drivers/infiniband/core/verbs.c | 12 +++++++++--- drivers/infiniband/hw/mlx5/mr.c | 18 ++++++------------ drivers/infiniband/sw/rdmavt/trace_mr.h | 2 +- 3 files changed, 16 insertions(+), 16 deletions(-)
ib_map_mr_sg() and ib_map_mr_sg_pi() allow ULPs to specify NULL as the sg_offset/data_sg_offset/meta_sg_offset arguments. Drivers who need to derefernce these arguments have to add NULL pointer checks to avoid crashing the kernel. This can be optimized by adding dummy sg_offset pointer to these two APIs. When the sg_offset arguments are NULL, pass the pointer of dummy to drivers. Drivers can always get a valid pointer, so no need to add NULL pointer checks. Junxian Huang (2): RDMA/core: Add dummy sg_offset pointer for ib_map_mr_sg() and ib_map_mr_sg_pi() RDMA: Delete NULL pointer checks for sg_offset in .map_mr_sg ops drivers/infiniband/core/verbs.c | 12 +++++++++--- drivers/infiniband/hw/mlx5/mr.c | 18 ++++++------------ drivers/infiniband/sw/rdmavt/trace_mr.h | 2 +- 3 files changed, 16 insertions(+), 16 deletions(-) -- 2.33.0
On Tue, Nov 05, 2024 at 08:08:39PM +0800, Junxian Huang wrote: > ib_map_mr_sg() and ib_map_mr_sg_pi() allow ULPs to specify NULL as > the sg_offset/data_sg_offset/meta_sg_offset arguments. Drivers who > need to derefernce these arguments have to add NULL pointer checks > to avoid crashing the kernel. > > This can be optimized by adding dummy sg_offset pointer to these > two APIs. When the sg_offset arguments are NULL, pass the pointer > of dummy to drivers. Drivers can always get a valid pointer, so no > need to add NULL pointer checks. > > Junxian Huang (2): > RDMA/core: Add dummy sg_offset pointer for ib_map_mr_sg() and > ib_map_mr_sg_pi() > RDMA: Delete NULL pointer checks for sg_offset in .map_mr_sg ops > > drivers/infiniband/core/verbs.c | 12 +++++++++--- > drivers/infiniband/hw/mlx5/mr.c | 18 ++++++------------ > drivers/infiniband/sw/rdmavt/trace_mr.h | 2 +- > 3 files changed, 16 insertions(+), 16 deletions(-) So what does this change give us? We have same functionality, same number of lines, same everything ... Thanks > > -- > 2.33.0 > >
On 2024/11/6 20:08, Leon Romanovsky wrote: > On Tue, Nov 05, 2024 at 08:08:39PM +0800, Junxian Huang wrote: >> ib_map_mr_sg() and ib_map_mr_sg_pi() allow ULPs to specify NULL as >> the sg_offset/data_sg_offset/meta_sg_offset arguments. Drivers who >> need to derefernce these arguments have to add NULL pointer checks >> to avoid crashing the kernel. >> >> This can be optimized by adding dummy sg_offset pointer to these >> two APIs. When the sg_offset arguments are NULL, pass the pointer >> of dummy to drivers. Drivers can always get a valid pointer, so no >> need to add NULL pointer checks. >> >> Junxian Huang (2): >> RDMA/core: Add dummy sg_offset pointer for ib_map_mr_sg() and >> ib_map_mr_sg_pi() >> RDMA: Delete NULL pointer checks for sg_offset in .map_mr_sg ops >> >> drivers/infiniband/core/verbs.c | 12 +++++++++--- >> drivers/infiniband/hw/mlx5/mr.c | 18 ++++++------------ >> drivers/infiniband/sw/rdmavt/trace_mr.h | 2 +- >> 3 files changed, 16 insertions(+), 16 deletions(-) > > So what does this change give us? > We have same functionality, same number of lines, same everything ... > Actually this is inspired by an hns bug. When ib_map_mr_sg() passes a NULL sg_offset pointer to hns_roce_map_mr_sg(), we dereference this pointer without a NULL check. Of course we can fix it by adding NULL check in hns, but I think this patch may be a better solution since the sg_offset is guaranteed to be a valid pointer. This could benefit future drivers who also want to dereference sg_offset, they won't need to care about NULL checks. Junxian > Thanks > >> >> -- >> 2.33.0 >> >>
