In the rte_eth_rx_queue_setup API function, the local variable named
mbp_buf_size, which is the data room size of the input parameter mp,
is checked to guarantee that each memory chunck used for net device
in the mbuf is bigger than the min_rx_bufsize. But if mbp_buf_size is
less than RTE_PKTMBUF_HEADROOM, the value of the following statement
will be a large number since the mbp_buf_size is a unsigned value.
mbp_buf_size - RTE_PKTMBUF_HEADROOM
As a result, it will cause a segment fault in this situation.
This patch fixes it by modify the check condition to guarantee that the
local varibale named mbp_buf_size is bigger than RTE_PKTMBUF_HEADROOM.
Fixes: af75078fece3 ("first public release")
Cc: sta...@dpdk.org
Signed-off-by: Chengchang Tang <tangchengch...@huawei.com>
Signed-off-by: Wei Hu (Xavier) <xavier.hu...@huawei.com>
Reviewed-by: Andrew Rybchenko <arybche...@solarflare.com>
Acked-by: Sachin Saxena <sachin.sax...@oss.nxp.com>
Acked-by: Viacheslav Ovsiienko <viachesl...@mellanox.com>
---
v2 -> v7: No change.
v1 -> v2: Simplify the check condition of mbp_buf_size according to
Andrew Rybchenko's comment.
---
lib/librte_ethdev/rte_ethdev.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/librte_ethdev/rte_ethdev.c b/lib/librte_ethdev/rte_ethdev.c
index d06b7f9..50c3f18 100644
--- a/lib/librte_ethdev/rte_ethdev.c
+++ b/lib/librte_ethdev/rte_ethdev.c
@@ -1820,7 +1820,7 @@ rte_eth_rx_queue_setup(uint16_t port_id, uint16_t
rx_queue_id,
}
mbp_buf_size = rte_pktmbuf_data_room_size(mp);
- if ((mbp_buf_size - RTE_PKTMBUF_HEADROOM) < dev_info.min_rx_bufsize) {
+ if (mbp_buf_size < dev_info.min_rx_bufsize + RTE_PKTMBUF_HEADROOM) {
RTE_ETHDEV_LOG(ERR,
"%s mbuf_data_room_size %d < %d
(RTE_PKTMBUF_HEADROOM=%d + min_rx_bufsize(dev)=%d)\n",
mp->name, (int)mbp_buf_size,
--
2.7.4
