From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from dpdk.org (dpdk.org [92.243.14.124]) by inbox.dpdk.org (Postfix) with ESMTP id D132BA0613 for ; Thu, 26 Sep 2019 11:32:55 +0200 (CEST) Received: from [92.243.14.124] (localhost [127.0.0.1]) by dpdk.org (Postfix) with ESMTP id 9E7701BF2F; Thu, 26 Sep 2019 11:32:55 +0200 (CEST) Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by dpdk.org (Postfix) with ESMTP id 4A85C1BF31; Thu, 26 Sep 2019 11:32:48 +0200 (CEST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 26 Sep 2019 02:32:47 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,551,1559545200"; d="scan'208";a="389549754" Received: from fmsmsx106.amr.corp.intel.com ([10.18.124.204]) by fmsmga005.fm.intel.com with ESMTP; 26 Sep 2019 02:32:46 -0700 Received: from FMSMSX109.amr.corp.intel.com (10.18.116.9) by FMSMSX106.amr.corp.intel.com (10.18.124.204) with Microsoft SMTP Server (TLS) id 14.3.439.0; Thu, 26 Sep 2019 02:32:47 -0700 Received: from bgsmsx110.gar.corp.intel.com (10.223.4.212) by fmsmsx109.amr.corp.intel.com (10.18.116.9) with Microsoft SMTP Server (TLS) id 14.3.439.0; Thu, 26 Sep 2019 02:32:46 -0700 Received: from bgsmsx103.gar.corp.intel.com ([169.254.4.16]) by BGSMSX110.gar.corp.intel.com ([169.254.11.62]) with mapi id 14.03.0439.000; Thu, 26 Sep 2019 15:02:41 +0530 From: "Chaitanya Babu, TalluriX" To: "Gujjar, Abhinandan S" , "dev@dpdk.org" CC: "Pattan, Reshma" , "Parthasarathy, JananeeX M" , "stable@dpdk.org" Thread-Topic: [PATCH] lib/eventdev: fix null pointer dereferences coverity issue Thread-Index: AQHVb4KORFughUiTHEW4zUNOTFRRQac7jguAgAIrMxA= Date: Thu, 26 Sep 2019 09:32:40 +0000 Message-ID: <761FB0F2AB727F4FA9CE98D18810B01560F169CA@BGSMSX103.gar.corp.intel.com> References: <1568963369-6449-1-git-send-email-tallurix.chaitanya.babu@intel.com> <5612CB344B05EE4F95FC5B729939F78079549005@PGSMSX102.gar.corp.intel.com> In-Reply-To: <5612CB344B05EE4F95FC5B729939F78079549005@PGSMSX102.gar.corp.intel.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.223.10.10] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [dpdk-stable] [PATCH] lib/eventdev: fix null pointer dereferences coverity issue X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Sender: "stable" Hi Abhinandan, >-----Original Message----- >From: Gujjar, Abhinandan S >Sent: Wednesday, September 25, 2019 11:17 AM >To: Chaitanya Babu, TalluriX ; >dev@dpdk.org >Cc: Pattan, Reshma ; Parthasarathy, JananeeX M >; stable@dpdk.org >Subject: RE: [PATCH] lib/eventdev: fix null pointer dereferences coverity = issue > >Please find the comments inline > >> -----Original Message----- >> From: Chaitanya Babu, TalluriX >> Sent: Friday, September 20, 2019 12:39 PM >> To: dev@dpdk.org >> Cc: Pattan, Reshma ; Parthasarathy, JananeeX >> M ; Gujjar, Abhinandan S >> ; Chaitanya Babu, TalluriX >> ; stable@dpdk.org >> Subject: [PATCH] lib/eventdev: fix null pointer dereferences coverity >> issue >> >> One issue caught by Coverity 340075 >> *deref_ptr: Directly dereferencing pointer qp_info. >> >> In eca_enq_to_cryptodev() qp_info dereferenced without null check in >> both session and sessionless crypto ops. >> >> The fix is to access qp_info after null check. >> >> Coverity issue: 340075 >> Fixes: 7901eac340 ("eventdev: add crypto adapter implementation") >> Cc: stable@dpdk.org >> >> Signed-off-by: Chaitanya Babu Talluri >> >> --- >> lib/librte_eventdev/rte_event_crypto_adapter.c | 4 ++-- >> 1 file changed, 2 insertions(+), 2 deletions(-) >> >> diff --git a/lib/librte_eventdev/rte_event_crypto_adapter.c >> b/lib/librte_eventdev/rte_event_crypto_adapter.c >> index 22d910816..4f3f57348 100644 >> --- a/lib/librte_eventdev/rte_event_crypto_adapter.c >> +++ b/lib/librte_eventdev/rte_event_crypto_adapter.c >> @@ -356,7 +356,7 @@ eca_enq_to_cryptodev(struct >> rte_event_crypto_adapter *adapter, >> cdev_id =3D m_data->request_info.cdev_id; >> qp_id =3D m_data->request_info.queue_pair_id; >> qp_info =3D &adapter->cdevs[cdev_id].qpairs[qp_id]; >> - if (!qp_info->qp_enabled) { >> + if ((qp_info =3D=3D NULL) || (!qp_info->qp_enabled)) { >qp_info cannot be null as the memory allocation is done in >rte_event_crypto_adapter_queue_pair_add() -> eca_add_queue_pair(). >Please refer line #736 which is allocating memory for "dev_info->dev->data= - >>nb_queue_pairs" > >Without queue_pair_add(), service core cannot be started [Please look at >eca_init_service()]. >This issue can be marked to ignore in klockworks. > Yes, we observed that queue pairs are allocated earlier based on device con= fig. But NULL check is done here just in case if queue pair id "qp_id" is invali= d since this is fed from request info during enqueue. Please let us know if still this change is not required, we will ignore thi= s patch. >> rte_pktmbuf_free(crypto_op->sym->m_src); >> rte_crypto_op_free(crypto_op); >> continue; >> @@ -372,7 +372,7 @@ eca_enq_to_cryptodev(struct >> rte_event_crypto_adapter *adapter, >> cdev_id =3D m_data->request_info.cdev_id; >> qp_id =3D m_data->request_info.queue_pair_id; >> qp_info =3D &adapter->cdevs[cdev_id].qpairs[qp_id]; >> - if (!qp_info->qp_enabled) { >> + if ((qp_info =3D=3D NULL) || (!qp_info->qp_enabled)) { >> rte_pktmbuf_free(crypto_op->sym->m_src); >> rte_crypto_op_free(crypto_op); >> continue; >> -- >> 2.17.2