[1/2] bus/pci: fix a segfault when call callback
Checks
Commit Message
From: Huisong Li <lihuisong@huawei.com>
After the driver probe is executed, the callback in application will
be called. The callback in application may call some APIs which access the
rte_pci_driver::driver by the device::driver pointer to get driver
information. If the rte_pci_device::device::driver pointer isn't pointed to
rte_pci_driver::driver in rte_pci_probe_one_driver, a segfault will occur.
For example, when ethdev driver probe completes, the callback in
application call rte_eth_dev_info_get which use dev->device->driver->name.
So rte_pci_device::device::driver should point to rte_pci_driver::driver
before executing the driver probe.
Fixes: c752998b5e2e ("pci: introduce library and driver")
Cc: stable@dpdk.org
Signed-off-by: Huisong Li <lihuisong@huawei.com>
Signed-off-by: Min Hu (Connor) <humin29@huawei.com>
---
drivers/bus/pci/pci_common.c | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
Comments
21/05/2022 09:05, Min Hu (Connor):
> From: Huisong Li <lihuisong@huawei.com>
>
> After the driver probe is executed, the callback in application will
> be called. The callback in application may call some APIs which access the
What is the "callback in application" ?
Do you mean the callback on probing event like RTE_ETH_EVENT_NEW?
> rte_pci_driver::driver by the device::driver pointer to get driver
> information. If the rte_pci_device::device::driver pointer isn't pointed to
> rte_pci_driver::driver in rte_pci_probe_one_driver, a segfault will occur.
> For example, when ethdev driver probe completes, the callback in
> application call rte_eth_dev_info_get which use dev->device->driver->name.
> So rte_pci_device::device::driver should point to rte_pci_driver::driver
> before executing the driver probe.
I understand the need and I approve the move.
> Fixes: c752998b5e2e ("pci: introduce library and driver")
> Cc: stable@dpdk.org
>
> Signed-off-by: Huisong Li <lihuisong@huawei.com>
> Signed-off-by: Min Hu (Connor) <humin29@huawei.com>
> ---
> drivers/bus/pci/pci_common.c | 13 +++++++++++--
> 1 file changed, 11 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/bus/pci/pci_common.c b/drivers/bus/pci/pci_common.c
> index 4a3a87f24f..507a654779 100644
> --- a/drivers/bus/pci/pci_common.c
> +++ b/drivers/bus/pci/pci_common.c
> @@ -265,11 +265,22 @@ rte_pci_probe_one_driver(struct rte_pci_driver *dr,
> dr->driver.name, dev->id.vendor_id, dev->id.device_id,
> loc->domain, loc->bus, loc->devid, loc->function,
> dev->device.numa_node);
> +
> + /*
> + * After the driver probe is executed, the callback in application will
> + * be called. The callback in application may call some APIs which use
> + * dev->device.driver to get some driver information. If the driver
> + * pointer isn't pointed to driver->driver here, a segfault will occur.
> + */
I would like to make this comment simpler
once I'm sure we share the same understanding.
> + if (!already_probed)
> + dev->device.driver = &dr->driver;
> +
> /* call the driver probe() function */
> ret = dr->probe(dr, dev);
> if (already_probed)
> return ret; /* no rollback if already succeeded earlier */
> if (ret) {
> + dev->device.driver = NULL;
> dev->driver = NULL;
> if ((dr->drv_flags & RTE_PCI_DRV_NEED_MAPPING) &&
> /* Don't unmap if device is unsupported and
> @@ -282,8 +293,6 @@ rte_pci_probe_one_driver(struct rte_pci_driver *dr,
> dev->vfio_req_intr_handle = NULL;
> rte_intr_instance_free(dev->intr_handle);
> dev->intr_handle = NULL;
> - } else {
> - dev->device.driver = &dr->driver;
> }
>
> return ret;
>
@@ -265,11 +265,22 @@ rte_pci_probe_one_driver(struct rte_pci_driver *dr,
dr->driver.name, dev->id.vendor_id, dev->id.device_id,
loc->domain, loc->bus, loc->devid, loc->function,
dev->device.numa_node);
+
+ /*
+ * After the driver probe is executed, the callback in application will
+ * be called. The callback in application may call some APIs which use
+ * dev->device.driver to get some driver information. If the driver
+ * pointer isn't pointed to driver->driver here, a segfault will occur.
+ */
+ if (!already_probed)
+ dev->device.driver = &dr->driver;
+
/* call the driver probe() function */
ret = dr->probe(dr, dev);
if (already_probed)
return ret; /* no rollback if already succeeded earlier */
if (ret) {
+ dev->device.driver = NULL;
dev->driver = NULL;
if ((dr->drv_flags & RTE_PCI_DRV_NEED_MAPPING) &&
/* Don't unmap if device is unsupported and
@@ -282,8 +293,6 @@ rte_pci_probe_one_driver(struct rte_pci_driver *dr,
dev->vfio_req_intr_handle = NULL;
rte_intr_instance_free(dev->intr_handle);
dev->intr_handle = NULL;
- } else {
- dev->device.driver = &dr->driver;
}
return ret;