diff mbox series

[v3,4/4] net/ice: fix wild pointer

Message ID 20191112002701.30658-5-shougangx.wang@intel.com (mailing list archive)
State Superseded, archived
Headers
Series [v3,1/4] net/ice: fix memzone reserve and release in FDIR |

Checks

Context Check Description
ci/checkpatch success coding style OK
ci/Intel-compilation success Compilation OK

Commit Message

Shougang Wang Nov. 12, 2019, 12:27 a.m. UTC 
  To avoid wild pointer, pointers should be set to NULL after free them.

Fixes: 1a2fc1799f09 ("net/ice: reject duplicated flow for flow director")
Fixes: 84dc7a95a2d3 ("net/ice: enable flow director engine")
Fixes: 0f880c3df192 ("net/ice: add flow director counter resource init/release")

Signed-off-by: Wang ShougangX <shougangx.wang@intel.com>
---
 drivers/net/ice/ice_fdir_filter.c | 22 +++++++++++++++++++---
 1 file changed, 19 insertions(+), 3 deletions(-)

Comments

Qi Zhang Nov. 12, 2019, 7:39 a.m. UTC | #1 
> -----Original Message-----
> From: dev <dev-bounces@dpdk.org> On Behalf Of Wang ShougangX
> Sent: Tuesday, November 12, 2019 8:27 AM
> To: dev@dpdk.org
> Cc: Wang, ShougangX <shougangx.wang@intel.com>
> Subject: [dpdk-dev] [PATCH v3 4/4] net/ice: fix wild pointer
> 
> To avoid wild pointer, pointers should be set to NULL after free them.
> 
> Fixes: 1a2fc1799f09 ("net/ice: reject duplicated flow for flow director")
> Fixes: 84dc7a95a2d3 ("net/ice: enable flow director engine")
> Fixes: 0f880c3df192 ("net/ice: add flow director counter resource init/release")
> 
> Signed-off-by: Wang ShougangX <shougangx.wang@intel.com>
> ---
>  drivers/net/ice/ice_fdir_filter.c | 22 +++++++++++++++++++---
>  1 file changed, 19 insertions(+), 3 deletions(-)
> 
> diff --git a/drivers/net/ice/ice_fdir_filter.c b/drivers/net/ice/ice_fdir_filter.c
> index 361969f71..78754f365 100644
> --- a/drivers/net/ice/ice_fdir_filter.c
> +++ b/drivers/net/ice/ice_fdir_filter.c
> @@ -152,6 +152,10 @@ ice_fdir_prof_alloc(struct ice_hw *hw)
>  		if (!hw->fdir_prof)
>  			return -ENOMEM;
>  	}
> +
> +	/* To avoid wild pointer, unused field pointer should be NULL */
> +	hw->fdir_prof[ICE_FLTR_PTYPE_NONF_NONE] = NULL;

This is not necessary, since ice_malloc already guarantee all the allocated memory is init to 0

