[dpdk-dev] [PATCH v2] net/mlx4: fix flow creation before start

Matan Azrad matan at mellanox.com
Thu Jul 27 12:27:24 CEST 2017


The corrupted code causes segmentation fault when user creates
flow with drop action before device starting.

For example, failsafe PMD recreates all the flows before calling
dev_start in plug-in sequence and mlx4 allocated its flow drop
queue in dev_start.
Hence, when failsafe created flow with drop action after plug-in
event, mlx4 tried to dereference flow drop queue which was uninitialized.

The fix added check to the drop qp accesibale and conditioned the
ibv_create_flow calling on device starting.

Fixes: 642fe56a1ba5 ("net/mlx4: use a single drop queue for all drop flows")
Fixes: 46d5736a7049 ("net/mlx4: support basic flow items and actions")
Cc: stable at dpdk.org

Signed-off-by: Matan Azrad <matan at mellanox.com>
Acked-by: Adrien Mazarguil <adrien.mazarguil at 6wind.com>
---
 drivers/net/mlx4/mlx4_flow.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

v2 to fix the qp accesible by other way and fix the ibv_create_flow calling
before dev_start.  

diff --git a/drivers/net/mlx4/mlx4_flow.c b/drivers/net/mlx4/mlx4_flow.c
index 8ade106..925c89c 100644
--- a/drivers/net/mlx4/mlx4_flow.c
+++ b/drivers/net/mlx4/mlx4_flow.c
@@ -977,7 +977,7 @@ struct rte_flow_drop {
 		return NULL;
 	}
 	if (action->drop) {
-		qp = priv->flow_drop_queue->qp;
+		qp = priv->flow_drop_queue ? priv->flow_drop_queue->qp : NULL;
 	} else {
 		int ret;
 		unsigned int i;
@@ -1015,6 +1015,8 @@ struct rte_flow_drop {
 		rte_flow->qp = qp;
 	}
 	rte_flow->ibv_attr = ibv_attr;
+	if (!priv->started)
+		return rte_flow;
 	rte_flow->ibv_flow = ibv_create_flow(qp, rte_flow->ibv_attr);
 	if (!rte_flow->ibv_flow) {
 		rte_flow_error_set(error, ENOMEM, RTE_FLOW_ERROR_TYPE_HANDLE,
-- 
1.8.3.1



More information about the dev mailing list