• Jacob Keller's avatar
    i40evf: assign num_active_queues inside i40evf_alloc_queues · 65c7006f
    Jacob Keller authored
    The variable num_active_queues represents the number of active queues we
    have for the device. We assign this pretty early in i40evf_init_subtask.
    
    Several code locations are written with loops over the tx_rings and
    rx_rings structures, which don't get allocated until
    i40evf_alloc_queues, and which get freed by i40evf_free_queues.
    
    These call sites were written under the assumption that tx_rings and
    rx_rings would always be allocated at least when num_active_queues is
    non-zero.
    
    Lets fix this by moving the assignment into the function where we
    allocate queues. We'll use a temporary variable for storage so that we
    don't assign the value in the adapter structure until after the rings
    have been set up.
    
    Finally, when we free the queues, we'll clear the value to ensure that
    we do not loop over the rings memory that no longer exists.
    
    This resolves a possible NULL pointer dereference in
    i40evf_get_ethtool_stats which could occur if the VF fails to recover
    from a reset, and then a user requests statistics.
    Signed-off-by: default avatarJacob Keller <jacob.e.keller@intel.com>
    Tested-by: default avatarAndrew Bowers <andrewx.bowers@intel.com>
    Signed-off-by: default avatarJeff Kirsher <jeffrey.t.kirsher@intel.com>
    65c7006f
i40evf_main.c 83.1 KB