> +
>  	for (ptype = ICE_FLTR_PTYPE_NONF_IPV4_UDP;
>  	     ptype < ICE_FLTR_PTYPE_MAX;
>  	     ptype++) {
> @@ -167,9 +171,13 @@ ice_fdir_prof_alloc(struct ice_hw *hw)
>  fail_mem:
>  	for (fltr_ptype = ICE_FLTR_PTYPE_NONF_IPV4_UDP;
>  	     fltr_ptype < ptype;
> -	     fltr_ptype++)
> +	     fltr_ptype++) {
>  		rte_free(hw->fdir_prof[fltr_ptype]);
> +		hw->fdir_prof[fltr_ptype] = NULL;
> +	}
> +
>  	rte_free(hw->fdir_prof);
> +	hw->fdir_prof = NULL;
>  	return -ENOMEM;
>  }
> 
> @@ -249,8 +257,10 @@ ice_fdir_counter_release(struct ice_pf *pf)
>  				&fdir_info->counter;
>  	uint8_t i;
> 
> -	for (i = 0; i < container->index_free; i++)
> +	for (i = 0; i < container->index_free; i++) {
>  		rte_free(container->pools[i]);
> +		container->pools[i] = NULL;
> +	}
> 
>  	TAILQ_INIT(&container->pool_list);
>  	container->index_free = 0;
> @@ -400,6 +410,9 @@ ice_fdir_release_filter_list(struct ice_pf *pf)
>  		rte_free(fdir_info->hash_map);
>  	if (fdir_info->hash_table)
>  		rte_hash_free(fdir_info->hash_table);
> +
> +	fdir_info->hash_map = NULL;
> +	fdir_info->hash_table = NULL;
>  }
> 
>  /*
> @@ -526,10 +539,13 @@ ice_fdir_prof_free(struct ice_hw *hw)
> 
>  	for (ptype = ICE_FLTR_PTYPE_NONF_IPV4_UDP;
>  	     ptype < ICE_FLTR_PTYPE_MAX;
> -	     ptype++)
> +	     ptype++) {
>  		rte_free(hw->fdir_prof[ptype]);
> +		hw->fdir_prof[ptype] = NULL;
> +	}
> 
>  	rte_free(hw->fdir_prof);
> +	hw->fdir_prof = NULL;
>  }
> 
>  /* Remove a profile for some filter type */
> --
> 2.17.1
diff mbox series

Patch

diff --git a/drivers/net/ice/ice_fdir_filter.c b/drivers/net/ice/ice_fdir_filter.c
index 361969f71..78754f365 100644
--- a/drivers/net/ice/ice_fdir_filter.c
+++ b/drivers/net/ice/ice_fdir_filter.c
@@ -152,6 +152,10 @@  ice_fdir_prof_alloc(struct ice_hw *hw)
 		if (!hw->fdir_prof)
 			return -ENOMEM;
 	}
+
+	/* To avoid wild pointer, unused field pointer should be NULL */
+	hw->fdir_prof[ICE_FLTR_PTYPE_NONF_NONE] = NULL;
+
 	for (ptype = ICE_FLTR_PTYPE_NONF_IPV4_UDP;
 	     ptype < ICE_FLTR_PTYPE_MAX;
 	     ptype++) {
@@ -167,9 +171,13 @@  ice_fdir_prof_alloc(struct ice_hw *hw)
 fail_mem:
 	for (fltr_ptype = ICE_FLTR_PTYPE_NONF_IPV4_UDP;
 	     fltr_ptype < ptype;
-	     fltr_ptype++)
+	     fltr_ptype++) {
 		rte_free(hw->fdir_prof[fltr_ptype]);
+		hw->fdir_prof[fltr_ptype] = NULL;
+	}
+
 	rte_free(hw->fdir_prof);
+	hw->fdir_prof = NULL;
 	return -ENOMEM;
 }
 
@@ -249,8 +257,10 @@  ice_fdir_counter_release(struct ice_pf *pf)
 				&fdir_info->counter;
 	uint8_t i;
 
-	for (i = 0; i < container->index_free; i++)
+	for (i = 0; i < container->index_free; i++) {
 		rte_free(container->pools[i]);
+		container->pools[i] = NULL;
+	}
 
 	TAILQ_INIT(&container->pool_list);
 	container->index_free = 0;
@@ -400,6 +410,9 @@  ice_fdir_release_filter_list(struct ice_pf *pf)
 		rte_free(fdir_info->hash_map);
 	if (fdir_info->hash_table)
 		rte_hash_free(fdir_info->hash_table);
+
+	fdir_info->hash_map = NULL;
+	fdir_info->hash_table = NULL;
 }
 
 /*
@@ -526,10 +539,13 @@  ice_fdir_prof_free(struct ice_hw *hw)
 
 	for (ptype = ICE_FLTR_PTYPE_NONF_IPV4_UDP;
 	     ptype < ICE_FLTR_PTYPE_MAX;
-	     ptype++)
+	     ptype++) {
 		rte_free(hw->fdir_prof[ptype]);
+		hw->fdir_prof[ptype] = NULL;
+	}
 
 	rte_free(hw->fdir_prof);
+	hw->fdir_prof = NULL;
 }
 
 /* Remove a profile for some filter type */