diff mbox series

[PATCHv2] net/bnxt: fix null pointer dereference in bnxt_hwrm_port_led_cfg()

Message ID 1659412069-21091-1-git-send-email-maoyingming@baidu.com (mailing list archive)
State Superseded, archived
Delegated to: Ajit Khaparde
Headers
Series [PATCHv2] net/bnxt: fix null pointer dereference in bnxt_hwrm_port_led_cfg() |

Checks

Context Check Description
ci/checkpatch warning coding style issues
ci/Intel-compilation success Compilation OK
ci/iol-aarch64-compile-testing success Testing PASS
ci/intel-Testing success Testing PASS
ci/iol-mellanox-Performance success Performance Testing PASS
ci/iol-aarch64-unit-testing success Testing PASS
ci/iol-intel-Performance success Performance Testing PASS
ci/iol-x86_64-unit-testing success Testing PASS
ci/iol-intel-Functional success Functional Testing PASS
ci/iol-x86_64-compile-testing success Testing PASS
ci/github-robot: build success github build: passed

Commit Message

Mao YingMing Aug. 2, 2022, 3:47 a.m. UTC 
For VFs, bp->leds is uninitialized, check bp->leds is
not null before use bp->leds->num_leds.

segfault backtrace in trex program when use VF:
11: bnxt_hwrm_port_led_cfg (bp=0x23ffb2140, led_on=true)
10: bnxt_dev_led_on_op (dev=0x22d7780 <rte_eth_devices>)
 9: rte_eth_led_on (port_id=0)
 8: DpdkTRexPortAttr::set_led (this=0x23b6ce0, on=true)
 7: DpdkTRexPortAttr::DpdkTRexPortAttr
 6: CTRexExtendedDriverBnxt::create_port_attr
 5: CPhyEthIF::Create
 4: CGlobalTRex::device_start
 3: CGlobalTRex::Create
 2: main_test
 1: main

Fixes: d4d5a04 ("net/bnxt: fix unnecessary memory allocation")
Cc: stable@dpdk.org

Signed-off-by: Mao YingMing <maoyingming@baidu.com>
---
 drivers/net/bnxt/bnxt_hwrm.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Somnath Kotur Aug. 2, 2022, 3:51 a.m. UTC | #1 
On Tue, Aug 2, 2022 at 9:17 AM Mao YingMing <maoyingming@baidu.com> wrote:
>
> For VFs, bp->leds is uninitialized, check bp->leds is
> not null before use bp->leds->num_leds.
Sorry for missing this the first time around, Rephrase it to say
'before checking for bp->leds->num_leds'
> segfault backtrace in trex program when use VF:
> 11: bnxt_hwrm_port_led_cfg (bp=0x23ffb2140, led_on=true)
> 10: bnxt_dev_led_on_op (dev=0x22d7780 <rte_eth_devices>)
>  9: rte_eth_led_on (port_id=0)
>  8: DpdkTRexPortAttr::set_led (this=0x23b6ce0, on=true)
>  7: DpdkTRexPortAttr::DpdkTRexPortAttr
>  6: CTRexExtendedDriverBnxt::create_port_attr
>  5: CPhyEthIF::Create
>  4: CGlobalTRex::device_start
>  3: CGlobalTRex::Create
>  2: main_test
>  1: main
>
> Fixes: d4d5a04 ("net/bnxt: fix unnecessary memory allocation")
> Cc: stable@dpdk.org
>
> Signed-off-by: Mao YingMing <maoyingming@baidu.com>
> ---
>  drivers/net/bnxt/bnxt_hwrm.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/net/bnxt/bnxt_hwrm.c b/drivers/net/bnxt/bnxt_hwrm.c
> index 9c52573..51e1e2d 100644
> --- a/drivers/net/bnxt/bnxt_hwrm.c
> +++ b/drivers/net/bnxt/bnxt_hwrm.c
> @@ -4535,7 +4535,7 @@ int bnxt_hwrm_port_led_cfg(struct bnxt *bp, bool led_on)
>         uint16_t duration = 0;
>         int rc, i;
>
> -       if (!bp->leds->num_leds || BNXT_VF(bp))
> +       if (BNXT_VF(bp) || !bp->leds || !bp->leds->num_leds)
>                 return -EOPNOTSUPP;
>
>         HWRM_PREP(&req, HWRM_PORT_LED_CFG, BNXT_USE_CHIMP_MB);
> --
> 1.8.3.1
>
diff mbox series

Patch

diff --git a/drivers/net/bnxt/bnxt_hwrm.c b/drivers/net/bnxt/bnxt_hwrm.c
index 9c52573..51e1e2d 100644
--- a/drivers/net/bnxt/bnxt_hwrm.c
+++ b/drivers/net/bnxt/bnxt_hwrm.c
@@ -4535,7 +4535,7 @@  int bnxt_hwrm_port_led_cfg(struct bnxt *bp, bool led_on)
 	uint16_t duration = 0;
 	int rc, i;
 
-	if (!bp->leds->num_leds || BNXT_VF(bp))
+	if (BNXT_VF(bp) || !bp->leds || !bp->leds->num_leds)
 		return -EOPNOTSUPP;
 
 	HWRM_PREP(&req, HWRM_PORT_LED_CFG, BNXT_USE_CHIMP_MB);