diff mbox series

common/qat: fix for invalid response from firmware

Message ID	1540337982-12678-1-git-send-email-fiona.trahe@intel.com (mailing list archive)
State	Accepted, archived
Delegated to:	akhil goyal
Headers	From: Fiona Trahe <fiona.trahe@intel.com> To: dev@dpdk.org Cc: akhil.goyal@nxp.com, tomaszx.jozwiak@intel.com, arkadiuszx.kusztal@intel.com, tomaszx.cel@intel.com, Fiona Trahe <fiona.trahe@intel.com>, stable@dpdk.org Date: Wed, 24 Oct 2018 00:39:42 +0100 Message-Id: <1540337982-12678-1-git-send-email-fiona.trahe@intel.com> Subject: [dpdk-dev] [PATCH] common/qat: fix for invalid response from firmware Precedence: list Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org>
Series	common/qat: fix for invalid response from firmware \| common/qat: fix for invalid response from firmware

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/Intel-compilation	success	Compilation OK

Commit Message

Fiona Trahe Oct. 23, 2018, 11:39 p.m. UTC

  Check that the firmware response has a bit set indicating
it's valid before dereferencing the rest of the response contents.

Fixes: 0bdd36e12245 ("crypto/qat: make dequeue function generic")
Cc: stable@dpdk.org

Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
---
 drivers/common/qat/qat_qp.c | 8 ++++++++
 1 file changed, 8 insertions(+)

Comments

Arkadiusz Kusztal Oct. 24, 2018, 3:11 p.m. UTC | #1

> -----Original Message-----
> From: Trahe, Fiona
> Sent: Wednesday, October 24, 2018 1:40 AM
> To: dev@dpdk.org
> Cc: akhil.goyal@nxp.com; Jozwiak, TomaszX <tomaszx.jozwiak@intel.com>;
> Kusztal, ArkadiuszX <arkadiuszx.kusztal@intel.com>; Cel, TomaszX
> <tomaszx.cel@intel.com>; Trahe, Fiona <fiona.trahe@intel.com>;
> stable@dpdk.org
> Subject: [PATCH] common/qat: fix for invalid response from firmware
> 
> Check that the firmware response has a bit set indicating it's valid before
> dereferencing the rest of the response contents.
> 
> Fixes: 0bdd36e12245 ("crypto/qat: make dequeue function generic")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
> ---
>  drivers/common/qat/qat_qp.c | 8 ++++++++
>  1 file changed, 8 insertions(+)
> 
> diff --git a/drivers/common/qat/qat_qp.c b/drivers/common/qat/qat_qp.c
> index 1d83aac..9c58c64 100644
> --- a/drivers/common/qat/qat_qp.c
> +++ b/drivers/common/qat/qat_qp.c
> --
> 2.7.4


Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>

Thomas Monjalon Oct. 27, 2018, 12:15 a.m. UTC | #2

24/10/2018 17:11, Kusztal, ArkadiuszX:
> From: Trahe, Fiona
> > 
> > Check that the firmware response has a bit set indicating it's valid before
> > dereferencing the rest of the response contents.
> > 
> > Fixes: 0bdd36e12245 ("crypto/qat: make dequeue function generic")
> > Cc: stable@dpdk.org
> > 
> > Signed-off-by: Fiona Trahe <fiona.trahe@intel.com>
> 
> Acked-by: Arek Kusztal <arkadiuszx.kusztal@intel.com>

Applied, thanks

diff mbox series

Patch

diff --git a/drivers/common/qat/qat_qp.c b/drivers/common/qat/qat_qp.c
index 1d83aac..9c58c64 100644
--- a/drivers/common/qat/qat_qp.c
+++ b/drivers/common/qat/qat_qp.c
@@ -634,15 +634,23 @@  qat_dequeue_op_burst(void *qp, void **ops, uint16_t nb_ops)
 	uint32_t head;
 	uint32_t resp_counter = 0;
 	uint8_t *resp_msg;
+	uint8_t hdr_flags;
 
 	rx_queue = &(tmp_qp->rx_q);
 	tx_queue = &(tmp_qp->tx_q);
 	head = rx_queue->head;
 	resp_msg = (uint8_t *)rx_queue->base_addr + rx_queue->head;
+	hdr_flags = ((struct icp_qat_fw_comn_resp_hdr *)resp_msg)->hdr_flags;
 
 	while (*(uint32_t *)resp_msg != ADF_RING_EMPTY_SIG &&
 			resp_counter != nb_ops) {
 
+		if (unlikely(!ICP_QAT_FW_COMN_VALID_FLAG_GET(hdr_flags))) {
+			/* Fatal firmware error */
+			QAT_LOG(ERR, "QAT Firmware returned invalid response");
+			return 0;
+		}
+
 		if (tmp_qp->service_type == QAT_SERVICE_SYMMETRIC)
 			qat_sym_process_response(ops, resp_msg);
 		else if (tmp_qp->service_type == QAT_SERVICE_COMPRESSION)