[PATCH AUTOSEL 4.18 29/56] ice: Clean control queues only when they are initialized

From: Sasha Levin
Date: Wed Sep 19 2018 - 22:48:10 EST

Next message: Sasha Levin: "[PATCH AUTOSEL 4.18 10/56] mmc: atmel-mci: fix bad logic of sg_copy_{from,to}_buffer conversion"
Previous message: Sasha Levin: "[PATCH AUTOSEL 4.18 28/56] ice: Report stats for allocated queues via ethtool stats"
In reply to: Sasha Levin: "[PATCH AUTOSEL 4.18 28/56] ice: Report stats for allocated queues via ethtool stats"
Next in thread: Sasha Levin: "[PATCH AUTOSEL 4.18 10/56] mmc: atmel-mci: fix bad logic of sg_copy_{from,to}_buffer conversion"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Preethi Banala <preethi.banala@xxxxxxxxx>

[ Upstream commit b29bc220e2c7bd494a4605defcd93b18d5a8cf86 ]

Clean control queues only when they are initialized. One of the ways to
validate if the basic initialization is done is by checking value of
cq->sq.head and cq->rq.head variables that specify the register address.
This patch adds a check to avoid NULL pointer dereference crash when tried
to shutdown uninitialized control queue.

Signed-off-by: Preethi Banala <preethi.banala@xxxxxxxxx>
Signed-off-by: Anirudh Venkataramanan <anirudh.venkataramanan@xxxxxxxxx>
Tested-by: Tony Brelinski <tonyx.brelinski@xxxxxxxxx>
Signed-off-by: Jeff Kirsher <jeffrey.t.kirsher@xxxxxxxxx>
Signed-off-by: Sasha Levin <alexander.levin@xxxxxxxxxxxxx>
---
drivers/net/ethernet/intel/ice/ice_controlq.c | 24 ++++++++++++-------
1 file changed, 16 insertions(+), 8 deletions(-)

diff --git a/drivers/net/ethernet/intel/ice/ice_controlq.c b/drivers/net/ethernet/intel/ice/ice_controlq.c
index 7c511f144ed6..c064416080e7 100644
--- a/drivers/net/ethernet/intel/ice/ice_controlq.c
+++ b/drivers/net/ethernet/intel/ice/ice_controlq.c
@@ -597,10 +597,14 @@ static enum ice_status ice_init_check_adminq(struct ice_hw *hw)
return 0;

init_ctrlq_free_rq:
- ice_shutdown_rq(hw, cq);
- ice_shutdown_sq(hw, cq);
- mutex_destroy(&cq->sq_lock);
- mutex_destroy(&cq->rq_lock);
+ if (cq->rq.head) {
+ ice_shutdown_rq(hw, cq);
+ mutex_destroy(&cq->rq_lock);
+ }
+ if (cq->sq.head) {
+ ice_shutdown_sq(hw, cq);
+ mutex_destroy(&cq->sq_lock);
+ }
return status;
}

@@ -706,10 +710,14 @@ static void ice_shutdown_ctrlq(struct ice_hw *hw, enum ice_ctl_q q_type)
return;
}

- ice_shutdown_sq(hw, cq);
- ice_shutdown_rq(hw, cq);
- mutex_destroy(&cq->sq_lock);
- mutex_destroy(&cq->rq_lock);
+ if (cq->sq.head) {
+ ice_shutdown_sq(hw, cq);
+ mutex_destroy(&cq->sq_lock);
+ }
+ if (cq->rq.head) {
+ ice_shutdown_rq(hw, cq);
+ mutex_destroy(&cq->rq_lock);
+ }
}

/**
--
2.17.1

Next message: Sasha Levin: "[PATCH AUTOSEL 4.18 10/56] mmc: atmel-mci: fix bad logic of sg_copy_{from,to}_buffer conversion"
Previous message: Sasha Levin: "[PATCH AUTOSEL 4.18 28/56] ice: Report stats for allocated queues via ethtool stats"
In reply to: Sasha Levin: "[PATCH AUTOSEL 4.18 28/56] ice: Report stats for allocated queues via ethtool stats"
Next in thread: Sasha Levin: "[PATCH AUTOSEL 4.18 10/56] mmc: atmel-mci: fix bad logic of sg_copy_{from,to}_buffer conversion"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]