From: Alexander Duyck <alexander.duyck@gmail.com>
To: wangyunjian <wangyunjian@huawei.com>
Cc: Jakub Kicinski <kuba@kernel.org>,
David Miller <davem@davemloft.net>,
Netdev <netdev@vger.kernel.org>,
intel-wired-lan <intel-wired-lan@lists.osuosl.org>,
jerry.lilijun@huawei.com, xudingke@huawei.com
Subject: Re: [Intel-wired-lan] [PATCH net v2] ixgbe: add NULL pointer check before calling xdp_rxq_info_reg
Date: Fri, 22 Jan 2021 09:54:06 -0800 [thread overview]
Message-ID: <CAKgT0UcpQpGLCdRbaEzyb4Q4gC9gmefg4bMFcgrQoRwy6UJvrQ@mail.gmail.com> (raw)
In-Reply-To: <1611322105-30688-1-git-send-email-wangyunjian@huawei.com>
On Fri, Jan 22, 2021 at 5:29 AM wangyunjian <wangyunjian@huawei.com> wrote:
>
> From: Yunjian Wang <wangyunjian@huawei.com>
>
> The rx_ring->q_vector could be NULL, so it needs to be checked before
> calling xdp_rxq_info_reg.
>
> Fixes: b02e5a0ebb172 ("xsk: Propagate napi_id to XDP socket Rx path")
> Addresses-Coverity: ("Dereference after null check")
> Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
This is kind of a big escape for the driver. From what I can tell it
looks like the "ethtool -t" test now causes a NULL pointer
dereference.
As far as the patch itself it looks good to me. This should probably
be pushed for any of the other Intel drivers that follow a similar
model as I suspect they were exhibit the same symptom with "ethtool
-t" triggering a NULL pointer dereference.
Reviewed-by: Alexander Duyck <alexanderduyck@fb.com>
> ---
> v2:
> * fix commit log
> ---
> drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c
> index 6cbbe09ce8a0..7b76b3f448f7 100644
> --- a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c
> +++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c
> @@ -6586,8 +6586,9 @@ int ixgbe_setup_rx_resources(struct ixgbe_adapter *adapter,
> rx_ring->next_to_use = 0;
>
> /* XDP RX-queue info */
> - if (xdp_rxq_info_reg(&rx_ring->xdp_rxq, adapter->netdev,
> - rx_ring->queue_index, rx_ring->q_vector->napi.napi_id) < 0)
> + if (rx_ring->q_vector && xdp_rxq_info_reg(&rx_ring->xdp_rxq, adapter->netdev,
> + rx_ring->queue_index,
> + rx_ring->q_vector->napi.napi_id) < 0)
> goto err;
>
> rx_ring->xdp_prog = adapter->xdp_prog;
> --
> 2.23.0
>
> _______________________________________________
> Intel-wired-lan mailing list
> Intel-wired-lan@osuosl.org
> https://lists.osuosl.org/mailman/listinfo/intel-wired-lan
WARNING: multiple messages have this Message-ID (diff)
From: Alexander Duyck <alexander.duyck@gmail.com>
To: intel-wired-lan@osuosl.org
Subject: [Intel-wired-lan] [PATCH net v2] ixgbe: add NULL pointer check before calling xdp_rxq_info_reg
Date: Fri, 22 Jan 2021 09:54:06 -0800 [thread overview]
Message-ID: <CAKgT0UcpQpGLCdRbaEzyb4Q4gC9gmefg4bMFcgrQoRwy6UJvrQ@mail.gmail.com> (raw)
In-Reply-To: <1611322105-30688-1-git-send-email-wangyunjian@huawei.com>
On Fri, Jan 22, 2021 at 5:29 AM wangyunjian <wangyunjian@huawei.com> wrote:
>
> From: Yunjian Wang <wangyunjian@huawei.com>
>
> The rx_ring->q_vector could be NULL, so it needs to be checked before
> calling xdp_rxq_info_reg.
>
> Fixes: b02e5a0ebb172 ("xsk: Propagate napi_id to XDP socket Rx path")
> Addresses-Coverity: ("Dereference after null check")
> Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
This is kind of a big escape for the driver. From what I can tell it
looks like the "ethtool -t" test now causes a NULL pointer
dereference.
As far as the patch itself it looks good to me. This should probably
be pushed for any of the other Intel drivers that follow a similar
model as I suspect they were exhibit the same symptom with "ethtool
-t" triggering a NULL pointer dereference.
Reviewed-by: Alexander Duyck <alexanderduyck@fb.com>
> ---
> v2:
> * fix commit log
> ---
> drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c b/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c
> index 6cbbe09ce8a0..7b76b3f448f7 100644
> --- a/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c
> +++ b/drivers/net/ethernet/intel/ixgbe/ixgbe_main.c
> @@ -6586,8 +6586,9 @@ int ixgbe_setup_rx_resources(struct ixgbe_adapter *adapter,
> rx_ring->next_to_use = 0;
>
> /* XDP RX-queue info */
> - if (xdp_rxq_info_reg(&rx_ring->xdp_rxq, adapter->netdev,
> - rx_ring->queue_index, rx_ring->q_vector->napi.napi_id) < 0)
> + if (rx_ring->q_vector && xdp_rxq_info_reg(&rx_ring->xdp_rxq, adapter->netdev,
> + rx_ring->queue_index,
> + rx_ring->q_vector->napi.napi_id) < 0)
> goto err;
>
> rx_ring->xdp_prog = adapter->xdp_prog;
> --
> 2.23.0
>
> _______________________________________________
> Intel-wired-lan mailing list
> Intel-wired-lan at osuosl.org
> https://lists.osuosl.org/mailman/listinfo/intel-wired-lan
next prev parent reply other threads:[~2021-01-22 18:01 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-01-22 13:28 [PATCH net v2] ixgbe: add NULL pointer check before calling xdp_rxq_info_reg wangyunjian
2021-01-22 13:28 ` [Intel-wired-lan] " wangyunjian
2021-01-22 17:54 ` Alexander Duyck [this message]
2021-01-22 17:54 ` Alexander Duyck
2021-01-23 0:13 ` Nguyen, Anthony L
2021-01-23 0:13 ` Nguyen, Anthony L
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAKgT0UcpQpGLCdRbaEzyb4Q4gC9gmefg4bMFcgrQoRwy6UJvrQ@mail.gmail.com \
--to=alexander.duyck@gmail.com \
--cc=davem@davemloft.net \
--cc=intel-wired-lan@lists.osuosl.org \
--cc=jerry.lilijun@huawei.com \
--cc=kuba@kernel.org \
--cc=netdev@vger.kernel.org \
--cc=wangyunjian@huawei.com \
--cc=xudingke@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.