The MLX5 PMD keeps non-essential flow data in an auxiliary structure
to reduce flow L1 cache usage.
The auxiliary data location differs in HWS and non-template flows.
The PMD tried to fetch HWS flow table from a non-template flow object
and accessed stale memory address.
The patch separates the `mlx5_flow_hw_aux()` implementation for HWS
and non-template flows
Fixes: 27d171b88031 ("net/mlx5: abstract flow action and enable reconfigure")
Cc: sta...@dpdk.org
Signed-off-by: Gregory Etelson <getel...@nvidia.com>
Acked-by: Dariusz Sosnowski <dsosnow...@nvidia.com>
---
drivers/net/mlx5/mlx5_flow_hw.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
diff --git a/drivers/net/mlx5/mlx5_flow_hw.c b/drivers/net/mlx5/mlx5_flow_hw.c
index af2e7a84a5..d65f4cf4e2 100644
--- a/drivers/net/mlx5/mlx5_flow_hw.c
+++ b/drivers/net/mlx5/mlx5_flow_hw.c
@@ -129,12 +129,16 @@ mlx5_flow_hw_aux(uint16_t port_id, struct rte_flow_hw
*flow)
{
struct rte_flow_template_table *table = flow->table;
- if (rte_flow_template_table_resizable(port_id, &table->cfg.attr)) {
- size_t offset = sizeof(struct rte_flow_hw) +
mlx5dr_rule_get_handle_size();
+ if (!flow->nt_rule) {
+ if (rte_flow_template_table_resizable(port_id,
&table->cfg.attr)) {
+ size_t offset = sizeof(struct rte_flow_hw) +
mlx5dr_rule_get_handle_size();
- return RTE_PTR_ADD(flow, offset);
+ return RTE_PTR_ADD(flow, offset);
+ } else {
+ return &table->flow_aux[flow->idx - 1];
+ }
} else {
- return ((flow->nt_rule) ? flow->nt2hws->flow_aux :
&table->flow_aux[flow->idx - 1]);
+ return flow->nt2hws->flow_aux;
}
}
--
2.48.1