On Wed, Nov 06, 2024 at 09:12:47PM +0800, Junxian Huang wrote: > > > On 2024/11/6 20:08, Leon Romanovsky wrote: > > On Tue, Nov 05, 2024 at 08:08:39PM +0800, Junxian Huang wrote: > >> ib_map_mr_sg() and ib_map_mr_sg_pi() allow ULPs to specify NULL as > >> the sg_offset/data_sg_offset/meta_sg_offset arguments. Drivers who > >> need to derefernce these arguments have to add NULL pointer checks > >> to avoid crashing the kernel. > >> > >> This can be optimized by adding dummy sg_offset pointer to these > >> two APIs. When the sg_offset arguments are NULL, pass the pointer > >> of dummy to drivers. Drivers can always get a valid pointer, so no > >> need to add NULL pointer checks. > >> > >> Junxian Huang (2): > >> RDMA/core: Add dummy sg_offset pointer for ib_map_mr_sg() and > >> ib_map_mr_sg_pi() > >> RDMA: Delete NULL pointer checks for sg_offset in .map_mr_sg ops > >> > >> drivers/infiniband/core/verbs.c | 12 +++++++++--- > >> drivers/infiniband/hw/mlx5/mr.c | 18 ++++++------------ > >> drivers/infiniband/sw/rdmavt/trace_mr.h | 2 +- > >> 3 files changed, 16 insertions(+), 16 deletions(-) > > > > So what does this change give us? > > We have same functionality, same number of lines, same everything ... > > > > Actually this is inspired by an hns bug. When ib_map_mr_sg() passes a NULL > sg_offset pointer to hns_roce_map_mr_sg(), we dereference this pointer > without a NULL check. > > Of course we can fix it by adding NULL check in hns, but I think this > patch may be a better solution since the sg_offset is guaranteed to be > a valid pointer. This could benefit future drivers who also want to > dereference sg_offset, they won't need to care about NULL checks. Let's fix hns please. We are moving away from SG in RDMA. > > Junxian > > > Thanks > > > >> > >> -- > >> 2.33.0 > >> > >>
On 2024/11/6 21:36, Leon Romanovsky wrote: > On Wed, Nov 06, 2024 at 09:12:47PM +0800, Junxian Huang wrote: >> >> >> On 2024/11/6 20:08, Leon Romanovsky wrote: >>> On Tue, Nov 05, 2024 at 08:08:39PM +0800, Junxian Huang wrote: >>>> ib_map_mr_sg() and ib_map_mr_sg_pi() allow ULPs to specify NULL as >>>> the sg_offset/data_sg_offset/meta_sg_offset arguments. Drivers who >>>> need to derefernce these arguments have to add NULL pointer checks >>>> to avoid crashing the kernel. >>>> >>>> This can be optimized by adding dummy sg_offset pointer to these >>>> two APIs. When the sg_offset arguments are NULL, pass the pointer >>>> of dummy to drivers. Drivers can always get a valid pointer, so no >>>> need to add NULL pointer checks. >>>> >>>> Junxian Huang (2): >>>> RDMA/core: Add dummy sg_offset pointer for ib_map_mr_sg() and >>>> ib_map_mr_sg_pi() >>>> RDMA: Delete NULL pointer checks for sg_offset in .map_mr_sg ops >>>> >>>> drivers/infiniband/core/verbs.c | 12 +++++++++--- >>>> drivers/infiniband/hw/mlx5/mr.c | 18 ++++++------------ >>>> drivers/infiniband/sw/rdmavt/trace_mr.h | 2 +- >>>> 3 files changed, 16 insertions(+), 16 deletions(-) >>> >>> So what does this change give us? >>> We have same functionality, same number of lines, same everything ... >>> >> >> Actually this is inspired by an hns bug. When ib_map_mr_sg() passes a NULL >> sg_offset pointer to hns_roce_map_mr_sg(), we dereference this pointer >> without a NULL check. >> >> Of course we can fix it by adding NULL check in hns, but I think this >> patch may be a better solution since the sg_offset is guaranteed to be >> a valid pointer. This could benefit future drivers who also want to >> dereference sg_offset, they won't need to care about NULL checks. > > Let's fix hns please. We are moving away from SG in RDMA. > Sure, thanks Junxian >> >> Junxian >> >>> Thanks >>> >>>> >>>> -- >>>> 2.33.0 >>>> >>>>
© 2016 - 2024 Red Hat, Inc.