* [dpdk-stable] [PATCH 1/2] timer: fix null pointer dereference [not found] <1563205172-352-1-git-send-email-erik.g.carrillo@intel.com> @ 2019-07-15 15:39 ` Erik Gabriel Carrillo 2019-07-15 15:48 ` [dpdk-stable] [dpdk-dev] " Stephen Hemminger 2019-07-15 15:39 ` [dpdk-stable] [PATCH 2/2] examples/performance-thread: init timer subsystem Erik Gabriel Carrillo 1 sibling, 1 reply; 5+ messages in thread From: Erik Gabriel Carrillo @ 2019-07-15 15:39 UTC (permalink / raw) To: thomas; +Cc: dev, stable If the timer subsystem is not initialized before rte_timer_manage (for example) is invoked, a pointer to a shared hugepage memory region will still be null and dereferenced when it is checked for validity; handle this case. Fixes: c0749f7096c7 ("timer: allow management in shared memory") Cc: stable@dpdk.org Signed-off-by: Erik Gabriel Carrillo <erik.g.carrillo@intel.com> --- lib/librte_timer/rte_timer.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/librte_timer/rte_timer.c b/lib/librte_timer/rte_timer.c index 71dffd2..bdcf05d 100644 --- a/lib/librte_timer/rte_timer.c +++ b/lib/librte_timer/rte_timer.c @@ -85,7 +85,8 @@ static struct rte_timer_data default_timer_data; static inline int timer_data_valid(uint32_t id) { - return !!(rte_timer_data_arr[id].internal_flags & FL_ALLOCATED); + return rte_timer_data_arr && + (rte_timer_data_arr[id].internal_flags & FL_ALLOCATED); } /* validate ID and retrieve timer data pointer, or return error value */ -- 2.6.4 ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [dpdk-stable] [dpdk-dev] [PATCH 1/2] timer: fix null pointer dereference 2019-07-15 15:39 ` [dpdk-stable] [PATCH 1/2] timer: fix null pointer dereference Erik Gabriel Carrillo @ 2019-07-15 15:48 ` Stephen Hemminger 2019-07-15 16:04 ` Carrillo, Erik G 0 siblings, 1 reply; 5+ messages in thread From: Stephen Hemminger @ 2019-07-15 15:48 UTC (permalink / raw) To: Erik Gabriel Carrillo; +Cc: thomas, dev, stable On Mon, 15 Jul 2019 10:39:31 -0500 Erik Gabriel Carrillo <erik.g.carrillo@intel.com> wrote: > If the timer subsystem is not initialized before rte_timer_manage (for > example) is invoked, a pointer to a shared hugepage memory region will > still be null and dereferenced when it is checked for validity; handle > this case. > > Fixes: c0749f7096c7 ("timer: allow management in shared memory") > Cc: stable@dpdk.org > > Signed-off-by: Erik Gabriel Carrillo <erik.g.carrillo@intel.com> I have mixed feelings about this patch. Any calls to rte_timer before rte_timer_subsystem_init is not a valid usage. Better to kill the application. ^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [dpdk-stable] [dpdk-dev] [PATCH 1/2] timer: fix null pointer dereference 2019-07-15 15:48 ` [dpdk-stable] [dpdk-dev] " Stephen Hemminger @ 2019-07-15 16:04 ` Carrillo, Erik G 0 siblings, 0 replies; 5+ messages in thread From: Carrillo, Erik G @ 2019-07-15 16:04 UTC (permalink / raw) To: Stephen Hemminger; +Cc: thomas, dev, stable Hi Stephen, > -----Original Message----- > From: Stephen Hemminger <stephen@networkplumber.org> > Sent: Monday, July 15, 2019 10:49 AM > To: Carrillo, Erik G <erik.g.carrillo@intel.com> > Cc: thomas@monjalon.net; dev@dpdk.org; stable@dpdk.org > Subject: Re: [dpdk-dev] [PATCH 1/2] timer: fix null pointer dereference > > On Mon, 15 Jul 2019 10:39:31 -0500 > Erik Gabriel Carrillo <erik.g.carrillo@intel.com> wrote: > > > If the timer subsystem is not initialized before rte_timer_manage (for > > example) is invoked, a pointer to a shared hugepage memory region will > > still be null and dereferenced when it is checked for validity; handle > > this case. > > > > Fixes: c0749f7096c7 ("timer: allow management in shared memory") > > Cc: stable@dpdk.org > > > > Signed-off-by: Erik Gabriel Carrillo <erik.g.carrillo@intel.com> > > I have mixed feelings about this patch. > Any calls to rte_timer before rte_timer_subsystem_init is not a valid usage. > Better to kill the application. Ok, that sounds like a better approach. I'll update the patch and resubmit. Thanks, Erik ^ permalink raw reply [flat|nested] 5+ messages in thread
