From: Shai Brandes <shaib...@amazon.com>
When invoking an admin command, in interrupt mode, if the interrupt
is received after timeout and also after the calling function finished
running, the response will be written into a memory that is no longer
valid.
Signed-off-by: Shai Brandes <shaib...@amazon.com>
Reviewed-by: Amit Bernstein <amitb...@amazon.com>
---
drivers/net/ena/hal/ena_com.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/drivers/net/ena/hal/ena_com.c b/drivers/net/ena/hal/ena_com.c
index fb3ad27d0a..a0c88b1a0e 100644
--- a/drivers/net/ena/hal/ena_com.c
+++ b/drivers/net/ena/hal/ena_com.c
@@ -181,6 +181,7 @@ static int ena_com_admin_init_aenq(struct ena_com_dev
*ena_dev,
static void comp_ctxt_release(struct ena_com_admin_queue *queue,
struct ena_comp_ctx *comp_ctx)
{
+ comp_ctx->user_cqe = NULL;
comp_ctx->occupied = false;
ATOMIC32_DEC(&queue->outstanding_cmds);
}
@@ -474,6 +475,9 @@ static void ena_com_handle_single_admin_completion(struct
ena_com_admin_queue *a
return;
}
+ if (!comp_ctx->occupied)
+ return;
+
comp_ctx->status = ENA_CMD_COMPLETED;
comp_ctx->comp_status = cqe->acq_common_descriptor.status;
--
2.17.1
