lib/librte_eventdev/rte_event_crypto_adapter.c
>> index 22d910816..4f3f57348 100644
>> --- a/lib/librte_eventdev/rte_event_crypto_adapter.c
>> +++ b/lib/librte_eventdev/rte_event_crypto_adapter.c
>> @@ -356,7 +356,7 @@ eca_enq_to_cryptodev(struct
>> rte_event_crypto_adapter *adapter,
>> cdev_id = m_data->request_info.cdev_id;
>> qp_id = m_data->request_info.queue_pair_id;
>> qp_info = &adapter->cdevs[cdev_id].qpairs[qp_id];
>> - if (!qp_info->qp_enabled) {
>> + if ((qp_info == NULL) || (!qp_info->qp_enabled)) {
>qp_info cannot be null as the memory allocation is done in
>rte_event_crypto_adapter_queue_pair_add() -> eca_add_queue_pair().
>Please refer line #736 which is allocating memory for "dev_info->dev->data-
>>nb_queue_pairs"
>
>Without queue_pair_add(), service core cannot be started [Please look at
>eca_init_service()].
>This issue can be marked to ignore in klockworks.
>
Yes, we observed that queue pairs are allocated earlier based on device config.
But NULL check is done here just in case if queue pair id "qp_id" is invalid since this is fed from request info during enqueue.
Please let us know if still this change is not required, we will ignore this patch.
>> rte_pktmbuf_free(crypto_op->sym->m_src);
>> rte_crypto_op_free(crypto_op);
>> continue;
>> @@ -372,7 +372,7 @@ eca_enq_to_cryptodev(struct
>> rte_event_crypto_adapter *adapter,
>> cdev_id = m_data->request_info.cdev_id;
>> qp_id = m_data->request_info.queue_pair_id;
>> qp_info = &adapter->cdevs[cdev_id].qpairs[qp_id];
>> - if (!qp_info->qp_enabled) {
>> + if ((qp_info == NULL) || (!qp_info->qp_enabled)) {
>> rte_pktmbuf_free(crypto_op->sym->m_src);
>> rte_crypto_op_free(crypto_op);
>> continue;
>> --
>> 2.17.2
next prev parent reply other threads:[~2019-09-26 9:32 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-20 7:09 Chaitanya Babu Talluri
2019-09-25 5:46 ` Gujjar, Abhinandan S
2019-09-26 9:32 ` Chaitanya Babu, TalluriX [this message]
2019-09-26 9:47 ` Gujjar, Abhinandan S
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=761FB0F2AB727F4FA9CE98D18810B01560F169CA@BGSMSX103.gar.corp.intel.com \
--to=tallurix.chaitanya.babu@intel.com \
--cc=abhinandan.gujjar@intel.com \
--cc=dev@dpdk.org \
--cc=jananeex.m.parthasarathy@intel.com \
--cc=reshma.pattan@intel.com \
--cc=stable@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).