* [dpdk-stable] [PATCH 2/2] examples/performance-thread: init timer subsystem [not found] <1563205172-352-1-git-send-email-erik.g.carrillo@intel.com> 2019-07-15 15:39 ` [dpdk-stable] [PATCH 1/2] timer: fix null pointer dereference Erik Gabriel Carrillo @ 2019-07-15 15:39 ` Erik Gabriel Carrillo 1 sibling, 0 replies; 5+ messages in thread From: Erik Gabriel Carrillo @ 2019-07-15 15:39 UTC (permalink / raw) To: thomas; +Cc: dev, stable, ian.betts The timer subsystem should be initialized in the l3fwd-thread app before the L-thread subsystem can be used. Fixes: d48415e1fee3 ("examples/performance-thread: add l3fwd-thread app") Cc: stable@dpdk.org Cc: ian.betts@intel.com Signed-off-by: Erik Gabriel Carrillo <erik.g.carrillo@intel.com> --- examples/performance-thread/l3fwd-thread/main.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/examples/performance-thread/l3fwd-thread/main.c b/examples/performance-thread/l3fwd-thread/main.c index dd46895..c4065e8 100644 --- a/examples/performance-thread/l3fwd-thread/main.c +++ b/examples/performance-thread/l3fwd-thread/main.c @@ -40,6 +40,7 @@ #include <rte_udp.h> #include <rte_string_fns.h> #include <rte_pause.h> +#include <rte_timer.h> #include <cmdline_parse.h> #include <cmdline_parse_etheraddr.h> @@ -3497,6 +3498,10 @@ main(int argc, char **argv) argc -= ret; argv += ret; + ret = rte_timer_subsystem_init(); + if (ret < 0) + rte_exit(EXIT_FAILURE, "Failed to initialize timer subystem\n"); + /* pre-init dst MACs for all ports to 02:00:00:00:00:xx */ for (portid = 0; portid < RTE_MAX_ETHPORTS; portid++) { dest_eth_addr[portid] = RTE_ETHER_LOCAL_ADMIN_ADDR + -- 2.6.4 ^ permalink raw reply [flat|nested] 5+ messages in thread
[parent not found: <1563204981-196394-1-git-send-email-erik.g.carrillo@intel.com>]
* [dpdk-stable] [PATCH 1/2] timer: fix null pointer dereference [not found] <1563204981-196394-1-git-send-email-erik.g.carrillo@intel.com> @ 2019-07-15 15:36 ` Erik Gabriel Carrillo 0 siblings, 0 replies; 5+ messages in thread From: Erik Gabriel Carrillo @ 2019-07-15 15:36 UTC (permalink / raw) To: erik.g.carrillo; +Cc: stable If the timer subsystem is not initialized before rte_timer_manage (for example) is invoked, a pointer to a shared hugepage memory region will still be null and dereferenced when it is checked for validity; handle this case. Fixes: c0749f7096c7 ("timer: allow management in shared memory") Cc: stable@dpdk.org Signed-off-by: Erik Gabriel Carrillo <erik.g.carrillo@intel.com> --- lib/librte_timer/rte_timer.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/lib/librte_timer/rte_timer.c b/lib/librte_timer/rte_timer.c index 71dffd2..bdcf05d 100644 --- a/lib/librte_timer/rte_timer.c +++ b/lib/librte_timer/rte_timer.c @@ -85,7 +85,8 @@ static struct rte_timer_data default_timer_data; static inline int timer_data_valid(uint32_t id) { - return !!(rte_timer_data_arr[id].internal_flags & FL_ALLOCATED); + return rte_timer_data_arr && + (rte_timer_data_arr[id].internal_flags & FL_ALLOCATED); } /* validate ID and retrieve timer data pointer, or return error value */ -- 2.6.4 ^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2019-07-15 16:04 UTC | newest] Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- [not found] <1563205172-352-1-git-send-email-erik.g.carrillo@intel.com> 2019-07-15 15:39 ` [dpdk-stable] [PATCH 1/2] timer: fix null pointer dereference Erik Gabriel Carrillo 2019-07-15 15:48 ` [dpdk-stable] [dpdk-dev] " Stephen Hemminger 2019-07-15 16:04 ` Carrillo, Erik G 2019-07-15 15:39 ` [dpdk-stable] [PATCH 2/2] examples/performance-thread: init timer subsystem Erik Gabriel Carrillo [not found] <1563204981-196394-1-git-send-email-erik.g.carrillo@intel.com> 2019-07-15 15:36 ` [dpdk-stable] [PATCH 1/2] timer: fix null pointer dereference Erik Gabriel Carrillo
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).