> -----Original Message-----
> From: Kundapura, Ganapati <ganapati.kundap...@intel.com>
> Sent: Wednesday, February 28, 2024 4:09 PM
> To: dev@dpdk.org; jer...@marvell.com; Jayatheerthan, Jay
> <jay.jayatheert...@intel.com>
> Cc: Naga Harish K, S V <s.v.naga.haris...@intel.com>; Gujjar, Abhinandan S
> <abhinandan.guj...@intel.com>
> Subject: [PATCH v1] eventdev/crypto: fix enqueueing invalid ops
>
> When tail pointer of Circ buffer rollsover as the Circ buffer becomes full,
> crypto
> adapter is enqueueing ops beyond the size of the Circ buffer leading to
> segfault
> due to invalid ops access.
>
> Fixed by enqueueing ops from head pointer to (size-head) number of ops when
> Circ buffer becomes full and the remaining ops will be flushed in next
> iteration.
>
> Fixes: 6c3c888656fc ("eventdev/crypto: fix circular buffer full case")
>
> Signed-off-by: Ganapati Kundapura <ganapati.kundap...@intel.com>
>
Acked-by: Abhinandan Gujjar <abhinandan.guj...@intel.com>
> diff --git a/lib/eventdev/rte_event_crypto_adapter.c
> b/lib/eventdev/rte_event_crypto_adapter.c
> index d46595d..9903f96 100644
> --- a/lib/eventdev/rte_event_crypto_adapter.c
> +++ b/lib/eventdev/rte_event_crypto_adapter.c
> @@ -245,20 +245,28 @@ eca_circular_buffer_flush_to_cdev(struct
> crypto_ops_circular_buffer *bufp,
> struct rte_crypto_op **ops = bufp->op_buffer;
>
> if (*tailp > *headp)
> + /* Flush ops from head pointer to (tail - head) OPs */
> n = *tailp - *headp;
> else if (*tailp < *headp)
> + /* Circ buffer - Rollover.
> + * Flush OPs from head to max size of buffer.
> + * Rest of the OPs will be flushed in next iteration.
> + */
> n = bufp->size - *headp;
> else { /* head == tail case */
> /* when head == tail,
> * circ buff is either full(tail pointer roll over) or empty
> */
> if (bufp->count != 0) {
> - /* circ buffer is full */
> - n = bufp->count;
> + /* Circ buffer - FULL.
> + * Flush OPs from head to max size of buffer.
> + * Rest of the OPS will be flushed in next iteration.
> + */
> + n = bufp->size - *headp;
> } else {
> - /* circ buffer is empty */
> + /* Circ buffer - Empty */
> *nb_ops_flushed = 0;
> - return 0; /* buffer empty */
> + return 0;
> }
> }
>
> --
> 2.6.4